Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/06f5324f-fb2d-4212-b1f7-6ca0b172bf22.roa
File: 06f5324f-fb2d-4212-b1f7-6ca0b172bf22.roa (raw, json)
Hash identifier: AkJBfH7VERckuuQVazVo4hdtc15f6ljRYGMn3TCTN54=
Subject key identifier: 42:01:B7:0B:18:A5:EB:75:7A:F2:5E:A9:D9:1F:CF:CC:83:A1:46:BC
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 5C2FA7E0B5E77720C1B7BBFE113A37E4949D7620
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/06f5324f-fb2d-4212-b1f7-6ca0b172bf22.roa
Signing time: Wed 03 Sep 2025 00:21:15 +0000
ROA not before: Wed 03 Sep 2025 00:21:15 +0000
ROA not after: Wed 08 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc3:8000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 08 Sep 2025 05:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5c:2f:a7:e0:b5:e7:77:20:c1:b7:bb:fe:11:3a:37:e4:94:9d:76:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Sep 3 00:21:15 2025 GMT
Not After : Oct 8 23:59:59 2025 GMT
Subject: serialNumber=9138f56668e23f88edb968831276f023b8d384cacaf8b7b5fccfb96b17b60c83, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:7d:9f:c5:32:08:7f:d4:a3:a8:07:a4:26:e6:
7f:e0:fc:80:ce:20:1c:72:51:82:e6:2d:47:13:40:
6a:8d:83:b0:95:75:1d:a9:cb:58:af:6c:78:06:78:
ca:30:01:ed:bb:54:e2:9b:f8:9f:c4:08:3d:a6:63:
7a:86:07:4a:0f:d2:d8:c8:b0:aa:53:47:7b:84:bb:
ea:80:d5:eb:3d:40:c6:24:59:dd:66:18:34:07:f0:
a8:bf:5b:7c:7a:d0:b7:0b:c2:87:74:15:8e:60:fc:
e1:15:47:75:c4:b8:04:80:cc:35:d7:f4:d8:31:ed:
db:0b:81:b2:02:65:ed:e8:c4:cf:a4:27:65:dc:c5:
16:37:6f:07:cf:37:72:1c:83:a8:91:25:02:92:76:
ca:8c:7b:b6:1e:eb:63:2d:6b:b5:c8:30:27:0d:92:
83:aa:89:ce:59:fb:88:80:50:69:f4:92:22:8a:3e:
97:0a:cd:e2:00:6a:4d:07:2a:ff:7d:85:81:6f:c6:
56:22:76:3f:9f:25:c8:ea:df:4d:e1:04:e3:a0:5e:
7f:4e:56:1a:2f:57:59:8e:3b:8d:52:4f:24:79:05:
93:4f:a4:6e:72:3b:b8:b7:73:27:fa:00:ea:24:f3:
60:e8:c4:b5:45:6f:f1:a5:4e:36:12:f7:9a:c5:23:
4d:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:01:B7:0B:18:A5:EB:75:7A:F2:5E:A9:D9:1F:CF:CC:83:A1:46:BC
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/06f5324f-fb2d-4212-b1f7-6ca0b172bf22.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc3:8000::/36
Signature Algorithm: sha256WithRSAEncryption
63:34:50:9e:bf:aa:a1:03:81:b1:85:8b:55:16:07:3b:5d:c8:
a9:64:48:cf:11:21:cf:51:ac:d1:32:b2:91:c8:d0:12:4f:18:
f9:b8:ec:31:ab:7a:50:90:5e:e1:fc:a2:d0:cd:35:41:c7:db:
a9:3b:e1:7b:1b:42:6f:b5:7a:ec:39:ee:4f:25:73:44:de:4b:
f8:d1:16:ba:bd:6c:8b:ea:98:d3:f9:a3:50:b3:a7:5d:93:6d:
6e:dd:ff:9d:fa:1d:ed:3a:3c:aa:e1:71:7f:08:94:86:aa:79:
8b:1c:5d:c8:fe:65:50:11:f2:d2:82:be:b2:1d:39:9c:6c:f5:
a2:a5:e9:36:f7:f0:44:b4:c7:3c:c5:69:6f:79:09:28:45:5f:
3f:61:48:16:f2:ae:3b:51:b7:e8:12:42:d0:3b:70:a6:c8:0d:
0e:9d:5b:f8:85:d0:d9:7d:e3:50:42:e0:eb:b7:d9:b9:2b:43:
69:8f:36:03:b9:83:3d:70:bd:0a:6e:8b:44:f1:39:a7:4e:2e:
12:4f:35:fd:eb:2d:a4:ea:4c:2b:b0:df:21:ab:e1:28:21:f1:
04:f3:d6:c8:e1:66:70:5b:0f:a9:0f:82:4e:0f:5a:5d:41:cb:
ff:64:09:63:e6:9c:d6:99:f6:9f:95:fd:3e:39:23:e5:b2:21:
ec:a0:15:53
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUXC+n4LXndyDBt7v+ETo35JSddiAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA5MDMwMDIxMTVaFw0yNTEwMDgyMzU5NTlaMHoxSTBHBgNV
BAUTQDkxMzhmNTY2NjhlMjNmODhlZGI5Njg4MzEyNzZmMDIzYjhkMzg0Y2FjYWY4
YjdiNWZjY2ZiOTZiMTdiNjBjODMxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAN19n8UyCH/Uo6gHpCbmf+D8gM4gHHJRguYtRxNAao2DsJV1HanLWK9seAZ4
yjAB7btU4pv4n8QIPaZjeoYHSg/S2MiwqlNHe4S76oDV6z1AxiRZ3WYYNAfwqL9b
fHrQtwvCh3QVjmD84RVHdcS4BIDMNdf02DHt2wuBsgJl7ejEz6QnZdzFFjdvB883
chyDqJElApJ2yox7th7rYy1rtcgwJw2Sg6qJzln7iIBQafSSIoo+lwrN4gBqTQcq
/32FgW/GViJ2P58lyOrfTeEE46Bef05WGi9XWY47jVJPJHkFk0+kbnI7uLdzJ/oA
6iTzYOjEtUVv8aVONhL3msUjTQ8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRCAbcL
GKXrdXryXqnZH8/Mg6FGvDAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
MDZmNTMyNGYtZmIyZC00MjEyLWIxZjctNmNhMGIxNzJiZjIyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCABP8OA
MA0GCSqGSIb3DQEBCwUAA4IBAQBjNFCev6qhA4GxhYtVFgc7XcipZEjPESHPUazR
MrKRyNASTxj5uOwxq3pQkF7h/KLQzTVBx9upO+F7G0JvtXrsOe5PJXNE3kv40Ra6
vWyL6pjT+aNQs6ddk21u3f+d+h3tOjyq4XF/CJSGqnmLHF3I/mVQEfLSgr6yHTmc
bPWipek29/BEtMc8xWlveQkoRV8/YUgW8q47UbfoEkLQO3CmyA0OnVv4hdDZfeNQ
QuDrt9m5K0NpjzYDuYM9cL0KbotE8TmnTi4STzX96y2k6kwrsN8hq+EoIfEE89bI
4WZwWw+pD4JOD1pdQcv/ZAlj5pzWmfaflf0+OSPlsiHsoBVT
-----END CERTIFICATE-----
Generated at Sun Sep 7 12:33:50 2025 by rpki-client