Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/c9fc58bf-3415-4839-940e-603e1b7d42f6.roa
File: c9fc58bf-3415-4839-940e-603e1b7d42f6.roa (raw, json)
Hash identifier: QJG+V3ls6eLdFRjrRwmBEneQFBZnAvCmU3mr56fFw4E=
Subject key identifier: 66:DF:27:3C:57:2F:C6:6D:E0:DB:8B:2B:14:26:D7:97:99:C9:E2:AD
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 4FC68593B2CB0145F953502F63638FCCCDF1F664
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/c9fc58bf-3415-4839-940e-603e1b7d42f6.roa
Signing time: Tue 15 Jul 2025 00:30:41 +0000
ROA not before: Tue 15 Jul 2025 00:30:41 +0000
ROA not after: Tue 19 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc7:e000::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 08:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4f:c6:85:93:b2:cb:01:45:f9:53:50:2f:63:63:8f:cc:cd:f1:f6:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Jul 15 00:30:41 2025 GMT
Not After : Aug 19 23:59:59 2025 GMT
Subject: serialNumber=d661f536d6fa005a4b9a384a3164d1d2281bc77f2fc941e688e7f898448ba42c, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:d8:d8:03:45:fd:6a:66:82:68:05:81:b7:8c:
c0:14:18:0e:3d:b8:dc:72:89:d6:9d:8c:01:1c:57:
f5:68:92:71:e6:96:3b:55:a4:ee:b2:b4:93:fc:48:
42:c7:87:1e:ba:39:1f:c3:a5:45:cd:ff:ee:46:1f:
96:70:8a:0b:5f:03:e1:4c:64:e4:b1:f8:40:04:e5:
f6:b5:03:c6:a4:d5:d4:aa:cf:59:3a:d5:2b:1e:6f:
55:52:aa:84:00:ab:4c:1c:60:bb:08:c1:d1:8c:d9:
a4:86:a4:1f:7e:86:b3:89:f4:58:67:35:e7:b3:2b:
b2:86:ef:71:38:25:e2:c2:70:17:0b:ff:01:5c:ea:
a1:e7:21:b0:04:43:e9:54:9b:b7:20:bc:11:5e:cc:
9a:a3:64:a5:bd:44:4a:fc:ab:fc:bb:d6:c9:5d:e3:
b6:5c:a3:e3:d9:31:fe:c5:4d:53:ad:69:09:52:6f:
d2:0c:bd:9e:5e:b6:f1:d9:d9:7d:14:57:3f:4e:ec:
dc:19:d7:69:58:5b:82:9b:1d:f1:52:10:c8:35:dd:
c1:42:4c:cd:ab:3c:cc:06:27:0f:bd:80:9f:ac:8d:
38:70:22:db:17:ff:54:9d:0e:f0:e7:ef:11:a3:1e:
21:3d:59:aa:70:de:54:7e:ed:47:99:de:c0:56:b6:
bb:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:DF:27:3C:57:2F:C6:6D:E0:DB:8B:2B:14:26:D7:97:99:C9:E2:AD
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/c9fc58bf-3415-4839-940e-603e1b7d42f6.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc7:e000::/36
Signature Algorithm: sha256WithRSAEncryption
78:cd:c9:24:35:59:18:f9:31:3e:dc:c6:df:3d:01:bd:dd:be:
46:44:0a:db:62:93:f8:62:80:89:b8:4b:87:00:50:6d:68:f2:
dc:3e:61:fe:fe:18:91:7a:72:76:3f:7d:70:02:66:c2:6b:bb:
36:d1:f6:81:bd:27:57:28:67:f7:23:10:40:a7:c4:4e:e1:5d:
21:5a:4e:43:2b:0b:3a:44:12:6f:c8:c3:7f:e2:b6:9f:d5:e8:
c4:b1:9b:08:3a:f1:61:45:c8:fe:d1:64:44:89:a5:78:3f:3a:
34:f3:28:4e:bb:e0:d7:2c:40:c5:dd:c4:e5:b3:59:80:cf:02:
c7:9a:a8:94:60:68:6b:22:07:bf:10:e8:01:6c:0b:b2:1d:29:
05:35:b7:bb:b0:0a:48:ea:06:30:28:ca:26:5d:98:c9:5d:62:
64:82:16:16:32:0f:4d:35:38:27:e0:6a:ef:43:31:e7:38:fe:
b2:41:26:f3:e3:01:e4:bc:6c:44:05:5d:a1:c6:0f:7c:9c:4a:
b1:18:92:dc:5b:1b:72:d6:da:2e:2b:d1:28:59:84:cf:b3:f4:
37:34:74:15:8c:d9:ef:39:88:28:77:5e:be:a7:23:17:f8:49:
f1:e1:4b:95:b0:29:9d:2d:af:41:8a:c5:27:55:62:9f:4f:b6:
82:98:d1:af
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUT8aFk7LLAUX5U1AvY2OPzM3x9mQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA3MTUwMDMwNDFaFw0yNTA4MTkyMzU5NTlaMHoxSTBHBgNV
BAUTQGQ2NjFmNTM2ZDZmYTAwNWE0YjlhMzg0YTMxNjRkMWQyMjgxYmM3N2YyZmM5
NDFlNjg4ZTdmODk4NDQ4YmE0MmMxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM/Y2ANF/WpmgmgFgbeMwBQYDj243HKJ1p2MARxX9WiSceaWO1Wk7rK0k/xI
QseHHro5H8OlRc3/7kYflnCKC18D4Uxk5LH4QATl9rUDxqTV1KrPWTrVKx5vVVKq
hACrTBxguwjB0YzZpIakH36Gs4n0WGc157MrsobvcTgl4sJwFwv/AVzqoechsARD
6VSbtyC8EV7MmqNkpb1ESvyr/LvWyV3jtlyj49kx/sVNU61pCVJv0gy9nl628dnZ
fRRXP07s3BnXaVhbgpsd8VIQyDXdwUJMzas8zAYnD72An6yNOHAi2xf/VJ0O8Ofv
EaMeIT1ZqnDeVH7tR5newFa2u90CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRm3yc8
Vy/GbeDbiysUJteXmcnirTAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
YzlmYzU4YmYtMzQxNS00ODM5LTk0MGUtNjAzZTFiN2Q0MmY2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCABP8fg
MA0GCSqGSIb3DQEBCwUAA4IBAQB4zckkNVkY+TE+3MbfPQG93b5GRArbYpP4YoCJ
uEuHAFBtaPLcPmH+/hiRenJ2P31wAmbCa7s20faBvSdXKGf3IxBAp8RO4V0hWk5D
Kws6RBJvyMN/4raf1ejEsZsIOvFhRcj+0WREiaV4Pzo08yhOu+DXLEDF3cTls1mA
zwLHmqiUYGhrIge/EOgBbAuyHSkFNbe7sApI6gYwKMomXZjJXWJkghYWMg9NNTgn
4GrvQzHnOP6yQSbz4wHkvGxEBV2hxg98nEqxGJLcWxty1touK9EoWYTPs/Q3NHQV
jNnvOYgod16+pyMX+Enx4UuVsCmdLa9BisUnVWKfT7aCmNGv
-----END CERTIFICATE-----
Generated at Tue Jul 22 11:45:06 2025 by rpki-client