Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/7146d24a-48dc-45b1-ac1b-2a6c2d7b7b19.roa
File: 7146d24a-48dc-45b1-ac1b-2a6c2d7b7b19.roa (raw, json)
Hash identifier: ZBrTO/LiBGMO0eF6lzJ5Zsz8pZJLzHWyw7fU1GlZ1QM=
Subject key identifier: 3D:7A:60:87:4B:40:27:30:82:E6:AF:6C:89:25:27:C4:2C:FD:12:E6
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 25F68BE1491845F2FDD8E2C286E23672362D2919
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/7146d24a-48dc-45b1-ac1b-2a6c2d7b7b19.roa
Signing time: Wed 03 Sep 2025 00:21:03 +0000
ROA not before: Wed 03 Sep 2025 00:21:03 +0000
ROA not after: Wed 08 Oct 2025 23:59:59 +0000
asID: 14618
IP address blocks: 2001:3fc3:800::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 08 Sep 2025 05:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
25:f6:8b:e1:49:18:45:f2:fd:d8:e2:c2:86:e2:36:72:36:2d:29:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Sep 3 00:21:03 2025 GMT
Not After : Oct 8 23:59:59 2025 GMT
Subject: serialNumber=a84d3fa38e493e33456259c150e25ee611bb402cb144e7aecf9d7c24dea3dad0, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:bf:79:17:0e:0f:94:b0:8e:e7:50:47:49:c3:
af:e9:94:92:c2:72:d2:db:60:c7:36:9a:f3:16:e7:
be:80:e4:fa:91:8b:39:f2:53:38:61:ef:38:c6:54:
1c:5b:c0:a2:a5:28:4c:69:5d:b4:11:b3:0e:e2:ce:
00:05:c4:84:3e:a9:26:ad:08:b8:3c:b8:b0:b7:e7:
e8:82:51:62:ad:66:45:9c:9f:7c:51:4c:a7:0a:a3:
bd:ec:78:a7:98:d2:53:31:20:a6:c5:2b:6f:ae:6c:
31:62:06:77:85:ca:90:75:78:c8:92:b1:c0:9d:9b:
c3:46:c7:71:a5:2e:2f:1c:c1:16:be:2b:0b:55:12:
19:76:8f:eb:73:22:55:74:a1:00:9e:e7:d1:52:de:
b1:92:f9:a8:71:8b:b7:dc:9e:f1:44:b2:33:2a:37:
97:ae:2c:37:90:6e:7f:2e:c9:fb:46:4c:fa:61:00:
d2:c5:8a:e4:48:99:79:2a:ce:1d:7e:c2:4f:a0:17:
0f:dd:1f:83:cf:9f:9f:5a:6c:59:bd:de:d8:d7:a9:
52:61:89:2d:76:d8:4c:40:f3:7b:09:27:32:d2:d6:
ec:32:89:44:a9:c5:e3:0c:96:7e:f2:0c:aa:b0:5b:
d3:d1:b2:c5:a1:49:26:2c:40:1a:6c:3e:f6:b7:e6:
b1:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:7A:60:87:4B:40:27:30:82:E6:AF:6C:89:25:27:C4:2C:FD:12:E6
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/7146d24a-48dc-45b1-ac1b-2a6c2d7b7b19.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc3:800::/40
Signature Algorithm: sha256WithRSAEncryption
66:67:a7:bb:d4:ba:13:1b:31:20:ff:fd:ba:0e:15:4f:34:84:
5f:d1:c8:65:ef:de:14:aa:a2:27:87:a8:97:2e:ea:87:3e:e8:
68:02:bd:f8:56:4b:74:db:9d:ec:fd:a6:68:e8:35:2e:44:68:
ad:2b:29:f9:5e:1e:a7:0e:93:f8:76:26:24:2b:b6:d4:a0:f2:
6a:c1:a6:8e:38:0e:bd:f8:1c:a1:9b:c1:7a:d1:2a:0e:d6:ab:
62:7d:47:b3:6b:01:31:98:86:7e:95:3d:67:65:62:6a:2d:52:
80:93:0a:66:ff:ac:71:ea:83:8f:1b:93:ff:00:7e:83:6f:9f:
66:f7:0e:2f:b8:34:53:a0:07:c9:84:df:28:f8:a2:1b:7a:bf:
29:53:c8:8e:54:80:ce:b0:e3:a6:a3:f9:2a:a6:d1:ca:ff:7c:
bb:db:1b:14:fe:3c:d3:35:3e:16:b4:84:a8:c8:06:5e:46:b9:
4d:4d:73:d7:31:b6:09:c0:2d:4d:43:8c:37:70:4c:6b:88:87:
c4:c0:63:0c:d9:f4:d4:7f:00:33:be:28:66:2b:98:3c:4d:16:
91:ec:00:ec:29:d1:2d:5b:3a:13:3b:1c:b9:72:e4:52:15:93:
0f:a7:80:94:59:e5:e7:f9:8d:3e:f7:1e:46:72:04:d5:f4:48:
85:c3:7b:c8
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUJfaL4UkYRfL92OLChuI2cjYtKRkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA5MDMwMDIxMDNaFw0yNTEwMDgyMzU5NTlaMHoxSTBHBgNV
BAUTQGE4NGQzZmEzOGU0OTNlMzM0NTYyNTljMTUwZTI1ZWU2MTFiYjQwMmNiMTQ0
ZTdhZWNmOWQ3YzI0ZGVhM2RhZDAxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMe/eRcOD5SwjudQR0nDr+mUksJy0ttgxzaa8xbnvoDk+pGLOfJTOGHvOMZU
HFvAoqUoTGldtBGzDuLOAAXEhD6pJq0IuDy4sLfn6IJRYq1mRZyffFFMpwqjvex4
p5jSUzEgpsUrb65sMWIGd4XKkHV4yJKxwJ2bw0bHcaUuLxzBFr4rC1USGXaP63Mi
VXShAJ7n0VLesZL5qHGLt9ye8USyMyo3l64sN5Bufy7J+0ZM+mEA0sWK5EiZeSrO
HX7CT6AXD90fg8+fn1psWb3e2NepUmGJLXbYTEDzewknMtLW7DKJRKnF4wyWfvIM
qrBb09GyxaFJJixAGmw+9rfmsckCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQ9emCH
S0AnMILmr2yJJSfELP0S5jAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
NzE0NmQyNGEtNDhkYy00NWIxLWFjMWItMmE2YzJkN2I3YjE5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACABP8MI
MA0GCSqGSIb3DQEBCwUAA4IBAQBmZ6e71LoTGzEg//26DhVPNIRf0chl794UqqIn
h6iXLuqHPuhoAr34Vkt0253s/aZo6DUuRGitKyn5Xh6nDpP4diYkK7bUoPJqwaaO
OA69+Byhm8F60SoO1qtifUezawExmIZ+lT1nZWJqLVKAkwpm/6xx6oOPG5P/AH6D
b59m9w4vuDRToAfJhN8o+KIber8pU8iOVIDOsOOmo/kqptHK/3y72xsU/jzTNT4W
tISoyAZeRrlNTXPXMbYJwC1NQ4w3cExriIfEwGMM2fTUfwAzvihmK5g8TRaR7ADs
KdEtWzoTOxy5cuRSFZMPp4CUWeXn+Y0+9x5GcgTV9EiFw3vI
-----END CERTIFICATE-----
Generated at Sun Sep 7 12:33:51 2025 by rpki-client