Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/afb29442-cb58-4fe7-9319-202c1646019f.roa
File: afb29442-cb58-4fe7-9319-202c1646019f.roa (raw, json)
Hash identifier: 16/EZGgRZC2HlCNFUhrB9Jbjp4b0osFEHygubBKWOz4=
Subject key identifier: 22:68:D6:E4:63:E3:8A:E4:15:9E:9C:B7:F1:07:F9:95:E5:0C:5D:66
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 3CFBD76C8AA3CC77E52FD8A470DCE61272069CA9
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/afb29442-cb58-4fe7-9319-202c1646019f.roa
Signing time: Tue 15 Jul 2025 00:30:07 +0000
ROA not before: Tue 15 Jul 2025 00:30:07 +0000
ROA not after: Tue 19 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc6::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3c:fb:d7:6c:8a:a3:cc:77:e5:2f:d8:a4:70:dc:e6:12:72:06:9c:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Jul 15 00:30:07 2025 GMT
Not After : Aug 19 23:59:59 2025 GMT
Subject: serialNumber=94c7cd7f71178a14b5d43afa4dba831a1b4df65a8c916c47cde0b462da91bbd5, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:c8:30:98:40:55:d4:81:76:89:d2:a8:29:e8:
ff:23:35:52:22:76:aa:96:6f:50:37:10:95:08:a3:
9a:8d:cb:13:ab:3e:d4:ba:ff:92:53:49:50:6a:34:
0f:be:ec:da:53:e1:6f:10:89:05:2b:5f:12:e0:04:
23:df:9c:ec:cb:24:3b:b8:13:34:85:f2:c4:0a:28:
60:62:4d:a4:bd:80:c5:a8:6c:ba:f4:ee:2d:1b:80:
22:36:7c:09:23:a6:8f:f5:5d:36:22:d0:63:58:d7:
86:3d:08:cb:4e:77:23:a4:86:32:c6:0f:26:86:04:
3d:4b:fc:ba:25:26:a0:8b:3e:b1:70:b4:8c:26:c9:
00:9b:70:3b:2a:75:4a:46:a5:41:b7:a3:ed:8e:ea:
b3:67:84:0b:45:b3:30:43:10:9a:3d:8b:29:ed:e3:
91:37:d1:75:05:99:02:e8:19:5f:69:95:28:2f:dd:
5d:2e:7c:a9:76:e5:90:38:5b:60:25:25:45:65:76:
07:bd:be:f3:6f:a8:ec:ab:d7:f4:09:5f:e5:e2:e0:
1e:24:ae:da:52:7e:8e:13:ae:d8:66:3f:ca:d5:11:
64:10:da:66:74:1d:06:64:ab:da:b7:fb:c0:a7:b9:
d5:51:f7:74:3e:81:76:25:5e:8f:57:13:28:d9:2c:
9a:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:68:D6:E4:63:E3:8A:E4:15:9E:9C:B7:F1:07:F9:95:E5:0C:5D:66
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/afb29442-cb58-4fe7-9319-202c1646019f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc6::/40
Signature Algorithm: sha256WithRSAEncryption
a5:f8:9d:ce:cd:0a:ad:30:3c:69:0a:d4:6c:6e:d1:bc:87:f4:
c3:01:d1:e9:a7:3d:a6:5f:31:2b:b8:39:82:3a:57:86:64:01:
e4:4d:cb:e9:72:4d:ce:45:3f:7d:84:d0:33:1d:4a:f0:11:88:
66:d5:6f:6d:a2:01:20:1e:b3:57:68:1d:f5:06:cf:55:8f:f3:
da:9b:4c:cf:ef:65:dd:db:b0:e9:f8:62:8d:83:a6:07:2b:fa:
a9:a0:ce:cf:73:84:2e:ed:14:cc:b8:8a:a0:ee:92:eb:f3:49:
d7:bb:fc:74:81:55:70:62:ea:94:81:32:72:c4:cc:5b:cc:88:
26:d8:c4:af:7d:f6:a2:1c:7a:48:42:45:c8:93:a8:d7:cd:91:
c3:67:b7:61:1b:f3:fd:a8:57:b1:18:96:e0:77:c0:70:aa:76:
d1:f8:31:8b:41:54:c0:12:0f:ec:81:31:c6:05:23:e2:fa:41:
38:80:5b:8e:53:07:fa:e7:f3:87:f5:ee:df:cb:c9:5b:5b:45:
69:94:cc:f4:31:9e:ce:d5:ea:6f:d7:c0:5b:b6:f4:0c:4d:10:
42:d7:76:83:ea:9a:61:39:79:40:c3:3d:55:0b:12:5e:66:37:
18:6d:fb:de:60:fd:b5:30:5a:81:39:ec:96:05:40:a5:51:40:
37:4a:13:da
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUPPvXbIqjzHflL9ikcNzmEnIGnKkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA3MTUwMDMwMDdaFw0yNTA4MTkyMzU5NTlaMHoxSTBHBgNV
BAUTQDk0YzdjZDdmNzExNzhhMTRiNWQ0M2FmYTRkYmE4MzFhMWI0ZGY2NWE4Yzkx
NmM0N2NkZTBiNDYyZGE5MWJiZDUxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALvIMJhAVdSBdonSqCno/yM1UiJ2qpZvUDcQlQijmo3LE6s+1Lr/klNJUGo0
D77s2lPhbxCJBStfEuAEI9+c7MskO7gTNIXyxAooYGJNpL2AxahsuvTuLRuAIjZ8
CSOmj/VdNiLQY1jXhj0Iy053I6SGMsYPJoYEPUv8uiUmoIs+sXC0jCbJAJtwOyp1
SkalQbej7Y7qs2eEC0WzMEMQmj2LKe3jkTfRdQWZAugZX2mVKC/dXS58qXblkDhb
YCUlRWV2B72+82+o7KvX9Alf5eLgHiSu2lJ+jhOu2GY/ytURZBDaZnQdBmSr2rf7
wKe51VH3dD6BdiVej1cTKNksmj8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQiaNbk
Y+OK5BWenLfxB/mV5QxdZjAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
YWZiMjk0NDItY2I1OC00ZmU3LTkzMTktMjAyYzE2NDYwMTlmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACABP8YA
MA0GCSqGSIb3DQEBCwUAA4IBAQCl+J3OzQqtMDxpCtRsbtG8h/TDAdHppz2mXzEr
uDmCOleGZAHkTcvpck3ORT99hNAzHUrwEYhm1W9togEgHrNXaB31Bs9Vj/Pam0zP
72Xd27Dp+GKNg6YHK/qpoM7Pc4Qu7RTMuIqg7pLr80nXu/x0gVVwYuqUgTJyxMxb
zIgm2MSvffaiHHpIQkXIk6jXzZHDZ7dhG/P9qFexGJbgd8BwqnbR+DGLQVTAEg/s
gTHGBSPi+kE4gFuOUwf65/OH9e7fy8lbW0VplMz0MZ7O1epv18BbtvQMTRBC13aD
6pphOXlAwz1VCxJeZjcYbfveYP21MFqBOeyWBUClUUA3ShPa
-----END CERTIFICATE-----
Generated at Tue Jul 22 19:31:08 2025 by rpki-client