Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/c9fc58bf-3415-4839-940e-603e1b7d42f6.roa
File: c9fc58bf-3415-4839-940e-603e1b7d42f6.roa (raw, json)
Hash identifier: rx4dBgH6LZEJhaP4K5c9i4yvroccAzGXsyMhUDXaiEc=
Subject key identifier: 35:40:84:B1:6C:CD:54:8F:26:33:1B:2B:96:0A:2F:A8:C8:F4:2F:FD
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 595A03A08BCC1204407F12364D8EBA4D51502903
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/c9fc58bf-3415-4839-940e-603e1b7d42f6.roa
Signing time: Wed 03 Sep 2025 00:30:10 +0000
ROA not before: Wed 03 Sep 2025 00:30:10 +0000
ROA not after: Wed 08 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc7:e000::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 08 Sep 2025 05:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
59:5a:03:a0:8b:cc:12:04:40:7f:12:36:4d:8e:ba:4d:51:50:29:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Sep 3 00:30:10 2025 GMT
Not After : Oct 8 23:59:59 2025 GMT
Subject: serialNumber=439767ba769f5ed164953484bc2ba02892d0e4c5e6d8727c9a935b96fcb6d93a, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:f1:68:ff:34:e6:dd:5b:1c:8a:e1:c1:70:3b:
83:8a:84:dd:20:e2:17:16:bd:94:d6:51:5f:bb:24:
31:b6:28:2e:90:78:d1:fc:b7:e6:92:18:f8:33:b6:
95:5d:e1:07:16:97:99:74:1f:4c:30:9d:17:37:c5:
78:5a:6b:13:98:d8:90:a4:28:88:e1:08:c4:99:ab:
7c:55:a5:b7:1b:18:02:20:75:3b:3f:67:c1:9d:f0:
2f:e1:3f:4c:06:bf:bd:3c:68:a5:37:80:ba:76:39:
98:fd:2c:6b:f0:58:63:01:78:b1:81:db:67:fb:4a:
06:2e:4d:47:70:82:ee:37:6b:1d:df:2d:14:05:8a:
4b:31:39:10:87:30:2d:8a:b7:b2:b5:c3:34:43:aa:
e6:69:fc:ef:70:a9:d6:82:05:ac:ec:f6:75:94:80:
66:5d:36:bd:d6:10:a1:f0:87:8b:88:1b:59:e7:c1:
7b:4a:20:7f:73:de:ca:22:d6:f0:7d:bb:02:a1:97:
cf:bc:47:c4:c5:fa:7f:0e:2f:8a:96:9e:28:62:a7:
8a:11:7f:40:2e:09:66:68:a7:d8:db:bc:fb:20:80:
51:2e:2d:22:b8:2c:37:2e:8b:2c:f2:ef:da:0f:ac:
75:04:fe:9a:e3:26:42:d2:3b:5b:12:64:25:c4:63:
e3:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:40:84:B1:6C:CD:54:8F:26:33:1B:2B:96:0A:2F:A8:C8:F4:2F:FD
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/c9fc58bf-3415-4839-940e-603e1b7d42f6.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc7:e000::/36
Signature Algorithm: sha256WithRSAEncryption
00:9f:dd:1e:db:7a:31:4d:2c:5d:5e:9d:41:3f:e3:d7:ce:1f:
7f:d2:c0:f5:9f:b8:4b:9a:53:ff:67:76:a7:cb:de:cc:dd:c0:
e0:64:10:e3:5d:82:f3:1c:fd:0f:23:52:43:6b:15:18:aa:f2:
79:b2:6b:2b:c3:3b:0f:71:48:37:d4:08:f4:3e:1a:09:cc:c7:
f4:17:36:77:0e:97:3e:0b:56:44:42:40:34:1e:8b:2e:d6:5c:
72:47:3e:b6:74:c1:c2:ed:07:42:37:65:39:ab:19:28:bd:6c:
e2:1a:f6:90:d5:03:bf:59:2d:10:5f:17:1a:8e:b2:8a:d9:f4:
0c:42:43:dd:5b:45:2f:bc:ff:39:fa:98:d4:85:1d:ac:f8:e4:
0f:47:e9:e7:db:90:ee:0a:a5:25:70:4a:fe:5e:a1:ff:e8:61:
c8:6f:ca:92:08:85:44:ea:6d:bc:be:07:d1:ee:eb:8a:51:f8:
bd:2e:51:cc:5b:19:44:1b:59:fa:0a:1a:0b:26:a0:95:3d:71:
dc:35:80:a8:e8:d1:82:58:fa:4f:cb:14:63:18:b6:2f:4d:8f:
be:f4:ca:12:35:bc:bd:c3:99:a2:81:b0:1f:3d:14:c1:20:c0:
a5:a6:1c:d1:65:f3:80:07:20:7c:9c:eb:d7:31:a6:19:70:0e:
df:cd:d0:21
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUWVoDoIvMEgRAfxI2TY66TVFQKQMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA5MDMwMDMwMTBaFw0yNTEwMDgyMzU5NTlaMHoxSTBHBgNV
BAUTQDQzOTc2N2JhNzY5ZjVlZDE2NDk1MzQ4NGJjMmJhMDI4OTJkMGU0YzVlNmQ4
NzI3YzlhOTM1Yjk2ZmNiNmQ5M2ExLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANTxaP805t1bHIrhwXA7g4qE3SDiFxa9lNZRX7skMbYoLpB40fy35pIY+DO2
lV3hBxaXmXQfTDCdFzfFeFprE5jYkKQoiOEIxJmrfFWltxsYAiB1Oz9nwZ3wL+E/
TAa/vTxopTeAunY5mP0sa/BYYwF4sYHbZ/tKBi5NR3CC7jdrHd8tFAWKSzE5EIcw
LYq3srXDNEOq5mn873Cp1oIFrOz2dZSAZl02vdYQofCHi4gbWefBe0ogf3PeyiLW
8H27AqGXz7xHxMX6fw4vipaeKGKnihF/QC4JZmin2Nu8+yCAUS4tIrgsNy6LLPLv
2g+sdQT+muMmQtI7WxJkJcRj47cCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQ1QISx
bM1UjyYzGyuWCi+oyPQv/TAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
YzlmYzU4YmYtMzQxNS00ODM5LTk0MGUtNjAzZTFiN2Q0MmY2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCABP8fg
MA0GCSqGSIb3DQEBCwUAA4IBAQAAn90e23oxTSxdXp1BP+PXzh9/0sD1n7hLmlP/
Z3any97M3cDgZBDjXYLzHP0PI1JDaxUYqvJ5smsrwzsPcUg31Aj0PhoJzMf0FzZ3
Dpc+C1ZEQkA0Hosu1lxyRz62dMHC7QdCN2U5qxkovWziGvaQ1QO/WS0QXxcajrKK
2fQMQkPdW0UvvP85+pjUhR2s+OQPR+nn25DuCqUlcEr+XqH/6GHIb8qSCIVE6m28
vgfR7uuKUfi9LlHMWxlEG1n6ChoLJqCVPXHcNYCo6NGCWPpPyxRjGLYvTY++9MoS
Nby9w5migbAfPRTBIMClphzRZfOAByB8nOvXMaYZcA7fzdAh
-----END CERTIFICATE-----
Generated at Sun Sep 7 12:33:48 2025 by rpki-client