Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/06f5324f-fb2d-4212-b1f7-6ca0b172bf22.roa
File: 06f5324f-fb2d-4212-b1f7-6ca0b172bf22.roa (raw, json)
Hash identifier: E5HMibLR4TwOKPEkqiw2NgPlYGhw9w+FV6TVlVLMg6U=
Subject key identifier: 66:E3:87:A2:65:C0:3A:A7:63:B9:CC:F2:75:81:4C:05:FE:80:D2:8A
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 6D53798DA6CF86908982FC3D0D3A57FC0152B90A
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/06f5324f-fb2d-4212-b1f7-6ca0b172bf22.roa
Signing time: Sat 09 Aug 2025 00:20:18 +0000
ROA not before: Sat 09 Aug 2025 00:20:18 +0000
ROA not after: Sat 13 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc3:8000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6d:53:79:8d:a6:cf:86:90:89:82:fc:3d:0d:3a:57:fc:01:52:b9:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Aug 9 00:20:18 2025 GMT
Not After : Sep 13 23:59:59 2025 GMT
Subject: serialNumber=64d26a47adb2264f2368feb8123ee8f5828697243bd423d18924b20b208b913d, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:3e:42:a5:35:17:dc:85:be:2d:f8:d6:36:b3:
37:68:85:18:00:c0:3f:47:f2:40:7c:b0:df:bb:0a:
bd:1a:23:8b:1b:bf:ab:44:bd:4a:f3:aa:6b:ba:ca:
f5:26:66:70:2e:8a:38:77:98:8f:7b:82:f3:93:dc:
ef:62:d8:1a:e5:60:05:63:08:96:c7:d0:2a:5c:8d:
47:fe:61:87:0d:13:42:fe:78:9f:ff:74:b6:34:a5:
56:da:a4:c9:cc:77:61:84:53:5b:32:c6:6b:aa:48:
e8:6a:a2:09:4d:86:eb:fa:7c:4b:b1:8b:96:fe:1a:
55:63:1f:02:46:79:e8:ef:04:d3:24:17:bd:78:51:
8b:63:6c:ae:1e:ce:82:5d:83:ab:ca:de:bc:49:c5:
33:11:2c:b3:c3:d0:bb:03:5d:65:7a:02:ef:59:8c:
ba:61:2e:cf:ae:db:e9:f5:87:d2:b8:70:df:78:fc:
88:3d:1d:88:1e:81:69:49:39:95:9c:9e:91:d7:be:
d3:12:84:44:fa:98:1a:f1:bb:2a:71:d2:76:a8:3b:
30:71:db:31:5e:bb:11:87:53:d5:16:a1:6f:90:28:
50:a1:22:71:fb:82:d1:c4:77:4d:e5:dc:40:9b:c8:
e7:46:1d:f5:a7:2b:9f:d2:57:a8:48:c2:36:29:8d:
68:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:E3:87:A2:65:C0:3A:A7:63:B9:CC:F2:75:81:4C:05:FE:80:D2:8A
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/06f5324f-fb2d-4212-b1f7-6ca0b172bf22.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc3:8000::/36
Signature Algorithm: sha256WithRSAEncryption
a2:06:63:0d:05:8a:e5:9b:75:3f:f6:97:61:ee:94:ad:1c:72:
6b:ce:27:9f:b4:9b:1d:10:ce:10:60:74:9a:d9:4c:91:c5:ad:
2c:a0:7a:a1:9f:54:5e:bb:f3:f2:f0:75:75:00:91:84:78:46:
9c:ae:80:e5:41:3b:23:84:0d:ce:c0:e8:08:ed:d8:81:73:63:
7a:4d:96:02:0a:0b:b6:e7:a0:26:0f:6b:b3:16:a3:50:30:d7:
52:ee:c4:d6:5c:25:d6:3e:be:ee:da:e7:a0:83:e3:2f:54:21:
16:04:1f:9d:cf:d4:71:ed:20:cb:d2:0f:77:7c:eb:d1:87:e0:
dd:e2:27:48:13:62:d1:24:8e:7a:48:cd:a1:f2:9a:23:31:7e:
af:17:14:42:63:bb:08:88:77:ec:1a:9f:30:77:4c:4b:29:09:
31:a2:f3:b1:f6:89:f3:0d:d5:55:80:0a:ed:2a:32:4a:3f:b7:
55:a3:78:76:64:5f:d3:84:77:2e:0d:8c:04:c0:30:af:fe:be:
33:d1:04:05:a9:8f:77:cc:91:28:17:2e:49:c0:cb:84:e3:90:
2b:11:a6:70:43:39:84:74:f0:eb:aa:69:76:ab:05:8e:b6:c8:
5d:17:bc:16:c2:b5:39:b1:96:4a:47:15:5d:72:d1:b8:1b:53:
93:89:09:81
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUbVN5jabPhpCJgvw9DTpX/AFSuQowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA4MDkwMDIwMThaFw0yNTA5MTMyMzU5NTlaMHoxSTBHBgNV
BAUTQDY0ZDI2YTQ3YWRiMjI2NGYyMzY4ZmViODEyM2VlOGY1ODI4Njk3MjQzYmQ0
MjNkMTg5MjRiMjBiMjA4YjkxM2QxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMw+QqU1F9yFvi341jazN2iFGADAP0fyQHyw37sKvRojixu/q0S9SvOqa7rK
9SZmcC6KOHeYj3uC85Pc72LYGuVgBWMIlsfQKlyNR/5hhw0TQv54n/90tjSlVtqk
ycx3YYRTWzLGa6pI6GqiCU2G6/p8S7GLlv4aVWMfAkZ56O8E0yQXvXhRi2Nsrh7O
gl2Dq8revEnFMxEss8PQuwNdZXoC71mMumEuz67b6fWH0rhw33j8iD0diB6BaUk5
lZyekde+0xKERPqYGvG7KnHSdqg7MHHbMV67EYdT1Rahb5AoUKEicfuC0cR3TeXc
QJvI50Yd9acrn9JXqEjCNimNaD8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRm44ei
ZcA6p2O5zPJ1gUwF/oDSijAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
MDZmNTMyNGYtZmIyZC00MjEyLWIxZjctNmNhMGIxNzJiZjIyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCABP8OA
MA0GCSqGSIb3DQEBCwUAA4IBAQCiBmMNBYrlm3U/9pdh7pStHHJrzieftJsdEM4Q
YHSa2UyRxa0soHqhn1Reu/Py8HV1AJGEeEacroDlQTsjhA3OwOgI7diBc2N6TZYC
Cgu256AmD2uzFqNQMNdS7sTWXCXWPr7u2uegg+MvVCEWBB+dz9Rx7SDL0g93fOvR
h+Dd4idIE2LRJI56SM2h8pojMX6vFxRCY7sIiHfsGp8wd0xLKQkxovOx9onzDdVV
gArtKjJKP7dVo3h2ZF/ThHcuDYwEwDCv/r4z0QQFqY93zJEoFy5JwMuE45ArEaZw
QzmEdPDrqml2qwWOtshdF7wWwrU5sZZKRxVdctG4G1OTiQmB
-----END CERTIFICATE-----
Generated at Sat Aug 23 08:04:49 2025 by rpki-client