Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/d0cd9905-72c5-4ff9-98df-6b0d1c12a4c1.roa
File: d0cd9905-72c5-4ff9-98df-6b0d1c12a4c1.roa (raw, json)
Hash identifier: jNtFLdwvjbVEAzsg3AvQ6r4b3U8k1D79VxJW6KfdPwg=
Subject key identifier: 65:B7:20:B1:70:08:69:35:8A:A2:BF:57:4F:0B:BD:D3:58:0C:66:DF
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 5F6527CBB484DC6EB04559848E5C9EB6785FD69E
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/d0cd9905-72c5-4ff9-98df-6b0d1c12a4c1.roa
Signing time: Tue 15 Jul 2025 00:30:18 +0000
ROA not before: Tue 15 Jul 2025 00:30:18 +0000
ROA not after: Tue 19 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc4::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5f:65:27:cb:b4:84:dc:6e:b0:45:59:84:8e:5c:9e:b6:78:5f:d6:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Jul 15 00:30:18 2025 GMT
Not After : Aug 19 23:59:59 2025 GMT
Subject: serialNumber=0110173fcf26480732de3f03f4528765337900a51b5209a9a4c35e103cc97170, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:d3:63:19:a9:68:99:b8:da:b1:c6:15:2f:76:
14:b4:50:d5:85:ac:5c:4d:35:87:82:ab:77:34:42:
7e:fa:43:2c:01:16:37:d8:40:c9:88:7c:3f:f4:65:
e6:a3:6e:1f:8b:fc:3f:44:fd:8f:a5:39:c7:bf:5a:
95:32:d3:65:7b:e7:f2:fa:96:47:a1:4a:4a:25:db:
1b:35:e4:9a:da:59:a8:5c:19:65:fa:e5:9c:a4:e2:
f4:8e:66:fe:c4:2f:df:ad:57:b9:34:0f:eb:5b:e9:
5a:c5:32:6a:60:ce:d4:fc:34:90:88:c9:3d:34:fe:
50:2d:4b:3d:38:6d:aa:39:27:f2:3d:b2:ea:ea:f4:
5c:ad:9f:1d:45:e7:be:69:4f:28:5b:de:76:85:93:
51:a0:be:13:52:ee:70:74:11:4e:a3:53:97:2d:86:
b1:76:b0:2e:f0:9a:c4:5f:c5:47:e0:bb:a0:ef:c7:
d4:f6:61:f7:6f:72:c9:c3:2a:eb:a6:99:90:3d:b5:
7a:2e:c0:c1:36:f0:5d:23:0a:20:48:c9:fb:65:31:
d5:78:62:ae:fa:7e:1e:bc:ac:2e:a3:1d:05:37:88:
1c:51:f9:c4:6a:3c:08:bb:ee:4d:75:89:d3:f8:32:
d3:df:b1:38:30:1c:42:15:0b:c0:60:b3:ab:6f:10:
93:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:B7:20:B1:70:08:69:35:8A:A2:BF:57:4F:0B:BD:D3:58:0C:66:DF
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/d0cd9905-72c5-4ff9-98df-6b0d1c12a4c1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc4::/36
Signature Algorithm: sha256WithRSAEncryption
0b:f4:e9:52:f1:dd:35:a7:2a:43:f5:de:82:1a:15:8b:93:ba:
10:e8:a9:63:41:17:4b:89:9c:b2:4d:1c:98:0f:e2:cb:21:71:
cc:fa:cd:c1:46:47:fe:cf:79:49:4d:c4:e1:73:c0:d3:e4:24:
7f:46:11:5f:d2:41:6d:7a:35:7e:ec:73:24:46:89:4a:aa:07:
d3:54:e5:fd:56:ab:3e:85:b6:6e:21:3f:05:bb:8c:9e:cf:2c:
b8:63:29:a0:02:15:7b:71:2d:87:01:d3:a8:9a:23:d5:69:e4:
ec:f9:06:9b:e0:2f:0c:02:9c:b3:b1:f6:84:0a:8f:c7:74:22:
65:b2:cf:73:9e:93:6c:0e:7b:30:f1:82:ad:5c:77:ce:38:79:
e5:b1:9f:1d:b2:a8:a8:5b:0b:19:c8:73:7d:4c:3a:3a:27:2a:
ce:21:a3:1a:47:cb:4c:f0:22:18:f8:66:af:1a:99:6f:f9:4c:
62:dd:8e:d1:56:81:b5:7e:2e:bf:be:7b:38:fc:fa:28:9e:f0:
ac:1a:8d:23:01:ae:4e:aa:d3:03:31:ed:45:73:a2:ce:72:b4:
2a:5a:df:7e:ef:64:8e:f8:67:5a:38:85:57:28:76:67:d6:5e:
82:b9:11:8c:49:a8:3f:6a:54:8f:22:6c:ae:5b:38:ad:bb:ae:
fe:c7:c4:e9
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUX2Uny7SE3G6wRVmEjlyetnhf1p4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA3MTUwMDMwMThaFw0yNTA4MTkyMzU5NTlaMHoxSTBHBgNV
BAUTQDAxMTAxNzNmY2YyNjQ4MDczMmRlM2YwM2Y0NTI4NzY1MzM3OTAwYTUxYjUy
MDlhOWE0YzM1ZTEwM2NjOTcxNzAxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALXTYxmpaJm42rHGFS92FLRQ1YWsXE01h4KrdzRCfvpDLAEWN9hAyYh8P/Rl
5qNuH4v8P0T9j6U5x79alTLTZXvn8vqWR6FKSiXbGzXkmtpZqFwZZfrlnKTi9I5m
/sQv361XuTQP61vpWsUyamDO1Pw0kIjJPTT+UC1LPThtqjkn8j2y6ur0XK2fHUXn
vmlPKFvedoWTUaC+E1LucHQRTqNTly2GsXawLvCaxF/FR+C7oO/H1PZh929yycMq
66aZkD21ei7AwTbwXSMKIEjJ+2Ux1Xhirvp+HrysLqMdBTeIHFH5xGo8CLvuTXWJ
0/gy09+xODAcQhULwGCzq28Qk1MCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRltyCx
cAhpNYqiv1dPC73TWAxm3zAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
ZDBjZDk5MDUtNzJjNS00ZmY5LTk4ZGYtNmIwZDFjMTJhNGMxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCABP8QA
MA0GCSqGSIb3DQEBCwUAA4IBAQAL9OlS8d01pypD9d6CGhWLk7oQ6KljQRdLiZyy
TRyYD+LLIXHM+s3BRkf+z3lJTcThc8DT5CR/RhFf0kFtejV+7HMkRolKqgfTVOX9
Vqs+hbZuIT8Fu4yezyy4YymgAhV7cS2HAdOomiPVaeTs+Qab4C8MApyzsfaECo/H
dCJlss9znpNsDnsw8YKtXHfOOHnlsZ8dsqioWwsZyHN9TDo6JyrOIaMaR8tM8CIY
+GavGplv+Uxi3Y7RVoG1fi6/vns4/PoonvCsGo0jAa5OqtMDMe1Fc6LOcrQqWt9+
72SO+GdaOIVXKHZn1l6CuRGMSag/alSPImyuWzitu67+x8Tp
-----END CERTIFICATE-----
Generated at Tue Jul 22 19:29:31 2025 by rpki-client