Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/4c3a78bf-d9cf-418f-8a3a-8c3e72470c1c.roa
File: 4c3a78bf-d9cf-418f-8a3a-8c3e72470c1c.roa (raw, json)
Hash identifier: uV+KNZBOEzo1+7qcNHNKSWNsovMAT/nCudX3pU9jjb8=
Subject key identifier: CA:66:6D:D8:39:22:21:28:BE:9A:D8:FA:33:1C:AD:C2:C1:76:F9:04
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 45966E2A69D8E9B88E2D23E7FBA98CC1FA19A87A
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/4c3a78bf-d9cf-418f-8a3a-8c3e72470c1c.roa
Signing time: Wed 03 Sep 2025 00:20:12 +0000
ROA not before: Wed 03 Sep 2025 00:20:12 +0000
ROA not after: Wed 08 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc0:840::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 08 Sep 2025 05:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
45:96:6e:2a:69:d8:e9:b8:8e:2d:23:e7:fb:a9:8c:c1:fa:19:a8:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Sep 3 00:20:12 2025 GMT
Not After : Oct 8 23:59:59 2025 GMT
Subject: serialNumber=0262fada623509a5ec7d176f3f663e42d1e904d9fc72fc9e7bf0328f67254f85, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:7c:e1:e6:b9:69:a1:89:ae:99:e3:6a:33:41:
75:93:68:59:f0:6a:e7:5f:af:7f:dc:c8:44:f1:79:
d9:1d:55:09:b5:8c:cf:a3:88:e3:7a:a1:4d:84:8c:
25:f9:94:9b:02:0e:ee:16:f1:b7:aa:9e:98:00:c8:
45:af:0c:37:e9:af:48:32:ad:6e:5d:93:3a:5b:ca:
57:85:6e:34:1a:24:f3:bf:ef:59:6d:a2:d7:d6:50:
ba:6f:ef:3b:34:63:5a:c3:40:32:7f:80:cd:62:b7:
15:fd:ef:5c:f4:d4:aa:c0:48:28:33:17:a4:91:9e:
41:a2:de:42:40:8e:00:c6:17:2b:6a:82:7c:2b:25:
ce:74:cf:cf:e1:a7:9b:c0:82:b1:e0:69:18:c5:76:
24:46:61:9a:3e:e8:03:29:dd:d7:eb:2c:4d:71:2f:
b2:70:aa:82:95:1f:d0:b7:a7:51:58:d6:6f:8d:e8:
b4:e8:46:31:25:18:68:7e:79:49:65:77:84:ba:78:
e7:9e:c1:e4:c6:a3:f2:86:88:13:d9:4a:75:4e:d8:
1e:5e:02:9a:21:1a:2e:39:17:9a:a6:44:ba:4d:5e:
f8:25:a7:38:14:08:90:83:c1:8c:bb:80:c0:14:28:
9e:70:d0:60:61:fc:a7:8d:01:b5:e9:7a:a6:6a:36:
a9:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:66:6D:D8:39:22:21:28:BE:9A:D8:FA:33:1C:AD:C2:C1:76:F9:04
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/4c3a78bf-d9cf-418f-8a3a-8c3e72470c1c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc0:840::/48
Signature Algorithm: sha256WithRSAEncryption
71:7f:be:e3:7f:c7:1e:e2:09:6c:a7:c3:b9:ba:c2:19:d8:cf:
41:bb:58:7f:e8:9d:89:e7:fe:13:2e:49:d1:ee:3c:18:58:bf:
e7:5f:49:5a:aa:6d:78:84:a4:d1:0a:c1:ee:86:9c:d2:3d:34:
a8:d4:19:6a:93:e3:7f:09:4e:4f:32:31:25:a2:b3:af:76:cc:
bf:f9:65:50:50:73:f0:ca:0f:18:db:06:d4:91:7f:a2:9a:58:
f5:71:11:53:cf:88:04:2c:58:14:d1:9c:f1:0c:65:4f:40:78:
67:3e:5f:e2:c7:53:78:1c:7f:7d:47:5e:b8:c3:2e:00:de:86:
f9:ba:1f:93:48:21:40:0c:e8:6c:ef:e2:1f:5b:3d:07:91:c0:
48:bd:05:cf:08:fd:9e:57:fe:96:a4:69:9a:13:72:80:c4:aa:
4a:9d:21:28:59:ae:38:b0:79:37:fb:21:46:2c:b2:11:b2:11:
f1:9b:54:b4:70:ed:14:eb:7c:74:ee:24:08:c8:b0:0c:52:b8:
5b:26:5d:01:a1:22:bf:49:21:0b:25:23:88:6d:0e:20:80:b9:
ef:34:25:ac:90:90:11:0f:72:a0:cd:0f:92:71:34:e5:6e:76:
27:0a:82:e4:19:9d:8c:b2:1b:e6:a4:cd:38:6a:84:21:c4:8a:
37:81:e6:71
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIURZZuKmnY6biOLSPn+6mMwfoZqHowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA5MDMwMDIwMTJaFw0yNTEwMDgyMzU5NTlaMHoxSTBHBgNV
BAUTQDAyNjJmYWRhNjIzNTA5YTVlYzdkMTc2ZjNmNjYzZTQyZDFlOTA0ZDlmYzcy
ZmM5ZTdiZjAzMjhmNjcyNTRmODUxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALV84ea5aaGJrpnjajNBdZNoWfBq51+vf9zIRPF52R1VCbWMz6OI43qhTYSM
JfmUmwIO7hbxt6qemADIRa8MN+mvSDKtbl2TOlvKV4VuNBok87/vWW2i19ZQum/v
OzRjWsNAMn+AzWK3Ff3vXPTUqsBIKDMXpJGeQaLeQkCOAMYXK2qCfCslznTPz+Gn
m8CCseBpGMV2JEZhmj7oAynd1+ssTXEvsnCqgpUf0LenUVjWb43otOhGMSUYaH55
SWV3hLp4557B5Maj8oaIE9lKdU7YHl4CmiEaLjkXmqZEuk1e+CWnOBQIkIPBjLuA
wBQonnDQYGH8p40Btel6pmo2qYMCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTKZm3Y
OSIhKL6a2PozHK3CwXb5BDAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
NGMzYTc4YmYtZDljZi00MThmLThhM2EtOGMzZTcyNDcwYzFjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACABP8AI
QDANBgkqhkiG9w0BAQsFAAOCAQEAcX++43/HHuIJbKfDubrCGdjPQbtYf+idief+
Ey5J0e48GFi/519JWqpteISk0QrB7oac0j00qNQZapPjfwlOTzIxJaKzr3bMv/ll
UFBz8MoPGNsG1JF/oppY9XERU8+IBCxYFNGc8QxlT0B4Zz5f4sdTeBx/fUdeuMMu
AN6G+bofk0ghQAzobO/iH1s9B5HASL0Fzwj9nlf+lqRpmhNygMSqSp0hKFmuOLB5
N/shRiyyEbIR8ZtUtHDtFOt8dO4kCMiwDFK4WyZdAaEiv0khCyUjiG0OIIC57zQl
rJCQEQ9yoM0PknE05W52JwqC5BmdjLIb5qTNOGqEIcSKN4HmcQ==
-----END CERTIFICATE-----
Generated at Sun Sep 7 12:33:50 2025 by rpki-client