Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/5980baf0-35fe-4ca7-b869-04bb2e738b8d.roa
File: 5980baf0-35fe-4ca7-b869-04bb2e738b8d.roa (raw, json)
Hash identifier: oyhSrHGBFn4fm+7BAJz95nNCtctvMW3BlQO1otqRgmc=
Subject key identifier: B6:2E:73:9F:C7:B7:E6:25:F3:5B:EC:08:2C:1A:21:0E:97:26:6A:48
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 2E9D58F30549EBC7E44EF4375A7BB40B1CF734CA
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/5980baf0-35fe-4ca7-b869-04bb2e738b8d.roa
Signing time: Wed 03 Sep 2025 00:20:15 +0000
ROA not before: Wed 03 Sep 2025 00:20:15 +0000
ROA not after: Wed 08 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc0:8c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 08 Sep 2025 05:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2e:9d:58:f3:05:49:eb:c7:e4:4e:f4:37:5a:7b:b4:0b:1c:f7:34:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Sep 3 00:20:15 2025 GMT
Not After : Oct 8 23:59:59 2025 GMT
Subject: serialNumber=354c9999067d2382490b93dbe0830167219ac0c78e92a3bf7c4e5d2b5730ba53, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:07:53:56:2f:ff:ee:b4:3e:63:6b:23:f3:11:
e8:3a:e9:f5:1e:fc:53:25:e0:ab:1c:f5:07:0c:74:
5a:ec:df:12:37:6e:2c:33:ed:28:7a:89:db:12:5e:
97:67:89:df:f1:38:9c:18:bc:d7:ef:3d:bf:3b:44:
04:01:7c:2c:44:9e:d4:92:34:34:61:d8:be:a8:31:
9a:1e:6f:ab:17:48:26:a9:94:7b:e1:25:6d:e2:92:
21:9a:cb:55:8d:df:6c:11:58:f7:93:e5:72:bc:09:
8a:f6:19:16:7a:d6:40:28:fe:b4:4b:7f:f2:33:96:
58:0a:bb:c0:e7:20:0c:59:c7:95:db:a3:40:67:48:
6d:fd:c6:d4:40:de:c8:2f:15:68:46:f3:91:8e:93:
10:0c:5b:58:50:ee:af:84:ae:09:e0:9d:42:0f:a0:
3d:45:0d:6a:51:87:ef:98:3f:b2:0c:1b:7b:72:b6:
43:62:26:9d:8d:25:bd:35:3c:c1:05:ec:2c:21:b0:
85:de:ca:2e:18:6c:7b:67:68:20:68:84:ce:30:62:
a9:11:6e:20:60:2c:fd:7b:6d:c0:af:c6:45:32:86:
7c:0e:28:f9:07:6e:70:48:cc:93:b9:ea:6f:cd:61:
03:b8:dd:1e:9a:aa:a4:0c:6f:2e:54:ff:bc:54:14:
0d:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:2E:73:9F:C7:B7:E6:25:F3:5B:EC:08:2C:1A:21:0E:97:26:6A:48
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/5980baf0-35fe-4ca7-b869-04bb2e738b8d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc0:8c0::/48
Signature Algorithm: sha256WithRSAEncryption
05:2e:a4:2a:a5:b1:37:a4:36:06:e7:cb:f2:37:5c:53:79:6f:
d1:dc:fd:4b:ea:1b:d0:31:d0:2a:2f:81:49:2c:ec:1a:2e:28:
00:7c:2d:a1:f3:09:9d:31:a8:99:a4:a1:34:1e:03:f0:8f:40:
c2:af:9b:83:40:1b:be:a1:30:ed:25:f9:82:3e:17:6f:eb:a8:
7f:f4:17:20:f5:04:81:6c:71:a5:2f:06:13:87:97:55:55:7f:
10:c6:22:3c:2f:52:00:df:84:22:25:b9:63:5b:3f:ca:9c:4d:
00:a5:4b:98:7e:31:55:82:ec:ba:47:9f:20:7e:c8:bf:dd:42:
35:a0:0e:67:8d:cc:3e:1e:ab:f4:e8:b0:17:eb:7c:ba:a3:be:
f6:92:03:96:a6:e0:df:7d:61:55:4b:31:4c:2b:bb:fa:37:1c:
b8:8b:f5:16:21:0d:04:a9:42:b4:db:e9:85:e6:6a:7e:d6:0c:
bf:f7:ce:6f:29:d5:be:a4:6a:03:a4:71:45:cb:73:08:c2:cd:
0a:09:04:d0:0a:03:fc:8b:fc:eb:e4:25:75:c2:af:10:15:5d:
ea:cd:6a:be:7f:fb:3c:b1:10:90:ad:93:57:21:a6:c6:44:de:
da:57:e0:76:82:16:0a:e3:e8:01:b8:d0:ce:0a:99:86:00:bb:
4b:c4:37:64
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIULp1Y8wVJ68fkTvQ3Wnu0Cxz3NMowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA5MDMwMDIwMTVaFw0yNTEwMDgyMzU5NTlaMHoxSTBHBgNV
BAUTQDM1NGM5OTk5MDY3ZDIzODI0OTBiOTNkYmUwODMwMTY3MjE5YWMwYzc4ZTky
YTNiZjdjNGU1ZDJiNTczMGJhNTMxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKoHU1Yv/+60PmNrI/MR6Drp9R78UyXgqxz1Bwx0WuzfEjduLDPtKHqJ2xJe
l2eJ3/E4nBi81+89vztEBAF8LESe1JI0NGHYvqgxmh5vqxdIJqmUe+ElbeKSIZrL
VY3fbBFY95PlcrwJivYZFnrWQCj+tEt/8jOWWAq7wOcgDFnHldujQGdIbf3G1EDe
yC8VaEbzkY6TEAxbWFDur4SuCeCdQg+gPUUNalGH75g/sgwbe3K2Q2ImnY0lvTU8
wQXsLCGwhd7KLhhse2doIGiEzjBiqRFuIGAs/XttwK/GRTKGfA4o+QducEjMk7nq
b81hA7jdHpqqpAxvLlT/vFQUDQUCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBS2LnOf
x7fmJfNb7AgsGiEOlyZqSDAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
NTk4MGJhZjAtMzVmZS00Y2E3LWI4NjktMDRiYjJlNzM4YjhkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACABP8AI
wDANBgkqhkiG9w0BAQsFAAOCAQEABS6kKqWxN6Q2BufL8jdcU3lv0dz9S+ob0DHQ
Ki+BSSzsGi4oAHwtofMJnTGomaShNB4D8I9Awq+bg0AbvqEw7SX5gj4Xb+uof/QX
IPUEgWxxpS8GE4eXVVV/EMYiPC9SAN+EIiW5Y1s/ypxNAKVLmH4xVYLsukefIH7I
v91CNaAOZ43MPh6r9OiwF+t8uqO+9pIDlqbg331hVUsxTCu7+jccuIv1FiENBKlC
tNvpheZqftYMv/fObynVvqRqA6RxRctzCMLNCgkE0AoD/Iv86+QldcKvEBVd6s1q
vn/7PLEQkK2TVyGmxkTe2lfgdoIWCuPoAbjQzgqZhgC7S8Q3ZA==
-----END CERTIFICATE-----
Generated at Sun Sep 7 12:33:53 2025 by rpki-client