Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/de498a1d-80b4-453c-aa67-020204ad5b6b.roa
File: de498a1d-80b4-453c-aa67-020204ad5b6b.roa (raw, json)
Hash identifier: 75HrUvYb6RgJ8jUCIisYpyNjN+L00q+H1GYcFLeVo0w=
Subject key identifier: D4:DE:87:9F:7A:79:2D:7E:E0:04:CE:BD:68:9F:71:C2:A8:D9:70:92
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 086F569588245C1ECA3AAC762C34390C5B580ACD
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/de498a1d-80b4-453c-aa67-020204ad5b6b.roa
Signing time: Tue 02 Sep 2025 00:40:10 +0000
ROA not before: Tue 02 Sep 2025 00:40:10 +0000
ROA not after: Tue 07 Oct 2025 23:59:59 +0000
asID: 7224
IP address blocks: 2001:3fc7:d000::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 08 Sep 2025 07:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
08:6f:56:95:88:24:5c:1e:ca:3a:ac:76:2c:34:39:0c:5b:58:0a:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Sep 2 00:40:10 2025 GMT
Not After : Oct 7 23:59:59 2025 GMT
Subject: serialNumber=f914743ed2f285cb11acdfd6cfd6c84fb450c865ec8fa58a305a1dd815366df6, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:be:c3:5a:7d:ee:63:48:c1:55:4b:c6:8e:ef:
63:ad:5b:71:cf:07:60:d4:09:98:ea:ae:fd:81:a3:
68:89:e3:3f:63:13:8a:dd:06:8d:a1:2d:bf:7c:8d:
92:c1:b6:90:8e:69:07:1c:39:88:97:f2:40:cc:de:
ab:32:e3:d9:c0:91:de:00:a8:b9:07:09:ca:2a:f3:
50:67:dc:37:dd:3d:f8:2f:6a:7a:59:78:c0:b4:05:
9b:a4:75:bd:b7:22:80:4c:1a:a1:12:d5:5b:89:f4:
a5:fb:f6:cf:0d:81:92:e4:66:b3:b6:95:fb:82:8b:
8c:27:77:63:b5:7c:22:58:8e:09:2e:f9:6b:60:02:
6d:b9:09:64:10:71:4a:6e:c9:c3:b7:23:35:9d:30:
57:04:db:2c:3d:62:8d:d8:58:f5:9e:aa:cc:0d:93:
ad:0f:6a:64:d2:90:b2:70:42:f2:49:3d:1c:f6:b0:
01:9a:d3:33:48:b7:98:e0:ae:a6:d3:40:eb:32:a5:
c2:ab:77:3d:cb:ba:22:0e:68:24:c6:61:7e:10:ba:
4a:7d:3a:67:c1:24:6b:ba:02:d0:d1:9e:cd:76:ad:
08:eb:f7:33:76:0d:b7:3e:5a:a6:52:68:fb:49:f1:
79:a9:4d:4d:79:b9:30:90:7e:b0:0f:96:e2:c6:95:
a5:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:DE:87:9F:7A:79:2D:7E:E0:04:CE:BD:68:9F:71:C2:A8:D9:70:92
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/de498a1d-80b4-453c-aa67-020204ad5b6b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc7:d000::/36
Signature Algorithm: sha256WithRSAEncryption
52:47:53:a0:f0:ee:51:41:5e:4e:94:f2:7a:66:b3:65:6f:15:
88:99:6b:87:29:1f:83:64:df:d9:d2:ee:1c:d5:e9:fb:96:a3:
e0:aa:ae:23:74:be:b1:59:0b:df:51:79:fe:b3:24:4e:81:52:
1f:db:09:a7:8e:0f:91:3b:a7:51:99:3f:01:a5:9d:63:1d:d1:
f4:0a:f7:59:b4:00:d1:94:55:1d:fa:b8:58:a7:5d:2a:a7:1a:
87:58:57:75:d4:7e:49:cb:c4:ba:f6:6b:d0:c2:bb:c6:8c:fd:
a2:5e:02:97:b5:e4:9c:0e:b8:60:35:7f:32:3d:db:49:8e:50:
84:fc:84:3d:0e:1d:ef:98:74:92:53:8e:74:3f:9b:cd:2f:84:
eb:12:17:df:94:6d:f4:53:0f:0e:4c:a3:e9:a1:f2:b5:f1:c6:
e4:99:f0:4c:f9:b2:f9:2a:bc:0c:9d:c1:c5:e4:1a:5b:eb:d2:
1b:89:b9:1a:b0:f9:95:49:bd:27:5a:3d:e5:cb:bc:35:52:99:
60:d5:51:76:75:9d:56:47:ca:5f:0d:72:28:5e:d2:43:db:de:
d6:6f:52:cc:4f:3a:51:b3:dc:f4:22:ba:d8:f3:98:d6:d6:9d:
68:1a:fb:29:83:66:b0:ca:19:b3:5d:14:41:60:e4:58:7e:e1:
af:39:7e:b6
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUCG9WlYgkXB7KOqx2LDQ5DFtYCs0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA5MDIwMDQwMTBaFw0yNTEwMDcyMzU5NTlaMHoxSTBHBgNV
BAUTQGY5MTQ3NDNlZDJmMjg1Y2IxMWFjZGZkNmNmZDZjODRmYjQ1MGM4NjVlYzhm
YTU4YTMwNWExZGQ4MTUzNjZkZjYxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALS+w1p97mNIwVVLxo7vY61bcc8HYNQJmOqu/YGjaInjP2MTit0GjaEtv3yN
ksG2kI5pBxw5iJfyQMzeqzLj2cCR3gCouQcJyirzUGfcN909+C9qell4wLQFm6R1
vbcigEwaoRLVW4n0pfv2zw2BkuRms7aV+4KLjCd3Y7V8IliOCS75a2ACbbkJZBBx
Sm7Jw7cjNZ0wVwTbLD1ijdhY9Z6qzA2TrQ9qZNKQsnBC8kk9HPawAZrTM0i3mOCu
ptNA6zKlwqt3Pcu6Ig5oJMZhfhC6Sn06Z8Eka7oC0NGezXatCOv3M3YNtz5aplJo
+0nxealNTXm5MJB+sA+W4saVpTMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTU3oef
enktfuAEzr1on3HCqNlwkjAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
ZGU0OThhMWQtODBiNC00NTNjLWFhNjctMDIwMjA0YWQ1YjZiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCABP8fQ
MA0GCSqGSIb3DQEBCwUAA4IBAQBSR1Og8O5RQV5OlPJ6ZrNlbxWImWuHKR+DZN/Z
0u4c1en7lqPgqq4jdL6xWQvfUXn+syROgVIf2wmnjg+RO6dRmT8BpZ1jHdH0CvdZ
tADRlFUd+rhYp10qpxqHWFd11H5Jy8S69mvQwrvGjP2iXgKXteScDrhgNX8yPdtJ
jlCE/IQ9Dh3vmHSSU450P5vNL4TrEhfflG30Uw8OTKPpofK18cbkmfBM+bL5KrwM
ncHF5Bpb69IbibkasPmVSb0nWj3ly7w1Uplg1VF2dZ1WR8pfDXIoXtJD297Wb1LM
TzpRs9z0IrrY85jW1p1oGvspg2awyhmzXRRBYORYfuGvOX62
-----END CERTIFICATE-----
Generated at Sun Sep 7 13:45:23 2025 by rpki-client