Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/5f56f4ae-d187-4a43-b0c2-afd02c09dd64.roa
File: 5f56f4ae-d187-4a43-b0c2-afd02c09dd64.roa (raw, json)
Hash identifier: NnoV8g0Yw1KChX1VSvFmW+lbQ4kYIiVpySwFK2vU170=
Subject key identifier: BC:99:66:25:A2:22:61:1B:68:95:64:87:9D:CE:23:4F:50:56:56:F7
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 73473D4341750252251A57509E9009FC4A9BC302
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/5f56f4ae-d187-4a43-b0c2-afd02c09dd64.roa
Signing time: Fri 01 Aug 2025 17:20:03 +0000
ROA not before: Fri 01 Aug 2025 17:20:03 +0000
ROA not after: Fri 05 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc6:100::/44 maxlen: 44
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 12:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
73:47:3d:43:41:75:02:52:25:1a:57:50:9e:90:09:fc:4a:9b:c3:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Aug 1 17:20:03 2025 GMT
Not After : Sep 5 23:59:59 2025 GMT
Subject: serialNumber=8a3f419c623651a26fac284c2407e76b77967d91e8a010b2d75138f3fdd25c18, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:52:8e:ac:81:5e:ad:1d:d9:d6:71:e6:00:47:
4e:62:9b:e6:24:a6:9d:99:62:95:1f:8c:be:42:53:
c5:c5:6c:26:c3:c9:21:14:8e:92:cc:be:85:48:5b:
38:bb:69:08:4e:23:fa:01:65:3d:2f:61:2c:1c:c3:
ab:0b:1a:70:1b:72:0f:05:8f:b3:04:cc:84:48:88:
90:8f:b8:39:6b:b7:78:e4:96:e7:e3:cc:15:e2:ed:
ab:fc:53:65:51:c0:63:c9:ba:53:78:d2:55:05:a9:
a0:a5:df:f2:78:bc:4d:78:55:a8:81:c6:27:21:d9:
7b:73:e1:b8:20:6a:03:f1:c8:b6:72:96:4d:ba:39:
5c:aa:84:86:c6:11:eb:0b:7d:8c:6d:1b:7d:48:60:
cb:8d:f6:8e:a2:c1:01:a4:7e:93:79:96:e2:f8:99:
d4:11:36:d4:cc:0d:95:72:ff:8c:0d:5d:ea:38:44:
a7:af:8a:aa:92:bc:f0:f9:46:44:1d:b8:e3:e8:15:
6d:81:c9:88:2b:12:b3:94:41:66:a5:1b:1e:34:af:
c7:50:27:21:32:ee:db:91:8e:c4:6a:69:8a:b7:1b:
6a:c3:0a:cb:4e:6a:22:cd:d9:c5:ab:1e:78:6c:26:
1b:94:d5:f7:d1:d9:f7:1d:5b:0a:3d:0b:bd:b2:57:
a7:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:99:66:25:A2:22:61:1B:68:95:64:87:9D:CE:23:4F:50:56:56:F7
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/5f56f4ae-d187-4a43-b0c2-afd02c09dd64.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc6:100::/44
Signature Algorithm: sha256WithRSAEncryption
4b:9a:96:af:b3:5a:fd:71:ce:8c:bd:e9:36:96:e7:45:86:b8:
e9:e0:fc:1c:f9:bd:f5:ef:4a:4f:b2:b3:0d:ef:5b:c0:98:e9:
d6:ef:fe:9b:4d:c4:08:b0:1b:ef:02:07:5e:ae:d8:9e:93:c0:
e9:70:9e:b5:17:2f:ae:2a:af:4b:8b:50:09:2d:c5:c1:cf:3a:
a1:d6:63:ce:37:89:bd:36:09:58:fe:b7:65:c7:0a:f7:ab:98:
99:02:03:f9:b9:f6:f2:34:a5:d9:f5:6c:eb:c8:85:cd:7a:db:
ea:21:05:ca:30:94:91:73:12:23:e3:c2:80:b5:0a:87:29:c8:
ce:13:a5:ca:3c:d9:86:5c:29:5a:c1:fb:49:75:f2:6e:2f:37:
65:37:94:23:4d:40:1b:e7:57:fd:17:62:40:c5:4e:dc:58:fe:
e4:89:7c:63:91:3a:70:ea:40:d8:29:11:a1:49:48:22:c0:8f:
a3:33:1f:15:b3:6b:5c:e2:01:bc:26:e1:74:2b:92:27:27:02:
70:c3:44:6f:7b:bb:1e:c5:c6:ff:ac:83:41:a6:dc:19:a3:35:
68:c1:af:34:58:05:97:1e:8f:4b:56:da:6a:d6:9b:ec:a5:13:
1e:61:15:cf:af:27:fa:5f:09:59:99:0b:45:7b:4f:b4:5a:69:
12:26:4c:70
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUc0c9Q0F1AlIlGldQnpAJ/EqbwwIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA4MDExNzIwMDNaFw0yNTA5MDUyMzU5NTlaMHoxSTBHBgNV
BAUTQDhhM2Y0MTljNjIzNjUxYTI2ZmFjMjg0YzI0MDdlNzZiNzc5NjdkOTFlOGEw
MTBiMmQ3NTEzOGYzZmRkMjVjMTgxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJZSjqyBXq0d2dZx5gBHTmKb5iSmnZlilR+MvkJTxcVsJsPJIRSOksy+hUhb
OLtpCE4j+gFlPS9hLBzDqwsacBtyDwWPswTMhEiIkI+4OWu3eOSW5+PMFeLtq/xT
ZVHAY8m6U3jSVQWpoKXf8ni8TXhVqIHGJyHZe3PhuCBqA/HItnKWTbo5XKqEhsYR
6wt9jG0bfUhgy432jqLBAaR+k3mW4viZ1BE21MwNlXL/jA1d6jhEp6+KqpK88PlG
RB244+gVbYHJiCsSs5RBZqUbHjSvx1AnITLu25GOxGppircbasMKy05qIs3Zxase
eGwmG5TV99HZ9x1bCj0LvbJXp70CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBS8mWYl
oiJhG2iVZIedziNPUFZW9zAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
NWY1NmY0YWUtZDE4Ny00YTQzLWIwYzItYWZkMDJjMDlkZDY0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHBCABP8YB
ADANBgkqhkiG9w0BAQsFAAOCAQEAS5qWr7Na/XHOjL3pNpbnRYa46eD8HPm99e9K
T7KzDe9bwJjp1u/+m03ECLAb7wIHXq7YnpPA6XCetRcvriqvS4tQCS3Fwc86odZj
zjeJvTYJWP63ZccK96uYmQID+bn28jSl2fVs68iFzXrb6iEFyjCUkXMSI+PCgLUK
hynIzhOlyjzZhlwpWsH7SXXybi83ZTeUI01AG+dX/RdiQMVO3Fj+5Il8Y5E6cOpA
2CkRoUlIIsCPozMfFbNrXOIBvCbhdCuSJycCcMNEb3u7HsXG/6yDQabcGaM1aMGv
NFgFlx6PS1baatab7KUTHmEVz68n+l8JWZkLRXtPtFppEiZMcA==
-----END CERTIFICATE-----
Generated at Mon Aug 4 21:39:46 2025 by rpki-client