Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/4318c3f0-c6a7-430c-bfad-645d9ad814d0.roa
File: 4318c3f0-c6a7-430c-bfad-645d9ad814d0.roa (raw, json)
Hash identifier: asNmzUQzIIxFluOlkD0pLxLL5sskPwF14VeLbSE1lKE=
Subject key identifier: 02:53:1A:3E:F0:0B:33:F8:D4:79:8A:24:D8:E4:12:BF:3A:CC:B6:6D
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 4E1053E32D9FAE29C101FDE7A92CF67DD500A67B
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/4318c3f0-c6a7-430c-bfad-645d9ad814d0.roa
Signing time: Wed 03 Sep 2025 00:20:42 +0000
ROA not before: Wed 03 Sep 2025 00:20:42 +0000
ROA not after: Wed 08 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc2:8000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 08 Sep 2025 05:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4e:10:53:e3:2d:9f:ae:29:c1:01:fd:e7:a9:2c:f6:7d:d5:00:a6:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Sep 3 00:20:42 2025 GMT
Not After : Oct 8 23:59:59 2025 GMT
Subject: serialNumber=c2dd4ed28b5cbb1fa2bf35eb95b22e9a750791b59b152c4f8f4da283f598da95, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:40:a7:c4:e5:a3:88:db:9f:2e:62:4f:05:2b:
bb:c2:e4:46:0b:39:aa:10:db:44:ee:f9:98:66:2b:
c9:08:ba:e5:cb:f8:53:c2:07:6c:84:35:c9:b5:10:
97:66:a9:23:f1:21:c5:34:88:c0:c7:fd:40:c6:d1:
20:65:01:69:5a:e4:61:45:de:68:4f:20:dc:af:5a:
94:20:2f:ef:4e:cf:62:e0:92:d9:11:e7:2f:1c:03:
3c:aa:f3:c0:c2:4d:88:84:0c:07:cc:5e:63:a4:03:
67:60:83:53:51:07:89:eb:fb:f4:5b:c1:69:c0:ae:
b7:d4:1f:e1:dc:9d:2d:0f:36:d1:b8:78:b6:f1:95:
3f:1f:7b:50:58:2c:fe:33:45:c5:4f:b7:df:3a:21:
e2:0a:71:92:ce:fd:7d:a5:88:eb:2b:34:3c:31:95:
4e:d9:0c:b7:04:35:8c:ec:c6:e4:65:0d:df:88:3b:
1e:4f:67:ec:5a:be:df:ae:ab:0e:22:48:3b:cc:f0:
3d:66:93:91:57:2d:5f:51:d0:00:bc:a3:6a:3a:cd:
38:1b:b1:c9:e6:bf:10:cf:b6:ab:10:7c:67:8b:ed:
58:43:8f:59:75:a3:8d:b2:74:e0:69:01:b8:2e:d5:
19:cd:11:34:01:46:54:8a:35:0b:56:82:17:c1:09:
33:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:53:1A:3E:F0:0B:33:F8:D4:79:8A:24:D8:E4:12:BF:3A:CC:B6:6D
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/4318c3f0-c6a7-430c-bfad-645d9ad814d0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc2:8000::/36
Signature Algorithm: sha256WithRSAEncryption
35:aa:f2:0e:17:af:4c:be:5a:45:5b:70:37:c6:30:be:75:ec:
2b:bf:1e:70:a7:87:e3:b6:e0:e0:05:e9:5d:05:af:1b:39:c8:
b2:79:ea:48:74:13:33:73:b0:ba:80:91:18:4a:b9:a3:b2:6f:
13:82:dd:b0:ab:db:cd:a9:63:8a:e1:fd:69:5b:6b:93:90:0a:
ae:f4:52:cd:ff:4d:1a:79:d9:6b:54:ae:16:42:77:14:de:58:
26:39:f6:47:1f:30:b6:de:a8:63:88:6f:7b:1d:3a:4d:67:cc:
6b:6d:93:61:b3:94:bb:41:d6:50:8d:ac:f7:c2:87:76:40:55:
87:af:08:cc:0d:ab:7d:a6:56:4e:75:ce:e6:43:a5:87:1e:6f:
0f:7a:24:14:3c:63:24:5a:af:91:5f:7e:2c:21:d2:b6:ee:88:
aa:23:fb:56:12:f0:96:d1:df:d7:9b:e2:77:90:c9:b3:01:d3:
3d:aa:23:5c:2e:1c:0d:d9:f8:ca:1b:67:96:9c:47:eb:76:9b:
ae:8b:e6:e4:c2:d3:fb:62:9b:8d:fd:c4:d1:6f:76:cc:21:81:
ce:11:3d:db:90:29:49:1d:96:b1:26:a0:49:8e:84:56:d2:61:
c2:71:94:0c:6e:68:cc:a6:ce:94:90:ce:73:7a:30:cd:49:a9:
fa:c7:65:8f
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUThBT4y2frinBAf3nqSz2fdUApnswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA5MDMwMDIwNDJaFw0yNTEwMDgyMzU5NTlaMHoxSTBHBgNV
BAUTQGMyZGQ0ZWQyOGI1Y2JiMWZhMmJmMzVlYjk1YjIyZTlhNzUwNzkxYjU5YjE1
MmM0ZjhmNGRhMjgzZjU5OGRhOTUxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPJAp8Tlo4jbny5iTwUru8LkRgs5qhDbRO75mGYryQi65cv4U8IHbIQ1ybUQ
l2apI/EhxTSIwMf9QMbRIGUBaVrkYUXeaE8g3K9alCAv707PYuCS2RHnLxwDPKrz
wMJNiIQMB8xeY6QDZ2CDU1EHiev79FvBacCut9Qf4dydLQ820bh4tvGVPx97UFgs
/jNFxU+33zoh4gpxks79faWI6ys0PDGVTtkMtwQ1jOzG5GUN34g7Hk9n7Fq+366r
DiJIO8zwPWaTkVctX1HQALyjajrNOBuxyea/EM+2qxB8Z4vtWEOPWXWjjbJ04GkB
uC7VGc0RNAFGVIo1C1aCF8EJM0UCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQCUxo+
8Asz+NR5iiTY5BK/Osy2bTAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
NDMxOGMzZjAtYzZhNy00MzBjLWJmYWQtNjQ1ZDlhZDgxNGQwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCABP8KA
MA0GCSqGSIb3DQEBCwUAA4IBAQA1qvIOF69MvlpFW3A3xjC+dewrvx5wp4fjtuDg
BeldBa8bOciyeepIdBMzc7C6gJEYSrmjsm8Tgt2wq9vNqWOK4f1pW2uTkAqu9FLN
/00aedlrVK4WQncU3lgmOfZHHzC23qhjiG97HTpNZ8xrbZNhs5S7QdZQjaz3wod2
QFWHrwjMDat9plZOdc7mQ6WHHm8PeiQUPGMkWq+RX34sIdK27oiqI/tWEvCW0d/X
m+J3kMmzAdM9qiNcLhwN2fjKG2eWnEfrdpuui+bkwtP7YpuN/cTRb3bMIYHOET3b
kClJHZaxJqBJjoRW0mHCcZQMbmjMps6UkM5zejDNSan6x2WP
-----END CERTIFICATE-----
Generated at Sun Sep 7 12:33:54 2025 by rpki-client