Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/a972fe9b-c39f-48d1-8b19-c14cbaf16237.roa
File: a972fe9b-c39f-48d1-8b19-c14cbaf16237.roa (raw, json)
Hash identifier: vo7ypNwKCYtjI8D69Dx/kgwqEMTo/Kze3O2LMEC+6yQ=
Subject key identifier: AD:A9:E5:D4:DA:9D:7A:B6:37:6B:43:AF:30:AB:D4:F3:E8:36:1C:B7
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 75734865E157EF40819582A562B95D0F2E992773
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/a972fe9b-c39f-48d1-8b19-c14cbaf16237.roa
Signing time: Wed 03 Sep 2025 00:20:35 +0000
ROA not before: Wed 03 Sep 2025 00:20:35 +0000
ROA not after: Wed 08 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc1::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 08 Sep 2025 05:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
75:73:48:65:e1:57:ef:40:81:95:82:a5:62:b9:5d:0f:2e:99:27:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Sep 3 00:20:35 2025 GMT
Not After : Oct 8 23:59:59 2025 GMT
Subject: serialNumber=74f6e1374e4549ffbd02c2d526980767a51c8f2d91d0dbe94c395705bdb0ac29, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:87:9f:f7:6d:4c:f4:1b:bd:26:d9:13:bf:29:
24:83:0a:d3:3c:2a:97:4e:d0:bb:a5:da:98:82:34:
5e:75:ab:b7:db:67:8a:e2:ce:51:35:6d:56:25:a6:
13:02:f5:b0:e0:fc:f0:57:9a:29:fe:da:ff:eb:81:
e9:bc:a2:58:ec:70:e3:83:ac:a7:de:15:23:68:76:
e5:70:69:28:2a:db:f0:cd:e4:35:30:da:b7:1b:e7:
85:a7:d4:0f:00:fd:ce:b4:4f:c5:ec:50:f1:eb:a6:
da:a0:ad:f5:2d:05:5b:a6:5c:0f:97:50:a5:d5:05:
3e:1b:c8:a6:4d:fe:0e:50:81:6a:8f:f6:ef:02:77:
94:e5:14:e3:9d:d3:02:1a:68:6a:61:6f:26:0c:15:
15:c5:55:b7:fc:5f:dc:18:bc:66:fe:45:6d:e5:13:
34:35:dd:18:1a:98:59:a4:79:64:2d:b3:8a:9c:0f:
d6:38:9a:69:fe:67:a9:2e:e6:04:41:d7:41:74:45:
17:bb:68:f3:3e:27:0b:3b:7b:89:20:41:ac:a9:fe:
7d:8c:77:e0:9d:ed:fd:a6:0d:24:d0:23:ae:3c:ca:
06:72:10:25:e0:27:7d:31:f6:dc:b4:0b:7c:ae:9b:
e1:27:c3:4e:cd:b5:94:03:79:69:28:63:fa:46:f8:
31:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:A9:E5:D4:DA:9D:7A:B6:37:6B:43:AF:30:AB:D4:F3:E8:36:1C:B7
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/a972fe9b-c39f-48d1-8b19-c14cbaf16237.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc1::/32
Signature Algorithm: sha256WithRSAEncryption
52:6c:03:b2:b3:8f:d5:c6:f6:e3:cc:f4:38:12:47:15:ab:a8:
1c:b8:fb:e1:f0:2d:58:26:62:50:79:31:71:a8:dd:e2:be:ce:
20:7a:38:f6:ff:dc:78:0f:a2:64:25:11:c9:fe:88:96:a7:34:
19:e9:fd:bf:f6:8b:24:12:1d:70:ab:4a:5f:71:a7:5c:31:14:
64:fa:b8:43:1e:0d:e3:18:b7:68:a0:2d:fd:26:2b:44:cd:3b:
72:32:2a:d3:a6:4b:2a:ad:1f:57:76:25:4f:13:9d:77:8c:85:
4e:66:d8:f7:88:aa:3f:c7:5a:66:84:68:27:f0:66:4d:bf:6c:
71:22:3a:c8:3e:60:7a:fe:6d:ff:3a:5e:dd:b2:48:81:e3:68:
a3:8b:57:92:91:2f:ad:27:8a:65:cd:9b:5c:25:83:d2:0d:67:
4f:42:a2:46:7f:f8:14:ec:6f:61:9b:4b:35:a4:64:ed:93:55:
5a:ef:50:5a:a9:a1:3d:86:60:52:96:c0:0c:9f:62:c3:49:3d:
cc:92:76:6b:91:02:13:4f:0f:f5:94:20:17:63:b9:10:98:2b:
52:78:19:09:a8:b8:35:f3:43:d6:5c:4d:db:56:57:2e:fe:e9:
41:b3:4e:13:18:4f:40:db:a3:e6:03:61:2a:84:ad:1e:04:f7:
db:18:97:ca
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgIUdXNIZeFX70CBlYKlYrldDy6ZJ3MwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA5MDMwMDIwMzVaFw0yNTEwMDgyMzU5NTlaMHoxSTBHBgNV
BAUTQDc0ZjZlMTM3NGU0NTQ5ZmZiZDAyYzJkNTI2OTgwNzY3YTUxYzhmMmQ5MWQw
ZGJlOTRjMzk1NzA1YmRiMGFjMjkxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKCHn/dtTPQbvSbZE78pJIMK0zwql07Qu6XamII0XnWrt9tniuLOUTVtViWm
EwL1sOD88FeaKf7a/+uB6byiWOxw44Osp94VI2h25XBpKCrb8M3kNTDatxvnhafU
DwD9zrRPxexQ8eum2qCt9S0FW6ZcD5dQpdUFPhvIpk3+DlCBao/27wJ3lOUU453T
AhpoamFvJgwVFcVVt/xf3Bi8Zv5FbeUTNDXdGBqYWaR5ZC2zipwP1jiaaf5nqS7m
BEHXQXRFF7to8z4nCzt7iSBBrKn+fYx34J3t/aYNJNAjrjzKBnIQJeAnfTH23LQL
fK6b4SfDTs21lAN5aShj+kb4MZUCAwEAAaOCAiIwggIeMB0GA1UdDgQWBBStqeXU
2p16tjdrQ68wq9Tz6DYctzAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
YTk3MmZlOWItYzM5Zi00OGQxLThiMTktYzE0Y2JhZjE2MjM3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACABP8Ew
DQYJKoZIhvcNAQELBQADggEBAFJsA7Kzj9XG9uPM9DgSRxWrqBy4++HwLVgmYlB5
MXGo3eK+ziB6OPb/3HgPomQlEcn+iJanNBnp/b/2iyQSHXCrSl9xp1wxFGT6uEMe
DeMYt2igLf0mK0TNO3IyKtOmSyqtH1d2JU8TnXeMhU5m2PeIqj/HWmaEaCfwZk2/
bHEiOsg+YHr+bf86Xt2ySIHjaKOLV5KRL60nimXNm1wlg9INZ09CokZ/+BTsb2Gb
SzWkZO2TVVrvUFqpoT2GYFKWwAyfYsNJPcySdmuRAhNPD/WUIBdjuRCYK1J4GQmo
uDXzQ9ZcTdtWVy7+6UGzThMYT0Dbo+YDYSqErR4E99sYl8o=
-----END CERTIFICATE-----
Generated at Sun Sep 7 12:33:55 2025 by rpki-client