Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/13e0b0a3-49b4-4990-a108-1beddb3a18bc.roa
File: 13e0b0a3-49b4-4990-a108-1beddb3a18bc.roa (raw, json)
Hash identifier: NNH1FySs+IYA2bFkLDjG9VY1FXa4bchxfqBb0OtDKBY=
Subject key identifier: D9:FF:2C:84:63:2B:45:5F:AA:D1:81:17:0A:FE:E3:31:71:FC:22:FD
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 21C52EE8080A28A58736DCEBE44007DA922A2593
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/13e0b0a3-49b4-4990-a108-1beddb3a18bc.roa
Signing time: Wed 03 Sep 2025 00:20:08 +0000
ROA not before: Wed 03 Sep 2025 00:20:08 +0000
ROA not after: Wed 08 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc7:28c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 08 Sep 2025 05:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
21:c5:2e:e8:08:0a:28:a5:87:36:dc:eb:e4:40:07:da:92:2a:25:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Sep 3 00:20:08 2025 GMT
Not After : Oct 8 23:59:59 2025 GMT
Subject: serialNumber=0f5e48b38b1d5e07293082092eede148d4e9c234dd0f6d249752ef7dec930933, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:e7:2d:dd:e5:bf:a3:4d:56:f0:82:04:38:02:
86:1a:ea:8a:f9:17:5c:81:e1:a0:c1:3f:96:88:2d:
2e:3c:bc:53:e3:2f:4e:ce:a5:75:34:d2:ef:89:0d:
38:c5:86:99:96:7e:bb:95:84:18:2a:40:e2:00:39:
99:79:d6:ee:b5:e8:6d:2d:a0:28:4a:23:96:89:9b:
ae:58:f0:62:82:66:1f:53:37:51:c9:ef:cf:bb:68:
a1:9b:39:2a:83:70:08:23:43:01:9e:57:69:2e:f1:
2c:15:84:29:99:97:cd:b6:cc:60:b4:b5:25:45:c0:
7c:52:a4:e8:cc:f3:6d:2c:2a:08:88:85:de:f6:84:
12:a2:7f:00:ad:67:dc:b2:7e:a0:3a:86:f4:d9:6c:
92:9e:15:11:7c:68:88:99:a0:46:9e:96:08:3b:e4:
9e:f4:c1:27:18:44:3c:ed:f6:4c:41:21:91:67:e3:
5c:1a:1a:91:0b:91:54:f6:31:0d:bb:cc:83:aa:76:
0a:cc:47:af:e7:56:47:1e:81:5a:b0:36:55:1a:7f:
03:d2:51:fa:0a:78:3b:80:e3:cf:ea:91:ab:97:54:
ce:88:c3:36:77:7f:66:27:d1:29:89:90:59:05:56:
87:99:8c:a5:b1:5d:bc:97:85:56:22:f2:41:fe:f9:
6d:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:FF:2C:84:63:2B:45:5F:AA:D1:81:17:0A:FE:E3:31:71:FC:22:FD
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/13e0b0a3-49b4-4990-a108-1beddb3a18bc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc7:28c0::/48
Signature Algorithm: sha256WithRSAEncryption
4a:05:d0:37:db:83:6c:38:c2:33:5a:8d:90:12:4a:86:4e:7c:
8d:01:64:c4:20:37:0a:e8:1d:20:d1:83:11:57:11:12:f0:e7:
5b:33:20:f6:7d:2d:76:fe:ed:3e:c0:c5:03:96:a2:75:66:17:
c0:0e:14:d7:e4:ee:fd:dc:16:0d:1f:6d:c9:e5:77:1f:72:1e:
44:91:ee:0d:06:31:92:2f:0e:05:d6:fc:0a:9d:b1:0e:f5:52:
52:95:1a:fb:83:81:f9:d2:98:57:b5:06:ff:41:35:97:7b:a3:
75:a8:d6:b8:c0:16:7b:3f:83:5b:92:7e:ba:d6:ea:58:24:de:
bb:1c:a2:f9:fb:2c:d4:d6:3c:7e:2f:a3:d3:34:ca:1c:1d:eb:
97:0a:2f:db:84:b1:b8:74:e9:eb:29:2b:bf:90:73:95:1c:8b:
70:10:6b:f9:9b:27:d2:85:88:b1:b8:7b:4e:72:10:a7:9d:04:
47:a8:fb:c7:e6:4f:f8:24:de:58:79:7c:b3:cc:29:a4:57:46:
a0:84:e0:40:e8:f4:84:27:86:c9:a8:8a:b6:1d:97:7c:80:23:
c8:fa:6e:fc:d2:c8:34:cb:25:03:b5:4d:a5:78:f0:ee:fb:d6:
d2:ae:ef:d1:10:8a:f6:51:fb:db:32:8b:e8:61:31:b8:46:c4:
46:d4:0b:01
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUIcUu6AgKKKWHNtzr5EAH2pIqJZMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA5MDMwMDIwMDhaFw0yNTEwMDgyMzU5NTlaMHoxSTBHBgNV
BAUTQDBmNWU0OGIzOGIxZDVlMDcyOTMwODIwOTJlZWRlMTQ4ZDRlOWMyMzRkZDBm
NmQyNDk3NTJlZjdkZWM5MzA5MzMxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMTnLd3lv6NNVvCCBDgChhrqivkXXIHhoME/logtLjy8U+MvTs6ldTTS74kN
OMWGmZZ+u5WEGCpA4gA5mXnW7rXobS2gKEojlombrljwYoJmH1M3Ucnvz7tooZs5
KoNwCCNDAZ5XaS7xLBWEKZmXzbbMYLS1JUXAfFKk6MzzbSwqCIiF3vaEEqJ/AK1n
3LJ+oDqG9Nlskp4VEXxoiJmgRp6WCDvknvTBJxhEPO32TEEhkWfjXBoakQuRVPYx
DbvMg6p2CsxHr+dWRx6BWrA2VRp/A9JR+gp4O4Djz+qRq5dUzojDNnd/ZifRKYmQ
WQVWh5mMpbFdvJeFViLyQf75bTsCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTZ/yyE
YytFX6rRgRcK/uMxcfwi/TAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
MTNlMGIwYTMtNDliNC00OTkwLWExMDgtMWJlZGRiM2ExOGJjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACABP8co
wDANBgkqhkiG9w0BAQsFAAOCAQEASgXQN9uDbDjCM1qNkBJKhk58jQFkxCA3Cugd
INGDEVcREvDnWzMg9n0tdv7tPsDFA5aidWYXwA4U1+Tu/dwWDR9tyeV3H3IeRJHu
DQYxki8OBdb8Cp2xDvVSUpUa+4OB+dKYV7UG/0E1l3ujdajWuMAWez+DW5J+utbq
WCTeuxyi+fss1NY8fi+j0zTKHB3rlwov24SxuHTp6ykrv5BzlRyLcBBr+Zsn0oWI
sbh7TnIQp50ER6j7x+ZP+CTeWHl8s8wppFdGoITgQOj0hCeGyaiKth2XfIAjyPpu
/NLINMslA7VNpXjw7vvW0q7v0RCK9lH72zKL6GExuEbERtQLAQ==
-----END CERTIFICATE-----
Generated at Sun Sep 7 12:33:47 2025 by rpki-client