Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/cd8f07c9-abc1-41dd-bad4-c7e5bf0bd4c5.roa
File: cd8f07c9-abc1-41dd-bad4-c7e5bf0bd4c5.roa (raw, json)
Hash identifier: ncnYqqN9XpMnOa2eyzyJpAUl/nYkHrXUGAweb5Mey78=
Subject key identifier: 10:EB:BF:24:B0:16:33:2C:D0:7C:5D:D4:C0:EF:CA:B6:E0:04:2C:D6
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 1F99C4290F1BE2EEEBB6713F49E08F085D471940
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/cd8f07c9-abc1-41dd-bad4-c7e5bf0bd4c5.roa
Signing time: Tue 15 Jul 2025 00:30:19 +0000
ROA not before: Tue 15 Jul 2025 00:30:19 +0000
ROA not after: Tue 19 Aug 2025 23:59:59 +0000
asID: 8987
IP address blocks: 2001:3fc4::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 22 Jul 2025 14:17:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1f:99:c4:29:0f:1b:e2:ee:eb:b6:71:3f:49:e0:8f:08:5d:47:19:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Jul 15 00:30:19 2025 GMT
Not After : Aug 19 23:59:59 2025 GMT
Subject: serialNumber=1161eb6f55d91e94c484d2b5859a0c9354fa7c5746ac7475f9954bd2b42eff43, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:71:60:6a:0e:04:36:39:d2:6b:89:b5:30:f7:
ca:c9:01:ba:0e:aa:4e:93:42:da:50:9d:e6:6a:79:
84:db:cd:fe:51:f1:96:bb:2b:cf:92:d9:df:c0:a2:
43:6b:ec:3b:9a:33:2d:74:65:b0:ba:a8:f1:33:46:
98:b8:b1:a3:5f:31:84:69:69:b6:0f:4a:bc:ec:e9:
42:dd:a8:f2:b9:50:6c:0f:5d:80:b5:ad:ba:63:45:
9b:2a:e0:36:e7:14:a0:93:84:9e:34:27:7e:d6:ad:
79:64:98:59:eb:74:24:7a:b2:25:b7:6c:34:95:50:
b7:a7:58:93:c0:ab:4e:c2:7c:5b:72:b8:e6:1d:db:
f9:91:82:25:1b:16:64:da:fb:a4:5a:bb:f4:51:0e:
e0:0d:bf:2c:5b:7a:9d:5b:97:6c:b2:50:56:d4:c1:
72:b4:3e:f8:bb:4c:b0:1f:db:b4:fa:00:3e:fd:e3:
41:e8:55:5f:86:fa:20:fc:88:32:3c:24:9b:80:8b:
83:b2:65:b1:d7:81:ee:5b:4f:f8:cf:93:91:95:f4:
1d:1d:28:11:aa:9a:03:4d:2c:90:b0:8b:2e:1b:9a:
b2:78:32:e5:9c:9e:b7:e2:55:67:83:b8:5c:ab:f9:
ba:ad:de:f8:ef:0a:b3:22:29:31:20:42:a7:0f:dc:
f6:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:EB:BF:24:B0:16:33:2C:D0:7C:5D:D4:C0:EF:CA:B6:E0:04:2C:D6
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/cd8f07c9-abc1-41dd-bad4-c7e5bf0bd4c5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc4::/36
Signature Algorithm: sha256WithRSAEncryption
07:db:00:b1:13:53:86:56:8c:38:fa:00:89:ab:4e:a9:3b:81:
7d:3e:35:f7:39:e9:94:d5:9a:9c:b7:70:29:bc:f4:d7:d5:ad:
8d:1b:87:b7:22:49:ac:c1:31:c4:b2:ad:3d:d8:00:ea:a4:95:
47:d4:d9:01:40:1c:02:93:50:86:66:57:13:14:8f:02:8c:90:
3c:66:f3:fa:64:7a:01:fc:2b:28:f3:bf:a2:f6:55:08:71:12:
09:4c:06:88:c0:ac:88:ef:ba:53:2b:02:e8:7d:26:c4:9e:76:
60:3b:9e:7c:ab:ad:76:a4:3e:97:ac:e1:88:9b:fa:2a:a4:ad:
9d:39:86:71:cc:49:50:ad:31:55:c9:d0:e8:3d:d0:42:6d:fc:
5a:c9:e6:d2:5c:f6:29:51:68:37:b6:ec:88:52:15:a5:9b:f8:
e4:81:30:c1:3b:16:56:67:c8:3b:fe:f2:81:5f:de:10:6b:34:
27:f5:92:ee:98:e2:3d:75:64:f8:27:e0:df:57:cc:f0:b1:8b:
03:e3:8d:4f:b7:50:c3:97:04:05:5f:75:d2:8a:19:b7:be:4d:
84:17:42:b7:03:d3:97:81:1c:2d:d2:2a:a5:cf:24:5f:74:02:
fb:54:99:e8:36:0c:7d:1a:b5:d2:90:b9:66:4b:45:ac:16:7e:
e9:42:39:c1
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUH5nEKQ8b4u7rtnE/SeCPCF1HGUAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA3MTUwMDMwMTlaFw0yNTA4MTkyMzU5NTlaMHoxSTBHBgNV
BAUTQDExNjFlYjZmNTVkOTFlOTRjNDg0ZDJiNTg1OWEwYzkzNTRmYTdjNTc0NmFj
NzQ3NWY5OTU0YmQyYjQyZWZmNDMxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAORxYGoOBDY50muJtTD3yskBug6qTpNC2lCd5mp5hNvN/lHxlrsrz5LZ38Ci
Q2vsO5ozLXRlsLqo8TNGmLixo18xhGlptg9KvOzpQt2o8rlQbA9dgLWtumNFmyrg
NucUoJOEnjQnftateWSYWet0JHqyJbdsNJVQt6dYk8CrTsJ8W3K45h3b+ZGCJRsW
ZNr7pFq79FEO4A2/LFt6nVuXbLJQVtTBcrQ++LtMsB/btPoAPv3jQehVX4b6IPyI
Mjwkm4CLg7JlsdeB7ltP+M+TkZX0HR0oEaqaA00skLCLLhuasngy5Zyet+JVZ4O4
XKv5uq3e+O8KsyIpMSBCpw/c9gkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQQ678k
sBYzLNB8XdTA78q24AQs1jAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
Y2Q4ZjA3YzktYWJjMS00MWRkLWJhZDQtYzdlNWJmMGJkNGM1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCABP8QA
MA0GCSqGSIb3DQEBCwUAA4IBAQAH2wCxE1OGVow4+gCJq06pO4F9PjX3OemU1Zqc
t3ApvPTX1a2NG4e3IkmswTHEsq092ADqpJVH1NkBQBwCk1CGZlcTFI8CjJA8ZvP6
ZHoB/Cso87+i9lUIcRIJTAaIwKyI77pTKwLofSbEnnZgO558q612pD6XrOGIm/oq
pK2dOYZxzElQrTFVydDoPdBCbfxayebSXPYpUWg3tuyIUhWlm/jkgTDBOxZWZ8g7
/vKBX94QazQn9ZLumOI9dWT4J+DfV8zwsYsD441Pt1DDlwQFX3XSihm3vk2EF0K3
A9OXgRwt0iqlzyRfdAL7VJnoNgx9GrXSkLlmS0WsFn7pQjnB
-----END CERTIFICATE-----
Generated at Mon Jul 21 23:16:41 2025 by rpki-client