Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/c2e3ffab-b8ab-476f-9c6e-5e4842d705f6.roa
File: c2e3ffab-b8ab-476f-9c6e-5e4842d705f6.roa (raw, json)
Hash identifier: nHxUV8mO1aoZLlthe/67k1sJ2RuWyUsGuBH/a1g5rn8=
Subject key identifier: 01:43:FB:00:C1:CF:A5:83:EB:78:B2:E9:D8:7F:49:8E:18:CA:6C:47
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 79392776155DB06F35ABC3A42E07B917814E5C24
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/c2e3ffab-b8ab-476f-9c6e-5e4842d705f6.roa
Signing time: Wed 03 Sep 2025 00:21:17 +0000
ROA not before: Wed 03 Sep 2025 00:21:17 +0000
ROA not after: Wed 08 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc7:1800::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 08 Sep 2025 05:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
79:39:27:76:15:5d:b0:6f:35:ab:c3:a4:2e:07:b9:17:81:4e:5c:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Sep 3 00:21:17 2025 GMT
Not After : Oct 8 23:59:59 2025 GMT
Subject: serialNumber=97f26c0a34091d7a90fa4ec017875bdbfdc57b5e69c77c1cc39b925b4d9db70e, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:a1:a0:c2:07:cb:c4:d8:1c:67:24:d9:d9:08:
04:6a:94:d0:cc:07:8d:3a:6f:30:43:7b:c8:5b:4a:
85:2f:cd:1e:7b:42:68:3d:ec:28:35:92:ad:00:31:
a3:02:96:26:b3:29:22:0d:3a:2e:91:0e:28:f9:f0:
b7:16:e0:6d:a4:4e:73:4a:f5:fe:9f:70:1f:8d:5a:
2a:00:31:c3:b6:74:21:31:01:7d:50:97:d6:70:b2:
06:5b:73:b7:f6:96:57:5f:b5:bf:73:88:e8:aa:63:
29:5a:61:30:65:ef:cc:25:49:90:ae:f2:ea:e5:fc:
01:06:6f:f9:6b:5d:d3:9f:64:8a:97:bd:aa:d6:20:
32:40:8b:b1:13:ff:7a:d2:47:95:1d:60:74:68:37:
19:c3:bc:b0:a3:97:a0:cf:c1:93:55:19:0b:8d:d5:
44:36:46:18:ff:2e:2e:1c:ea:54:21:4c:99:33:d1:
0d:2c:aa:f2:7f:e0:f2:1e:ff:69:a6:12:fd:5a:25:
62:92:37:90:c1:a7:cd:44:7d:90:b3:dc:33:6a:b9:
d1:68:34:72:98:1f:c5:e5:d9:18:49:a5:4c:19:85:
92:c2:65:e4:c6:17:a0:7a:26:07:23:3b:fd:05:65:
65:72:16:ee:3d:0c:08:09:68:a4:1b:0d:d6:b3:06:
b1:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:43:FB:00:C1:CF:A5:83:EB:78:B2:E9:D8:7F:49:8E:18:CA:6C:47
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/c2e3ffab-b8ab-476f-9c6e-5e4842d705f6.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc7:1800::/40
Signature Algorithm: sha256WithRSAEncryption
08:dd:f7:b5:34:66:c0:6b:73:ac:a3:b5:af:38:8d:db:c6:03:
ec:c8:c3:d6:c6:6a:2a:e2:ff:d7:d7:5b:31:12:39:c4:3c:74:
98:e9:86:71:2d:b5:f5:ee:c8:6b:af:3f:98:a8:e4:c9:5f:75:
0a:20:ed:6a:bb:e3:26:da:fd:fe:96:21:b9:f3:30:56:c9:34:
c2:0f:e9:81:de:9e:34:d4:df:01:db:e1:23:9e:7a:3d:22:44:
ff:4a:6d:dd:a3:d8:48:c7:6c:fe:3c:54:14:c7:89:e7:c0:58:
f1:0f:ab:93:43:8b:f2:f1:45:43:cf:f6:18:a5:9b:b2:d4:dc:
a4:51:98:5c:89:e5:4c:db:43:12:3d:34:da:02:6d:a9:da:06:
bc:6d:42:1b:85:9a:47:39:16:0e:46:a6:83:41:91:0b:c9:2b:
b5:21:88:97:0b:0f:32:04:58:ca:f2:89:74:7c:fc:3b:5b:2b:
83:2b:25:b1:8a:4f:19:7b:18:df:9c:d7:7b:9f:6b:86:02:9d:
9a:d3:58:3d:35:48:ad:57:52:8e:16:69:c6:c6:36:ac:30:72:
eb:bd:17:4d:10:d7:22:0e:39:69:d8:6a:d3:f5:7c:19:9d:99:
31:30:d7:c8:e4:32:d8:e1:e2:2a:25:8a:30:6f:6f:9b:56:0c:
1c:ca:b6:21
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUeTkndhVdsG81q8OkLge5F4FOXCQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA5MDMwMDIxMTdaFw0yNTEwMDgyMzU5NTlaMHoxSTBHBgNV
BAUTQDk3ZjI2YzBhMzQwOTFkN2E5MGZhNGVjMDE3ODc1YmRiZmRjNTdiNWU2OWM3
N2MxY2MzOWI5MjViNGQ5ZGI3MGUxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOehoMIHy8TYHGck2dkIBGqU0MwHjTpvMEN7yFtKhS/NHntCaD3sKDWSrQAx
owKWJrMpIg06LpEOKPnwtxbgbaROc0r1/p9wH41aKgAxw7Z0ITEBfVCX1nCyBltz
t/aWV1+1v3OI6KpjKVphMGXvzCVJkK7y6uX8AQZv+Wtd059kipe9qtYgMkCLsRP/
etJHlR1gdGg3GcO8sKOXoM/Bk1UZC43VRDZGGP8uLhzqVCFMmTPRDSyq8n/g8h7/
aaYS/VolYpI3kMGnzUR9kLPcM2q50Wg0cpgfxeXZGEmlTBmFksJl5MYXoHomByM7
/QVlZXIW7j0MCAlopBsN1rMGsfkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQBQ/sA
wc+lg+t4sunYf0mOGMpsRzAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
YzJlM2ZmYWItYjhhYi00NzZmLTljNmUtNWU0ODQyZDcwNWY2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACABP8cY
MA0GCSqGSIb3DQEBCwUAA4IBAQAI3fe1NGbAa3Oso7WvOI3bxgPsyMPWxmoq4v/X
11sxEjnEPHSY6YZxLbX17shrrz+YqOTJX3UKIO1qu+Mm2v3+liG58zBWyTTCD+mB
3p401N8B2+Ejnno9IkT/Sm3do9hIx2z+PFQUx4nnwFjxD6uTQ4vy8UVDz/YYpZuy
1NykUZhcieVM20MSPTTaAm2p2ga8bUIbhZpHORYORqaDQZELySu1IYiXCw8yBFjK
8ol0fPw7WyuDKyWxik8ZexjfnNd7n2uGAp2a01g9NUitV1KOFmnGxjasMHLrvRdN
ENciDjlp2GrT9XwZnZkxMNfI5DLY4eIqJYowb2+bVgwcyrYh
-----END CERTIFICATE-----
Generated at Sun Sep 7 12:33:52 2025 by rpki-client