Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/78ea1ce2-8d09-441d-ad92-848a5871e58b.roa
File: 78ea1ce2-8d09-441d-ad92-848a5871e58b.roa (raw, json)
Hash identifier: qfxCtmBtFcjkfJ87Yn5Syu0pzPQJkU4ihS2gSFGQdIg=
Subject key identifier: 37:75:67:D2:8A:7D:B2:52:2D:2C:A4:F6:3A:88:F7:2F:A6:49:9F:16
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 4121C53B50225F11B98C36FE7153F96AF17E73A9
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/78ea1ce2-8d09-441d-ad92-848a5871e58b.roa
Signing time: Wed 03 Sep 2025 00:21:06 +0000
ROA not before: Wed 03 Sep 2025 00:21:06 +0000
ROA not after: Wed 08 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc3::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 08 Sep 2025 05:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
41:21:c5:3b:50:22:5f:11:b9:8c:36:fe:71:53:f9:6a:f1:7e:73:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Sep 3 00:21:06 2025 GMT
Not After : Oct 8 23:59:59 2025 GMT
Subject: serialNumber=c5a0fe1128d11bb764cfeeedd0b741306bed66c954fe788dfcada0d16085f9ed, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:ce:28:47:28:46:23:8f:c1:6e:68:12:05:37:
24:fa:7b:6c:d6:c1:d1:37:73:47:bf:0f:23:98:86:
6a:33:40:e8:9a:65:6c:71:b6:ce:76:40:1f:f8:69:
c4:73:5b:29:6f:b8:95:59:6a:9b:a3:6f:df:8c:80:
dd:d8:f7:28:25:68:95:2d:33:23:18:20:4a:ab:d0:
b8:d7:ea:fa:08:ba:ee:e3:36:8d:fd:51:c1:d3:54:
48:06:b3:11:fc:6a:cb:de:55:f5:86:97:9a:d2:d3:
6f:b0:2a:2b:15:fd:d3:cb:77:b0:7a:4e:72:eb:06:
18:16:0b:7e:7e:b3:70:dd:81:52:1b:0a:eb:1f:36:
1a:1d:d9:05:8f:91:96:68:2d:4d:d8:20:39:28:c7:
ba:52:29:8b:4e:e6:06:e1:18:ac:c6:13:dd:b5:a1:
40:88:be:1b:4e:2e:59:4a:08:f4:7b:4a:46:2d:82:
28:69:9d:64:11:d4:bb:dd:c6:90:c9:89:42:e0:b3:
21:1e:0d:5b:86:60:b4:a7:9a:0f:b0:89:19:66:c0:
96:23:b2:ff:50:50:5a:d4:15:68:49:b2:35:ce:0c:
63:eb:0a:77:c7:a8:99:15:ce:86:63:8f:cc:ed:53:
b6:65:47:7e:b6:39:0f:5c:61:8d:3c:44:90:d4:4a:
77:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:75:67:D2:8A:7D:B2:52:2D:2C:A4:F6:3A:88:F7:2F:A6:49:9F:16
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/78ea1ce2-8d09-441d-ad92-848a5871e58b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc3::/36
Signature Algorithm: sha256WithRSAEncryption
7a:9b:b3:ff:a9:06:39:4f:1d:38:a0:69:f0:b7:a5:31:b3:a7:
90:8c:52:35:6e:dc:15:60:22:b6:6b:7d:1f:60:8b:e9:c4:1e:
c4:f4:4a:71:d9:6f:e1:87:00:01:95:a4:a8:1d:67:3e:2f:c5:
d1:34:4f:e3:17:59:01:73:7f:b6:17:49:71:1e:c2:c2:c2:f0:
0c:d8:2b:be:fb:81:0a:18:71:8c:44:5e:a0:72:10:2e:79:64:
b1:cd:c8:44:31:b4:56:76:8c:08:3f:46:d8:69:be:0e:03:47:
67:8b:d5:1a:d2:58:77:72:6c:8f:1a:4b:cb:e8:d1:d4:d9:4a:
85:cd:ad:a7:91:17:fc:ef:c3:3b:60:1b:6e:6f:a8:9e:2c:7c:
5c:bd:04:9a:33:ab:f4:0b:2d:6f:71:e8:92:5c:1f:16:c5:d9:
7d:0b:a7:01:d6:a1:a0:29:16:8d:f6:cd:86:af:cc:d8:12:e1:
0f:43:03:7b:ae:e9:a6:9e:7c:10:2b:a6:35:4f:71:b3:03:69:
36:87:ac:36:ab:c7:3f:9d:2a:45:9d:06:71:0f:b9:98:83:58:
66:71:06:16:b4:5f:d6:42:49:36:e2:5f:d1:93:ad:c5:d4:2c:
25:a5:0d:05:ba:8d:03:79:4a:3b:da:37:d9:91:62:a3:d0:f8:
ba:cf:b9:5d
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUQSHFO1AiXxG5jDb+cVP5avF+c6kwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA5MDMwMDIxMDZaFw0yNTEwMDgyMzU5NTlaMHoxSTBHBgNV
BAUTQGM1YTBmZTExMjhkMTFiYjc2NGNmZWVlZGQwYjc0MTMwNmJlZDY2Yzk1NGZl
Nzg4ZGZjYWRhMGQxNjA4NWY5ZWQxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALnOKEcoRiOPwW5oEgU3JPp7bNbB0TdzR78PI5iGajNA6JplbHG2znZAH/hp
xHNbKW+4lVlqm6Nv34yA3dj3KCVolS0zIxggSqvQuNfq+gi67uM2jf1RwdNUSAaz
Efxqy95V9YaXmtLTb7AqKxX908t3sHpOcusGGBYLfn6zcN2BUhsK6x82Gh3ZBY+R
lmgtTdggOSjHulIpi07mBuEYrMYT3bWhQIi+G04uWUoI9HtKRi2CKGmdZBHUu93G
kMmJQuCzIR4NW4ZgtKeaD7CJGWbAliOy/1BQWtQVaEmyNc4MY+sKd8eomRXOhmOP
zO1TtmVHfrY5D1xhjTxEkNRKd1cCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQ3dWfS
in2yUi0spPY6iPcvpkmfFjAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
NzhlYTFjZTItOGQwOS00NDFkLWFkOTItODQ4YTU4NzFlNThiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCABP8MA
MA0GCSqGSIb3DQEBCwUAA4IBAQB6m7P/qQY5Tx04oGnwt6Uxs6eQjFI1btwVYCK2
a30fYIvpxB7E9Epx2W/hhwABlaSoHWc+L8XRNE/jF1kBc3+2F0lxHsLCwvAM2Cu+
+4EKGHGMRF6gchAueWSxzchEMbRWdowIP0bYab4OA0dni9Ua0lh3cmyPGkvL6NHU
2UqFza2nkRf878M7YBtub6ieLHxcvQSaM6v0Cy1vceiSXB8Wxdl9C6cB1qGgKRaN
9s2Gr8zYEuEPQwN7rummnnwQK6Y1T3GzA2k2h6w2q8c/nSpFnQZxD7mYg1hmcQYW
tF/WQkk24l/Rk63F1CwlpQ0Fuo0DeUo72jfZkWKj0Pi6z7ld
-----END CERTIFICATE-----
Generated at Sun Sep 7 12:33:47 2025 by rpki-client