Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/a4592271-0371-4e59-91d6-8cede30d6d9a.roa
File: a4592271-0371-4e59-91d6-8cede30d6d9a.roa (raw, json)
Hash identifier: KvU6qXxy2xKUAihznYQoxqKb/S+he4EMdnpmhSsgIFU=
Subject key identifier: 01:D3:99:D8:82:D6:E8:20:E4:75:4C:5B:A2:3C:5A:A1:7A:D3:4A:DF
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 127AC0BEEDEE7F3EC1A58875195742583AF7F75B
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/a4592271-0371-4e59-91d6-8cede30d6d9a.roa
Signing time: Tue 15 Jul 2025 00:21:17 +0000
ROA not before: Tue 15 Jul 2025 00:21:17 +0000
ROA not after: Tue 19 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc7:b8c0::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
12:7a:c0:be:ed:ee:7f:3e:c1:a5:88:75:19:57:42:58:3a:f7:f7:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Jul 15 00:21:17 2025 GMT
Not After : Aug 19 23:59:59 2025 GMT
Subject: serialNumber=d7de8cf0b15189f441d2cb585d5e1014e06357fc621c793779c87069cd688680, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:85:a0:25:cb:58:94:07:4f:a9:0d:23:ce:d7:
bf:bb:16:5e:3b:51:c3:26:2b:81:75:61:4c:a6:ec:
49:ff:ff:6a:d2:19:c3:18:76:37:8a:a9:a2:6b:55:
da:57:81:08:93:14:85:58:ad:37:77:ee:84:83:a0:
78:03:16:16:7f:a1:50:9a:6f:98:0c:1f:b4:1f:ca:
57:d9:ff:0e:99:90:55:6f:86:95:de:b8:e4:1b:d2:
ae:b0:c8:98:47:55:bf:69:14:c5:52:b9:68:49:e2:
cf:8a:6f:a0:96:c5:14:d7:9e:1c:b2:44:50:5e:c6:
0a:35:75:0d:f0:14:7f:b4:8b:2a:0a:ca:01:0d:1c:
86:67:dd:c3:ce:b5:f0:f1:97:1f:e8:3b:6f:fe:14:
5d:4f:1d:b5:52:4c:12:da:a9:f5:2f:5d:c9:b1:99:
96:ea:bf:e5:fc:f8:83:d8:65:e0:e3:77:40:a5:7a:
03:46:fa:53:40:3f:17:19:11:fd:2b:68:67:14:a5:
e8:77:91:3c:ad:4a:64:22:55:63:24:25:ef:50:2e:
8c:c3:b1:f0:24:61:09:d0:ac:66:58:82:90:4a:e1:
a8:20:ab:ff:1a:02:6b:5c:8b:49:9a:0c:60:81:f2:
0d:10:08:fc:e1:54:b5:14:05:a4:e9:e2:b8:a9:48:
13:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:D3:99:D8:82:D6:E8:20:E4:75:4C:5B:A2:3C:5A:A1:7A:D3:4A:DF
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/a4592271-0371-4e59-91d6-8cede30d6d9a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc7:b8c0::/46
Signature Algorithm: sha256WithRSAEncryption
79:f7:cf:9f:9f:7a:ed:89:4a:5c:ac:e3:29:b3:ec:b1:0f:e6:
3b:f9:e6:0c:55:35:31:eb:b9:cd:8d:f2:21:c8:c3:0f:81:7d:
32:47:2b:c7:60:7c:05:7e:c1:06:f5:a9:4e:b7:a9:0e:bf:7c:
29:cf:10:f6:07:60:c4:02:96:f9:7f:bb:41:60:ba:90:9f:3f:
c2:e2:38:a9:36:ba:80:32:52:0e:10:40:9a:ff:7a:d4:38:52:
bb:08:af:42:a9:80:27:7a:25:ff:ef:2f:45:31:09:ef:65:63:
94:32:50:d5:41:3f:00:01:b9:f9:50:a2:9c:13:6e:5b:b8:ea:
2e:a5:3c:af:04:7b:62:a2:a8:63:aa:74:de:00:94:34:51:23:
78:c8:c9:d5:0f:35:5c:47:4e:da:1f:52:43:94:2a:6a:ff:37:
bd:05:a0:17:25:d8:be:b5:81:d7:19:e3:70:27:62:ae:8e:16:
57:b0:a0:db:48:ce:7f:8f:08:b4:10:fb:3a:fe:ac:87:8d:d0:
ec:f1:55:fd:51:54:59:60:3d:b6:72:cc:e7:f9:c1:dc:ca:75:
82:07:86:04:9e:a3:73:a4:e4:87:e1:50:44:e6:f3:79:84:00:
a2:ba:e8:d5:65:87:da:7c:c8:32:a6:3b:69:3f:62:4c:6e:1b:
9e:51:b1:c7
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUEnrAvu3ufz7BpYh1GVdCWDr391swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA3MTUwMDIxMTdaFw0yNTA4MTkyMzU5NTlaMHoxSTBHBgNV
BAUTQGQ3ZGU4Y2YwYjE1MTg5ZjQ0MWQyY2I1ODVkNWUxMDE0ZTA2MzU3ZmM2MjFj
NzkzNzc5Yzg3MDY5Y2Q2ODg2ODAxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANCFoCXLWJQHT6kNI87Xv7sWXjtRwyYrgXVhTKbsSf//atIZwxh2N4qpomtV
2leBCJMUhVitN3fuhIOgeAMWFn+hUJpvmAwftB/KV9n/DpmQVW+Gld645BvSrrDI
mEdVv2kUxVK5aEniz4pvoJbFFNeeHLJEUF7GCjV1DfAUf7SLKgrKAQ0chmfdw861
8PGXH+g7b/4UXU8dtVJMEtqp9S9dybGZluq/5fz4g9hl4ON3QKV6A0b6U0A/FxkR
/StoZxSl6HeRPK1KZCJVYyQl71AujMOx8CRhCdCsZliCkErhqCCr/xoCa1yLSZoM
YIHyDRAI/OFUtRQFpOniuKlIE28CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQB05nY
gtboIOR1TFuiPFqhetNK3zAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
YTQ1OTIyNzEtMDM3MS00ZTU5LTkxZDYtOGNlZGUzMGQ2ZDlhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAiABP8e4
wDANBgkqhkiG9w0BAQsFAAOCAQEAeffPn5967YlKXKzjKbPssQ/mO/nmDFU1Meu5
zY3yIcjDD4F9Mkcrx2B8BX7BBvWpTrepDr98Kc8Q9gdgxAKW+X+7QWC6kJ8/wuI4
qTa6gDJSDhBAmv961DhSuwivQqmAJ3ol/+8vRTEJ72VjlDJQ1UE/AAG5+VCinBNu
W7jqLqU8rwR7YqKoY6p03gCUNFEjeMjJ1Q81XEdO2h9SQ5Qqav83vQWgFyXYvrWB
1xnjcCdiro4WV7Cg20jOf48ItBD7Ov6sh43Q7PFV/VFUWWA9tnLM5/nB3Mp1ggeG
BJ6jc6Tkh+FQRObzeYQAorro1WWH2nzIMqY7aT9iTG4bnlGxxw==
-----END CERTIFICATE-----
Generated at Tue Jul 22 19:31:24 2025 by rpki-client