Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/8077cf35-346a-4408-9520-3d0ce98aebed.roa
File: 8077cf35-346a-4408-9520-3d0ce98aebed.roa (raw, json)
Hash identifier: Ka38egvuHEemFubAwz0pqeLIEAD6OJGzrsUSywmWYBk=
Subject key identifier: 61:09:91:D0:70:13:AD:6E:14:8B:B1:62:C3:C7:2E:29:CE:48:30:1F
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 5B67FDCF9B233A4F60915CA935F2F8858F212ECA
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/8077cf35-346a-4408-9520-3d0ce98aebed.roa
Signing time: Wed 30 Jul 2025 17:37:00 +0000
ROA not before: Wed 30 Jul 2025 17:37:00 +0000
ROA not after: Wed 03 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc7:b000::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 12:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5b:67:fd:cf:9b:23:3a:4f:60:91:5c:a9:35:f2:f8:85:8f:21:2e:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Jul 30 17:37:00 2025 GMT
Not After : Sep 3 23:59:59 2025 GMT
Subject: serialNumber=eb44379ad796f9d3b1f82cbfac211a30e27270747a684450085d84bb7bbf5fda, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:be:a7:cf:3b:ca:b9:36:07:c4:4b:ff:e3:92:
1e:71:68:8a:86:a7:2b:50:6c:30:d9:ad:c2:cc:ea:
15:14:c5:14:41:92:a9:c8:97:93:be:da:0e:ef:fd:
31:32:28:93:f6:5a:3b:10:72:02:bd:b5:5d:fa:16:
c3:7e:f7:99:7a:e7:f6:ab:ab:15:9a:3a:c2:3b:67:
be:37:b9:6c:5d:b0:ec:58:c7:00:d1:2d:e0:2e:d4:
b0:7f:db:cf:c8:74:84:85:21:ef:86:2c:96:96:dd:
06:04:42:c9:af:d4:ea:93:ba:ea:61:17:25:7b:03:
0f:fa:40:bf:76:a7:3e:1a:f1:a7:e0:4f:10:0e:9d:
18:f3:b0:5f:c0:ca:3d:53:2a:83:bc:a0:97:14:fb:
88:07:aa:60:2a:23:e8:b6:7c:68:6a:3e:a1:d9:78:
3c:7c:e6:4b:16:28:23:f6:59:3c:d2:33:5e:89:48:
08:9b:6b:17:e0:38:4f:0f:e7:02:b8:a5:9a:17:d8:
ba:d0:e9:fd:66:99:df:a5:db:21:63:54:f5:18:0d:
d2:91:9d:f3:43:1a:85:ff:23:19:0f:f2:60:75:a3:
44:b2:fc:27:3e:d8:86:68:57:81:93:cf:5b:61:3c:
5b:66:e6:05:39:3d:c7:91:2c:0d:ea:3a:7b:d1:38:
59:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:09:91:D0:70:13:AD:6E:14:8B:B1:62:C3:C7:2E:29:CE:48:30:1F
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/8077cf35-346a-4408-9520-3d0ce98aebed.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc7:b000::/36
Signature Algorithm: sha256WithRSAEncryption
86:88:15:ba:40:4b:33:48:d9:49:10:6b:22:ee:c8:60:8c:14:
c3:67:9b:b9:ac:59:e7:31:7c:f5:e5:86:db:d1:8d:dd:85:e6:
ab:0b:73:e0:75:bf:a9:ce:a5:0a:d2:2a:fd:86:68:1a:33:ec:
8f:6a:fa:50:94:47:ce:d9:be:89:8f:72:ca:9d:da:ea:84:05:
9f:0d:e0:c1:87:d2:73:48:2e:84:8b:75:c1:10:f0:5a:63:68:
9f:5b:f1:fb:70:ec:d5:ec:33:8b:bf:de:d3:d6:b6:2e:77:27:
fb:b0:12:a3:a7:e5:b1:38:c3:b5:1b:1b:1d:34:1f:2d:1e:c2:
84:20:f9:e3:7b:25:ab:13:00:81:fa:47:85:09:f6:3d:bd:dd:
3b:7c:c5:bb:36:c2:45:e9:86:11:90:ae:68:1e:d9:bc:32:e1:
89:02:49:df:bb:55:27:80:df:1d:1a:8f:d4:4d:1a:1e:70:41:
c6:a1:2d:d3:2d:9a:8c:6a:7b:f4:3b:0a:29:53:ed:5d:30:f6:
8f:ee:8c:4f:95:00:01:fd:90:12:7f:76:25:ed:2a:c3:5d:c5:
ee:c7:58:60:f6:aa:5e:b9:98:9c:e1:0e:86:f5:0a:23:72:64:
26:09:4a:96:34:a4:fb:b7:ce:37:1f:94:46:40:ab:6e:bc:20:
d7:51:da:d8
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUW2f9z5sjOk9gkVypNfL4hY8hLsowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA3MzAxNzM3MDBaFw0yNTA5MDMyMzU5NTlaMHoxSTBHBgNV
BAUTQGViNDQzNzlhZDc5NmY5ZDNiMWY4MmNiZmFjMjExYTMwZTI3MjcwNzQ3YTY4
NDQ1MDA4NWQ4NGJiN2JiZjVmZGExLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALC+p887yrk2B8RL/+OSHnFoioanK1BsMNmtwszqFRTFFEGSqciXk77aDu/9
MTIok/ZaOxByAr21XfoWw373mXrn9qurFZo6wjtnvje5bF2w7FjHANEt4C7UsH/b
z8h0hIUh74YslpbdBgRCya/U6pO66mEXJXsDD/pAv3anPhrxp+BPEA6dGPOwX8DK
PVMqg7yglxT7iAeqYCoj6LZ8aGo+odl4PHzmSxYoI/ZZPNIzXolICJtrF+A4Tw/n
ArilmhfYutDp/WaZ36XbIWNU9RgN0pGd80Mahf8jGQ/yYHWjRLL8Jz7YhmhXgZPP
W2E8W2bmBTk9x5EsDeo6e9E4WdUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRhCZHQ
cBOtbhSLsWLDxy4pzkgwHzAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
ODA3N2NmMzUtMzQ2YS00NDA4LTk1MjAtM2QwY2U5OGFlYmVkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCABP8ew
MA0GCSqGSIb3DQEBCwUAA4IBAQCGiBW6QEszSNlJEGsi7shgjBTDZ5u5rFnnMXz1
5Ybb0Y3dhearC3Pgdb+pzqUK0ir9hmgaM+yPavpQlEfO2b6Jj3LKndrqhAWfDeDB
h9JzSC6Ei3XBEPBaY2ifW/H7cOzV7DOLv97T1rYudyf7sBKjp+WxOMO1GxsdNB8t
HsKEIPnjeyWrEwCB+keFCfY9vd07fMW7NsJF6YYRkK5oHtm8MuGJAknfu1UngN8d
Go/UTRoecEHGoS3TLZqManv0OwopU+1dMPaP7oxPlQAB/ZASf3Yl7SrDXcXux1hg
9qpeuZic4Q6G9QojcmQmCUqWNKT7t843H5RGQKtuvCDXUdrY
-----END CERTIFICATE-----
Generated at Mon Aug 4 21:47:46 2025 by rpki-client