Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/bb926853-f3ad-4f1a-b024-12b34c55d5bc.roa
File: bb926853-f3ad-4f1a-b024-12b34c55d5bc.roa (raw, json)
Hash identifier: ryCNqL8JX1173Up0Y3JQr+W+t4pALsCdxYnNfttY2mI=
Subject key identifier: 42:F1:82:7F:19:C5:B6:6A:B0:8D:A7:13:D5:AB:44:4C:3B:10:2B:63
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 48AE63427590893C2E1A04437F96D4EA5D793E2F
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/bb926853-f3ad-4f1a-b024-12b34c55d5bc.roa
Signing time: Wed 03 Sep 2025 00:20:14 +0000
ROA not before: Wed 03 Sep 2025 00:20:14 +0000
ROA not after: Wed 08 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc7:f880::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 08 Sep 2025 05:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
48:ae:63:42:75:90:89:3c:2e:1a:04:43:7f:96:d4:ea:5d:79:3e:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Sep 3 00:20:14 2025 GMT
Not After : Oct 8 23:59:59 2025 GMT
Subject: serialNumber=0fae12c0bde64837fe358f0268f66a7171e31425370e43d79d1048ed404592d0, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:e4:14:c6:9b:7d:3b:bf:eb:0e:c5:86:c8:7e:
29:e6:ba:d4:f9:30:b5:70:ce:45:70:c2:4d:f2:8c:
b8:d6:6c:26:81:b4:dc:e2:e8:99:53:26:0c:d1:d1:
1e:42:d8:90:39:9d:fb:7d:a3:c2:e9:f2:4a:78:0f:
c5:2e:35:1b:72:14:4f:8e:56:2b:5b:69:9c:21:f3:
29:0f:ca:79:73:80:da:fa:f4:2f:b3:95:69:96:da:
1b:38:77:b2:92:74:25:b4:c2:f4:0c:40:7e:07:4d:
67:b3:32:df:aa:07:61:06:8e:e4:c3:52:a1:27:86:
6a:71:61:1c:87:d7:90:7d:a6:e7:b1:48:e4:17:4a:
38:79:6f:a1:4e:dc:1c:8a:c6:be:d9:3c:7e:37:73:
5d:3a:60:ee:b9:46:1c:4d:d0:3e:3e:bc:1c:2a:c0:
2c:aa:aa:af:73:b2:48:b9:e7:b4:51:85:60:d2:9d:
d8:9c:46:88:a7:c2:b4:b8:b0:47:45:20:cd:f6:1f:
b5:3b:69:2b:1e:c1:12:07:36:02:c7:bd:05:2c:0f:
fc:b1:eb:42:bc:73:e3:75:16:6c:10:0f:9b:c4:44:
90:60:8e:fa:65:ee:ec:a8:d1:f2:07:b5:50:b2:e6:
0b:c4:3a:e9:e8:f9:a4:b8:f5:df:56:ee:45:d0:f8:
5d:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:F1:82:7F:19:C5:B6:6A:B0:8D:A7:13:D5:AB:44:4C:3B:10:2B:63
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/bb926853-f3ad-4f1a-b024-12b34c55d5bc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc7:f880::/48
Signature Algorithm: sha256WithRSAEncryption
62:ec:65:d0:0b:f3:ed:ad:08:9b:04:8f:e2:62:e8:48:7a:19:
82:9e:23:15:12:60:19:93:49:f6:c7:3a:ba:e1:b3:be:8d:43:
17:61:93:69:3a:c1:39:f3:d5:b8:de:11:8d:43:aa:77:6b:7a:
65:d8:0c:ad:00:8f:1d:1b:51:3e:78:91:b3:ea:4b:00:9a:c4:
b2:db:71:38:44:96:b3:72:60:a6:49:d4:a0:08:c3:1f:f8:1f:
0b:e1:97:4f:a9:dc:49:f7:b0:af:67:3c:af:12:90:61:12:1d:
b4:81:52:4f:bb:ac:6a:9d:6a:31:b1:57:e0:39:67:52:75:6c:
52:d7:55:0e:83:4f:bc:89:b8:f0:f7:58:99:bf:2a:e6:04:1c:
e0:6b:c2:ff:ae:f8:1e:27:e8:36:72:a9:7f:a8:04:20:8c:fc:
e5:01:b6:21:3e:9d:4a:cb:f0:8c:06:11:fc:47:ba:cf:a7:32:
70:39:b0:56:df:e8:1c:06:5f:ed:b2:60:ce:08:85:9f:71:16:
19:f9:a2:31:ea:22:18:a4:86:36:3a:6c:61:ab:3f:d5:de:cf:
12:59:06:4a:e1:2d:af:ac:9d:c4:74:0c:ad:d9:c8:c3:7b:70:
b0:0d:3e:40:b4:cd:e9:26:1b:2c:84:ba:84:ed:f7:6e:34:ee:
58:92:86:ef
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUSK5jQnWQiTwuGgRDf5bU6l15Pi8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA5MDMwMDIwMTRaFw0yNTEwMDgyMzU5NTlaMHoxSTBHBgNV
BAUTQDBmYWUxMmMwYmRlNjQ4MzdmZTM1OGYwMjY4ZjY2YTcxNzFlMzE0MjUzNzBl
NDNkNzlkMTA0OGVkNDA0NTkyZDAxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJLkFMabfTu/6w7Fhsh+Kea61PkwtXDORXDCTfKMuNZsJoG03OLomVMmDNHR
HkLYkDmd+32jwunySngPxS41G3IUT45WK1tpnCHzKQ/KeXOA2vr0L7OVaZbaGzh3
spJ0JbTC9AxAfgdNZ7My36oHYQaO5MNSoSeGanFhHIfXkH2m57FI5BdKOHlvoU7c
HIrGvtk8fjdzXTpg7rlGHE3QPj68HCrALKqqr3OySLnntFGFYNKd2JxGiKfCtLiw
R0UgzfYftTtpKx7BEgc2Ase9BSwP/LHrQrxz43UWbBAPm8REkGCO+mXu7KjR8ge1
ULLmC8Q66ej5pLj131buRdD4XasCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRC8YJ/
GcW2arCNpxPVq0RMOxArYzAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
YmI5MjY4NTMtZjNhZC00ZjFhLWIwMjQtMTJiMzRjNTVkNWJjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACABP8f4
gDANBgkqhkiG9w0BAQsFAAOCAQEAYuxl0Avz7a0ImwSP4mLoSHoZgp4jFRJgGZNJ
9sc6uuGzvo1DF2GTaTrBOfPVuN4RjUOqd2t6ZdgMrQCPHRtRPniRs+pLAJrEsttx
OESWs3JgpknUoAjDH/gfC+GXT6ncSfewr2c8rxKQYRIdtIFST7usap1qMbFX4Dln
UnVsUtdVDoNPvIm48PdYmb8q5gQc4GvC/674HifoNnKpf6gEIIz85QG2IT6dSsvw
jAYR/Ee6z6cycDmwVt/oHAZf7bJgzgiFn3EWGfmiMeoiGKSGNjpsYas/1d7PElkG
SuEtr6ydxHQMrdnIw3twsA0+QLTN6SYbLIS6hO33bjTuWJKG7w==
-----END CERTIFICATE-----
Generated at Sun Sep 7 12:33:48 2025 by rpki-client