Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/ccefeaa3-50fd-4fb5-a0d6-682ea894c5e1.roa
File: ccefeaa3-50fd-4fb5-a0d6-682ea894c5e1.roa (raw, json)
Hash identifier: 2vZVOgDyAVJxtLm5luKGA6k/KmOJFxQe3YY5HUiSR/w=
Subject key identifier: 1E:B8:E9:C9:3E:71:7E:B1:17:D8:62:B0:50:07:6D:CB:02:B1:48:C9
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 7488FF2479B64642242F806693A6DA384CC9C47D
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/ccefeaa3-50fd-4fb5-a0d6-682ea894c5e1.roa
Signing time: Tue 15 Jul 2025 00:20:43 +0000
ROA not before: Tue 15 Jul 2025 00:20:43 +0000
ROA not after: Tue 19 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc7:5800::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
74:88:ff:24:79:b6:46:42:24:2f:80:66:93:a6:da:38:4c:c9:c4:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Jul 15 00:20:43 2025 GMT
Not After : Aug 19 23:59:59 2025 GMT
Subject: serialNumber=8b5bbee349aa39dc8988bee6ced16518bf0d0bab307f3d948dd44c3fa6aadfc4, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:b6:44:5a:74:0a:2f:a2:5f:44:20:84:6d:a1:
f2:9f:f0:2c:e1:ba:4c:e4:3d:42:0d:cc:97:3c:4e:
f2:c1:e7:b8:d1:ce:e9:9f:52:8b:51:c7:ee:f5:14:
3d:3a:20:fb:8d:12:ee:63:e4:95:f1:ea:66:23:ad:
4b:0e:c3:be:04:73:0a:ef:e4:cb:63:05:2f:eb:b5:
ed:05:ee:9e:a3:58:3a:55:26:a5:87:c9:57:96:9e:
4c:69:27:e2:c8:0c:58:fe:9b:5c:9e:86:16:fb:bd:
b8:31:9f:a8:c1:3e:5e:a9:c7:0d:43:e7:2f:7c:e6:
e3:e3:e0:75:34:b3:10:62:73:ba:97:71:50:76:90:
8c:46:ca:8e:6a:be:51:db:6e:27:56:3f:fc:26:50:
49:80:93:af:71:32:7f:83:a5:27:2d:a6:d1:01:41:
c9:9e:16:eb:6f:24:c7:51:ed:f2:de:4c:c4:5f:d2:
e9:fd:18:98:1a:80:da:71:09:67:4d:dc:91:d4:ab:
39:30:38:c2:48:5e:3e:56:d4:b3:83:5f:97:5b:8a:
c1:e4:06:48:0a:a0:38:fd:01:eb:14:ba:d5:4c:a1:
45:85:dd:00:81:de:40:f0:6a:a5:a4:b3:d3:ac:6c:
6a:e8:df:0f:d0:cf:d1:9a:56:38:a6:8c:59:2d:ba:
5b:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:B8:E9:C9:3E:71:7E:B1:17:D8:62:B0:50:07:6D:CB:02:B1:48:C9
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/ccefeaa3-50fd-4fb5-a0d6-682ea894c5e1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc7:5800::/40
Signature Algorithm: sha256WithRSAEncryption
34:f9:35:62:51:32:fb:b6:33:5d:16:4a:4e:de:50:ad:d1:52:
84:0e:7c:62:67:5c:aa:5d:ca:a1:75:56:00:1b:dc:e4:27:e8:
3a:fb:05:fb:11:6c:2a:93:09:4e:e0:36:a1:04:89:bf:7f:ca:
a1:4b:83:8c:fb:42:a1:05:b4:71:88:47:08:bc:42:80:4d:e8:
9e:a0:b8:6a:2d:e6:f0:d2:2a:ca:d9:c8:08:61:49:83:4f:d9:
35:9f:23:e2:5c:c2:da:2c:45:14:de:4f:df:4c:72:41:3f:ab:
df:6d:13:7a:95:a0:1b:09:f5:e3:69:6c:e7:69:8e:0c:05:1e:
1d:86:a5:66:70:31:15:82:50:a0:b5:bb:79:cc:a6:8f:42:48:
62:7e:00:66:11:66:7b:d4:c5:ea:3a:67:9c:a5:7e:54:5b:55:
f7:51:38:d0:63:61:e2:f8:26:f3:4c:c9:10:4e:73:53:99:83:
6c:f7:83:1d:b4:51:8d:c9:c1:0b:82:1b:80:d2:96:87:e8:37:
c1:88:60:cd:4d:7e:c3:cc:52:93:85:52:ca:86:68:9a:6a:51:
47:fc:79:f8:a1:bb:8e:5a:9c:3c:3b:bc:7f:4a:97:bc:7e:46:
68:dd:57:c7:2e:e2:41:a0:06:6c:3d:dd:09:77:5d:21:95:70:
30:c8:88:9a
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUdIj/JHm2RkIkL4Bmk6baOEzJxH0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA3MTUwMDIwNDNaFw0yNTA4MTkyMzU5NTlaMHoxSTBHBgNV
BAUTQDhiNWJiZWUzNDlhYTM5ZGM4OTg4YmVlNmNlZDE2NTE4YmYwZDBiYWIzMDdm
M2Q5NDhkZDQ0YzNmYTZhYWRmYzQxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANm2RFp0Ci+iX0QghG2h8p/wLOG6TOQ9Qg3MlzxO8sHnuNHO6Z9Si1HH7vUU
PTog+40S7mPklfHqZiOtSw7DvgRzCu/ky2MFL+u17QXunqNYOlUmpYfJV5aeTGkn
4sgMWP6bXJ6GFvu9uDGfqME+XqnHDUPnL3zm4+PgdTSzEGJzupdxUHaQjEbKjmq+
UdtuJ1Y//CZQSYCTr3Eyf4OlJy2m0QFByZ4W628kx1Ht8t5MxF/S6f0YmBqA2nEJ
Z03ckdSrOTA4wkhePlbUs4Nfl1uKweQGSAqgOP0B6xS61UyhRYXdAIHeQPBqpaSz
06xsaujfD9DP0ZpWOKaMWS26W3sCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQeuOnJ
PnF+sRfYYrBQB23LArFIyTAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
Y2NlZmVhYTMtNTBmZC00ZmI1LWEwZDYtNjgyZWE4OTRjNWUxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACABP8dY
MA0GCSqGSIb3DQEBCwUAA4IBAQA0+TViUTL7tjNdFkpO3lCt0VKEDnxiZ1yqXcqh
dVYAG9zkJ+g6+wX7EWwqkwlO4DahBIm/f8qhS4OM+0KhBbRxiEcIvEKATeieoLhq
Lebw0irK2cgIYUmDT9k1nyPiXMLaLEUU3k/fTHJBP6vfbRN6laAbCfXjaWznaY4M
BR4dhqVmcDEVglCgtbt5zKaPQkhifgBmEWZ71MXqOmecpX5UW1X3UTjQY2Hi+Cbz
TMkQTnNTmYNs94MdtFGNycELghuA0paH6DfBiGDNTX7DzFKThVLKhmiaalFH/Hn4
obuOWpw8O7x/Spe8fkZo3VfHLuJBoAZsPd0Jd10hlXAwyIia
-----END CERTIFICATE-----
Generated at Tue Jul 22 19:29:24 2025 by rpki-client