Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/e8f1c1f7-8389-4faf-87c9-f4a180e7bcdc.roa
File: e8f1c1f7-8389-4faf-87c9-f4a180e7bcdc.roa (raw, json)
Hash identifier: sL1HBDhx6oOnQT16zm3a4/8yl4pt8iqgD90F0xb0JCo=
Subject key identifier: 5D:C3:EF:BE:E7:8C:99:06:BD:28:EE:6E:A0:D1:EB:D6:4A:43:DF:84
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 0B57CFFBEE50507BB2395945601AD5E9C8263403
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/e8f1c1f7-8389-4faf-87c9-f4a180e7bcdc.roa
Signing time: Tue 15 Jul 2025 00:20:47 +0000
ROA not before: Tue 15 Jul 2025 00:20:47 +0000
ROA not after: Tue 19 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc5:8000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0b:57:cf:fb:ee:50:50:7b:b2:39:59:45:60:1a:d5:e9:c8:26:34:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Jul 15 00:20:47 2025 GMT
Not After : Aug 19 23:59:59 2025 GMT
Subject: serialNumber=16d62f1b80b9222e205beb4fb65c68dffe6e911ff5e60b1bb1fe634aa3134245, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:57:4e:b0:7a:2c:e9:d3:c6:d5:56:5b:5c:c1:
55:79:3c:f4:b8:b0:1f:81:f1:19:13:b3:28:a5:fe:
2d:b0:b3:a3:44:7d:16:5f:61:ff:36:ac:9b:2b:61:
c9:59:c7:9e:46:fe:f1:a4:8e:ce:27:29:8e:bf:1a:
8e:65:b4:1a:24:f4:8e:9e:5e:6f:e4:ff:b6:61:e8:
12:35:6f:2b:57:b4:72:5e:d0:c5:3d:bc:0d:90:2e:
bb:0a:5a:b2:c4:4b:3d:8a:2c:d4:5b:38:46:e7:7d:
ca:c4:53:68:e5:95:90:24:d5:2e:df:d7:1a:86:b6:
6d:54:aa:36:6d:bc:8a:84:88:46:54:ef:4b:a7:5d:
43:ed:a9:b2:af:32:5b:16:b0:34:6b:89:42:ca:a2:
cd:c3:45:d0:01:eb:6c:73:53:d4:91:0d:54:22:60:
c4:35:5a:44:8b:e6:53:d7:ba:42:bd:59:e6:f2:43:
30:59:8d:37:31:5a:85:76:25:b2:7a:4f:01:31:b2:
9d:22:a1:d2:94:da:1d:24:f1:7f:00:39:cd:93:e5:
61:d0:7a:33:ee:ac:7f:d1:7f:a7:78:66:1c:17:ee:
7a:d5:ae:35:80:3d:28:06:08:98:e4:50:c6:4a:fc:
05:2c:04:1d:f2:5c:f6:a3:05:d5:98:6b:8a:4e:60:
cc:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:C3:EF:BE:E7:8C:99:06:BD:28:EE:6E:A0:D1:EB:D6:4A:43:DF:84
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/e8f1c1f7-8389-4faf-87c9-f4a180e7bcdc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc5:8000::/36
Signature Algorithm: sha256WithRSAEncryption
aa:71:01:3c:ea:b8:64:69:4c:10:5c:c7:f4:b5:e1:79:cb:c0:
13:fc:5a:ed:93:e6:20:6b:68:8c:ab:6c:ba:86:50:5d:6b:20:
d2:f2:7a:2e:78:28:61:e8:4f:a4:b7:64:3a:cf:ba:59:0b:bc:
d2:f8:f3:71:36:7d:4a:e0:2b:d8:e1:c5:5a:7f:d0:ec:44:1b:
72:ed:94:b1:ae:b8:8e:aa:26:e7:64:16:3e:67:b3:ba:f2:db:
9a:fc:8c:48:17:71:86:93:46:7f:5a:54:ec:18:27:98:b9:03:
bf:0b:d8:2d:be:15:3c:6f:d6:b0:e7:97:1e:bd:6f:ec:f1:1b:
1d:4d:b8:47:63:52:4c:5e:17:fa:13:e4:6c:5b:7b:50:47:22:
da:87:5c:45:86:4a:49:70:1a:30:98:2a:01:d4:cf:2d:39:0f:
aa:58:d2:f3:f1:75:8d:54:74:6e:24:11:7e:d9:25:74:15:75:
b9:cc:a0:25:d9:be:32:31:fd:b8:a8:b2:12:c0:eb:8a:f2:2e:
c6:89:7d:8f:ff:8f:96:86:e9:9e:95:e9:60:34:3e:f6:32:d1:
c0:99:4d:e6:3b:fe:01:82:18:f9:5f:62:25:8f:f8:fd:d9:27:
98:d9:a7:f8:26:ea:bc:fa:79:11:7a:08:71:6c:a6:4e:3c:cf:
e6:c1:30:d7
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUC1fP++5QUHuyOVlFYBrV6cgmNAMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA3MTUwMDIwNDdaFw0yNTA4MTkyMzU5NTlaMHoxSTBHBgNV
BAUTQDE2ZDYyZjFiODBiOTIyMmUyMDViZWI0ZmI2NWM2OGRmZmU2ZTkxMWZmNWU2
MGIxYmIxZmU2MzRhYTMxMzQyNDUxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALFXTrB6LOnTxtVWW1zBVXk89LiwH4HxGROzKKX+LbCzo0R9Fl9h/zasmyth
yVnHnkb+8aSOzicpjr8ajmW0GiT0jp5eb+T/tmHoEjVvK1e0cl7QxT28DZAuuwpa
ssRLPYos1Fs4Rud9ysRTaOWVkCTVLt/XGoa2bVSqNm28ioSIRlTvS6ddQ+2psq8y
WxawNGuJQsqizcNF0AHrbHNT1JENVCJgxDVaRIvmU9e6Qr1Z5vJDMFmNNzFahXYl
snpPATGynSKh0pTaHSTxfwA5zZPlYdB6M+6sf9F/p3hmHBfuetWuNYA9KAYImORQ
xkr8BSwEHfJc9qMF1Zhrik5gzG8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRdw+++
54yZBr0o7m6g0evWSkPfhDAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
ZThmMWMxZjctODM4OS00ZmFmLTg3YzktZjRhMTgwZTdiY2RjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCABP8WA
MA0GCSqGSIb3DQEBCwUAA4IBAQCqcQE86rhkaUwQXMf0teF5y8AT/Frtk+Yga2iM
q2y6hlBdayDS8noueChh6E+kt2Q6z7pZC7zS+PNxNn1K4CvY4cVaf9DsRBty7ZSx
rriOqibnZBY+Z7O68tua/IxIF3GGk0Z/WlTsGCeYuQO/C9gtvhU8b9aw55cevW/s
8RsdTbhHY1JMXhf6E+RsW3tQRyLah1xFhkpJcBowmCoB1M8tOQ+qWNLz8XWNVHRu
JBF+2SV0FXW5zKAl2b4yMf24qLISwOuK8i7GiX2P/4+WhumelelgND72MtHAmU3m
O/4Bghj5X2Ilj/j92SeY2af4Juq8+nkReghxbKZOPM/mwTDX
-----END CERTIFICATE-----
Generated at Tue Jul 22 19:30:32 2025 by rpki-client