Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/07aa2549-9eea-428d-a23d-c0e66b59cdb0.roa
File: 07aa2549-9eea-428d-a23d-c0e66b59cdb0.roa (raw, json)
Hash identifier: 6N7utyZVPUdnag7ltN2q6Ypuu0Lba5Acb0UpNTMaoPk=
Subject key identifier: 4B:D6:09:06:DE:6D:C8:4A:34:74:78:FD:71:91:57:7C:FD:EA:78:BA
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 3E8309DBDB0D6CD8F91ED4BA923FA2658C0139AF
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/07aa2549-9eea-428d-a23d-c0e66b59cdb0.roa
Signing time: Wed 03 Sep 2025 00:20:37 +0000
ROA not before: Wed 03 Sep 2025 00:20:37 +0000
ROA not after: Wed 08 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc1:8000::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 08 Sep 2025 05:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3e:83:09:db:db:0d:6c:d8:f9:1e:d4:ba:92:3f:a2:65:8c:01:39:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Sep 3 00:20:37 2025 GMT
Not After : Oct 8 23:59:59 2025 GMT
Subject: serialNumber=87111c33bd3b319490666a85810992bf00f50b1d2f3e7c61c5ba3c8bf8c7ee1a, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:53:1e:3e:3e:42:05:9a:14:f9:8a:33:5e:39:
e3:ae:d7:95:95:f1:14:8c:8b:18:a6:70:d2:47:66:
d0:2e:0f:e4:90:a8:d6:74:7a:e5:c2:20:e3:96:22:
20:b3:d6:63:f6:ea:a6:bb:22:c0:96:6a:9c:52:c3:
63:87:7c:e6:91:4b:4a:46:7e:fb:c2:48:05:40:0f:
e7:df:b7:bb:92:db:82:56:36:19:d0:6d:81:32:30:
ce:a9:a3:66:f5:e4:b0:cc:ff:25:e8:d0:e7:78:8d:
d0:c7:57:f7:f3:a5:d2:42:51:54:f2:c1:44:29:dc:
10:4a:e9:9c:38:9e:cd:15:3a:86:14:ac:63:a1:08:
9c:d1:f7:0a:fa:eb:f9:e8:19:e0:8a:22:ed:ca:24:
bf:79:d5:56:71:57:0a:66:3d:f8:b9:1e:4e:ca:a6:
ba:6f:3c:0f:7d:1b:8e:75:7b:53:b3:f1:12:d3:a4:
40:59:d7:95:5c:51:ed:8d:e3:e5:e8:1e:d6:82:cc:
e8:fe:22:2b:77:4e:86:d4:c2:7b:39:f0:39:10:0c:
23:6c:4f:79:26:05:4a:c1:07:ff:e6:5a:35:bb:e0:
d3:59:1d:73:d7:88:70:15:66:f1:c9:47:eb:45:9e:
c7:3a:b1:60:ed:80:97:47:d5:6c:02:07:2d:12:c1:
8b:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:D6:09:06:DE:6D:C8:4A:34:74:78:FD:71:91:57:7C:FD:EA:78:BA
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/07aa2549-9eea-428d-a23d-c0e66b59cdb0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc1:8000::/38
Signature Algorithm: sha256WithRSAEncryption
1d:4b:56:61:ec:1c:4f:30:63:4a:13:1c:4d:f5:90:20:de:d9:
a9:a1:e3:7f:0c:ed:b5:2b:fc:3a:c4:e1:55:23:62:bc:c5:86:
37:7d:43:69:36:1a:90:86:0a:13:02:ad:3c:87:27:6d:6f:26:
54:14:1f:a2:9e:d3:cf:36:a5:38:92:35:74:f6:58:c8:cc:f1:
d8:8e:e5:c2:f8:8b:63:dd:bb:fd:58:06:e2:90:26:b2:31:e3:
27:bb:4b:f0:b4:03:20:00:7d:3e:09:26:cc:f2:9a:e9:eb:1d:
9a:bb:7e:d0:50:44:40:32:21:93:d9:dd:dd:2f:fd:0c:e2:88:
51:cd:a4:db:cf:40:30:5c:f3:b6:4f:a2:95:c6:18:44:98:e0:
5a:fd:61:98:8b:12:3e:59:36:9a:41:41:b3:62:c1:b9:95:b5:
1a:92:7d:60:52:74:f0:44:ff:6f:10:2d:d3:24:da:73:bf:bf:
68:73:78:d4:66:e4:ad:57:da:d0:c8:d1:77:ca:77:1e:6d:b1:
77:ac:b0:5f:aa:24:2b:6b:54:c0:27:77:d5:cf:af:d5:61:7c:
ba:b6:1c:7c:cd:4e:4b:04:7d:8b:14:0d:81:ce:c8:b0:ad:f7:
26:47:10:93:25:c1:73:24:9c:5d:60:7a:dd:89:df:a5:2e:f2:
40:55:b9:35
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUPoMJ29sNbNj5HtS6kj+iZYwBOa8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA5MDMwMDIwMzdaFw0yNTEwMDgyMzU5NTlaMHoxSTBHBgNV
BAUTQDg3MTExYzMzYmQzYjMxOTQ5MDY2NmE4NTgxMDk5MmJmMDBmNTBiMWQyZjNl
N2M2MWM1YmEzYzhiZjhjN2VlMWExLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMJTHj4+QgWaFPmKM145467XlZXxFIyLGKZw0kdm0C4P5JCo1nR65cIg45Yi
ILPWY/bqprsiwJZqnFLDY4d85pFLSkZ++8JIBUAP59+3u5LbglY2GdBtgTIwzqmj
ZvXksMz/JejQ53iN0MdX9/Ol0kJRVPLBRCncEErpnDiezRU6hhSsY6EInNH3Cvrr
+egZ4Ioi7cokv3nVVnFXCmY9+LkeTsqmum88D30bjnV7U7PxEtOkQFnXlVxR7Y3j
5ege1oLM6P4iK3dOhtTCeznwORAMI2xPeSYFSsEH/+ZaNbvg01kdc9eIcBVm8clH
60WexzqxYO2Al0fVbAIHLRLBi0sCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRL1gkG
3m3ISjR0eP1xkVd8/ep4ujAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
MDdhYTI1NDktOWVlYS00MjhkLWEyM2QtYzBlNjZiNTljZGIwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAiABP8GA
MA0GCSqGSIb3DQEBCwUAA4IBAQAdS1Zh7BxPMGNKExxN9ZAg3tmpoeN/DO21K/w6
xOFVI2K8xYY3fUNpNhqQhgoTAq08hydtbyZUFB+intPPNqU4kjV09ljIzPHYjuXC
+Itj3bv9WAbikCayMeMnu0vwtAMgAH0+CSbM8prp6x2au37QUERAMiGT2d3dL/0M
4ohRzaTbz0AwXPO2T6KVxhhEmOBa/WGYixI+WTaaQUGzYsG5lbUakn1gUnTwRP9v
EC3TJNpzv79oc3jUZuStV9rQyNF3yncebbF3rLBfqiQra1TAJ3fVz6/VYXy6thx8
zU5LBH2LFA2BzsiwrfcmRxCTJcFzJJxdYHrdid+lLvJAVbk1
-----END CERTIFICATE-----
Generated at Sun Sep 7 12:33:55 2025 by rpki-client