Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/542fe731-cba6-4c89-a3a4-ba48a69e246b.roa
File: 542fe731-cba6-4c89-a3a4-ba48a69e246b.roa (raw, json)
Hash identifier: X/d1jVsCaQeKLWmMHE699gBMuq8C2QzR4vxONQHdO+M=
Subject key identifier: EB:F3:A5:8A:9D:86:D9:7D:72:54:4E:DD:74:B8:58:4B:EC:51:7F:1E
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 2F287B779068118A1087D6B225FBA9F40668F855
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/542fe731-cba6-4c89-a3a4-ba48a69e246b.roa
Signing time: Tue 15 Jul 2025 00:20:47 +0000
ROA not before: Tue 15 Jul 2025 00:20:47 +0000
ROA not after: Tue 19 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc5:8800::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2f:28:7b:77:90:68:11:8a:10:87:d6:b2:25:fb:a9:f4:06:68:f8:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Jul 15 00:20:47 2025 GMT
Not After : Aug 19 23:59:59 2025 GMT
Subject: serialNumber=fb46911f06ee343fa6a580ad88af41a2d7c2c7b34985612fdbded27d3bd77d45, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:6b:a2:58:b7:16:3d:f0:34:66:23:b8:9e:c1:
a0:92:2c:ef:f1:f7:67:60:39:7b:e4:d7:56:3f:11:
db:02:77:ae:21:d7:d9:2d:a6:3f:10:4c:13:a4:e0:
ed:bf:a8:1a:63:75:e5:18:61:f9:0d:04:9e:e4:3c:
c1:4a:f6:6c:70:1d:b7:f1:b4:45:23:e1:84:a5:33:
77:56:f6:61:d9:97:32:9b:c8:81:88:7e:82:20:40:
5a:0f:9f:cd:5c:76:f8:23:e0:c0:42:45:61:de:4a:
5c:4d:66:ad:de:20:73:7b:15:47:47:d5:52:70:1b:
45:1a:cc:fc:52:dd:fc:27:ca:1b:47:64:37:25:2a:
b1:13:e5:ca:36:4b:74:ab:0d:87:33:b4:c4:fd:8f:
0e:62:51:96:3f:91:73:c6:61:88:27:18:75:04:7c:
d8:e0:08:15:46:53:b9:59:78:71:c1:41:e6:13:ff:
cc:a3:cd:95:2b:e1:c8:db:73:4b:1c:5d:d4:10:e8:
16:cb:d9:fd:5d:7a:6b:43:86:80:04:50:91:cb:c6:
b7:3b:a4:9a:a8:5f:70:d2:64:fb:92:fd:8c:f7:f5:
87:73:00:17:de:3b:5d:09:40:c3:2a:da:5c:13:b1:
e4:3e:09:9f:ef:7e:6f:71:98:6a:93:91:56:42:fa:
56:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:F3:A5:8A:9D:86:D9:7D:72:54:4E:DD:74:B8:58:4B:EC:51:7F:1E
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/542fe731-cba6-4c89-a3a4-ba48a69e246b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc5:8800::/40
Signature Algorithm: sha256WithRSAEncryption
1a:84:8d:67:09:de:93:6c:e8:f2:34:66:3b:88:7a:35:3c:91:
46:00:80:a1:69:e7:23:ae:3c:9e:9a:96:23:ed:09:c1:31:9f:
81:e8:2d:bc:e8:fa:74:03:63:61:fc:70:a6:2d:03:0c:89:20:
c1:88:9e:1a:27:b6:4f:b0:68:99:d2:e4:e2:9a:31:b6:b5:e6:
2f:11:9b:77:d0:fb:b6:be:c5:c2:cf:51:e1:f2:ad:a4:df:60:
c3:e1:fa:e9:77:7e:60:b0:c3:42:52:c7:bb:44:b9:6b:90:f2:
5f:f6:ab:ea:f2:86:d3:75:fa:b6:6e:12:65:73:7d:64:60:17:
12:a2:de:1e:8c:c1:0e:2a:fb:c1:51:9c:77:00:e7:0c:7a:3b:
65:7c:c8:53:7f:2a:bf:d7:ee:cd:c8:64:92:d0:2e:8d:23:3f:
d3:5d:e1:72:9c:b0:9d:b5:52:2d:ab:67:8f:44:5e:65:60:98:
c7:29:d8:ac:64:0a:c9:85:67:d8:6d:e0:e1:1d:3e:5e:7f:67:
66:a8:72:44:c6:5e:e8:f1:52:57:36:34:ec:fd:c7:24:1b:60:
8e:37:87:2e:fc:2b:14:76:1e:a9:91:4c:c8:ff:59:c2:c8:5a:
79:89:a0:d6:03:0e:ec:9d:ab:f0:af:d2:88:2d:c7:7c:e8:f5:
26:be:70:54
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIULyh7d5BoEYoQh9ayJfup9AZo+FUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA3MTUwMDIwNDdaFw0yNTA4MTkyMzU5NTlaMHoxSTBHBgNV
BAUTQGZiNDY5MTFmMDZlZTM0M2ZhNmE1ODBhZDg4YWY0MWEyZDdjMmM3YjM0OTg1
NjEyZmRiZGVkMjdkM2JkNzdkNDUxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALdroli3Fj3wNGYjuJ7BoJIs7/H3Z2A5e+TXVj8R2wJ3riHX2S2mPxBME6Tg
7b+oGmN15Rhh+Q0EnuQ8wUr2bHAdt/G0RSPhhKUzd1b2YdmXMpvIgYh+giBAWg+f
zVx2+CPgwEJFYd5KXE1mrd4gc3sVR0fVUnAbRRrM/FLd/CfKG0dkNyUqsRPlyjZL
dKsNhzO0xP2PDmJRlj+Rc8ZhiCcYdQR82OAIFUZTuVl4ccFB5hP/zKPNlSvhyNtz
Sxxd1BDoFsvZ/V16a0OGgARQkcvGtzukmqhfcNJk+5L9jPf1h3MAF947XQlAwyra
XBOx5D4Jn+9+b3GYapORVkL6VssCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTr86WK
nYbZfXJUTt10uFhL7FF/HjAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
NTQyZmU3MzEtY2JhNi00Yzg5LWEzYTQtYmE0OGE2OWUyNDZiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACABP8WI
MA0GCSqGSIb3DQEBCwUAA4IBAQAahI1nCd6TbOjyNGY7iHo1PJFGAIChaecjrjye
mpYj7QnBMZ+B6C286Pp0A2Nh/HCmLQMMiSDBiJ4aJ7ZPsGiZ0uTimjG2teYvEZt3
0Pu2vsXCz1Hh8q2k32DD4frpd35gsMNCUse7RLlrkPJf9qvq8obTdfq2bhJlc31k
YBcSot4ejMEOKvvBUZx3AOcMejtlfMhTfyq/1+7NyGSS0C6NIz/TXeFynLCdtVIt
q2ePRF5lYJjHKdisZArJhWfYbeDhHT5ef2dmqHJExl7o8VJXNjTs/cckG2CON4cu
/CsUdh6pkUzI/1nCyFp5iaDWAw7snavwr9KILcd86PUmvnBU
-----END CERTIFICATE-----
Generated at Tue Jul 22 19:31:27 2025 by rpki-client