Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/e1d00d70-da0c-4922-8124-95401dba4efc.roa
File: e1d00d70-da0c-4922-8124-95401dba4efc.roa (raw, json)
Hash identifier: HuU3hLWgW+VQ2OrHNrKCXwojj39dkOcJHUZoCGtd+9E=
Subject key identifier: D1:68:0B:3B:2C:18:E6:4B:65:30:D0:34:09:A0:F8:85:BC:50:1E:5E
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 4C1514E50E295698F10BA4E0FCE5F2BE8F3478CF
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/e1d00d70-da0c-4922-8124-95401dba4efc.roa
Signing time: Wed 03 Sep 2025 00:20:10 +0000
ROA not before: Wed 03 Sep 2025 00:20:10 +0000
ROA not after: Wed 08 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc7:f8c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 08 Sep 2025 05:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4c:15:14:e5:0e:29:56:98:f1:0b:a4:e0:fc:e5:f2:be:8f:34:78:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Sep 3 00:20:10 2025 GMT
Not After : Oct 8 23:59:59 2025 GMT
Subject: serialNumber=9b75a4367175cbafa344070eb5daeafca4865b1838fd05c335481fbee155d951, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:70:a9:72:f6:b1:37:0d:44:6c:8c:7d:a0:25:
be:72:52:31:d1:de:2e:8c:fa:11:32:36:8d:50:4a:
2f:51:f7:ec:c0:d3:b8:0e:53:12:b2:84:1e:73:5c:
f4:53:cc:d0:bd:85:14:e0:f6:00:c9:6c:fb:ed:5c:
6f:44:52:a8:8a:44:d7:7f:ca:ef:3a:1b:7e:8c:98:
78:0d:38:dc:09:ba:82:ed:fc:14:74:c8:1c:9e:76:
40:6b:fb:b6:26:1f:fa:30:b6:ea:d3:53:d0:80:c6:
d0:8e:30:65:74:82:66:1b:8e:2b:48:bb:1f:11:11:
61:ce:dc:80:d9:96:b6:ce:0d:1e:d7:db:dc:0d:fa:
31:3d:60:67:5b:75:a6:2f:25:28:2c:62:a9:fd:bd:
a9:67:a7:7f:63:01:37:c0:88:5c:7c:c2:2b:97:98:
9c:10:03:2b:ee:2a:88:51:ef:0d:80:c7:15:60:be:
ae:dd:d6:db:45:d6:24:99:41:36:38:c4:11:de:70:
fb:49:8e:0c:a2:62:26:89:1b:08:5e:cc:4e:03:45:
dc:94:fe:22:11:50:07:7a:bf:d5:41:2e:ec:db:7c:
d4:25:9e:9c:cf:06:ef:d9:94:f8:d8:e0:00:cc:3c:
77:e5:a5:ca:fa:49:6d:64:67:fb:e6:e7:a3:29:c6:
b6:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:68:0B:3B:2C:18:E6:4B:65:30:D0:34:09:A0:F8:85:BC:50:1E:5E
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/e1d00d70-da0c-4922-8124-95401dba4efc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc7:f8c0::/48
Signature Algorithm: sha256WithRSAEncryption
59:c8:99:c2:1a:6f:47:3d:cb:01:97:a2:2e:f3:f8:ad:14:73:
85:80:e5:c7:67:d7:f1:9b:b7:07:f6:c1:04:96:b8:f3:38:61:
d1:49:40:af:d3:29:4f:c5:ec:df:6a:95:09:0e:d8:3b:6a:c4:
e2:80:fc:bf:c1:9a:a2:b9:62:0e:fa:5d:09:4b:cb:8a:80:d8:
5f:c1:88:63:56:40:7a:02:a3:9a:d9:9e:11:bf:47:5f:aa:ed:
b4:0c:c6:a2:bd:bf:4c:8e:23:30:b3:ec:d7:8b:95:02:08:41:
15:28:b9:9b:63:29:9e:bb:53:ae:1a:6c:03:84:99:26:58:65:
ce:e7:8a:d3:c3:03:85:88:4d:35:f7:30:55:c7:ed:3f:23:0e:
2e:ca:e2:85:ba:02:98:f7:9a:94:41:c0:64:19:ed:00:09:2e:
c9:70:02:d5:c1:ee:d8:a1:b1:7b:81:26:dd:24:19:67:6d:59:
36:f7:bd:ae:f0:d6:a8:9c:e7:cd:8c:00:08:72:8c:b4:3a:0c:
d4:71:fb:da:44:bb:b2:b3:7c:7e:cb:c3:f7:b8:ea:37:c9:04:
c4:82:c2:17:30:1d:60:09:7d:25:e7:b6:e8:8d:21:ba:65:0d:
99:f9:58:7a:07:8a:96:b3:08:44:7a:3b:5a:36:03:a4:81:a1:
1d:3c:9d:7d
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUTBUU5Q4pVpjxC6Tg/OXyvo80eM8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA5MDMwMDIwMTBaFw0yNTEwMDgyMzU5NTlaMHoxSTBHBgNV
BAUTQDliNzVhNDM2NzE3NWNiYWZhMzQ0MDcwZWI1ZGFlYWZjYTQ4NjViMTgzOGZk
MDVjMzM1NDgxZmJlZTE1NWQ5NTExLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJJwqXL2sTcNRGyMfaAlvnJSMdHeLoz6ETI2jVBKL1H37MDTuA5TErKEHnNc
9FPM0L2FFOD2AMls++1cb0RSqIpE13/K7zobfoyYeA043Am6gu38FHTIHJ52QGv7
tiYf+jC26tNT0IDG0I4wZXSCZhuOK0i7HxERYc7cgNmWts4NHtfb3A36MT1gZ1t1
pi8lKCxiqf29qWenf2MBN8CIXHzCK5eYnBADK+4qiFHvDYDHFWC+rt3W20XWJJlB
NjjEEd5w+0mODKJiJokbCF7MTgNF3JT+IhFQB3q/1UEu7Nt81CWenM8G79mU+Njg
AMw8d+WlyvpJbWRn++bnoynGtpUCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTRaAs7
LBjmS2Uw0DQJoPiFvFAeXjAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
ZTFkMDBkNzAtZGEwYy00OTIyLTgxMjQtOTU0MDFkYmE0ZWZjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACABP8f4
wDANBgkqhkiG9w0BAQsFAAOCAQEAWciZwhpvRz3LAZeiLvP4rRRzhYDlx2fX8Zu3
B/bBBJa48zhh0UlAr9MpT8Xs32qVCQ7YO2rE4oD8v8GaorliDvpdCUvLioDYX8GI
Y1ZAegKjmtmeEb9HX6rttAzGor2/TI4jMLPs14uVAghBFSi5m2MpnrtTrhpsA4SZ
JlhlzueK08MDhYhNNfcwVcftPyMOLsrihboCmPealEHAZBntAAkuyXAC1cHu2KGx
e4Em3SQZZ21ZNve9rvDWqJznzYwACHKMtDoM1HH72kS7srN8fsvD97jqN8kExILC
FzAdYAl9Jee26I0humUNmflYegeKlrMIRHo7WjYDpIGhHTydfQ==
-----END CERTIFICATE-----
Generated at Sun Sep 7 12:33:50 2025 by rpki-client