Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/654f1481-ba50-463b-9997-0d385dd9b0a3.roa
File: 654f1481-ba50-463b-9997-0d385dd9b0a3.roa (raw, json)
Hash identifier: BYtRC6V+gag/bu0SnoXpJmiT7XMiKLSHEzxU92PdyOo=
Subject key identifier: 6D:A7:4A:AD:B6:AC:2E:7A:26:9E:4E:9A:EC:02:B4:20:A9:6B:E1:F0
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 6C51DF2ADD621B9D760930C56C7E588DC2CEE86E
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/654f1481-ba50-463b-9997-0d385dd9b0a3.roa
Signing time: Wed 03 Sep 2025 00:21:10 +0000
ROA not before: Wed 03 Sep 2025 00:21:10 +0000
ROA not after: Wed 08 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc0:800::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 08 Sep 2025 05:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6c:51:df:2a:dd:62:1b:9d:76:09:30:c5:6c:7e:58:8d:c2:ce:e8:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Sep 3 00:21:10 2025 GMT
Not After : Oct 8 23:59:59 2025 GMT
Subject: serialNumber=f184a9ddc43b043ee72d07fd5c7496a1f4f22d2c76b4d72cb6bbf19cf9c05803, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:a2:db:94:4e:af:03:98:8d:e4:c7:5c:c8:6d:
44:7b:b3:25:df:88:c7:39:f1:fc:7c:3c:93:d3:40:
dd:1f:a4:58:06:10:46:3d:b2:cc:13:d2:a1:5c:3b:
91:c9:69:35:41:69:80:99:2a:c2:3c:f7:09:b1:0f:
64:29:b2:ba:51:9c:2b:d8:35:75:8c:d4:a8:da:e9:
4c:b7:dc:91:2f:76:3b:4c:6e:b0:ef:c1:36:54:fd:
ad:9c:70:a4:22:f3:6f:fc:05:0e:83:f1:2d:1d:c8:
50:0d:86:58:84:a4:43:97:eb:eb:80:a8:54:6f:7e:
4f:2e:24:cf:7f:c1:3e:7d:50:a3:7f:e3:ac:2c:53:
67:2f:3d:27:e4:82:53:71:01:bc:a2:b4:d8:98:04:
e9:05:74:8d:41:3a:f7:c4:fa:34:b3:a1:5a:1f:9f:
5e:ef:93:8e:01:51:76:c8:5a:71:37:3b:2d:1f:a0:
42:60:94:e6:26:d9:da:cb:63:4b:e9:6e:3f:a7:16:
09:52:b8:14:b3:54:df:bf:38:34:0c:d2:d6:19:2a:
8f:30:a0:74:56:91:bd:3b:3a:28:78:d9:6c:a4:8e:
cc:fe:1c:48:91:04:be:09:0e:af:ca:6b:2a:0d:7f:
a4:86:f8:55:20:f3:19:e6:68:2e:7e:38:90:9e:8e:
36:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:A7:4A:AD:B6:AC:2E:7A:26:9E:4E:9A:EC:02:B4:20:A9:6B:E1:F0
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/654f1481-ba50-463b-9997-0d385dd9b0a3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc0:800::/40
Signature Algorithm: sha256WithRSAEncryption
4c:b7:e1:82:71:2f:99:3a:63:a5:eb:29:fe:aa:2a:34:0d:d0:
c9:a2:32:e3:4a:79:b9:e9:80:84:62:e4:07:62:88:81:85:5d:
2d:39:28:b6:d1:82:f3:0a:12:9e:5e:cc:78:d8:85:d0:1d:c6:
08:a6:9d:3b:17:d8:6b:4d:04:76:4a:3d:1e:a2:e1:cb:f2:71:
25:6e:5c:b2:06:bf:0e:35:cb:96:b8:a3:4f:de:be:c8:92:84:
c1:6c:c0:ec:39:0a:94:1f:f5:11:66:a9:5b:b1:24:09:c7:28:
b3:3c:49:eb:ba:fe:32:fb:ab:d8:30:a1:3d:2b:ef:f3:ac:02:
7b:95:d8:a7:c9:36:31:5a:d9:31:61:92:80:a7:b5:82:8b:12:
af:b2:37:08:05:fb:35:63:8f:49:c8:6d:70:fc:f6:a3:8c:57:
7a:24:da:70:2c:d2:df:21:ef:2c:a4:89:81:a7:c8:ed:37:72:
00:8d:82:b0:c4:7d:4e:70:a8:ae:f3:44:9d:f1:18:3e:1c:46:
25:dc:5d:a0:61:0a:bd:6d:47:bf:07:e6:33:fa:ae:ef:03:10:
4b:d4:7c:94:ea:65:85:18:5a:f5:73:b5:53:63:23:89:68:d3:
f9:62:94:19:77:18:54:7e:7f:a5:9a:bc:26:3d:d0:7e:c6:53:
d7:c4:f5:54
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUbFHfKt1iG512CTDFbH5YjcLO6G4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA5MDMwMDIxMTBaFw0yNTEwMDgyMzU5NTlaMHoxSTBHBgNV
BAUTQGYxODRhOWRkYzQzYjA0M2VlNzJkMDdmZDVjNzQ5NmExZjRmMjJkMmM3NmI0
ZDcyY2I2YmJmMTljZjljMDU4MDMxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALui25ROrwOYjeTHXMhtRHuzJd+Ixznx/Hw8k9NA3R+kWAYQRj2yzBPSoVw7
kclpNUFpgJkqwjz3CbEPZCmyulGcK9g1dYzUqNrpTLfckS92O0xusO/BNlT9rZxw
pCLzb/wFDoPxLR3IUA2GWISkQ5fr64CoVG9+Ty4kz3/BPn1Qo3/jrCxTZy89J+SC
U3EBvKK02JgE6QV0jUE698T6NLOhWh+fXu+TjgFRdshacTc7LR+gQmCU5ibZ2stj
S+luP6cWCVK4FLNU3784NAzS1hkqjzCgdFaRvTs6KHjZbKSOzP4cSJEEvgkOr8pr
Kg1/pIb4VSDzGeZoLn44kJ6ONjECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRtp0qt
tqwueiaeTprsArQgqWvh8DAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
NjU0ZjE0ODEtYmE1MC00NjNiLTk5OTctMGQzODVkZDliMGEzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACABP8AI
MA0GCSqGSIb3DQEBCwUAA4IBAQBMt+GCcS+ZOmOl6yn+qio0DdDJojLjSnm56YCE
YuQHYoiBhV0tOSi20YLzChKeXsx42IXQHcYIpp07F9hrTQR2Sj0eouHL8nElblyy
Br8ONcuWuKNP3r7IkoTBbMDsOQqUH/URZqlbsSQJxyizPEnruv4y+6vYMKE9K+/z
rAJ7ldinyTYxWtkxYZKAp7WCixKvsjcIBfs1Y49JyG1w/PajjFd6JNpwLNLfIe8s
pImBp8jtN3IAjYKwxH1OcKiu80Sd8Rg+HEYl3F2gYQq9bUe/B+Yz+q7vAxBL1HyU
6mWFGFr1c7VTYyOJaNP5YpQZdxhUfn+lmrwmPdB+xlPXxPVU
-----END CERTIFICATE-----
Generated at Sun Sep 7 12:33:35 2025 by rpki-client