Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/4723f2a2-88af-42fa-b700-a780f4cd2903.roa
File: 4723f2a2-88af-42fa-b700-a780f4cd2903.roa (raw, json)
Hash identifier: QAUIFdH/f40oeK542y+QtINs7SLtPHyeq70VAmZSB1k=
Subject key identifier: 0B:B9:43:64:8F:D2:A6:CD:00:AE:81:28:31:D7:07:EF:91:17:B0:C2
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 2CC4775AA4A956B94F5C6A0783F66878B605553C
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/4723f2a2-88af-42fa-b700-a780f4cd2903.roa
Signing time: Wed 03 Sep 2025 00:21:22 +0000
ROA not before: Wed 03 Sep 2025 00:21:22 +0000
ROA not after: Wed 08 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc3:a000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 08 Sep 2025 05:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2c:c4:77:5a:a4:a9:56:b9:4f:5c:6a:07:83:f6:68:78:b6:05:55:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Sep 3 00:21:22 2025 GMT
Not After : Oct 8 23:59:59 2025 GMT
Subject: serialNumber=536be439f355e217c3314240efa48c1aff645bc01c9f1a904f552b2a56b83a2f, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:f9:88:8d:74:64:27:56:2f:47:9c:27:e0:c7:
3d:0f:2e:48:5f:e7:d4:30:50:d3:41:f9:f4:17:c4:
5d:97:c7:c7:33:b9:62:52:e9:c1:47:2e:ce:53:2a:
e5:c5:7e:ea:d6:f0:0f:12:f2:e4:79:7b:23:a5:2b:
4d:5c:40:a8:f6:94:f2:d0:d1:6e:64:6b:6a:37:1a:
53:d3:d8:af:30:f3:d9:ea:bc:e3:ac:b0:ad:62:fa:
cd:16:6f:27:3f:88:77:69:44:15:5e:38:c7:9d:a8:
ca:9b:02:ad:91:ec:b7:89:c8:48:92:9a:23:e3:ab:
4c:4f:0c:31:bc:da:b9:69:83:31:3e:e5:38:db:19:
fe:c3:09:6d:06:22:95:86:d1:fe:ed:19:ef:11:76:
6c:86:01:87:95:fa:0a:0d:81:60:db:df:e1:a6:6b:
68:37:9f:81:05:3a:8b:7a:87:99:e0:bf:76:86:51:
7f:a8:ab:88:9d:ca:d9:1c:60:9f:20:33:2b:be:47:
41:35:d1:43:3e:0d:18:02:ba:a3:78:8f:ca:ca:a3:
5a:c1:37:e2:2a:8b:d4:32:1d:14:aa:bd:12:3e:94:
6f:0f:b8:e5:d7:ef:57:02:a2:2f:23:cb:85:05:34:
7c:af:68:b3:28:ee:f7:bd:cd:ff:c1:2e:79:c6:ef:
35:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:B9:43:64:8F:D2:A6:CD:00:AE:81:28:31:D7:07:EF:91:17:B0:C2
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/4723f2a2-88af-42fa-b700-a780f4cd2903.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc3:a000::/36
Signature Algorithm: sha256WithRSAEncryption
07:85:2d:3e:92:b9:07:95:08:fb:b8:ae:85:1f:80:7e:aa:fe:
0b:86:82:23:3e:3c:25:a1:71:70:e2:3e:66:2d:d0:54:19:83:
35:42:45:bf:80:78:e1:2b:fc:ae:6e:ed:d2:61:24:d0:a7:cf:
6b:f8:3d:55:41:51:17:dd:15:97:65:8f:4b:35:78:4b:ef:48:
bc:38:e9:69:3d:fd:5d:b6:59:52:2f:71:ae:e9:8a:1b:67:0e:
4c:7c:9e:92:a9:75:3c:0c:e7:06:a0:40:91:ca:ff:92:1a:c3:
20:0b:ad:92:55:1f:4b:81:a8:d9:27:ff:c0:8a:39:8a:ba:13:
f9:85:b2:85:52:c9:0d:69:e1:dd:a3:e1:b1:05:b1:da:b2:4a:
1f:5b:0c:68:f0:03:f8:19:fd:dd:1c:b6:e8:93:84:0f:2d:c3:
26:e9:2a:5d:d8:33:49:79:ab:b0:f8:6e:6f:d1:6f:1f:d4:71:
7a:8e:c0:37:95:ed:54:2e:1f:6c:39:c5:52:0c:bc:52:e2:cd:
20:84:9d:a6:e9:fd:b0:af:c1:00:ca:17:90:97:88:20:d6:13:
65:5d:ce:70:5f:90:64:8d:5a:37:48:e5:b9:d0:77:bf:be:1d:
90:c7:41:c8:b0:8c:66:4d:96:4a:31:3f:ef:dc:41:21:3f:5b:
49:a7:c0:15
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIULMR3WqSpVrlPXGoHg/ZoeLYFVTwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA5MDMwMDIxMjJaFw0yNTEwMDgyMzU5NTlaMHoxSTBHBgNV
BAUTQDUzNmJlNDM5ZjM1NWUyMTdjMzMxNDI0MGVmYTQ4YzFhZmY2NDViYzAxYzlm
MWE5MDRmNTUyYjJhNTZiODNhMmYxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAI35iI10ZCdWL0ecJ+DHPQ8uSF/n1DBQ00H59BfEXZfHxzO5YlLpwUcuzlMq
5cV+6tbwDxLy5Hl7I6UrTVxAqPaU8tDRbmRrajcaU9PYrzDz2eq846ywrWL6zRZv
Jz+Id2lEFV44x52oypsCrZHst4nISJKaI+OrTE8MMbzauWmDMT7lONsZ/sMJbQYi
lYbR/u0Z7xF2bIYBh5X6Cg2BYNvf4aZraDefgQU6i3qHmeC/doZRf6iriJ3K2Rxg
nyAzK75HQTXRQz4NGAK6o3iPysqjWsE34iqL1DIdFKq9Ej6Ubw+45dfvVwKiLyPL
hQU0fK9osyju973N/8EuecbvNasCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQLuUNk
j9KmzQCugSgx1wfvkRewwjAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
NDcyM2YyYTItODhhZi00MmZhLWI3MDAtYTc4MGY0Y2QyOTAzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCABP8Og
MA0GCSqGSIb3DQEBCwUAA4IBAQAHhS0+krkHlQj7uK6FH4B+qv4LhoIjPjwloXFw
4j5mLdBUGYM1QkW/gHjhK/yubu3SYSTQp89r+D1VQVEX3RWXZY9LNXhL70i8OOlp
Pf1dtllSL3Gu6YobZw5MfJ6SqXU8DOcGoECRyv+SGsMgC62SVR9LgajZJ//AijmK
uhP5hbKFUskNaeHdo+GxBbHaskofWwxo8AP4Gf3dHLbok4QPLcMm6Spd2DNJeauw
+G5v0W8f1HF6jsA3le1ULh9sOcVSDLxS4s0ghJ2m6f2wr8EAyheQl4gg1hNlXc5w
X5BkjVo3SOW50He/vh2Qx0HIsIxmTZZKMT/v3EEhP1tJp8AV
-----END CERTIFICATE-----
Generated at Sun Sep 7 12:33:43 2025 by rpki-client