Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/5f7a981a-824d-48e6-969a-7779a7b7a199.roa
File: 5f7a981a-824d-48e6-969a-7779a7b7a199.roa (raw, json)
Hash identifier: lMMTnoZWS4zePQrgsBX1kjsc5VH8J8J/Dg9RxdcRk9M=
Subject key identifier: 70:0D:5A:BF:97:08:41:EC:57:FD:E1:69:44:DC:66:9A:6C:B1:CB:8C
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 4FE7300DAB0D19D51233CB6BD2A2161F21DD61E7
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/5f7a981a-824d-48e6-969a-7779a7b7a199.roa
Signing time: Tue 15 Jul 2025 00:30:15 +0000
ROA not before: Tue 15 Jul 2025 00:30:15 +0000
ROA not after: Tue 19 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc7:8000::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4f:e7:30:0d:ab:0d:19:d5:12:33:cb:6b:d2:a2:16:1f:21:dd:61:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Jul 15 00:30:15 2025 GMT
Not After : Aug 19 23:59:59 2025 GMT
Subject: serialNumber=59fe710b593f5338428ae5aa24f7696103c9568bbaa693386401c871c397263d, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:1b:85:11:14:dc:31:c2:28:3c:73:91:5c:ac:
56:93:bd:f4:f2:07:f0:6f:f3:32:2d:a5:1a:c7:3e:
5d:c5:4a:9f:ae:c1:d8:18:99:4a:0f:92:48:1b:06:
fd:7b:fa:1e:f1:7c:98:5a:2b:c7:a6:e7:9a:c1:1a:
f5:84:4c:b2:19:9f:7e:48:79:aa:08:6c:66:57:f8:
b5:95:2a:61:78:be:95:da:dd:e8:92:e4:30:fd:5e:
42:73:1a:24:b5:8f:38:ac:f8:7d:51:37:14:a8:b3:
6c:7c:51:e0:98:e9:f4:5b:98:8f:67:3f:99:9f:75:
3e:c5:93:03:33:3f:35:26:bb:ae:4f:3e:cb:51:3a:
fc:cf:49:d0:5f:7a:da:77:28:fc:03:49:0a:d8:4b:
0d:e3:11:7e:65:7e:5b:88:30:bc:f3:d8:5e:bd:97:
aa:f9:cc:1e:70:82:f6:be:7c:8b:f2:08:69:a8:7c:
10:42:ae:be:cc:8e:aa:4d:71:6a:68:ef:dc:bc:63:
6a:c4:3e:02:28:3f:d8:2c:e5:2b:1d:b0:73:0e:2f:
26:bd:c4:be:c4:d4:fa:8d:f0:a0:28:c5:ad:fe:56:
de:a7:8c:5a:05:24:46:55:08:0f:59:ce:53:98:05:
7e:94:18:ac:c8:0c:e4:5a:ef:49:e1:4f:50:0a:09:
d4:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:0D:5A:BF:97:08:41:EC:57:FD:E1:69:44:DC:66:9A:6C:B1:CB:8C
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/5f7a981a-824d-48e6-969a-7779a7b7a199.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc7:8000::/36
Signature Algorithm: sha256WithRSAEncryption
0f:b8:2b:a6:53:e0:04:05:49:8b:5f:79:de:20:7d:a4:c3:cf:
fa:44:6c:de:f9:45:f6:67:64:8c:5b:48:3e:be:8f:a9:25:24:
bf:78:14:b6:f2:43:ec:0e:ad:23:f3:34:23:55:7a:3a:5a:e2:
dc:4c:63:bc:c1:4d:95:bb:31:ab:8a:5b:be:8b:5c:99:0f:e8:
4b:ca:74:85:aa:29:06:f2:d7:9f:93:11:02:b5:d5:d2:0c:78:
b7:80:b2:01:85:64:b3:ec:e4:20:9a:12:2b:3a:4c:28:45:e0:
48:41:83:c1:1c:ad:ce:0a:dd:52:cc:13:4b:2f:db:2f:7a:ca:
e1:8d:f1:da:88:b7:f1:35:03:12:d2:c8:7f:17:8f:18:0f:bf:
ee:27:6c:ea:ff:24:b8:ab:94:24:c0:ac:19:96:cc:3c:c3:b2:
b8:90:d3:fc:fa:c2:c9:40:0a:97:6d:7b:1d:34:80:a9:9c:1b:
30:c2:3d:2f:79:25:93:e9:65:d6:f5:64:0e:a8:bd:76:06:63:
b9:91:d0:26:65:78:10:03:f0:71:4c:42:7a:a3:38:c9:39:20:
d9:99:7b:89:46:06:9e:f5:13:2f:d5:c5:1e:dd:91:11:94:89:
1a:cb:32:e0:39:64:c1:b0:7a:77:1e:47:be:a5:7a:38:a9:6d:
84:2a:5d:86
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUT+cwDasNGdUSM8tr0qIWHyHdYecwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA3MTUwMDMwMTVaFw0yNTA4MTkyMzU5NTlaMHoxSTBHBgNV
BAUTQDU5ZmU3MTBiNTkzZjUzMzg0MjhhZTVhYTI0Zjc2OTYxMDNjOTU2OGJiYWE2
OTMzODY0MDFjODcxYzM5NzI2M2QxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKMbhREU3DHCKDxzkVysVpO99PIH8G/zMi2lGsc+XcVKn67B2BiZSg+SSBsG
/Xv6HvF8mForx6bnmsEa9YRMshmffkh5qghsZlf4tZUqYXi+ldrd6JLkMP1eQnMa
JLWPOKz4fVE3FKizbHxR4Jjp9FuYj2c/mZ91PsWTAzM/NSa7rk8+y1E6/M9J0F96
2nco/ANJCthLDeMRfmV+W4gwvPPYXr2XqvnMHnCC9r58i/IIaah8EEKuvsyOqk1x
amjv3LxjasQ+Aig/2CzlKx2wcw4vJr3EvsTU+o3woCjFrf5W3qeMWgUkRlUID1nO
U5gFfpQYrMgM5FrvSeFPUAoJ1NkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRwDVq/
lwhB7Ff94WlE3GaabLHLjDAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
NWY3YTk4MWEtODI0ZC00OGU2LTk2OWEtNzc3OWE3YjdhMTk5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCABP8eA
MA0GCSqGSIb3DQEBCwUAA4IBAQAPuCumU+AEBUmLX3neIH2kw8/6RGze+UX2Z2SM
W0g+vo+pJSS/eBS28kPsDq0j8zQjVXo6WuLcTGO8wU2VuzGrilu+i1yZD+hLynSF
qikG8tefkxECtdXSDHi3gLIBhWSz7OQgmhIrOkwoReBIQYPBHK3OCt1SzBNLL9sv
esrhjfHaiLfxNQMS0sh/F48YD7/uJ2zq/yS4q5QkwKwZlsw8w7K4kNP8+sLJQAqX
bXsdNICpnBswwj0veSWT6WXW9WQOqL12BmO5kdAmZXgQA/BxTEJ6ozjJOSDZmXuJ
Rgae9RMv1cUe3ZERlIkayzLgOWTBsHp3Hke+pXo4qW2EKl2G
-----END CERTIFICATE-----
Generated at Tue Jul 22 19:31:26 2025 by rpki-client