Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/06f5324f-fb2d-4212-b1f7-6ca0b172bf22.roa
File: 06f5324f-fb2d-4212-b1f7-6ca0b172bf22.roa (raw, json)
Hash identifier: 7zMmidNGx6qDjJ44pzgID0gxEezkB5xo101aFdV3lfo=
Subject key identifier: CF:C0:8D:16:55:12:88:A7:46:D0:D5:AC:02:56:24:30:94:E6:B3:2A
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 68A5B07A3C95932B8928F70B54BC8ECE60A444CD
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/06f5324f-fb2d-4212-b1f7-6ca0b172bf22.roa
Signing time: Fri 20 Jun 2025 00:20:30 +0000
ROA not before: Fri 20 Jun 2025 00:20:30 +0000
ROA not after: Fri 25 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc3:8000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
68:a5:b0:7a:3c:95:93:2b:89:28:f7:0b:54:bc:8e:ce:60:a4:44:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Jun 20 00:20:30 2025 GMT
Not After : Jul 25 23:59:59 2025 GMT
Subject: serialNumber=389662fe2b6901baf0e25585ff9c5385465e9f5999fbecd45cc89c75267b4c6f, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:a5:11:63:0b:78:ec:96:1f:cc:23:88:6e:81:
03:c6:aa:53:3a:dc:2c:64:93:d1:83:40:fc:84:cf:
bc:13:16:2d:1a:fe:e4:5f:1c:ea:b1:8f:60:b5:89:
11:2b:ee:1a:de:86:09:67:d9:c8:49:b7:93:fe:4e:
61:6e:4e:54:77:92:e4:53:ee:aa:57:aa:59:ef:da:
79:66:8b:12:94:c3:69:44:f0:0a:69:ff:4a:44:ca:
1a:4c:95:68:89:6a:27:2a:4d:02:c1:ec:2c:97:b8:
65:2d:9f:ea:38:61:6f:82:c5:72:11:f9:20:bc:3a:
d6:d0:d0:88:a8:aa:b2:de:6e:7b:3f:eb:49:bb:69:
58:67:09:e3:6b:9c:33:41:e3:41:30:a9:0f:c0:64:
58:94:e6:72:2a:1e:96:9e:f9:a4:4e:f6:5f:c5:ff:
58:98:b9:99:9c:e4:51:88:a9:f5:48:49:a8:a9:54:
00:9f:ad:89:ad:ac:e8:06:99:aa:d6:1a:ad:f0:de:
ec:e7:b2:21:5b:f0:0a:0e:5b:0d:ac:7f:fb:31:33:
3e:21:08:b2:d9:c2:c7:bf:b3:7d:2a:3b:4a:a3:a0:
41:9d:66:65:93:07:f6:c2:ef:92:24:cc:2d:ef:8f:
f5:ad:8a:87:76:cf:41:f2:f8:bf:0f:8d:2d:84:e4:
71:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:C0:8D:16:55:12:88:A7:46:D0:D5:AC:02:56:24:30:94:E6:B3:2A
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/06f5324f-fb2d-4212-b1f7-6ca0b172bf22.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc3:8000::/36
Signature Algorithm: sha256WithRSAEncryption
a1:64:6e:87:60:97:6f:5b:59:7d:ae:2e:c2:f2:8c:93:e4:dc:
73:95:ab:d3:53:98:e9:42:a4:85:4f:58:29:ed:58:a1:87:65:
aa:27:7c:d2:83:e4:5f:80:6e:b7:8d:00:ff:de:25:ff:49:3b:
08:ef:e1:38:f1:bf:03:71:77:32:cf:48:57:6f:f0:c4:dc:35:
de:24:04:56:27:79:01:ef:ba:93:c1:8f:4e:bb:61:41:7b:6e:
7c:a8:dc:2e:07:9b:f8:06:0d:3c:13:2a:94:f4:09:b7:a5:17:
f2:6c:63:40:68:0e:fa:b8:4e:7f:e2:3b:38:ce:7b:76:5c:2e:
6a:8b:1a:5a:8e:37:92:b5:aa:ca:50:d7:1c:3d:5d:e1:82:a8:
29:a9:23:5c:7d:38:84:45:da:dd:23:d4:75:6e:74:fc:61:a6:
f7:7e:68:8d:18:44:07:c5:4d:45:93:67:25:84:5f:61:04:5a:
8e:d4:de:fd:d2:4a:64:b8:f0:32:2a:2c:ba:39:84:01:87:ca:
b7:a1:c2:68:18:07:d2:69:ea:6d:02:9a:2c:87:64:6b:db:75:
30:98:c0:24:06:e8:b9:28:04:a0:d2:da:22:b4:16:42:0e:c1:
f5:84:a8:2b:e2:c3:7c:f6:60:a2:bc:bd:91:a6:b0:38:96:4a:
3f:a5:39:7d
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUaKWwejyVkyuJKPcLVLyOzmCkRM0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA2MjAwMDIwMzBaFw0yNTA3MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDM4OTY2MmZlMmI2OTAxYmFmMGUyNTU4NWZmOWM1Mzg1NDY1ZTlmNTk5OWZi
ZWNkNDVjYzg5Yzc1MjY3YjRjNmYxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALulEWMLeOyWH8wjiG6BA8aqUzrcLGST0YNA/ITPvBMWLRr+5F8c6rGPYLWJ
ESvuGt6GCWfZyEm3k/5OYW5OVHeS5FPuqleqWe/aeWaLEpTDaUTwCmn/SkTKGkyV
aIlqJypNAsHsLJe4ZS2f6jhhb4LFchH5ILw61tDQiKiqst5uez/rSbtpWGcJ42uc
M0HjQTCpD8BkWJTmcioelp75pE72X8X/WJi5mZzkUYip9UhJqKlUAJ+tia2s6AaZ
qtYarfDe7OeyIVvwCg5bDax/+zEzPiEIstnCx7+zfSo7SqOgQZ1mZZMH9sLvkiTM
Le+P9a2Kh3bPQfL4vw+NLYTkcekCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTPwI0W
VRKIp0bQ1awCViQwlOazKjAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
MDZmNTMyNGYtZmIyZC00MjEyLWIxZjctNmNhMGIxNzJiZjIyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCABP8OA
MA0GCSqGSIb3DQEBCwUAA4IBAQChZG6HYJdvW1l9ri7C8oyT5NxzlavTU5jpQqSF
T1gp7Vihh2WqJ3zSg+RfgG63jQD/3iX/STsI7+E48b8DcXcyz0hXb/DE3DXeJARW
J3kB77qTwY9Ou2FBe258qNwuB5v4Bg08EyqU9Am3pRfybGNAaA76uE5/4js4znt2
XC5qixpajjeStarKUNccPV3hgqgpqSNcfTiERdrdI9R1bnT8Yab3fmiNGEQHxU1F
k2clhF9hBFqO1N790kpkuPAyKiy6OYQBh8q3ocJoGAfSaeptAposh2Rr23UwmMAk
Bui5KASg0toitBZCDsH1hKgr4sN89mCivL2RprA4lko/pTl9
-----END CERTIFICATE-----
Generated at Sun Jun 29 05:18:27 2025 by rpki-client