Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/cd8f07c9-abc1-41dd-bad4-c7e5bf0bd4c5.roa
File: cd8f07c9-abc1-41dd-bad4-c7e5bf0bd4c5.roa (raw, json)
Hash identifier: UkzNH9EFuzh+jqTkOqXEi33B36lWsOHQI1sNUbtonE8=
Subject key identifier: 4C:34:CF:29:47:C0:60:2D:A4:F0:CD:6C:CD:F3:6D:9A:BD:F5:2C:79
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 6A60D32D85F3D9CD7AE77631B372CB6DB41034C3
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/cd8f07c9-abc1-41dd-bad4-c7e5bf0bd4c5.roa
Signing time: Wed 03 Sep 2025 00:20:41 +0000
ROA not before: Wed 03 Sep 2025 00:20:41 +0000
ROA not after: Wed 08 Oct 2025 23:59:59 +0000
asID: 8987
IP address blocks: 2001:3fc4::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 08 Sep 2025 07:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6a:60:d3:2d:85:f3:d9:cd:7a:e7:76:31:b3:72:cb:6d:b4:10:34:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Sep 3 00:20:41 2025 GMT
Not After : Oct 8 23:59:59 2025 GMT
Subject: serialNumber=bfaa316d8eeee838d6f7ea6219aef349ca0454a75092d1b72d776485a1dbbd50, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:a6:48:f1:5c:6d:4a:b2:cf:96:2b:36:b3:97:
f7:7f:5c:34:2a:07:19:ec:0b:55:e0:1a:e2:a9:bd:
2a:2e:cb:40:9e:85:0c:8f:9e:29:d8:cb:9f:c1:e3:
46:90:a3:f6:e8:36:21:f9:20:5c:43:69:ef:1e:fc:
e4:ef:25:54:76:fe:e3:f5:fa:d2:e3:fe:f5:8d:ad:
03:92:93:fb:51:9c:d6:b9:dd:e1:39:56:73:f4:24:
45:ce:94:97:12:b4:4f:8c:d8:8c:2d:eb:a0:43:aa:
cc:6a:de:9b:b6:6d:c0:2e:2c:42:29:91:46:52:bf:
c0:6f:da:18:ea:e5:c5:cf:a5:79:7b:17:50:56:c4:
1a:b2:c0:c0:92:3e:64:43:fb:fe:52:83:53:42:5b:
4e:e6:3f:24:3e:fa:f3:5e:3c:49:c3:32:dd:99:fe:
c3:b8:cf:69:90:69:28:0d:d0:e5:c7:7b:92:a2:6f:
a6:79:bb:cb:a7:b8:d0:63:a3:f0:fe:7f:e4:46:7c:
c8:66:96:0f:b2:78:da:be:44:dc:0c:2a:f2:72:89:
98:f5:fe:f2:8a:3a:a4:bc:93:8e:84:e4:ab:fd:db:
ed:ef:09:bb:b0:22:63:d9:a9:47:c2:7a:81:39:2a:
a4:68:7a:28:50:a5:64:9e:c2:02:c1:d5:e0:35:bf:
7b:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:34:CF:29:47:C0:60:2D:A4:F0:CD:6C:CD:F3:6D:9A:BD:F5:2C:79
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/cd8f07c9-abc1-41dd-bad4-c7e5bf0bd4c5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc4::/36
Signature Algorithm: sha256WithRSAEncryption
30:ab:3a:58:4a:a5:2e:d3:92:b2:24:8c:60:6b:9f:14:99:28:
22:28:01:df:cd:e0:08:85:61:e0:c7:8a:53:91:63:80:83:7f:
bc:79:a9:52:76:af:e4:86:01:12:88:5a:03:52:7d:4c:83:53:
0b:92:ce:e6:9d:33:fa:9a:a0:dd:e3:98:10:61:c9:dd:c7:4c:
e9:b5:4a:4c:78:dd:86:f7:59:c8:67:46:84:90:9f:2f:cc:a5:
6c:dd:75:13:97:ea:4f:af:d9:de:23:dc:04:5b:e6:96:42:df:
03:1b:6a:bf:2f:94:12:93:6f:f9:77:a8:fe:ae:1a:91:20:21:
9f:94:e7:53:d7:f9:15:d5:43:ac:c9:56:20:c3:09:51:4f:dc:
5e:16:6d:7f:d2:74:05:f3:34:6d:a6:fe:48:c0:08:88:16:42:
0e:79:a0:9c:19:71:25:cb:80:e6:1f:de:af:d9:34:a8:9a:d4:
f2:ec:84:5e:08:75:15:28:c0:ce:26:ab:26:1a:49:a2:43:2e:
79:2e:a7:86:58:35:0a:3b:35:b7:39:b0:32:b7:6b:3a:97:70:
b8:e7:26:fc:59:5b:b9:3d:f6:e4:cb:7b:b0:ed:24:d9:3f:67:
5b:f8:41:cf:67:f6:3f:01:e0:69:0d:c2:fa:b2:4f:19:2d:7c:
af:13:b1:85
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUamDTLYXz2c1653Yxs3LLbbQQNMMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA5MDMwMDIwNDFaFw0yNTEwMDgyMzU5NTlaMHoxSTBHBgNV
BAUTQGJmYWEzMTZkOGVlZWU4MzhkNmY3ZWE2MjE5YWVmMzQ5Y2EwNDU0YTc1MDky
ZDFiNzJkNzc2NDg1YTFkYmJkNTAxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMWmSPFcbUqyz5YrNrOX939cNCoHGewLVeAa4qm9Ki7LQJ6FDI+eKdjLn8Hj
RpCj9ug2IfkgXENp7x785O8lVHb+4/X60uP+9Y2tA5KT+1Gc1rnd4TlWc/QkRc6U
lxK0T4zYjC3roEOqzGrem7ZtwC4sQimRRlK/wG/aGOrlxc+leXsXUFbEGrLAwJI+
ZEP7/lKDU0JbTuY/JD768148ScMy3Zn+w7jPaZBpKA3Q5cd7kqJvpnm7y6e40GOj
8P5/5EZ8yGaWD7J42r5E3Awq8nKJmPX+8oo6pLyTjoTkq/3b7e8Ju7AiY9mpR8J6
gTkqpGh6KFClZJ7CAsHV4DW/e2ECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRMNM8p
R8BgLaTwzWzN822avfUseTAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
Y2Q4ZjA3YzktYWJjMS00MWRkLWJhZDQtYzdlNWJmMGJkNGM1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCABP8QA
MA0GCSqGSIb3DQEBCwUAA4IBAQAwqzpYSqUu05KyJIxga58UmSgiKAHfzeAIhWHg
x4pTkWOAg3+8ealSdq/khgESiFoDUn1Mg1MLks7mnTP6mqDd45gQYcndx0zptUpM
eN2G91nIZ0aEkJ8vzKVs3XUTl+pPr9neI9wEW+aWQt8DG2q/L5QSk2/5d6j+rhqR
ICGflOdT1/kV1UOsyVYgwwlRT9xeFm1/0nQF8zRtpv5IwAiIFkIOeaCcGXEly4Dm
H96v2TSomtTy7IReCHUVKMDOJqsmGkmiQy55LqeGWDUKOzW3ObAyt2s6l3C45yb8
WVu5Pfbky3uw7STZP2db+EHPZ/Y/AeBpDcL6sk8ZLXyvE7GF
-----END CERTIFICATE-----
Generated at Sun Sep 7 13:45:31 2025 by rpki-client