Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/00e367f0-18fe-4be3-8ccd-885f75baf0a5.roa
File: 00e367f0-18fe-4be3-8ccd-885f75baf0a5.roa (raw, json)
Hash identifier: pavFn1WfGCcQeKrpjygofFJoKQiN6eV8TDhZ95CBQAo=
Subject key identifier: 02:B0:DA:F7:BB:D1:06:E9:AC:99:72:AA:6B:0D:C0:6D:E9:6A:FD:2D
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 196A7CDB23FBCCCABBFA5062E28D0BB265AEFC0A
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/00e367f0-18fe-4be3-8ccd-885f75baf0a5.roa
Signing time: Wed 03 Sep 2025 00:21:12 +0000
ROA not before: Wed 03 Sep 2025 00:21:12 +0000
ROA not after: Wed 08 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc0::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 08 Sep 2025 05:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
19:6a:7c:db:23:fb:cc:ca:bb:fa:50:62:e2:8d:0b:b2:65:ae:fc:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Sep 3 00:21:12 2025 GMT
Not After : Oct 8 23:59:59 2025 GMT
Subject: serialNumber=9fee5e96ed6484940aa3261cd6cb8a42c3d27403355735828964eb48630d6be6, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:c7:d7:51:c5:a2:03:52:ab:5f:39:28:38:27:
a3:b8:fc:10:7a:93:ce:8d:f2:75:68:c4:a9:38:e3:
29:5c:07:6d:d9:b0:72:08:63:1a:6c:6c:05:a3:ec:
20:0a:f7:8a:96:6b:cb:c8:5a:88:8b:2e:9a:f8:76:
e4:15:d1:ec:86:03:20:7f:c3:9f:a9:fe:eb:a6:8e:
77:9c:6e:94:13:46:8e:3a:8d:82:1d:25:bf:eb:d3:
02:ff:ac:9e:84:81:72:9d:0a:30:8c:89:fc:d9:53:
df:46:81:60:b0:00:f4:67:43:f3:de:1c:f9:44:30:
18:6d:6e:f6:76:9f:87:b5:55:96:7d:b4:0a:a2:4d:
c5:c9:ae:b6:12:b0:bf:c2:3a:26:2a:bd:47:8f:3f:
3f:c5:62:1a:f6:1b:e9:d6:ca:2e:b8:d2:9c:7d:0b:
ad:f3:ea:84:7d:a9:c2:28:ed:4f:bd:0f:16:92:e5:
75:2b:64:8d:3d:a8:79:0c:9e:bf:5b:cb:e0:7e:aa:
ad:65:ae:d8:9a:27:31:44:99:f6:8a:84:a5:17:90:
8c:3f:ec:8a:31:7d:26:8e:b1:d1:41:bc:ab:e4:2d:
1d:14:2c:00:f5:d7:9b:0b:f2:5d:6d:e5:3e:00:68:
a5:45:ba:f1:b8:5e:4c:e0:9f:b0:a1:3d:d2:49:ae:
aa:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:B0:DA:F7:BB:D1:06:E9:AC:99:72:AA:6B:0D:C0:6D:E9:6A:FD:2D
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/00e367f0-18fe-4be3-8ccd-885f75baf0a5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc0::/36
Signature Algorithm: sha256WithRSAEncryption
a0:c7:ba:00:cf:a5:51:79:8b:45:c4:e4:33:2a:40:af:d3:f8:
70:5b:82:5a:c6:10:16:2d:17:e4:78:c8:a5:13:56:54:41:d2:
f5:21:b1:1c:cb:75:df:14:8d:1f:4c:0b:39:d7:46:c2:0d:51:
5a:af:ea:01:b6:4e:39:41:13:39:51:f6:5d:60:f2:bf:65:4c:
91:b1:2b:1f:6e:35:6c:8c:41:37:31:c8:20:30:89:b2:99:dd:
47:bb:03:af:3e:1d:05:17:c8:a9:ba:04:91:0f:0d:78:6c:0f:
43:2f:12:83:d9:03:9d:74:6e:62:88:9b:91:3e:26:39:be:1a:
c8:44:d1:e7:aa:9c:b7:2d:2e:ef:16:c0:03:bf:41:cf:0b:e3:
b4:b8:27:77:7e:3c:ad:da:69:11:37:c5:a1:f7:d4:b7:d7:92:
36:1e:e4:28:33:a6:ef:1f:9f:d2:88:4e:d4:fa:44:57:4a:8b:
24:bc:d1:2f:7e:09:22:c7:2b:7d:bb:13:18:65:d7:f6:9d:30:
00:14:55:5e:8a:81:07:73:f7:c7:eb:17:35:14:53:22:3c:70:
3e:e3:bb:62:fa:e6:59:bb:a0:12:54:41:ed:f4:78:ca:93:5d:
18:32:d6:0b:ce:e6:fd:30:ad:81:7f:09:28:45:5f:b2:f1:7f:
75:86:d2:29
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUGWp82yP7zMq7+lBi4o0LsmWu/AowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA5MDMwMDIxMTJaFw0yNTEwMDgyMzU5NTlaMHoxSTBHBgNV
BAUTQDlmZWU1ZTk2ZWQ2NDg0OTQwYWEzMjYxY2Q2Y2I4YTQyYzNkMjc0MDMzNTU3
MzU4Mjg5NjRlYjQ4NjMwZDZiZTYxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK7H11HFogNSq185KDgno7j8EHqTzo3ydWjEqTjjKVwHbdmwcghjGmxsBaPs
IAr3ipZry8haiIsumvh25BXR7IYDIH/Dn6n+66aOd5xulBNGjjqNgh0lv+vTAv+s
noSBcp0KMIyJ/NlT30aBYLAA9GdD894c+UQwGG1u9nafh7VVln20CqJNxcmuthKw
v8I6Jiq9R48/P8ViGvYb6dbKLrjSnH0LrfPqhH2pwijtT70PFpLldStkjT2oeQye
v1vL4H6qrWWu2JonMUSZ9oqEpReQjD/sijF9Jo6x0UG8q+QtHRQsAPXXmwvyXW3l
PgBopUW68bheTOCfsKE90kmuqg8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQCsNr3
u9EG6ayZcqprDcBt6Wr9LTAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
MDBlMzY3ZjAtMThmZS00YmUzLThjY2QtODg1Zjc1YmFmMGE1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCABP8AA
MA0GCSqGSIb3DQEBCwUAA4IBAQCgx7oAz6VReYtFxOQzKkCv0/hwW4JaxhAWLRfk
eMilE1ZUQdL1IbEcy3XfFI0fTAs510bCDVFar+oBtk45QRM5UfZdYPK/ZUyRsSsf
bjVsjEE3McggMImymd1HuwOvPh0FF8ipugSRDw14bA9DLxKD2QOddG5iiJuRPiY5
vhrIRNHnqpy3LS7vFsADv0HPC+O0uCd3fjyt2mkRN8Wh99S315I2HuQoM6bvH5/S
iE7U+kRXSoskvNEvfgkixyt9uxMYZdf2nTAAFFVeioEHc/fH6xc1FFMiPHA+47ti
+uZZu6ASVEHt9HjKk10YMtYLzub9MK2BfwkoRV+y8X91htIp
-----END CERTIFICATE-----
Generated at Sun Sep 7 12:33:55 2025 by rpki-client