Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/89c562b8-1ff3-47cb-a104-ad1da28b42d7.roa
File: 89c562b8-1ff3-47cb-a104-ad1da28b42d7.roa (raw, json)
Hash identifier: vIhFbqDkQPhc3DvA28NN2y0kv2QiY0gOT4XkAqfNob0=
Subject key identifier: 5D:69:88:96:89:91:B2:36:2D:99:85:82:EE:3B:F8:42:23:6C:D4:AA
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 0AEAC1423B222755CA47AE2693AF8DE540092234
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/89c562b8-1ff3-47cb-a104-ad1da28b42d7.roa
Signing time: Tue 15 Jul 2025 00:21:21 +0000
ROA not before: Tue 15 Jul 2025 00:21:21 +0000
ROA not after: Tue 19 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc7:7880::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0a:ea:c1:42:3b:22:27:55:ca:47:ae:26:93:af:8d:e5:40:09:22:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Jul 15 00:21:21 2025 GMT
Not After : Aug 19 23:59:59 2025 GMT
Subject: serialNumber=08faef8879c60e2a5aaff85889fc61d911131646f867cf8021ef13dfcd9fe863, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:61:ed:88:31:af:6d:c7:a0:e9:61:ba:68:04:
d2:2d:c7:86:1c:01:c8:bd:36:e4:9d:f3:de:73:3f:
23:29:19:0e:5b:89:cf:d7:a9:d8:ce:71:2c:15:55:
ba:27:d2:45:93:71:fd:b9:7c:4d:14:53:4d:7a:56:
08:61:f4:18:80:cc:0d:31:33:07:0e:9b:b7:83:56:
28:96:29:35:fd:e5:c0:1d:b1:5a:58:a8:d8:ab:43:
ab:45:17:a2:93:6f:a0:fb:2a:72:61:c9:1a:83:5d:
78:3c:33:a7:dd:a0:2c:a7:77:17:0a:48:69:16:a4:
da:bb:d9:14:f6:7c:31:90:da:4f:f0:7b:48:5f:35:
25:34:df:ae:b6:3d:02:70:c2:44:89:5b:43:b2:fc:
cc:c6:fe:68:69:55:84:f1:39:54:6b:56:e0:c8:1d:
07:a9:bb:20:d3:f9:d9:9e:1b:36:1c:13:7c:c5:cc:
a7:47:3b:bf:3d:be:12:9b:e5:48:a1:d6:d4:b8:52:
ac:d3:ba:ce:40:de:30:a3:74:4f:56:f9:30:94:57:
54:52:ce:74:a9:90:9a:45:64:bf:eb:42:33:71:81:
61:85:58:a2:22:19:94:0d:f7:dd:d8:dc:75:1d:c8:
6e:1d:7c:89:87:a7:64:52:1a:8e:89:cb:9e:d0:3c:
1f:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:69:88:96:89:91:B2:36:2D:99:85:82:EE:3B:F8:42:23:6C:D4:AA
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/89c562b8-1ff3-47cb-a104-ad1da28b42d7.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc7:7880::/46
Signature Algorithm: sha256WithRSAEncryption
62:e8:01:7c:b9:e0:e6:c3:bb:bf:cb:fa:4c:fb:78:d8:0f:1b:
a1:cf:d9:51:ea:45:52:c7:1c:28:30:0c:fe:ca:39:f5:4b:b9:
43:44:38:01:ac:ad:a8:0f:89:03:fc:af:37:ea:b2:09:7b:52:
38:51:1f:75:71:b1:24:bc:c8:d0:e9:86:81:a4:75:6b:b2:60:
b3:60:e8:77:51:78:03:46:ee:3a:74:e6:fd:81:b9:16:0e:67:
96:3b:32:f9:cd:bc:7a:b9:1f:01:77:d8:2e:f1:3a:c0:66:bb:
39:6e:bf:48:a1:7b:87:a9:4b:9c:69:83:b6:88:b9:9e:64:d1:
d4:10:7e:c2:2c:36:93:84:d1:33:a4:bb:92:29:fb:c4:c6:a5:
13:75:b4:88:1c:d4:3a:27:57:a5:c5:3a:c6:9c:13:0d:39:18:
38:fe:d3:a3:e0:19:b4:d2:e6:cc:4a:06:22:cb:18:08:2e:39:
89:de:6b:5d:63:51:ea:a8:4c:51:4d:b6:4d:ed:df:6a:5f:a6:
68:f0:f1:7a:0b:ab:8b:cc:57:bc:c8:2b:2a:67:13:9e:4d:d7:
55:1d:0d:1a:35:d7:89:47:40:ab:30:5b:68:cb:a4:28:10:c7:
8e:2a:cd:9c:6e:ca:d0:cf:69:b9:ca:b7:23:f7:a1:6d:c4:41:
fb:77:25:3a
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUCurBQjsiJ1XKR64mk6+N5UAJIjQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA3MTUwMDIxMjFaFw0yNTA4MTkyMzU5NTlaMHoxSTBHBgNV
BAUTQDA4ZmFlZjg4NzljNjBlMmE1YWFmZjg1ODg5ZmM2MWQ5MTExMzE2NDZmODY3
Y2Y4MDIxZWYxM2RmY2Q5ZmU4NjMxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAN1h7Ygxr23HoOlhumgE0i3HhhwByL025J3z3nM/IykZDluJz9ep2M5xLBVV
uifSRZNx/bl8TRRTTXpWCGH0GIDMDTEzBw6bt4NWKJYpNf3lwB2xWlio2KtDq0UX
opNvoPsqcmHJGoNdeDwzp92gLKd3FwpIaRak2rvZFPZ8MZDaT/B7SF81JTTfrrY9
AnDCRIlbQ7L8zMb+aGlVhPE5VGtW4MgdB6m7INP52Z4bNhwTfMXMp0c7vz2+Epvl
SKHW1LhSrNO6zkDeMKN0T1b5MJRXVFLOdKmQmkVkv+tCM3GBYYVYoiIZlA333djc
dR3Ibh18iYenZFIajonLntA8H/0CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRdaYiW
iZGyNi2ZhYLuO/hCI2zUqjAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
ODljNTYyYjgtMWZmMy00N2NiLWExMDQtYWQxZGEyOGI0MmQ3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAiABP8d4
gDANBgkqhkiG9w0BAQsFAAOCAQEAYugBfLng5sO7v8v6TPt42A8boc/ZUepFUscc
KDAM/so59Uu5Q0Q4AaytqA+JA/yvN+qyCXtSOFEfdXGxJLzI0OmGgaR1a7Jgs2Do
d1F4A0buOnTm/YG5Fg5nljsy+c28erkfAXfYLvE6wGa7OW6/SKF7h6lLnGmDtoi5
nmTR1BB+wiw2k4TRM6S7kin7xMalE3W0iBzUOidXpcU6xpwTDTkYOP7To+AZtNLm
zEoGIssYCC45id5rXWNR6qhMUU22Te3fal+maPDxeguri8xXvMgrKmcTnk3XVR0N
GjXXiUdAqzBbaMukKBDHjirNnG7K0M9pucq3I/ehbcRB+3clOg==
-----END CERTIFICATE-----
Generated at Tue Jul 22 19:30:45 2025 by rpki-client