Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/e8f1c1f7-8389-4faf-87c9-f4a180e7bcdc.roa
File: e8f1c1f7-8389-4faf-87c9-f4a180e7bcdc.roa (raw, json)
Hash identifier: xOQWwHoJygnEGZs2c7hRcyFXVLoxMRtiK0A+1ByIImE=
Subject key identifier: 63:DE:C3:A7:F1:9B:73:C5:86:9E:ED:14:56:66:FC:F4:D1:9E:2E:04
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 3F7F2AEA6B38B267CD4B6F6584DB4A919BF539BB
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/e8f1c1f7-8389-4faf-87c9-f4a180e7bcdc.roa
Signing time: Wed 03 Sep 2025 00:20:44 +0000
ROA not before: Wed 03 Sep 2025 00:20:44 +0000
ROA not after: Wed 08 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc5:8000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 08 Sep 2025 05:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3f:7f:2a:ea:6b:38:b2:67:cd:4b:6f:65:84:db:4a:91:9b:f5:39:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Sep 3 00:20:44 2025 GMT
Not After : Oct 8 23:59:59 2025 GMT
Subject: serialNumber=c5003d2e2b4390ceb1abd6b54a36463f1299e97d7df9eaa0dff5588ca0401c86, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:57:2e:6c:d9:7c:ef:37:68:37:4c:2d:21:40:
8c:f8:a2:18:5e:b8:79:67:cc:8a:13:e0:30:f8:62:
63:c2:22:4d:7d:9b:8e:e1:55:ea:73:5e:cf:93:cd:
b8:be:c5:0d:85:36:49:ad:42:8c:8c:02:f7:16:bf:
ca:e9:8f:bf:93:7a:af:1b:dd:09:24:a7:a2:34:1a:
e3:53:42:6a:5b:f4:c4:4b:8a:c1:2f:e3:9a:f2:05:
58:10:da:17:4c:50:11:17:3f:2e:1d:58:0f:3e:bf:
55:9d:e3:8b:67:6c:09:04:80:17:d5:2f:8a:78:49:
ba:9d:58:d9:d2:ce:95:83:77:3a:33:a2:a0:ae:27:
f7:d2:94:09:8d:df:e3:cb:a0:f7:7b:c3:5e:60:1f:
b8:33:9d:93:c5:14:c9:d9:fd:dc:35:6d:69:fa:67:
45:d4:4b:f6:ec:66:30:99:a3:57:41:06:48:11:82:
9f:7f:6e:b4:6b:34:d4:d1:9e:60:51:b4:08:ef:46:
5b:23:76:d5:58:58:47:ac:0a:16:04:5f:d0:b8:d5:
73:50:9c:04:29:86:cf:b9:9f:73:a2:8c:2e:e3:53:
a9:7d:cb:2c:88:c1:17:b2:34:c7:0f:24:1e:ee:bb:
39:df:ba:a4:b7:a9:72:35:c4:52:a2:21:92:df:6e:
71:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:DE:C3:A7:F1:9B:73:C5:86:9E:ED:14:56:66:FC:F4:D1:9E:2E:04
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/e8f1c1f7-8389-4faf-87c9-f4a180e7bcdc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc5:8000::/36
Signature Algorithm: sha256WithRSAEncryption
63:da:04:0e:37:56:25:2a:bb:3a:cc:e3:c6:75:13:2a:35:44:
4d:b3:01:a8:35:15:e6:8f:e2:85:76:b1:c4:f9:28:74:c5:b7:
77:a4:8f:02:d1:99:ba:7b:8d:62:dd:3a:c1:cb:db:38:ea:f0:
ae:35:b4:ae:ca:4d:61:4e:05:26:b0:3a:14:2f:df:b6:c4:f5:
05:98:5f:37:e7:e4:cd:77:1d:5c:31:6a:ac:a5:cd:36:1b:15:
a8:a7:e0:12:27:94:d8:b5:0b:eb:5d:77:5b:5e:b6:76:31:a7:
79:13:ad:70:3e:86:5e:0e:d7:4d:c3:16:d5:f5:bb:3f:de:cb:
f6:71:8d:68:0b:5f:42:47:96:a2:65:04:1b:a9:e0:1e:32:74:
26:82:85:7c:05:27:b9:2a:81:78:73:53:3e:7a:f1:de:6c:d9:
28:12:a9:80:30:63:df:52:9d:cc:8a:08:6f:f6:42:9e:49:d6:
62:8d:3c:6a:1d:3a:54:01:01:f1:69:80:cc:5b:a9:46:7b:21:
53:c5:b1:59:00:ab:b3:a8:3e:ff:21:0f:73:0c:35:c3:df:19:
8a:98:9c:87:c7:64:99:89:55:33:58:42:9e:94:aa:76:53:23:
5a:f1:5c:82:0f:62:a8:e8:4c:b8:3c:cb:05:69:72:d2:b8:a1:
11:a4:e1:bc
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUP38q6ms4smfNS29lhNtKkZv1ObswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA5MDMwMDIwNDRaFw0yNTEwMDgyMzU5NTlaMHoxSTBHBgNV
BAUTQGM1MDAzZDJlMmI0MzkwY2ViMWFiZDZiNTRhMzY0NjNmMTI5OWU5N2Q3ZGY5
ZWFhMGRmZjU1ODhjYTA0MDFjODYxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKxXLmzZfO83aDdMLSFAjPiiGF64eWfMihPgMPhiY8IiTX2bjuFV6nNez5PN
uL7FDYU2Sa1CjIwC9xa/yumPv5N6rxvdCSSnojQa41NCalv0xEuKwS/jmvIFWBDa
F0xQERc/Lh1YDz6/VZ3ji2dsCQSAF9UvinhJup1Y2dLOlYN3OjOioK4n99KUCY3f
48ug93vDXmAfuDOdk8UUydn93DVtafpnRdRL9uxmMJmjV0EGSBGCn39utGs01NGe
YFG0CO9GWyN21VhYR6wKFgRf0LjVc1CcBCmGz7mfc6KMLuNTqX3LLIjBF7I0xw8k
Hu67Od+6pLepcjXEUqIhkt9ucaUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRj3sOn
8ZtzxYae7RRWZvz00Z4uBDAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
ZThmMWMxZjctODM4OS00ZmFmLTg3YzktZjRhMTgwZTdiY2RjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCABP8WA
MA0GCSqGSIb3DQEBCwUAA4IBAQBj2gQON1YlKrs6zOPGdRMqNURNswGoNRXmj+KF
drHE+Sh0xbd3pI8C0Zm6e41i3TrBy9s46vCuNbSuyk1hTgUmsDoUL9+2xPUFmF83
5+TNdx1cMWqspc02GxWop+ASJ5TYtQvrXXdbXrZ2Mad5E61wPoZeDtdNwxbV9bs/
3sv2cY1oC19CR5aiZQQbqeAeMnQmgoV8BSe5KoF4c1M+evHebNkoEqmAMGPfUp3M
ighv9kKeSdZijTxqHTpUAQHxaYDMW6lGeyFTxbFZAKuzqD7/IQ9zDDXD3xmKmJyH
x2SZiVUzWEKelKp2UyNa8VyCD2Ko6Ey4PMsFaXLSuKERpOG8
-----END CERTIFICATE-----
Generated at Sun Sep 7 12:33:47 2025 by rpki-client