Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/d0c16247-cad2-4748-8340-6fe2e6d8ce6f.roa
File: d0c16247-cad2-4748-8340-6fe2e6d8ce6f.roa (raw, json)
Hash identifier: A0+g7gM9+yKqAMTvWhiGyW10wQqfdEtNL1IDTPr8vXY=
Subject key identifier: 72:68:54:4C:3D:4D:D1:DC:36:54:38:C8:E1:97:51:CE:5A:F7:3B:6F
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 7C8507393A6F343563E1131987BE142DDEFDFAC7
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/d0c16247-cad2-4748-8340-6fe2e6d8ce6f.roa
Signing time: Wed 03 Sep 2025 00:21:04 +0000
ROA not before: Wed 03 Sep 2025 00:21:04 +0000
ROA not after: Wed 08 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc3:800::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 08 Sep 2025 05:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7c:85:07:39:3a:6f:34:35:63:e1:13:19:87:be:14:2d:de:fd:fa:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Sep 3 00:21:04 2025 GMT
Not After : Oct 8 23:59:59 2025 GMT
Subject: serialNumber=bf665976774ca2a6d8a679edcb0648c3f79ebd8b08a86fee79b85f44a16cdb9a, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:04:1d:19:67:11:12:45:c2:03:7c:37:63:70:
d3:e6:99:4b:9e:c4:7d:15:c2:6b:7f:5d:6c:e6:b7:
9d:57:ee:58:57:53:80:ae:12:4b:d1:dc:8d:dc:cb:
5c:b5:af:9b:7d:05:eb:11:3f:fd:51:2d:97:20:c7:
66:53:e5:d8:21:da:60:d7:3c:0a:6d:72:6c:6b:17:
ec:1d:41:35:aa:90:90:3f:1e:0f:27:7d:ba:07:22:
54:6e:73:46:4c:8c:34:0a:30:3f:4e:46:02:a2:c9:
4f:70:33:58:f6:dc:bd:a0:61:31:85:81:d4:7b:71:
c4:b1:3d:44:5f:cc:a0:ad:34:79:33:18:6b:3e:0c:
7d:05:09:5f:37:46:bb:b7:d2:b2:38:01:02:fb:c7:
15:7e:99:63:c6:14:d2:5e:b4:68:24:f0:61:50:83:
dc:c6:e8:13:65:79:69:ad:cb:e7:9f:ec:8c:56:38:
a6:da:5d:93:6a:1a:e0:28:6a:34:e9:43:a1:17:ad:
9b:e9:58:04:43:da:8b:d1:19:de:a0:25:fb:12:54:
c0:91:75:8b:50:0d:1f:e1:e4:fc:62:8e:67:70:31:
49:f7:b5:41:a1:dc:e7:02:78:e3:4c:29:d1:bd:73:
5a:9e:c6:af:17:dc:f6:0e:ee:69:9e:88:9f:7b:03:
a4:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:68:54:4C:3D:4D:D1:DC:36:54:38:C8:E1:97:51:CE:5A:F7:3B:6F
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/d0c16247-cad2-4748-8340-6fe2e6d8ce6f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc3:800::/40
Signature Algorithm: sha256WithRSAEncryption
73:8d:af:5b:c6:4c:2d:b0:22:51:ab:4d:42:89:f7:1b:ad:5a:
1b:d0:f3:11:6a:5e:58:52:32:ca:cd:2a:93:1d:8d:ab:bc:13:
49:79:06:b2:fa:5d:c2:db:f0:d7:4b:ce:a0:c7:67:3e:25:6f:
57:df:c6:af:24:94:23:d8:c8:3d:28:d0:37:0b:5b:ff:50:73:
20:59:20:27:9e:1e:12:7c:e8:44:16:cd:19:1b:51:a1:d8:34:
ec:22:2b:e5:3a:18:19:fb:18:9d:22:c6:58:70:29:73:de:b0:
52:38:fc:e3:38:bb:e5:51:18:1b:4c:c6:8e:0c:7e:cf:ed:0c:
34:9d:93:8e:67:1b:3e:11:14:70:20:aa:dc:f1:77:8a:a3:ca:
02:0c:ad:1d:98:49:f9:46:32:b0:c9:03:56:e5:0c:be:46:cd:
8d:24:0a:95:40:42:56:2c:a9:83:87:8a:f4:d8:b5:b6:67:3f:
4f:67:5b:7b:51:c1:93:4b:53:91:61:b6:4b:8a:df:c1:76:3b:
34:55:81:c3:ba:7a:c5:c7:1a:0e:c3:1a:78:29:36:cf:54:d5:
f7:9a:7b:22:fc:f4:d6:c8:db:fb:32:e4:a0:f8:11:dc:b3:03:
de:3a:1d:be:20:92:24:6c:72:60:7d:18:08:1b:ca:94:1d:36:
4d:fe:40:3b
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUfIUHOTpvNDVj4RMZh74ULd79+scwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA5MDMwMDIxMDRaFw0yNTEwMDgyMzU5NTlaMHoxSTBHBgNV
BAUTQGJmNjY1OTc2Nzc0Y2EyYTZkOGE2NzllZGNiMDY0OGMzZjc5ZWJkOGIwOGE4
NmZlZTc5Yjg1ZjQ0YTE2Y2RiOWExLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMEEHRlnERJFwgN8N2Nw0+aZS57EfRXCa39dbOa3nVfuWFdTgK4SS9HcjdzL
XLWvm30F6xE//VEtlyDHZlPl2CHaYNc8Cm1ybGsX7B1BNaqQkD8eDyd9ugciVG5z
RkyMNAowP05GAqLJT3AzWPbcvaBhMYWB1HtxxLE9RF/MoK00eTMYaz4MfQUJXzdG
u7fSsjgBAvvHFX6ZY8YU0l60aCTwYVCD3MboE2V5aa3L55/sjFY4ptpdk2oa4Chq
NOlDoRetm+lYBEPai9EZ3qAl+xJUwJF1i1ANH+Hk/GKOZ3AxSfe1QaHc5wJ440wp
0b1zWp7Grxfc9g7uaZ6In3sDpKkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRyaFRM
PU3R3DZUOMjhl1HOWvc7bzAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
ZDBjMTYyNDctY2FkMi00NzQ4LTgzNDAtNmZlMmU2ZDhjZTZmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACABP8MI
MA0GCSqGSIb3DQEBCwUAA4IBAQBzja9bxkwtsCJRq01CifcbrVob0PMRal5YUjLK
zSqTHY2rvBNJeQay+l3C2/DXS86gx2c+JW9X38avJJQj2Mg9KNA3C1v/UHMgWSAn
nh4SfOhEFs0ZG1Gh2DTsIivlOhgZ+xidIsZYcClz3rBSOPzjOLvlURgbTMaODH7P
7Qw0nZOOZxs+ERRwIKrc8XeKo8oCDK0dmEn5RjKwyQNW5Qy+Rs2NJAqVQEJWLKmD
h4r02LW2Zz9PZ1t7UcGTS1ORYbZLit/Bdjs0VYHDunrFxxoOwxp4KTbPVNX3mnsi
/PTWyNv7MuSg+BHcswPeOh2+IJIkbHJgfRgIG8qUHTZN/kA7
-----END CERTIFICATE-----
Generated at Sun Sep 7 12:33:48 2025 by rpki-client