Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/e1d00d70-da0c-4922-8124-95401dba4efc.roa
File: e1d00d70-da0c-4922-8124-95401dba4efc.roa (raw, json)
Hash identifier: xvj2t2X4sFuWxm4Iezcuh3t4R6/r5AOueWXhSd+t1HQ=
Subject key identifier: EA:23:FB:67:74:63:06:C7:34:56:AE:D1:62:81:7B:80:62:7E:E6:F7
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 38E3206B29AB9DE08FCA843F200FC03E0CC307EE
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/e1d00d70-da0c-4922-8124-95401dba4efc.roa
Signing time: Tue 15 Jul 2025 00:21:07 +0000
ROA not before: Tue 15 Jul 2025 00:21:07 +0000
ROA not after: Tue 19 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc7:f8c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 08:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
38:e3:20:6b:29:ab:9d:e0:8f:ca:84:3f:20:0f:c0:3e:0c:c3:07:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Jul 15 00:21:07 2025 GMT
Not After : Aug 19 23:59:59 2025 GMT
Subject: serialNumber=d47878352eb68877294a2bb6aab9d3efb2c76bd56512a01e0f3e1b74744a4d64, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:ce:2e:25:a7:8b:57:a0:30:1c:aa:db:c3:6a:
19:10:cd:5d:9d:c6:46:eb:35:66:73:b1:c4:41:e3:
79:d9:76:2d:50:c5:c2:6e:5f:00:7e:45:f0:06:87:
2e:6a:44:2f:e2:fd:7a:c1:5e:bf:fd:6d:4e:f7:4e:
7b:56:c8:6e:eb:9d:80:20:e4:2e:be:92:38:a2:9e:
c1:d7:52:96:cf:48:e9:10:4f:73:59:7c:b3:a2:ff:
97:ba:84:7f:07:18:34:63:a7:67:d2:59:cd:bb:24:
ec:14:f1:3d:d3:12:85:4a:fd:71:2d:a1:1e:c3:78:
fe:33:42:2e:3a:fe:7d:59:5e:56:d6:e6:d5:70:35:
72:ed:9a:63:b1:13:52:2d:76:b3:3f:2a:e1:10:e5:
f0:cf:c2:c7:fe:dd:53:f7:29:51:93:6b:38:21:74:
db:74:37:33:08:85:16:76:b5:a5:94:ec:fc:d5:5d:
1b:8c:f1:0e:a8:45:62:81:22:9b:fe:1e:93:22:8a:
ae:97:ef:a7:84:b8:a8:c3:6f:04:c6:1a:56:71:54:
05:62:d2:ce:f3:f0:85:4e:c8:5c:8f:14:f6:f2:25:
b2:6b:e2:8e:43:82:73:ea:e6:2f:0f:1c:f3:c9:e1:
80:74:b0:23:83:08:95:ce:b8:c5:86:ae:6e:90:7d:
5a:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:23:FB:67:74:63:06:C7:34:56:AE:D1:62:81:7B:80:62:7E:E6:F7
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/e1d00d70-da0c-4922-8124-95401dba4efc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc7:f8c0::/48
Signature Algorithm: sha256WithRSAEncryption
34:17:b5:31:a1:e5:e7:38:b6:b0:2e:44:82:42:a3:fe:1c:cc:
3a:75:f4:23:96:3e:2f:5a:f3:cf:94:ad:a4:c9:b1:a0:63:b4:
e2:82:d9:b0:88:17:11:95:13:31:ed:09:3c:d8:f5:da:cc:c9:
ca:d9:31:2b:55:28:a6:f7:b9:33:5c:7e:78:d3:56:80:d7:e0:
be:32:89:d9:2d:99:29:bd:54:bd:1f:eb:d0:f4:c8:5b:f3:b4:
e4:af:28:fd:1b:c4:b0:b1:d9:be:b4:19:57:c6:e9:71:c5:07:
0b:0e:66:9b:cf:5f:e3:3d:15:44:d5:ee:59:fd:06:ca:2d:0b:
d4:b8:a1:12:fb:1a:a3:dc:c1:37:d6:7f:91:9e:47:58:10:2b:
9d:53:79:21:6e:12:50:66:c1:7c:19:ef:cd:d2:dc:7e:89:2e:
5b:46:39:ae:56:85:9c:d6:84:e4:09:d6:17:a0:23:4e:5c:6e:
e4:8c:6c:6b:8f:53:4d:cf:1e:a2:08:04:bb:06:8c:de:b0:fd:
8a:9b:b2:4c:2d:e1:d2:ac:af:20:3c:7e:b5:9f:68:be:2a:b7:
25:a0:07:cc:ea:f1:01:83:42:d3:a4:5f:b7:cb:82:32:f0:ce:
f3:0b:fb:c5:17:7f:ab:42:ad:b5:d7:fe:22:97:7b:32:92:18:
dd:2c:69:b4
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUOOMgaymrneCPyoQ/IA/APgzDB+4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA3MTUwMDIxMDdaFw0yNTA4MTkyMzU5NTlaMHoxSTBHBgNV
BAUTQGQ0Nzg3ODM1MmViNjg4NzcyOTRhMmJiNmFhYjlkM2VmYjJjNzZiZDU2NTEy
YTAxZTBmM2UxYjc0NzQ0YTRkNjQxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALTOLiWni1egMByq28NqGRDNXZ3GRus1ZnOxxEHjedl2LVDFwm5fAH5F8AaH
LmpEL+L9esFev/1tTvdOe1bIbuudgCDkLr6SOKKewddSls9I6RBPc1l8s6L/l7qE
fwcYNGOnZ9JZzbsk7BTxPdMShUr9cS2hHsN4/jNCLjr+fVleVtbm1XA1cu2aY7ET
Ui12sz8q4RDl8M/Cx/7dU/cpUZNrOCF023Q3MwiFFna1pZTs/NVdG4zxDqhFYoEi
m/4ekyKKrpfvp4S4qMNvBMYaVnFUBWLSzvPwhU7IXI8U9vIlsmvijkOCc+rmLw8c
88nhgHSwI4MIlc64xYaubpB9WqECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTqI/tn
dGMGxzRWrtFigXuAYn7m9zAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
ZTFkMDBkNzAtZGEwYy00OTIyLTgxMjQtOTU0MDFkYmE0ZWZjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACABP8f4
wDANBgkqhkiG9w0BAQsFAAOCAQEANBe1MaHl5zi2sC5EgkKj/hzMOnX0I5Y+L1rz
z5StpMmxoGO04oLZsIgXEZUTMe0JPNj12szJytkxK1Uopve5M1x+eNNWgNfgvjKJ
2S2ZKb1UvR/r0PTIW/O05K8o/RvEsLHZvrQZV8bpccUHCw5mm89f4z0VRNXuWf0G
yi0L1LihEvsao9zBN9Z/kZ5HWBArnVN5IW4SUGbBfBnvzdLcfokuW0Y5rlaFnNaE
5AnWF6AjTlxu5Ixsa49TTc8eoggEuwaM3rD9ipuyTC3h0qyvIDx+tZ9oviq3JaAH
zOrxAYNC06Rft8uCMvDO8wv7xRd/q0Kttdf+Ipd7MpIY3SxptA==
-----END CERTIFICATE-----
Generated at Tue Jul 22 11:45:18 2025 by rpki-client