Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/00793623-9ed7-44a4-9c2d-b3ff0668aeb2.roa
File: 00793623-9ed7-44a4-9c2d-b3ff0668aeb2.roa (raw, json)
Hash identifier: XZJSudxaprlS7viW5U3drt8EPMlfoRP0rU2R8PLU6kA=
Subject key identifier: EB:8E:78:ED:D8:8B:B4:B3:91:6D:7D:56:4B:3D:88:3D:49:2C:1C:48
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 3A4912F1E6BC309010DD1A845498203EB572B3B1
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/00793623-9ed7-44a4-9c2d-b3ff0668aeb2.roa
Signing time: Sat 09 Aug 2025 00:21:24 +0000
ROA not before: Sat 09 Aug 2025 00:21:24 +0000
ROA not after: Sat 13 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc3:6000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3a:49:12:f1:e6:bc:30:90:10:dd:1a:84:54:98:20:3e:b5:72:b3:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Aug 9 00:21:24 2025 GMT
Not After : Sep 13 23:59:59 2025 GMT
Subject: serialNumber=71f85ac7beae5995b9893e7f1e5685ac8e7d1fefe9fe71fa37add695572814a3, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:e7:e0:db:32:7a:b7:50:1a:73:de:e9:f3:15:
53:8b:27:cc:96:1e:17:79:08:00:f6:09:e1:b5:dd:
aa:cf:fb:f2:7a:3e:9e:6b:11:6a:50:30:b6:d6:85:
88:63:19:dd:d9:43:9c:23:64:10:1f:0e:93:cc:59:
a4:ce:f7:32:5d:e9:1f:f0:08:31:b0:b2:e7:be:aa:
2a:e1:cc:b0:0e:91:f0:3b:7b:18:35:12:37:a5:a0:
33:66:67:72:ee:d6:25:45:4e:9b:71:4c:85:6d:34:
1b:a1:50:35:00:cd:21:e4:db:54:8c:ca:ff:23:b4:
78:f0:3f:8a:3d:a2:36:87:c8:7e:7f:0f:79:c4:49:
0a:8f:51:06:7d:39:61:70:02:d6:be:81:a7:79:78:
2a:b3:d4:14:4d:50:47:ad:9e:cf:41:91:35:f4:99:
bb:79:29:be:5d:f2:88:3b:02:6a:06:ca:cf:65:f5:
aa:ba:fc:ec:6b:b3:3b:62:49:bf:97:1b:07:90:63:
a8:51:6d:a2:dc:6e:e5:21:31:17:f1:2e:8d:8e:21:
8c:4b:c9:3a:cf:36:24:70:87:25:3e:7a:73:f9:80:
79:16:86:15:67:19:ca:cb:f1:db:41:f9:b5:49:21:
8a:eb:f1:07:4b:4a:79:db:59:f1:12:fa:17:0e:f0:
87:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:8E:78:ED:D8:8B:B4:B3:91:6D:7D:56:4B:3D:88:3D:49:2C:1C:48
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/00793623-9ed7-44a4-9c2d-b3ff0668aeb2.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc3:6000::/36
Signature Algorithm: sha256WithRSAEncryption
61:10:91:17:ea:25:bd:f7:42:82:a3:3f:59:44:02:26:3c:48:
2b:29:10:42:33:c9:2c:10:25:01:08:c6:c7:4e:1d:91:ff:c6:
94:af:ab:fe:30:33:e1:c5:76:d8:68:ef:bf:09:dc:dd:a9:83:
22:8d:69:5b:2a:19:67:c0:ec:da:e0:d0:1b:87:7d:df:04:1a:
fd:ea:46:88:d4:06:6d:fc:00:a3:89:e1:f8:50:70:d8:e4:72:
fa:b7:4c:c1:d6:f8:81:5e:f4:7f:d7:45:36:57:68:2c:63:5f:
6e:2a:80:c1:8a:15:1d:2b:01:bc:4d:a7:ad:af:a7:36:32:9a:
c6:ac:02:fb:d8:4b:20:c9:9b:82:be:fe:dd:65:48:f2:6a:aa:
c6:94:39:b8:07:a0:68:82:16:25:27:f6:b2:49:af:c2:1d:76:
17:d5:8d:7a:bc:80:28:07:78:64:88:b6:70:ad:2d:63:66:44:
fc:a6:ac:60:58:b1:a5:4b:bc:25:cd:16:97:2b:60:b9:0d:62:
f5:d5:40:92:96:c4:74:2f:dc:f6:71:07:c9:d5:79:01:a8:9b:
ff:e3:1a:90:74:22:10:ce:76:d9:3a:90:ab:b2:ff:3f:89:52:
26:af:e9:06:12:7e:c4:29:22:f0:73:f1:ff:6c:7a:8f:a6:ff:
04:6b:70:fb
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUOkkS8ea8MJAQ3RqEVJggPrVys7EwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA4MDkwMDIxMjRaFw0yNTA5MTMyMzU5NTlaMHoxSTBHBgNV
BAUTQDcxZjg1YWM3YmVhZTU5OTViOTg5M2U3ZjFlNTY4NWFjOGU3ZDFmZWZlOWZl
NzFmYTM3YWRkNjk1NTcyODE0YTMxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJLn4NsyerdQGnPe6fMVU4snzJYeF3kIAPYJ4bXdqs/78no+nmsRalAwttaF
iGMZ3dlDnCNkEB8Ok8xZpM73Ml3pH/AIMbCy576qKuHMsA6R8Dt7GDUSN6WgM2Zn
cu7WJUVOm3FMhW00G6FQNQDNIeTbVIzK/yO0ePA/ij2iNofIfn8PecRJCo9RBn05
YXAC1r6Bp3l4KrPUFE1QR62ez0GRNfSZu3kpvl3yiDsCagbKz2X1qrr87GuzO2JJ
v5cbB5BjqFFtotxu5SExF/EujY4hjEvJOs82JHCHJT56c/mAeRaGFWcZysvx20H5
tUkhiuvxB0tKedtZ8RL6Fw7wh/8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTrjnjt
2Iu0s5FtfVZLPYg9SSwcSDAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
MDA3OTM2MjMtOWVkNy00NGE0LTljMmQtYjNmZjA2NjhhZWIyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCABP8Ng
MA0GCSqGSIb3DQEBCwUAA4IBAQBhEJEX6iW990KCoz9ZRAImPEgrKRBCM8ksECUB
CMbHTh2R/8aUr6v+MDPhxXbYaO+/CdzdqYMijWlbKhlnwOza4NAbh33fBBr96kaI
1AZt/ACjieH4UHDY5HL6t0zB1viBXvR/10U2V2gsY19uKoDBihUdKwG8Taetr6c2
MprGrAL72EsgyZuCvv7dZUjyaqrGlDm4B6BoghYlJ/aySa/CHXYX1Y16vIAoB3hk
iLZwrS1jZkT8pqxgWLGlS7wlzRaXK2C5DWL11UCSlsR0L9z2cQfJ1XkBqJv/4xqQ
dCIQznbZOpCrsv8/iVImr+kGEn7EKSLwc/H/bHqPpv8Ea3D7
-----END CERTIFICATE-----
Generated at Sat Aug 23 12:00:41 2025 by rpki-client