Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/5f56f4ae-d187-4a43-b0c2-afd02c09dd64.roa
File: 5f56f4ae-d187-4a43-b0c2-afd02c09dd64.roa (raw, json)
Hash identifier: yRCllJIrsNM042lfRlhjeG8LHQGeppeeC3poGBdsHhQ=
Subject key identifier: 87:F8:B0:91:98:96:AD:64:8B:97:8B:6F:58:30:30:EB:69:6B:55:90
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 3C31466E24CA1F18261D8200D5E2DCED3C2F2C31
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/5f56f4ae-d187-4a43-b0c2-afd02c09dd64.roa
Signing time: Tue 26 Aug 2025 17:20:06 +0000
ROA not before: Tue 26 Aug 2025 17:20:06 +0000
ROA not after: Tue 30 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc6:100::/44 maxlen: 44
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 08 Sep 2025 05:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3c:31:46:6e:24:ca:1f:18:26:1d:82:00:d5:e2:dc:ed:3c:2f:2c:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Aug 26 17:20:06 2025 GMT
Not After : Sep 30 23:59:59 2025 GMT
Subject: serialNumber=dca7efd8228715809a455d1cc231209561384c6e8a2f2b319de738077e8760fe, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:1c:89:9f:a5:00:e4:21:2d:91:91:e0:e2:28:
58:1d:24:b3:46:03:0f:bb:4a:4c:49:df:c6:1f:58:
36:ee:e4:bc:2e:fe:28:bb:9d:79:28:3e:48:b2:1d:
10:13:db:bb:37:c6:ca:e8:92:42:5e:95:04:46:52:
c3:1d:b2:0d:60:32:bd:c7:4d:09:ef:f6:50:9f:57:
4c:bf:4b:7e:fe:cb:1d:28:da:03:85:15:11:1d:29:
29:7f:d5:c2:6b:d3:ce:b1:33:62:28:76:f4:aa:3e:
12:53:8d:f3:a3:a2:02:7e:63:c0:11:a7:34:5f:70:
1b:e1:e5:21:9e:28:e7:ba:9f:61:2e:ff:93:7f:fc:
50:d0:ff:98:f4:90:63:85:ab:40:9b:a4:5c:64:a3:
de:25:e3:f9:6a:6b:40:c4:7d:a9:da:c4:92:70:67:
ab:98:8e:a3:da:5c:43:06:11:10:74:f9:4a:ac:74:
37:8c:a6:c0:27:34:75:40:9a:8b:72:1c:83:66:17:
94:cc:b5:5c:b5:c1:2f:b5:e4:d7:d7:fe:5e:62:d0:
e8:1b:17:7d:04:76:40:98:21:3f:0c:f7:14:1b:75:
aa:87:02:7e:14:7f:86:a2:38:fc:75:f8:db:b1:07:
38:7e:71:2a:55:00:34:19:a1:88:7a:bb:95:80:23:
f5:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:F8:B0:91:98:96:AD:64:8B:97:8B:6F:58:30:30:EB:69:6B:55:90
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/5f56f4ae-d187-4a43-b0c2-afd02c09dd64.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc6:100::/44
Signature Algorithm: sha256WithRSAEncryption
6e:27:6c:15:8c:79:47:0c:ea:d8:af:19:db:a5:6d:b8:b1:73:
c9:7a:4d:4c:7c:80:b8:59:ba:f4:d8:47:2d:eb:c1:48:cb:9a:
80:13:e8:d2:9f:cf:b8:8f:b6:a4:7c:d3:a1:9c:17:7e:05:c6:
db:a7:23:e7:fe:63:03:29:7d:3f:d0:40:bf:40:6c:28:6a:d3:
10:e2:b6:d1:e1:0a:23:be:4e:98:2b:12:63:99:97:ca:d7:73:
0b:6a:19:b6:61:6e:a5:e5:d1:78:4b:e0:1d:bf:b8:99:11:f8:
60:e9:14:6d:58:8e:84:d9:5b:c6:4e:58:d3:e9:90:82:5a:39:
79:e5:39:50:b5:41:eb:c2:1d:3b:f2:75:44:3a:35:db:8a:9a:
9d:86:d5:26:1d:53:8d:b5:c9:18:91:34:d3:b1:00:ba:6b:67:
26:68:c0:9c:97:1e:fd:28:6a:60:70:7d:45:2a:48:0e:15:ad:
c4:a5:7d:aa:6a:12:fc:85:de:be:fe:fb:2e:dc:ed:8d:18:b4:
30:80:2a:03:86:b1:4b:ff:3c:9a:1a:c9:4a:e7:27:62:bf:5f:
b9:9a:aa:1c:dd:61:80:a3:72:22:ff:bf:c7:b7:6b:85:0a:52:
59:3f:03:1b:cb:91:e5:2c:d1:01:31:8a:9d:d8:e4:6a:dd:b5:
16:00:0d:13
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUPDFGbiTKHxgmHYIA1eLc7TwvLDEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA4MjYxNzIwMDZaFw0yNTA5MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQGRjYTdlZmQ4MjI4NzE1ODA5YTQ1NWQxY2MyMzEyMDk1NjEzODRjNmU4YTJm
MmIzMTlkZTczODA3N2U4NzYwZmUxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALUciZ+lAOQhLZGR4OIoWB0ks0YDD7tKTEnfxh9YNu7kvC7+KLudeSg+SLId
EBPbuzfGyuiSQl6VBEZSwx2yDWAyvcdNCe/2UJ9XTL9Lfv7LHSjaA4UVER0pKX/V
wmvTzrEzYih29Ko+ElON86OiAn5jwBGnNF9wG+HlIZ4o57qfYS7/k3/8UND/mPSQ
Y4WrQJukXGSj3iXj+WprQMR9qdrEknBnq5iOo9pcQwYREHT5Sqx0N4ymwCc0dUCa
i3Icg2YXlMy1XLXBL7Xk19f+XmLQ6BsXfQR2QJghPwz3FBt1qocCfhR/hqI4/HX4
27EHOH5xKlUANBmhiHq7lYAj9Y8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSH+LCR
mJatZIuXi29YMDDraWtVkDAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
NWY1NmY0YWUtZDE4Ny00YTQzLWIwYzItYWZkMDJjMDlkZDY0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHBCABP8YB
ADANBgkqhkiG9w0BAQsFAAOCAQEAbidsFYx5Rwzq2K8Z26VtuLFzyXpNTHyAuFm6
9NhHLevBSMuagBPo0p/PuI+2pHzToZwXfgXG26cj5/5jAyl9P9BAv0BsKGrTEOK2
0eEKI75OmCsSY5mXytdzC2oZtmFupeXReEvgHb+4mRH4YOkUbViOhNlbxk5Y0+mQ
glo5eeU5ULVB68IdO/J1RDo124qanYbVJh1TjbXJGJE007EAumtnJmjAnJce/Shq
YHB9RSpIDhWtxKV9qmoS/IXevv77LtztjRi0MIAqA4axS/88mhrJSucnYr9fuZqq
HN1hgKNyIv+/x7drhQpSWT8DG8uR5SzRATGKndjkat21FgANEw==
-----END CERTIFICATE-----
Generated at Sun Sep 7 12:33:47 2025 by rpki-client