Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/cb8e2b63-db40-4825-9c5a-943662c198a5.roa
File: cb8e2b63-db40-4825-9c5a-943662c198a5.roa (raw, json)
Hash identifier: 8Mu4+b6sbhrNFEgLrJXDWBffXh1qsnGAytYz3ZzA/Qc=
Subject key identifier: AE:29:E3:E3:CF:5C:F3:A0:67:FF:B2:E6:3E:4B:32:06:84:54:9F:D9
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 42B8B166BD545331AB82E94706D99E874F463461
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/cb8e2b63-db40-4825-9c5a-943662c198a5.roa
Signing time: Tue 15 Jul 2025 00:20:40 +0000
ROA not before: Tue 15 Jul 2025 00:20:40 +0000
ROA not after: Tue 19 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc7:7840::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 08:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
42:b8:b1:66:bd:54:53:31:ab:82:e9:47:06:d9:9e:87:4f:46:34:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Jul 15 00:20:40 2025 GMT
Not After : Aug 19 23:59:59 2025 GMT
Subject: serialNumber=55c610615f7cf16bef145def2e71b728a53a327bec76921fb16d2d43bf99dc03, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:be:5d:0b:32:9b:60:69:04:d7:67:91:97:5d:
98:ca:be:95:3b:19:b4:28:b3:88:ff:a7:ab:fd:c6:
d6:bc:a8:1f:b2:d9:66:73:1e:b4:92:32:ce:ad:17:
71:03:d9:03:64:b7:fb:93:b5:69:f3:30:d7:83:d2:
a1:94:34:3c:e4:43:2a:e7:b1:6c:f5:8d:6b:b4:cc:
a4:88:d2:d0:c9:64:29:40:ae:48:62:65:1f:c3:27:
d9:2e:74:4c:0a:48:ab:a2:aa:f3:4a:a4:04:84:cb:
56:86:ab:d4:98:c1:e2:a6:db:39:58:46:0d:ea:ff:
d4:2e:bb:c6:33:6d:5e:96:7a:e5:51:25:be:f1:bc:
87:2e:92:d3:d4:17:b8:d6:8d:6d:5c:46:bd:47:9d:
77:fc:ff:25:c5:3b:b5:2d:b5:dc:16:46:b3:ed:67:
4e:bf:50:2b:ff:b0:ce:47:f7:70:9e:96:0c:4b:47:
24:fc:e6:f3:6a:ee:d3:4c:f9:b0:5c:43:49:1d:6a:
af:b1:33:f8:84:19:af:e3:02:55:e6:3f:57:1c:c2:
6b:09:d2:f5:ec:7b:64:a5:53:73:98:c3:a6:ec:71:
64:01:b5:15:41:0d:d8:94:0e:c7:07:a4:69:eb:80:
a8:4e:9c:a3:3b:09:e1:47:32:87:ce:f7:ae:7a:56:
68:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:29:E3:E3:CF:5C:F3:A0:67:FF:B2:E6:3E:4B:32:06:84:54:9F:D9
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/cb8e2b63-db40-4825-9c5a-943662c198a5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc7:7840::/46
Signature Algorithm: sha256WithRSAEncryption
a3:9d:2e:26:c2:84:d7:ca:a8:7a:92:59:7e:ae:71:e7:5e:b4:
dd:af:a2:94:e1:82:af:12:83:77:a8:e1:f9:51:b3:32:db:8d:
39:f9:f8:54:94:03:38:ea:40:59:b1:c9:89:38:d8:06:7f:4c:
29:2f:c1:0f:8d:f7:e3:8a:de:e0:bf:db:59:f4:29:c3:b2:42:
2e:0b:1f:b5:1d:31:35:2c:43:4e:2f:28:be:32:2e:34:56:35:
b4:97:70:de:e7:d1:eb:51:73:d0:2f:8f:d8:c4:bf:cf:49:81:
97:75:d5:d2:30:2a:e0:5d:71:df:5b:a3:23:2a:2c:fe:93:11:
e5:e0:1f:74:f9:4f:2f:98:0d:52:aa:ff:57:7c:56:9c:02:d5:
c9:06:eb:d0:43:76:b0:9e:73:93:78:8f:58:ba:c4:8f:22:e3:
79:ee:8b:20:f4:3e:4e:0d:58:c2:02:61:db:cf:c3:31:6d:c3:
5c:65:78:a3:4d:3e:0f:41:32:55:4f:7d:02:a6:c3:fb:8a:14:
54:0e:95:3e:5e:ba:50:fe:6f:c5:40:e8:10:65:df:36:ac:b2:
f1:3e:e8:01:b2:c2:ae:c2:09:6f:97:af:16:f5:d6:b9:72:0c:
ad:7a:ad:31:95:57:ba:b2:36:33:1c:70:a1:89:af:be:37:e4:
0e:a5:ec:ed
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUQrixZr1UUzGrgulHBtmeh09GNGEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA3MTUwMDIwNDBaFw0yNTA4MTkyMzU5NTlaMHoxSTBHBgNV
BAUTQDU1YzYxMDYxNWY3Y2YxNmJlZjE0NWRlZjJlNzFiNzI4YTUzYTMyN2JlYzc2
OTIxZmIxNmQyZDQzYmY5OWRjMDMxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALi+XQsym2BpBNdnkZddmMq+lTsZtCiziP+nq/3G1ryoH7LZZnMetJIyzq0X
cQPZA2S3+5O1afMw14PSoZQ0PORDKuexbPWNa7TMpIjS0MlkKUCuSGJlH8Mn2S50
TApIq6Kq80qkBITLVoar1JjB4qbbOVhGDer/1C67xjNtXpZ65VElvvG8hy6S09QX
uNaNbVxGvUedd/z/JcU7tS213BZGs+1nTr9QK/+wzkf3cJ6WDEtHJPzm82ru00z5
sFxDSR1qr7Ez+IQZr+MCVeY/VxzCawnS9ex7ZKVTc5jDpuxxZAG1FUEN2JQOxwek
aeuAqE6cozsJ4Ucyh873rnpWaIECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSuKePj
z1zzoGf/suY+SzIGhFSf2TAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
Y2I4ZTJiNjMtZGI0MC00ODI1LTljNWEtOTQzNjYyYzE5OGE1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAiABP8d4
QDANBgkqhkiG9w0BAQsFAAOCAQEAo50uJsKE18qoepJZfq5x51603a+ilOGCrxKD
d6jh+VGzMtuNOfn4VJQDOOpAWbHJiTjYBn9MKS/BD43344re4L/bWfQpw7JCLgsf
tR0xNSxDTi8ovjIuNFY1tJdw3ufR61Fz0C+P2MS/z0mBl3XV0jAq4F1x31ujIyos
/pMR5eAfdPlPL5gNUqr/V3xWnALVyQbr0EN2sJ5zk3iPWLrEjyLjee6LIPQ+Tg1Y
wgJh28/DMW3DXGV4o00+D0EyVU99AqbD+4oUVA6VPl66UP5vxUDoEGXfNqyy8T7o
AbLCrsIJb5evFvXWuXIMrXqtMZVXurI2MxxwoYmvvjfkDqXs7Q==
-----END CERTIFICATE-----
Generated at Tue Jul 22 11:45:05 2025 by rpki-client