Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/78ea1ce2-8d09-441d-ad92-848a5871e58b.roa
File: 78ea1ce2-8d09-441d-ad92-848a5871e58b.roa (raw, json)
Hash identifier: r/ytCphaKt0lpv38MSjF+YKlO4dCokB109L4c3ZgIyo=
Subject key identifier: 3F:4B:37:B1:F9:2C:6C:80:68:78:D7:B7:BA:84:AA:CC:EF:5F:FC:B2
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 05AF743E24BF1A44965118F00DC3CBBBD229F383
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/78ea1ce2-8d09-441d-ad92-848a5871e58b.roa
Signing time: Tue 15 Jul 2025 00:20:05 +0000
ROA not before: Tue 15 Jul 2025 00:20:05 +0000
ROA not after: Tue 19 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc3::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
05:af:74:3e:24:bf:1a:44:96:51:18:f0:0d:c3:cb:bb:d2:29:f3:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Jul 15 00:20:05 2025 GMT
Not After : Aug 19 23:59:59 2025 GMT
Subject: serialNumber=e9b44a462eb1a737ac76807acebbdb9af486689752da613c9a72ea56f81070e8, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:bd:4c:a7:75:75:7e:f9:14:52:78:db:b6:98:
6a:97:8a:68:09:ef:9b:d3:80:45:34:74:3a:c3:51:
6f:bf:c4:4a:d1:1a:5b:fe:71:37:f7:46:95:3c:b2:
88:79:a9:27:75:bd:d4:c1:0e:75:a9:68:90:a9:71:
81:4f:41:f2:5e:0a:7a:f5:f2:4c:ca:0d:09:b9:af:
9c:ae:43:4e:17:4f:23:a7:e7:09:93:4d:0a:40:e6:
a1:fe:f9:79:89:e5:65:f1:b2:34:be:a0:76:b9:c6:
a4:0f:37:91:23:7b:ce:e6:af:11:c9:e6:94:34:86:
41:87:73:83:be:c4:96:f6:e4:0c:41:ca:4c:c4:18:
a0:e9:04:8d:8c:91:39:96:2d:38:05:46:14:d6:07:
c7:07:77:1c:11:73:3f:18:0a:36:c6:3e:db:0f:0f:
ba:ae:9f:20:46:dc:bc:f3:1d:c4:e3:9f:1b:aa:06:
43:90:2b:34:46:d3:ce:cb:5d:74:a9:b4:40:7f:3b:
93:0e:46:e7:02:2b:63:02:b0:a9:0b:f1:d0:12:45:
17:5c:f3:f0:65:7e:8e:3a:43:17:9f:a6:89:c2:27:
f3:ca:f0:64:99:45:1a:55:84:09:18:2f:e9:f8:83:
07:1d:35:20:50:3c:16:27:dd:a0:ab:30:67:60:68:
18:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:4B:37:B1:F9:2C:6C:80:68:78:D7:B7:BA:84:AA:CC:EF:5F:FC:B2
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/78ea1ce2-8d09-441d-ad92-848a5871e58b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc3::/36
Signature Algorithm: sha256WithRSAEncryption
98:bb:e6:cc:90:66:2e:40:4e:aa:ef:25:49:9d:15:15:31:a1:
8e:69:22:fa:c0:a1:ea:52:1d:c4:f5:9c:50:83:79:bc:7e:b2:
39:1c:b6:4e:fc:50:e8:f9:2f:8d:60:c6:99:de:01:cc:83:f9:
ac:22:19:fb:24:aa:96:e8:da:5a:2e:66:60:df:c1:f0:e1:c7:
2b:d7:62:ce:b1:08:22:b1:eb:66:8f:08:b2:2b:82:0c:ab:47:
6e:d3:76:a1:b8:1a:76:de:23:89:d0:c3:99:2d:9e:7e:88:8a:
14:a3:55:ee:31:66:92:b5:94:8a:3b:66:18:b7:7f:bc:80:17:
01:a8:66:9a:24:26:ab:ac:cd:36:2e:45:49:aa:cf:c6:c5:bd:
ae:f3:67:b6:79:99:2d:26:12:d9:0a:fd:83:99:fc:0a:0c:75:
26:33:1a:73:ba:71:21:af:43:55:75:6a:7f:d6:92:e4:fa:22:
61:92:72:fa:ee:a7:78:63:7d:00:cc:32:5a:bb:9b:22:e8:aa:
da:71:56:cf:ec:b1:7b:50:c5:65:b9:0c:4c:a3:10:21:cc:d8:
af:3c:62:d4:ad:33:fd:b9:ae:9b:55:ff:4e:85:be:c8:bb:38:
f8:60:46:e9:e1:48:83:f0:89:69:40:d5:15:03:d2:45:b8:6a:
7c:6c:d7:a9
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUBa90PiS/GkSWURjwDcPLu9Ip84MwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA3MTUwMDIwMDVaFw0yNTA4MTkyMzU5NTlaMHoxSTBHBgNV
BAUTQGU5YjQ0YTQ2MmViMWE3MzdhYzc2ODA3YWNlYmJkYjlhZjQ4NjY4OTc1MmRh
NjEzYzlhNzJlYTU2ZjgxMDcwZTgxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJK9TKd1dX75FFJ427aYapeKaAnvm9OARTR0OsNRb7/EStEaW/5xN/dGlTyy
iHmpJ3W91MEOdalokKlxgU9B8l4KevXyTMoNCbmvnK5DThdPI6fnCZNNCkDmof75
eYnlZfGyNL6gdrnGpA83kSN7zuavEcnmlDSGQYdzg77ElvbkDEHKTMQYoOkEjYyR
OZYtOAVGFNYHxwd3HBFzPxgKNsY+2w8Puq6fIEbcvPMdxOOfG6oGQ5ArNEbTzstd
dKm0QH87kw5G5wIrYwKwqQvx0BJFF1zz8GV+jjpDF5+micIn88rwZJlFGlWECRgv
6fiDBx01IFA8FifdoKswZ2BoGGECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQ/Szex
+SxsgGh417e6hKrM71/8sjAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
NzhlYTFjZTItOGQwOS00NDFkLWFkOTItODQ4YTU4NzFlNThiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCABP8MA
MA0GCSqGSIb3DQEBCwUAA4IBAQCYu+bMkGYuQE6q7yVJnRUVMaGOaSL6wKHqUh3E
9ZxQg3m8frI5HLZO/FDo+S+NYMaZ3gHMg/msIhn7JKqW6NpaLmZg38Hw4ccr12LO
sQgisetmjwiyK4IMq0du03ahuBp23iOJ0MOZLZ5+iIoUo1XuMWaStZSKO2YYt3+8
gBcBqGaaJCarrM02LkVJqs/Gxb2u82e2eZktJhLZCv2DmfwKDHUmMxpzunEhr0NV
dWp/1pLk+iJhknL67qd4Y30AzDJau5si6KracVbP7LF7UMVluQxMoxAhzNivPGLU
rTP9ua6bVf9Ohb7Iuzj4YEbp4UiD8IlpQNUVA9JFuGp8bNep
-----END CERTIFICATE-----
Generated at Tue Jul 22 19:30:31 2025 by rpki-client