Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/00d32677-2dbe-47e3-a4b3-be1e601729bd.roa
File: 00d32677-2dbe-47e3-a4b3-be1e601729bd.roa (raw, json)
Hash identifier: KvLzgESfUvSPOq1JI22TUSNWj+dBmbKk462zhe/KXV8=
Subject key identifier: FE:61:1B:E7:80:CA:0D:E4:1D:03:74:C1:06:0A:8C:A5:B6:3C:C2:32
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 1B82792E0F71D38D0F65E0BD9A6EC0A342E08213
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/00d32677-2dbe-47e3-a4b3-be1e601729bd.roa
Signing time: Fri 20 Jun 2025 00:20:56 +0000
ROA not before: Fri 20 Jun 2025 00:20:56 +0000
ROA not after: Fri 25 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc5:9000::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1b:82:79:2e:0f:71:d3:8d:0f:65:e0:bd:9a:6e:c0:a3:42:e0:82:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Jun 20 00:20:56 2025 GMT
Not After : Jul 25 23:59:59 2025 GMT
Subject: serialNumber=e0cbd1c82f59dc1da7c0667b8b18770052aa5992e0656d435794ce97caa28e42, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:bd:c3:d9:d3:34:99:10:4b:ca:1a:26:62:4f:
5f:36:76:33:b0:15:c3:b7:46:f9:59:97:c9:2f:e0:
fa:02:97:2d:10:47:d5:2b:01:63:09:bc:30:56:50:
49:95:97:d7:9f:f1:c4:f0:3f:88:35:30:bc:ff:32:
85:92:23:6d:8f:a4:2d:33:9f:a1:5a:4b:2a:60:3f:
5c:e5:7d:98:9b:55:83:b0:bd:d6:cc:12:19:a3:b2:
54:d7:fe:22:d7:71:a0:b0:21:af:16:22:ce:03:b9:
c6:4a:6f:16:d4:3f:89:68:4a:37:96:27:12:4f:8c:
5c:e9:af:88:96:5b:69:e1:36:1d:8b:ae:63:b1:14:
e3:4f:43:99:cc:5a:3b:cc:e8:4a:44:2f:23:ba:d0:
f7:d3:8c:4f:86:c7:68:bd:db:d5:a3:d9:ad:63:e6:
ef:d0:2a:df:cc:fc:a0:95:91:11:20:ef:15:12:f0:
0d:29:85:03:08:98:2b:5a:4d:92:c4:9c:42:30:e0:
dd:52:51:01:70:3a:c0:14:67:b4:16:11:37:4b:b2:
71:e6:d6:05:81:60:8c:46:8f:b5:93:76:c2:44:2f:
b6:f8:ba:9c:5c:d2:b2:de:ef:90:ef:81:c4:ab:0d:
87:3e:98:30:49:e6:52:a1:49:aa:44:e6:3d:60:6b:
b5:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:61:1B:E7:80:CA:0D:E4:1D:03:74:C1:06:0A:8C:A5:B6:3C:C2:32
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/00d32677-2dbe-47e3-a4b3-be1e601729bd.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc5:9000::/36
Signature Algorithm: sha256WithRSAEncryption
0a:50:21:65:89:17:a6:a3:04:16:8e:4d:fe:37:75:14:24:a6:
7c:28:6b:75:e6:7d:5f:9b:e5:35:82:35:3e:70:80:d9:e5:c6:
b2:05:d2:bc:0b:30:e3:99:2e:42:2a:d5:0d:a3:3d:9e:70:8f:
b0:e7:8c:6b:e3:85:aa:c7:8f:38:aa:7c:7d:7e:29:1b:68:a9:
00:7e:7f:41:35:ba:cc:2e:1c:fd:c0:2e:cd:78:b9:ff:cd:04:
76:79:f2:cb:d5:e4:3f:64:25:88:c2:91:70:4d:20:cb:d3:87:
04:10:77:c1:09:8e:79:b5:07:7d:62:fa:31:ac:ba:b3:d9:2a:
40:02:74:5e:7f:cc:af:cc:f7:40:58:c8:40:50:b8:a1:83:34:
bc:8d:65:fa:db:e4:8c:76:9a:40:bb:cf:3c:a7:ab:04:64:7f:
55:23:6a:7a:cb:ac:0f:ab:da:3b:26:05:53:0c:78:28:98:2a:
3f:b3:24:eb:66:0b:5a:40:22:7d:04:35:df:18:a1:3a:ec:eb:
7f:6d:41:3d:d1:03:49:f0:06:a6:72:41:de:d4:9f:84:c8:cf:
10:e2:4e:be:46:19:34:a0:d6:8c:eb:58:d2:f0:d3:e5:20:a6:
8b:48:96:d9:11:1b:48:21:c2:f6:02:07:ee:67:32:da:86:b7:
a6:86:4e:96
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUG4J5Lg9x040PZeC9mm7Ao0LgghMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA2MjAwMDIwNTZaFw0yNTA3MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQGUwY2JkMWM4MmY1OWRjMWRhN2MwNjY3YjhiMTg3NzAwNTJhYTU5OTJlMDY1
NmQ0MzU3OTRjZTk3Y2FhMjhlNDIxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ29w9nTNJkQS8oaJmJPXzZ2M7AVw7dG+VmXyS/g+gKXLRBH1SsBYwm8MFZQ
SZWX15/xxPA/iDUwvP8yhZIjbY+kLTOfoVpLKmA/XOV9mJtVg7C91swSGaOyVNf+
ItdxoLAhrxYizgO5xkpvFtQ/iWhKN5YnEk+MXOmviJZbaeE2HYuuY7EU409Dmcxa
O8zoSkQvI7rQ99OMT4bHaL3b1aPZrWPm79Aq38z8oJWRESDvFRLwDSmFAwiYK1pN
ksScQjDg3VJRAXA6wBRntBYRN0uycebWBYFgjEaPtZN2wkQvtvi6nFzSst7vkO+B
xKsNhz6YMEnmUqFJqkTmPWBrtRkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBT+YRvn
gMoN5B0DdMEGCoyltjzCMjAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
MDBkMzI2NzctMmRiZS00N2UzLWE0YjMtYmUxZTYwMTcyOWJkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCABP8WQ
MA0GCSqGSIb3DQEBCwUAA4IBAQAKUCFliRemowQWjk3+N3UUJKZ8KGt15n1fm+U1
gjU+cIDZ5cayBdK8CzDjmS5CKtUNoz2ecI+w54xr44Wqx484qnx9fikbaKkAfn9B
NbrMLhz9wC7NeLn/zQR2efLL1eQ/ZCWIwpFwTSDL04cEEHfBCY55tQd9YvoxrLqz
2SpAAnRef8yvzPdAWMhAULihgzS8jWX62+SMdppAu888p6sEZH9VI2p6y6wPq9o7
JgVTDHgomCo/syTrZgtaQCJ9BDXfGKE67Ot/bUE90QNJ8AamckHe1J+EyM8Q4k6+
Rhk0oNaM61jS8NPlIKaLSJbZERtIIcL2AgfuZzLahremhk6W
-----END CERTIFICATE-----
Generated at Sun Jun 29 05:01:03 2025 by rpki-client