Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/8208c1b9-c235-4019-8ac2-a56c3cd1c2b0.roa
File: 8208c1b9-c235-4019-8ac2-a56c3cd1c2b0.roa (raw, json)
Hash identifier: EhJnUUXC15v84GmT0o+p7sXbD2T2yTHaD/Zmi7SheXs=
Subject key identifier: B9:B3:23:E4:CF:4A:92:79:0F:8C:99:51:80:61:84:A6:BE:BC:7B:3A
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 5745AD1CA77C456DA029956525583FDDB76B1A9D
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/8208c1b9-c235-4019-8ac2-a56c3cd1c2b0.roa
Signing time: Wed 03 Sep 2025 00:20:16 +0000
ROA not before: Wed 03 Sep 2025 00:20:16 +0000
ROA not after: Wed 08 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc7:2840::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 08 Sep 2025 05:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
57:45:ad:1c:a7:7c:45:6d:a0:29:95:65:25:58:3f:dd:b7:6b:1a:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Sep 3 00:20:16 2025 GMT
Not After : Oct 8 23:59:59 2025 GMT
Subject: serialNumber=3b17404154f09fa9e217fb818ad8ee7f533c68b07def175137c6b8d35229a6ae, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:ca:f4:77:b1:73:97:6e:b9:ae:4d:14:d0:91:
92:77:a0:9b:ea:b5:15:f1:55:17:81:43:54:f4:a3:
f8:03:29:60:cc:b0:85:4b:c6:5a:97:e4:c7:46:21:
69:90:e0:ba:55:e8:40:7f:aa:9a:53:fd:8f:a2:a3:
11:2e:f4:9b:9c:11:ec:4e:10:92:64:f4:7a:2f:ad:
92:04:0e:07:d6:78:72:ae:b3:16:cd:e7:3b:d6:cb:
55:61:3f:88:bf:35:66:85:4c:44:36:57:85:15:4c:
61:ea:08:c9:a4:60:5b:e3:70:a4:be:2a:d2:60:5b:
48:19:68:bd:05:5c:1d:08:08:6a:c3:2d:a4:7e:3b:
a5:b1:a7:16:b7:68:29:78:36:4a:4e:31:29:03:f1:
cb:08:d0:f9:dd:1e:ba:f5:28:78:34:8b:0a:4d:e9:
b1:94:b1:7b:e1:3b:80:e2:35:f8:0a:79:74:5c:76:
64:69:78:50:70:58:71:1a:3e:48:1a:ec:c4:3d:de:
38:c4:7c:a0:43:90:c9:ad:41:8d:26:61:d4:8a:19:
64:3b:ec:c9:cc:fb:aa:7c:dc:6c:3c:bc:27:58:fd:
57:18:7f:ff:aa:6f:d3:ac:3b:f1:a4:61:fc:b4:1e:
9c:24:7f:a1:8d:e6:61:ec:61:c2:fc:f0:7b:3d:88:
be:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:B3:23:E4:CF:4A:92:79:0F:8C:99:51:80:61:84:A6:BE:BC:7B:3A
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/8208c1b9-c235-4019-8ac2-a56c3cd1c2b0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc7:2840::/48
Signature Algorithm: sha256WithRSAEncryption
1c:90:b6:3c:32:9a:9d:0a:dc:44:4a:a7:dc:58:0d:7e:ef:13:
12:ca:db:79:8b:5c:c1:95:f2:e1:06:c1:87:ab:3c:2c:97:d1:
40:11:d8:f8:d1:33:fd:ec:b8:96:08:55:93:d9:d6:2b:3d:9f:
20:8b:fd:0f:03:d5:7c:44:bc:44:c7:71:b4:e0:c5:9d:42:06:
21:0b:50:4f:47:59:3b:17:a5:ad:6d:d3:ff:a9:7c:30:be:20:
a4:2b:d4:99:a9:9f:b0:a0:1e:ce:f8:0d:be:43:57:c0:5d:43:
e2:b1:d3:aa:ba:2b:89:a2:28:57:47:91:a1:fe:18:8e:48:92:
fd:21:bd:80:0e:ea:7e:44:0d:80:72:d1:6d:58:01:18:ab:15:
44:1f:76:53:97:5c:94:5d:de:af:50:5f:30:68:8d:44:73:4a:
b4:d2:1f:76:38:e5:9a:91:57:00:3d:4a:90:bd:4f:b9:fc:47:
80:d9:55:e7:7f:e1:43:95:12:8c:86:d8:04:fd:6f:e4:f8:77:
b6:c9:f2:25:82:3b:a4:fe:dc:fb:8b:ce:6a:8d:c2:aa:fe:d9:
fd:f4:77:18:71:f3:96:cc:7d:c5:99:1b:7f:c3:ca:69:3a:48:
78:2d:d4:9d:ee:1e:8e:da:cf:bb:2f:03:10:f8:53:d4:15:fe:
d5:09:d8:56
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUV0WtHKd8RW2gKZVlJVg/3bdrGp0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA5MDMwMDIwMTZaFw0yNTEwMDgyMzU5NTlaMHoxSTBHBgNV
BAUTQDNiMTc0MDQxNTRmMDlmYTllMjE3ZmI4MThhZDhlZTdmNTMzYzY4YjA3ZGVm
MTc1MTM3YzZiOGQzNTIyOWE2YWUxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANfK9Hexc5duua5NFNCRknegm+q1FfFVF4FDVPSj+AMpYMywhUvGWpfkx0Yh
aZDgulXoQH+qmlP9j6KjES70m5wR7E4QkmT0ei+tkgQOB9Z4cq6zFs3nO9bLVWE/
iL81ZoVMRDZXhRVMYeoIyaRgW+NwpL4q0mBbSBlovQVcHQgIasMtpH47pbGnFrdo
KXg2Sk4xKQPxywjQ+d0euvUoeDSLCk3psZSxe+E7gOI1+Ap5dFx2ZGl4UHBYcRo+
SBrsxD3eOMR8oEOQya1BjSZh1IoZZDvsycz7qnzcbDy8J1j9Vxh//6pv06w78aRh
/LQenCR/oY3mYexhwvzwez2IvtMCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBS5syPk
z0qSeQ+MmVGAYYSmvrx7OjAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
ODIwOGMxYjktYzIzNS00MDE5LThhYzItYTU2YzNjZDFjMmIwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACABP8co
QDANBgkqhkiG9w0BAQsFAAOCAQEAHJC2PDKanQrcREqn3FgNfu8TEsrbeYtcwZXy
4QbBh6s8LJfRQBHY+NEz/ey4lghVk9nWKz2fIIv9DwPVfES8RMdxtODFnUIGIQtQ
T0dZOxelrW3T/6l8ML4gpCvUmamfsKAezvgNvkNXwF1D4rHTqroriaIoV0eRof4Y
jkiS/SG9gA7qfkQNgHLRbVgBGKsVRB92U5dclF3er1BfMGiNRHNKtNIfdjjlmpFX
AD1KkL1PufxHgNlV53/hQ5USjIbYBP1v5Ph3tsnyJYI7pP7c+4vOao3Cqv7Z/fR3
GHHzlsx9xZkbf8PKaTpIeC3Une4ejtrPuy8DEPhT1BX+1QnYVg==
-----END CERTIFICATE-----
Generated at Sun Sep 7 12:33:49 2025 by rpki-client