Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/542fe731-cba6-4c89-a3a4-ba48a69e246b.roa
File: 542fe731-cba6-4c89-a3a4-ba48a69e246b.roa (raw, json)
Hash identifier: dNRrWVULtEamPUSEN5u5+75f3SgldOjHDGtXiLmO0lU=
Subject key identifier: 1A:AD:C9:A4:CE:40:2D:C8:4D:2C:F4:5F:87:D4:FB:5C:2F:83:EA:7C
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 01350AA8CF76F08CAB1D1C135BB6803F91C83309
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/542fe731-cba6-4c89-a3a4-ba48a69e246b.roa
Signing time: Wed 03 Sep 2025 00:20:19 +0000
ROA not before: Wed 03 Sep 2025 00:20:19 +0000
ROA not after: Wed 08 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc5:8800::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 08 Sep 2025 05:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:35:0a:a8:cf:76:f0:8c:ab:1d:1c:13:5b:b6:80:3f:91:c8:33:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Sep 3 00:20:19 2025 GMT
Not After : Oct 8 23:59:59 2025 GMT
Subject: serialNumber=0f021797266bd712bbc9a0d7f91a5091309f3297e5ec58a4709ae532da2ad868, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:ee:25:1c:60:5f:3e:5f:f1:3e:00:74:45:c8:
b4:b7:6d:92:14:97:33:f3:65:c1:9a:f5:85:95:a7:
3a:51:ec:e8:83:0f:0e:e5:57:49:ce:a7:8f:a8:f4:
a1:47:11:eb:2c:99:40:9f:45:5b:3c:b8:db:98:96:
32:c4:fd:0b:cd:c9:8f:fa:de:02:da:c8:55:bd:d5:
01:af:02:75:fa:31:cc:6b:57:96:cf:85:20:59:c6:
47:9d:92:3a:32:a3:be:d3:77:8b:c4:7a:2c:d1:9e:
8f:8e:bc:d2:82:f7:7a:85:95:04:ad:db:38:27:bb:
5e:98:5e:2a:6e:8f:f9:08:4f:e2:e3:f0:29:fa:10:
de:be:58:d9:93:65:90:ad:0e:2f:27:e6:86:09:79:
46:f8:2b:51:f9:54:85:40:e5:05:06:8e:08:b5:33:
f3:32:7a:0b:92:29:31:c8:ad:c7:0a:79:67:7a:c2:
a7:62:21:4e:c5:ca:d1:f2:e2:e1:b2:a7:7d:a8:69:
ff:29:8d:be:d2:05:f8:34:fc:1b:0c:49:d0:f7:d6:
7f:c7:1f:23:b7:ed:75:78:40:d6:38:25:8b:0b:25:
49:c0:df:4b:8f:51:20:ef:35:c7:84:bc:5a:1e:d3:
af:be:fb:2f:c8:fb:08:17:9c:64:fb:dc:b2:28:14:
75:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:AD:C9:A4:CE:40:2D:C8:4D:2C:F4:5F:87:D4:FB:5C:2F:83:EA:7C
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/542fe731-cba6-4c89-a3a4-ba48a69e246b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc5:8800::/40
Signature Algorithm: sha256WithRSAEncryption
7a:7d:d6:58:5a:d7:f5:f6:fa:85:5f:15:a6:89:4f:d1:b7:d1:
68:7a:5a:b1:20:27:21:38:8e:c0:d5:f8:24:6f:f5:1a:76:26:
83:82:46:7b:24:62:a5:b2:79:42:0c:9a:72:2b:06:ae:64:db:
dd:61:62:ee:55:43:3f:ee:64:b8:d2:9e:17:15:55:8b:38:f4:
b3:67:30:f6:9d:76:fe:10:45:e5:99:a4:de:63:d1:53:bd:f7:
95:a6:1d:93:05:99:a6:95:64:f8:4d:25:ea:c8:74:3f:c2:82:
13:7a:62:01:d9:8e:21:02:b8:7a:ff:d4:47:eb:57:09:d4:bc:
d2:ae:81:77:8a:54:45:8a:0b:ae:54:10:23:e3:32:3b:34:92:
bb:4c:8b:50:d8:ff:83:14:d7:4a:6c:ea:02:11:34:2a:48:7b:
ab:04:1c:11:8a:ec:42:54:cf:50:68:ac:7c:40:ed:4b:a9:9a:
b2:1d:45:59:4f:ff:1e:a2:de:ff:7b:8d:fa:56:ef:ea:21:38:
2b:b5:cb:bc:47:6c:99:af:5c:01:20:3b:4e:ae:3f:33:48:22:
be:11:ba:41:ad:23:94:f8:fe:54:58:66:f5:c8:32:45:70:71:
72:22:4f:ee:f5:58:1b:72:bf:b7:b7:46:58:45:6a:df:0b:d6:
40:11:e6:6e
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUATUKqM928IyrHRwTW7aAP5HIMwkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA5MDMwMDIwMTlaFw0yNTEwMDgyMzU5NTlaMHoxSTBHBgNV
BAUTQDBmMDIxNzk3MjY2YmQ3MTJiYmM5YTBkN2Y5MWE1MDkxMzA5ZjMyOTdlNWVj
NThhNDcwOWFlNTMyZGEyYWQ4NjgxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKXuJRxgXz5f8T4AdEXItLdtkhSXM/NlwZr1hZWnOlHs6IMPDuVXSc6nj6j0
oUcR6yyZQJ9FWzy425iWMsT9C83Jj/reAtrIVb3VAa8CdfoxzGtXls+FIFnGR52S
OjKjvtN3i8R6LNGej4680oL3eoWVBK3bOCe7XpheKm6P+QhP4uPwKfoQ3r5Y2ZNl
kK0OLyfmhgl5RvgrUflUhUDlBQaOCLUz8zJ6C5IpMcitxwp5Z3rCp2IhTsXK0fLi
4bKnfahp/ymNvtIF+DT8GwxJ0PfWf8cfI7ftdXhA1jgliwslScDfS49RIO81x4S8
Wh7Tr777L8j7CBecZPvcsigUdaECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQarcmk
zkAtyE0s9F+H1PtcL4PqfDAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
NTQyZmU3MzEtY2JhNi00Yzg5LWEzYTQtYmE0OGE2OWUyNDZiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACABP8WI
MA0GCSqGSIb3DQEBCwUAA4IBAQB6fdZYWtf19vqFXxWmiU/Rt9FoelqxICchOI7A
1fgkb/UadiaDgkZ7JGKlsnlCDJpyKwauZNvdYWLuVUM/7mS40p4XFVWLOPSzZzD2
nXb+EEXlmaTeY9FTvfeVph2TBZmmlWT4TSXqyHQ/woITemIB2Y4hArh6/9RH61cJ
1LzSroF3ilRFiguuVBAj4zI7NJK7TItQ2P+DFNdKbOoCETQqSHurBBwRiuxCVM9Q
aKx8QO1LqZqyHUVZT/8eot7/e436Vu/qITgrtcu8R2yZr1wBIDtOrj8zSCK+EbpB
rSOU+P5UWGb1yDJFcHFyIk/u9Vgbcr+3t0ZYRWrfC9ZAEeZu
-----END CERTIFICATE-----
Generated at Sun Sep 7 12:33:45 2025 by rpki-client