Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/d0cd9905-72c5-4ff9-98df-6b0d1c12a4c1.roa
File: d0cd9905-72c5-4ff9-98df-6b0d1c12a4c1.roa (raw, json)
Hash identifier: OHVKOspud1twrGfxPZmcI84a0aZoxLjiwdP1iUKNYDU=
Subject key identifier: 81:9E:DD:F7:79:EF:D4:0E:97:D9:35:95:C3:7D:40:86:25:2C:F8:EC
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 369B203381EB979759C464B69499820ADAA5ED92
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/d0cd9905-72c5-4ff9-98df-6b0d1c12a4c1.roa
Signing time: Wed 03 Sep 2025 00:20:40 +0000
ROA not before: Wed 03 Sep 2025 00:20:40 +0000
ROA not after: Wed 08 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc4::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 08 Sep 2025 05:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
36:9b:20:33:81:eb:97:97:59:c4:64:b6:94:99:82:0a:da:a5:ed:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Sep 3 00:20:40 2025 GMT
Not After : Oct 8 23:59:59 2025 GMT
Subject: serialNumber=1c47e8f63ede24e05970a2aaf5f5664d5a3cec8e8ac5673fb9f701d291129d99, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:e0:07:65:a0:3e:6d:59:19:ca:d7:28:8f:c1:
89:c4:97:20:26:fa:13:de:dc:85:fe:77:b8:27:d6:
79:0d:57:af:f8:7c:d1:92:70:44:c0:05:f3:5e:89:
98:bd:a1:8b:0e:15:c6:e1:31:54:72:20:c4:3e:e0:
e7:fd:28:e8:d2:09:7e:23:94:e5:f2:e3:7b:b5:40:
c3:f7:79:de:59:0e:b4:46:64:5f:45:74:23:bf:f3:
c3:3c:9b:12:bf:c3:09:bf:d3:84:f6:99:89:4e:5e:
73:17:db:ca:dc:ef:db:23:86:fd:08:12:4d:f9:ee:
63:bc:72:c2:7a:0e:e4:4e:57:8e:1b:d2:0c:19:04:
3f:35:58:19:d0:73:e2:66:36:19:5c:b1:71:6c:c1:
aa:ad:df:68:ab:18:4d:d2:33:c9:b8:54:77:63:1c:
0f:63:1a:2a:fb:42:eb:d1:cf:c9:56:b3:40:1d:f0:
c0:52:aa:e1:a9:b1:07:48:01:29:c1:20:54:59:de:
ec:74:6a:5a:ae:98:ac:20:a5:51:fe:08:48:27:eb:
14:78:4d:a7:f7:6c:8c:6f:ee:e7:f8:e6:99:70:93:
e0:2d:a4:77:9e:72:78:73:c8:c1:11:8a:46:59:be:
4f:16:1c:11:ed:dc:91:08:08:c1:c0:9b:b4:e4:89:
e1:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:9E:DD:F7:79:EF:D4:0E:97:D9:35:95:C3:7D:40:86:25:2C:F8:EC
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/d0cd9905-72c5-4ff9-98df-6b0d1c12a4c1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc4::/36
Signature Algorithm: sha256WithRSAEncryption
30:b3:fe:ec:49:84:62:40:93:89:bc:bf:29:ee:b5:57:92:73:
3d:5a:a9:bc:26:b4:b6:3b:66:52:a1:6d:a5:82:2e:dd:6f:32:
ee:e2:f7:3c:95:09:4c:a2:7c:df:e6:0d:3d:25:67:2a:7e:fc:
1e:65:3e:5f:3f:ba:5b:7c:e9:cc:35:31:7c:a6:fd:c2:a6:4b:
9d:0d:dd:2c:8d:68:ce:f7:4b:42:0e:35:ca:e4:e3:85:c2:2d:
84:1c:a1:ea:b1:95:f7:50:5e:54:d1:bd:d7:1d:f0:86:f1:9c:
69:27:5f:14:37:f6:28:53:91:bc:a1:d5:58:a6:ce:f7:80:e6:
44:fd:e9:cd:c6:04:f8:ae:b1:0b:e0:21:2b:b6:12:55:f8:27:
0c:53:12:c9:45:03:43:ee:25:7f:cc:a8:50:95:62:42:f1:a0:
10:1e:19:73:a3:c5:be:d3:c3:f3:34:f2:a2:43:f4:ec:2a:39:
d4:49:f8:77:2c:31:3c:c1:a5:4d:fb:86:49:f2:49:84:80:ab:
87:6b:1d:6b:48:a2:f1:37:67:2c:dd:79:13:6c:5e:b1:13:db:
a0:50:33:ee:6d:c9:a1:fc:fc:fb:06:48:9f:3d:71:ca:45:b1:
af:fc:b3:22:71:5e:2c:1f:11:43:d3:6f:60:39:e3:3f:06:7d:
19:c5:09:1f
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUNpsgM4Hrl5dZxGS2lJmCCtql7ZIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA5MDMwMDIwNDBaFw0yNTEwMDgyMzU5NTlaMHoxSTBHBgNV
BAUTQDFjNDdlOGY2M2VkZTI0ZTA1OTcwYTJhYWY1ZjU2NjRkNWEzY2VjOGU4YWM1
NjczZmI5ZjcwMWQyOTExMjlkOTkxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ3gB2WgPm1ZGcrXKI/BicSXICb6E97chf53uCfWeQ1Xr/h80ZJwRMAF816J
mL2hiw4VxuExVHIgxD7g5/0o6NIJfiOU5fLje7VAw/d53lkOtEZkX0V0I7/zwzyb
Er/DCb/ThPaZiU5ecxfbytzv2yOG/QgSTfnuY7xywnoO5E5XjhvSDBkEPzVYGdBz
4mY2GVyxcWzBqq3faKsYTdIzybhUd2McD2MaKvtC69HPyVazQB3wwFKq4amxB0gB
KcEgVFne7HRqWq6YrCClUf4ISCfrFHhNp/dsjG/u5/jmmXCT4C2kd55yeHPIwRGK
Rlm+TxYcEe3ckQgIwcCbtOSJ4VkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSBnt33
ee/UDpfZNZXDfUCGJSz47DAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
ZDBjZDk5MDUtNzJjNS00ZmY5LTk4ZGYtNmIwZDFjMTJhNGMxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCABP8QA
MA0GCSqGSIb3DQEBCwUAA4IBAQAws/7sSYRiQJOJvL8p7rVXknM9Wqm8JrS2O2ZS
oW2lgi7dbzLu4vc8lQlMonzf5g09JWcqfvweZT5fP7pbfOnMNTF8pv3CpkudDd0s
jWjO90tCDjXK5OOFwi2EHKHqsZX3UF5U0b3XHfCG8ZxpJ18UN/YoU5G8odVYps73
gOZE/enNxgT4rrEL4CErthJV+CcMUxLJRQND7iV/zKhQlWJC8aAQHhlzo8W+08Pz
NPKiQ/TsKjnUSfh3LDE8waVN+4ZJ8kmEgKuHax1rSKLxN2cs3XkTbF6xE9ugUDPu
bcmh/Pz7BkifPXHKRbGv/LMicV4sHxFD029gOeM/Bn0ZxQkf
-----END CERTIFICATE-----
Generated at Sun Sep 7 12:33:54 2025 by rpki-client