Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/a027acd6-b75f-42ce-9bfb-ac426d92b141.roa
File: a027acd6-b75f-42ce-9bfb-ac426d92b141.roa (raw, json)
Hash identifier: PtwFYdc+d7fjbq3c5tGQyPfiGRiwZmOPVBw06B1MYKw=
Subject key identifier: 74:6D:76:46:03:76:5A:BD:AF:AC:93:EB:6C:E4:1E:F4:A9:27:1D:F5
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 58D83ACF4432CD2C5B7590E91E3F72B6896CEDF7
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/a027acd6-b75f-42ce-9bfb-ac426d92b141.roa
Signing time: Wed 03 Sep 2025 00:30:10 +0000
ROA not before: Wed 03 Sep 2025 00:30:10 +0000
ROA not after: Wed 08 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc3:4000::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 08 Sep 2025 05:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
58:d8:3a:cf:44:32:cd:2c:5b:75:90:e9:1e:3f:72:b6:89:6c:ed:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Sep 3 00:30:10 2025 GMT
Not After : Oct 8 23:59:59 2025 GMT
Subject: serialNumber=08041ace9769b4f5d53c8855c9ca2867b6fe3c933c09409d94f11036b6756bf6, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:e2:44:27:fa:fa:cb:18:67:93:25:68:31:bc:
96:94:d1:f5:ad:03:b5:08:9d:4a:ca:4b:1c:2d:7e:
2c:18:07:d1:44:53:99:47:c8:79:bd:86:d7:93:bb:
c8:8e:48:1e:fe:41:e8:ed:0c:10:2f:0d:1b:a4:ac:
98:b2:70:b1:09:8d:d2:f0:a9:07:e0:46:43:3f:d3:
c5:9d:12:27:6c:a2:ef:86:21:8a:2f:f9:25:c2:b8:
18:e0:3b:3f:88:b2:71:e0:bb:fa:4b:d8:67:48:73:
0f:4a:0e:f6:03:d3:30:04:ee:5d:d5:bc:1c:0c:69:
70:70:2a:e9:36:d9:52:10:37:ba:c1:86:d9:e1:d0:
7a:42:b8:2d:8a:01:0a:f4:fc:3b:cd:c8:9f:e4:57:
6e:76:eb:d5:2e:90:7b:e3:6b:ca:aa:bb:b0:40:68:
ed:3c:4c:8b:ef:e0:89:a6:c5:9d:b2:6a:2b:b1:8f:
58:26:d8:eb:e3:13:0a:4f:4d:04:d0:ad:da:6e:c8:
e6:6f:2e:57:c7:e4:2b:e1:03:29:44:cb:d6:0a:a9:
63:61:c2:6c:84:6e:1f:2a:cf:95:c6:55:e4:be:36:
7e:a3:1f:db:17:3e:0a:87:1a:5f:85:7d:68:65:a7:
38:df:bb:e9:cf:35:81:0b:1a:3f:d6:24:3e:eb:6b:
79:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:6D:76:46:03:76:5A:BD:AF:AC:93:EB:6C:E4:1E:F4:A9:27:1D:F5
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/a027acd6-b75f-42ce-9bfb-ac426d92b141.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc3:4000::/36
Signature Algorithm: sha256WithRSAEncryption
1d:a7:5d:5b:27:4c:f0:75:de:42:80:21:bd:2d:6c:a0:a4:db:
fd:19:c4:1f:c0:24:47:57:b3:bf:e8:b7:7f:86:3b:5b:3a:51:
8b:08:d9:a8:28:83:4a:6f:3d:96:9f:30:11:f7:52:ac:b9:d6:
0d:21:60:4c:89:32:ae:39:32:e3:f3:1b:e0:f7:ac:da:a8:55:
5d:48:dc:ae:bf:7b:f3:3e:9c:c6:d4:e2:2c:95:19:55:72:c6:
cd:14:d4:13:ad:a3:0c:07:c4:09:7b:95:4b:1e:33:7e:a5:43:
6b:01:cc:b9:bc:74:00:a4:3e:dc:05:66:0f:66:54:5f:dc:27:
68:27:4f:10:86:28:72:e1:77:d5:83:ff:ef:d6:a6:8c:12:ea:
a2:07:3a:9b:03:8c:2b:1e:3e:16:2f:77:22:88:72:cc:5f:80:
09:ad:7b:46:f8:ab:98:96:3d:01:57:af:f4:6e:2a:5f:74:f3:
d1:f0:ca:91:5e:2d:d3:ad:82:46:07:d1:09:3e:c8:4c:3f:55:
09:11:26:d0:7f:49:8c:6c:3b:38:e9:55:97:38:27:2e:20:bd:
08:69:17:84:9f:32:65:2e:3a:0b:83:b4:3a:d1:f3:98:b2:21:
6f:71:82:86:03:dd:33:17:7e:3d:d1:66:34:2a:8c:1a:f5:54:
7f:f3:d2:69
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUWNg6z0QyzSxbdZDpHj9ytols7fcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA5MDMwMDMwMTBaFw0yNTEwMDgyMzU5NTlaMHoxSTBHBgNV
BAUTQDA4MDQxYWNlOTc2OWI0ZjVkNTNjODg1NWM5Y2EyODY3YjZmZTNjOTMzYzA5
NDA5ZDk0ZjExMDM2YjY3NTZiZjYxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK3iRCf6+ssYZ5MlaDG8lpTR9a0DtQidSspLHC1+LBgH0URTmUfIeb2G15O7
yI5IHv5B6O0MEC8NG6SsmLJwsQmN0vCpB+BGQz/TxZ0SJ2yi74Yhii/5JcK4GOA7
P4iyceC7+kvYZ0hzD0oO9gPTMATuXdW8HAxpcHAq6TbZUhA3usGG2eHQekK4LYoB
CvT8O83In+RXbnbr1S6Qe+Nryqq7sEBo7TxMi+/giabFnbJqK7GPWCbY6+MTCk9N
BNCt2m7I5m8uV8fkK+EDKUTL1gqpY2HCbIRuHyrPlcZV5L42fqMf2xc+CocaX4V9
aGWnON+76c81gQsaP9YkPutreTkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBR0bXZG
A3Zava+sk+ts5B70qScd9TAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
YTAyN2FjZDYtYjc1Zi00MmNlLTliZmItYWM0MjZkOTJiMTQxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCABP8NA
MA0GCSqGSIb3DQEBCwUAA4IBAQAdp11bJ0zwdd5CgCG9LWygpNv9GcQfwCRHV7O/
6Ld/hjtbOlGLCNmoKINKbz2WnzAR91KsudYNIWBMiTKuOTLj8xvg96zaqFVdSNyu
v3vzPpzG1OIslRlVcsbNFNQTraMMB8QJe5VLHjN+pUNrAcy5vHQApD7cBWYPZlRf
3CdoJ08Qhihy4XfVg//v1qaMEuqiBzqbA4wrHj4WL3ciiHLMX4AJrXtG+KuYlj0B
V6/0bipfdPPR8MqRXi3TrYJGB9EJPshMP1UJESbQf0mMbDs46VWXOCcuIL0IaReE
nzJlLjoLg7Q60fOYsiFvcYKGA90zF3490WY0Kowa9VR/89Jp
-----END CERTIFICATE-----
Generated at Sun Sep 7 12:33:47 2025 by rpki-client