Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/00793623-9ed7-44a4-9c2d-b3ff0668aeb2.roa
File: 00793623-9ed7-44a4-9c2d-b3ff0668aeb2.roa (raw, json)
Hash identifier: +X2+diNgfBbcvjXDDmNp/uS9JLhVPCXkpISC0gfUx2k=
Subject key identifier: DD:95:D5:CE:75:35:20:6F:9C:2A:2A:51:8E:3A:F1:BB:FB:AE:90:2D
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 42250B9AA7CD94402A754E2926FF643C033D41BC
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/00793623-9ed7-44a4-9c2d-b3ff0668aeb2.roa
Signing time: Wed 03 Sep 2025 00:21:19 +0000
ROA not before: Wed 03 Sep 2025 00:21:19 +0000
ROA not after: Wed 08 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc3:6000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 08 Sep 2025 05:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
42:25:0b:9a:a7:cd:94:40:2a:75:4e:29:26:ff:64:3c:03:3d:41:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Sep 3 00:21:19 2025 GMT
Not After : Oct 8 23:59:59 2025 GMT
Subject: serialNumber=7ad2670841cbbc1297cd51d94bb7f8cb24528ef72510face728078b271a264db, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:4b:3b:06:71:96:d1:a1:16:aa:b8:9b:c1:6b:
32:80:28:35:cd:b6:ab:39:09:61:22:a4:e2:96:27:
35:ce:4d:d6:a3:f1:38:b0:f6:1e:b1:eb:a7:a4:cc:
b6:f4:73:7b:28:3f:b0:58:2c:20:f9:b3:db:bb:dd:
7f:af:59:d4:df:8d:86:0c:d2:5d:2a:00:da:58:5e:
b3:41:0d:ec:a7:55:79:44:cc:00:d8:19:2b:45:46:
11:7a:7e:df:c9:f8:cd:73:7a:c8:b4:3d:7d:4e:cb:
2f:22:ac:77:80:77:3a:65:36:b9:e5:bd:b2:d8:32:
9b:1a:b8:43:3c:52:40:61:35:a5:b4:02:47:c6:04:
24:2a:39:d6:12:1f:a7:9d:f0:21:66:f3:7a:50:57:
a4:1e:e2:13:1a:e4:e4:71:a0:08:71:e3:f2:6b:74:
dd:d7:03:f6:74:5a:f6:b3:3b:0c:12:4d:a2:b0:e4:
8e:09:f3:5a:82:89:e0:80:53:13:bb:6b:0a:68:0a:
a5:21:7d:a5:3e:1a:e8:b2:ea:e7:7a:f4:5a:fe:40:
33:67:87:60:7f:25:3c:89:f9:ca:7c:de:70:0a:93:
a4:bc:d8:25:8c:4d:c5:47:33:42:ec:6f:cb:79:a1:
cb:5f:d9:a9:8c:68:81:93:b3:50:35:a4:9f:15:e6:
b6:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:95:D5:CE:75:35:20:6F:9C:2A:2A:51:8E:3A:F1:BB:FB:AE:90:2D
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/00793623-9ed7-44a4-9c2d-b3ff0668aeb2.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc3:6000::/36
Signature Algorithm: sha256WithRSAEncryption
ac:7c:39:fc:65:f3:1f:f2:d9:6d:68:00:43:24:93:46:7d:49:
2d:74:42:34:2b:90:be:ac:13:6c:e9:d8:ca:28:55:e1:cd:9e:
c7:08:82:06:55:e0:2e:e9:58:94:d5:29:3d:09:ce:b3:db:8c:
7c:6c:90:28:5c:72:d7:44:bf:ab:4e:6b:06:01:88:f0:d8:89:
df:c6:bf:0b:be:73:81:eb:e0:36:ea:c4:fa:ec:ca:b6:73:11:
2c:6a:98:f7:5e:45:43:92:3a:e4:cc:ef:79:7e:d5:fe:be:93:
d7:9a:e2:18:78:65:7c:de:59:81:c3:ff:0d:db:4d:ca:81:84:
a1:a5:e8:cc:d9:1e:d7:f5:5a:f9:81:94:d3:9e:b2:9b:9d:4e:
a2:41:be:d4:1c:fc:2a:01:b1:c1:72:ad:94:ea:aa:a0:30:a3:
6c:80:ce:a1:ca:f4:af:a4:e2:d7:70:94:93:2f:3d:9d:25:3c:
5f:b2:a3:4a:5c:db:e7:7e:3b:08:63:ff:2c:0c:4e:8f:bf:01:
ec:e8:12:35:48:e9:df:92:a4:b7:66:bb:93:ff:ce:fa:02:6a:
44:ac:af:97:29:74:23:b1:fb:6c:19:99:90:ab:0f:bb:ea:44:
88:2a:4b:14:16:36:65:83:e8:da:80:ee:a4:5a:f7:ad:83:db:
75:dc:58:cd
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUQiULmqfNlEAqdU4pJv9kPAM9QbwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA5MDMwMDIxMTlaFw0yNTEwMDgyMzU5NTlaMHoxSTBHBgNV
BAUTQDdhZDI2NzA4NDFjYmJjMTI5N2NkNTFkOTRiYjdmOGNiMjQ1MjhlZjcyNTEw
ZmFjZTcyODA3OGIyNzFhMjY0ZGIxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKVLOwZxltGhFqq4m8FrMoAoNc22qzkJYSKk4pYnNc5N1qPxOLD2HrHrp6TM
tvRzeyg/sFgsIPmz27vdf69Z1N+NhgzSXSoA2lhes0EN7KdVeUTMANgZK0VGEXp+
38n4zXN6yLQ9fU7LLyKsd4B3OmU2ueW9stgymxq4QzxSQGE1pbQCR8YEJCo51hIf
p53wIWbzelBXpB7iExrk5HGgCHHj8mt03dcD9nRa9rM7DBJNorDkjgnzWoKJ4IBT
E7trCmgKpSF9pT4a6LLq53r0Wv5AM2eHYH8lPIn5ynzecAqTpLzYJYxNxUczQuxv
y3mhy1/ZqYxogZOzUDWknxXmtosCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTdldXO
dTUgb5wqKlGOOvG7+66QLTAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
MDA3OTM2MjMtOWVkNy00NGE0LTljMmQtYjNmZjA2NjhhZWIyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCABP8Ng
MA0GCSqGSIb3DQEBCwUAA4IBAQCsfDn8ZfMf8tltaABDJJNGfUktdEI0K5C+rBNs
6djKKFXhzZ7HCIIGVeAu6ViU1Sk9Cc6z24x8bJAoXHLXRL+rTmsGAYjw2Infxr8L
vnOB6+A26sT67Mq2cxEsapj3XkVDkjrkzO95ftX+vpPXmuIYeGV83lmBw/8N203K
gYShpejM2R7X9Vr5gZTTnrKbnU6iQb7UHPwqAbHBcq2U6qqgMKNsgM6hyvSvpOLX
cJSTLz2dJTxfsqNKXNvnfjsIY/8sDE6PvwHs6BI1SOnfkqS3ZruT/876AmpErK+X
KXQjsftsGZmQqw+76kSIKksUFjZlg+jagO6kWvetg9t13FjN
-----END CERTIFICATE-----
Generated at Sun Sep 7 12:33:46 2025 by rpki-client