Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/ccefeaa3-50fd-4fb5-a0d6-682ea894c5e1.roa
File: ccefeaa3-50fd-4fb5-a0d6-682ea894c5e1.roa (raw, json)
Hash identifier: wf2LLA3TOpFlwFnoaGeRF+h0CmRjFSzXQXhTCtEpgW8=
Subject key identifier: DB:4E:E0:8C:75:DE:77:36:A2:86:48:EE:D0:47:BF:36:75:F6:4D:37
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 6B2E2BC50CCCE157ACAA4D095F47E5385A3A41A2
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/ccefeaa3-50fd-4fb5-a0d6-682ea894c5e1.roa
Signing time: Wed 03 Sep 2025 00:20:17 +0000
ROA not before: Wed 03 Sep 2025 00:20:17 +0000
ROA not after: Wed 08 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc7:5800::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 08 Sep 2025 05:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6b:2e:2b:c5:0c:cc:e1:57:ac:aa:4d:09:5f:47:e5:38:5a:3a:41:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Sep 3 00:20:17 2025 GMT
Not After : Oct 8 23:59:59 2025 GMT
Subject: serialNumber=efdf9529136d65ee9953ef29d9e1f0c0d2687977786cfdac35d467f5c320e3f8, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:95:21:69:68:8f:b9:26:05:7a:07:2d:dc:c9:
fe:15:08:a7:7a:4e:36:fb:1b:fa:41:f8:7f:78:c9:
01:81:b4:53:b1:6f:c9:8b:79:ca:86:98:84:39:0a:
ee:46:fd:56:a2:b6:84:9e:ed:e0:0f:fb:ab:0b:86:
8f:a9:2c:4d:3a:90:d8:d2:76:45:df:8f:47:87:04:
b1:cc:64:89:05:42:40:e7:b6:4e:67:4e:b3:b3:c1:
90:48:eb:9a:4f:1a:79:40:86:e0:f2:a0:84:c2:8b:
86:04:5b:4a:3f:76:3e:a4:4c:b6:95:be:9c:fc:bb:
1a:31:f1:d1:65:45:c2:8a:ec:3c:b0:b0:6d:8f:28:
78:a4:19:ae:9e:de:ea:51:8e:97:24:99:17:b5:4f:
36:11:fc:26:f3:df:96:4a:c0:42:be:55:4f:f9:09:
47:c0:ed:b1:55:c7:72:89:ba:15:18:4c:5b:2a:3d:
6f:44:8d:78:ad:52:f9:ad:90:d5:d8:e1:0e:c9:3b:
99:c2:4b:cf:ec:ea:9d:f9:72:28:0e:bc:da:86:eb:
76:4d:dd:3d:69:37:91:9b:7a:3f:30:b9:bc:cc:de:
96:35:7b:24:6a:e8:96:a5:aa:5e:18:01:40:87:73:
68:50:d2:e2:44:97:9d:c6:c5:c3:dd:e9:2d:bc:0c:
69:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:4E:E0:8C:75:DE:77:36:A2:86:48:EE:D0:47:BF:36:75:F6:4D:37
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/ccefeaa3-50fd-4fb5-a0d6-682ea894c5e1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc7:5800::/40
Signature Algorithm: sha256WithRSAEncryption
67:e4:f6:04:0d:e1:90:19:26:90:70:df:76:b0:ce:ce:07:59:
25:da:9b:4b:65:5b:42:12:d2:2f:8f:3c:0a:88:3a:f4:de:1b:
b7:5f:83:d4:e8:58:3a:24:6e:7a:d8:49:8a:67:ad:df:bd:2b:
6a:4c:44:2b:de:9e:5f:86:45:d7:a4:28:b6:3d:b2:32:a8:98:
d0:80:0b:d5:08:9a:59:27:42:b5:97:6b:a2:cd:0e:d1:a4:50:
36:84:0e:88:dd:9b:0c:38:7a:c4:0d:de:54:d3:f8:bf:d0:03:
5d:c6:dd:43:1b:be:7e:50:65:b1:a7:b0:ed:0a:7d:32:74:6a:
08:cf:d5:a0:ab:1d:bd:ff:6b:af:d7:66:ae:f1:9c:41:4c:d9:
75:8b:89:02:d6:27:00:fd:dd:e1:4f:70:6f:4e:db:9a:1f:ad:
93:81:69:b6:73:65:ec:c3:89:b0:d7:d6:64:f3:7b:47:a1:8e:
9b:46:07:68:88:d0:f1:15:6a:ed:1c:b4:80:92:85:31:d3:0c:
67:17:cf:91:12:ce:1a:95:95:04:ed:73:7d:90:6c:29:12:cb:
35:6e:69:05:9d:cf:4a:4b:09:d0:ce:7b:b9:9b:6c:79:b9:37:
81:04:1b:b5:dc:4c:b5:e6:27:d0:13:85:8b:ad:36:6c:e6:9b:
c4:d0:95:22
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUay4rxQzM4Vesqk0JX0flOFo6QaIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA5MDMwMDIwMTdaFw0yNTEwMDgyMzU5NTlaMHoxSTBHBgNV
BAUTQGVmZGY5NTI5MTM2ZDY1ZWU5OTUzZWYyOWQ5ZTFmMGMwZDI2ODc5Nzc3ODZj
ZmRhYzM1ZDQ2N2Y1YzMyMGUzZjgxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM2VIWloj7kmBXoHLdzJ/hUIp3pONvsb+kH4f3jJAYG0U7FvyYt5yoaYhDkK
7kb9VqK2hJ7t4A/7qwuGj6ksTTqQ2NJ2Rd+PR4cEscxkiQVCQOe2TmdOs7PBkEjr
mk8aeUCG4PKghMKLhgRbSj92PqRMtpW+nPy7GjHx0WVFworsPLCwbY8oeKQZrp7e
6lGOlySZF7VPNhH8JvPflkrAQr5VT/kJR8DtsVXHcom6FRhMWyo9b0SNeK1S+a2Q
1djhDsk7mcJLz+zqnflyKA682obrdk3dPWk3kZt6PzC5vMzeljV7JGrolqWqXhgB
QIdzaFDS4kSXncbFw93pLbwMaT0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTbTuCM
dd53NqKGSO7QR782dfZNNzAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
Y2NlZmVhYTMtNTBmZC00ZmI1LWEwZDYtNjgyZWE4OTRjNWUxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACABP8dY
MA0GCSqGSIb3DQEBCwUAA4IBAQBn5PYEDeGQGSaQcN92sM7OB1kl2ptLZVtCEtIv
jzwKiDr03hu3X4PU6Fg6JG562EmKZ63fvStqTEQr3p5fhkXXpCi2PbIyqJjQgAvV
CJpZJ0K1l2uizQ7RpFA2hA6I3ZsMOHrEDd5U0/i/0ANdxt1DG75+UGWxp7DtCn0y
dGoIz9Wgqx29/2uv12au8ZxBTNl1i4kC1icA/d3hT3BvTtuaH62TgWm2c2Xsw4mw
19Zk83tHoY6bRgdoiNDxFWrtHLSAkoUx0wxnF8+REs4alZUE7XN9kGwpEss1bmkF
nc9KSwnQznu5m2x5uTeBBBu13Ey15ifQE4WLrTZs5pvE0JUi
-----END CERTIFICATE-----
Generated at Sun Sep 7 12:33:51 2025 by rpki-client