Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/bfd462bd-2e1f-485f-aa9c-e7e0c0bcb690.roa
File: bfd462bd-2e1f-485f-aa9c-e7e0c0bcb690.roa (raw, json)
Hash identifier: h1QaVaXnm03RzMuTJYSbzUoSkILyDnY0ea0Y6HhItz4=
Subject key identifier: D7:B5:30:A3:5B:B6:31:87:D5:23:96:92:77:05:F1:8C:23:79:C9:11
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 220A1B2C0A62AC748AB9AB6759277C91E7CBF0B6
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/bfd462bd-2e1f-485f-aa9c-e7e0c0bcb690.roa
Signing time: Wed 03 Sep 2025 00:20:44 +0000
ROA not before: Wed 03 Sep 2025 00:20:44 +0000
ROA not after: Wed 08 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc7:a000::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 08 Sep 2025 05:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
22:0a:1b:2c:0a:62:ac:74:8a:b9:ab:67:59:27:7c:91:e7:cb:f0:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Sep 3 00:20:44 2025 GMT
Not After : Oct 8 23:59:59 2025 GMT
Subject: serialNumber=19fc9977a3fab7d8b376df014d567a0a82b511708ef46bf4072a5296d6554988, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:f7:14:db:85:da:f2:90:c3:29:11:f9:9c:83:
76:e9:1b:1f:96:82:bd:19:39:88:52:78:47:c3:2c:
52:89:a2:53:19:fb:66:30:ab:9e:fa:a5:40:7d:10:
8e:88:92:a4:4f:c2:8b:99:f7:2f:c0:d5:f6:ad:4f:
d5:e8:a9:4f:6d:b7:79:6e:a0:e4:29:18:9d:9c:4c:
51:10:93:ef:43:0b:70:79:68:a2:f3:42:9d:04:7c:
5e:8b:97:c4:ff:f6:db:54:69:25:2a:42:9e:80:40:
7f:ab:bb:3b:03:38:aa:43:e5:02:e1:ae:db:b1:ce:
e9:5f:4f:0e:b1:a6:b4:42:31:44:85:8b:ef:b9:be:
e5:78:10:1a:2a:77:2a:2c:d7:96:a1:85:58:ed:26:
48:3a:3a:04:09:0f:ac:b0:fb:26:a5:7e:28:4a:06:
70:87:d8:3d:dd:d6:36:5b:fa:8e:f2:bd:80:34:3f:
17:8b:d5:2c:5e:80:21:b8:77:0a:91:d7:e1:44:89:
fb:68:d6:89:50:83:8a:d5:bc:2f:85:c1:c2:9e:a8:
c2:30:1e:d4:a9:43:7d:94:6c:b7:8b:01:4f:30:5d:
2f:b1:21:bc:62:63:3b:ed:b1:f9:a8:2a:e1:0f:f9:
f8:35:39:c1:1b:6f:6f:be:a2:a2:6c:c6:0b:9a:58:
d0:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:B5:30:A3:5B:B6:31:87:D5:23:96:92:77:05:F1:8C:23:79:C9:11
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/bfd462bd-2e1f-485f-aa9c-e7e0c0bcb690.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc7:a000::/36
Signature Algorithm: sha256WithRSAEncryption
8c:7f:6e:01:c4:28:bc:20:66:be:3a:cc:9e:34:61:2d:d5:5a:
cd:2b:02:b3:8e:9e:94:20:92:03:3c:47:13:5a:fe:a8:3e:61:
33:6f:7d:2a:99:a0:df:62:2e:ca:42:55:39:dd:a1:53:c8:47:
8d:61:d1:0b:f9:9c:e4:28:01:66:a5:7e:d8:e8:2b:db:bc:ad:
10:b4:0e:72:b4:4a:c3:9a:f5:e7:04:a8:b8:d9:47:5c:c9:a2:
68:e4:6d:7e:d4:62:5f:0c:84:b6:8a:85:de:47:9a:cb:b3:dc:
4a:ca:67:d4:45:e3:cf:32:14:62:58:98:73:27:5c:a6:5a:a9:
79:72:51:05:6d:27:84:5b:5c:f6:0a:a6:8b:77:21:af:96:e1:
87:05:79:27:86:fb:16:5c:00:dd:b9:59:d5:82:29:72:cc:c9:
dd:87:95:13:2d:b9:06:a9:3d:49:e2:ec:8a:9f:8c:71:cc:2a:
a7:d0:d6:8f:8b:ae:b9:f1:a0:09:de:88:df:55:34:d5:e9:02:
93:c3:a2:71:be:60:5f:58:2a:4e:58:3b:e9:2a:16:bd:c1:6b:
c7:d6:43:62:54:57:1c:da:0d:41:f5:99:e5:d1:b4:64:8c:6c:
cb:9d:a7:98:e0:c8:ad:24:49:24:70:14:d9:c4:86:57:26:0a:
b2:a6:90:04
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUIgobLApirHSKuatnWSd8kefL8LYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA5MDMwMDIwNDRaFw0yNTEwMDgyMzU5NTlaMHoxSTBHBgNV
BAUTQDE5ZmM5OTc3YTNmYWI3ZDhiMzc2ZGYwMTRkNTY3YTBhODJiNTExNzA4ZWY0
NmJmNDA3MmE1Mjk2ZDY1NTQ5ODgxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAI73FNuF2vKQwykR+ZyDdukbH5aCvRk5iFJ4R8MsUomiUxn7ZjCrnvqlQH0Q
joiSpE/Ci5n3L8DV9q1P1eipT223eW6g5CkYnZxMURCT70MLcHloovNCnQR8XouX
xP/221RpJSpCnoBAf6u7OwM4qkPlAuGu27HO6V9PDrGmtEIxRIWL77m+5XgQGip3
KizXlqGFWO0mSDo6BAkPrLD7JqV+KEoGcIfYPd3WNlv6jvK9gDQ/F4vVLF6AIbh3
CpHX4USJ+2jWiVCDitW8L4XBwp6owjAe1KlDfZRst4sBTzBdL7EhvGJjO+2x+agq
4Q/5+DU5wRtvb76iomzGC5pY0H8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTXtTCj
W7Yxh9UjlpJ3BfGMI3nJETAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
YmZkNDYyYmQtMmUxZi00ODVmLWFhOWMtZTdlMGMwYmNiNjkwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCABP8eg
MA0GCSqGSIb3DQEBCwUAA4IBAQCMf24BxCi8IGa+OsyeNGEt1VrNKwKzjp6UIJID
PEcTWv6oPmEzb30qmaDfYi7KQlU53aFTyEeNYdEL+ZzkKAFmpX7Y6CvbvK0QtA5y
tErDmvXnBKi42UdcyaJo5G1+1GJfDIS2ioXeR5rLs9xKymfURePPMhRiWJhzJ1ym
Wql5clEFbSeEW1z2CqaLdyGvluGHBXknhvsWXADduVnVgilyzMndh5UTLbkGqT1J
4uyKn4xxzCqn0NaPi6658aAJ3ojfVTTV6QKTw6JxvmBfWCpOWDvpKha9wWvH1kNi
VFcc2g1B9Znl0bRkjGzLnaeY4MitJEkkcBTZxIZXJgqyppAE
-----END CERTIFICATE-----
Generated at Sun Sep 7 12:33:51 2025 by rpki-client