Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/07aa2549-9eea-428d-a23d-c0e66b59cdb0.roa
File: 07aa2549-9eea-428d-a23d-c0e66b59cdb0.roa (raw, json)
Hash identifier: 1v1Nk5v4B9D9MeNoUq2yuh1izaOtZVW/r0oC2Cst8lU=
Subject key identifier: 0E:E1:1A:7F:46:F2:DE:CB:D8:4B:1A:1B:CF:3C:3B:2A:7A:0D:5A:E0
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 1479C5E57FAC57481F4083A95ABE77A1AC527F44
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/07aa2549-9eea-428d-a23d-c0e66b59cdb0.roa
Signing time: Fri 20 Jun 2025 00:20:54 +0000
ROA not before: Fri 20 Jun 2025 00:20:54 +0000
ROA not after: Fri 25 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc1:8000::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
14:79:c5:e5:7f:ac:57:48:1f:40:83:a9:5a:be:77:a1:ac:52:7f:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Jun 20 00:20:54 2025 GMT
Not After : Jul 25 23:59:59 2025 GMT
Subject: serialNumber=f824640f04b3b99e0292b64d9a742e46a9958f447d139b66fdbb4eb3861bd998, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:bb:70:cc:f5:b2:81:ab:00:97:b5:09:4e:27:
91:c0:ce:3f:02:80:17:1d:cc:60:fa:4c:12:56:1d:
b3:df:70:48:2e:17:67:eb:ef:38:98:15:82:cb:89:
97:99:64:fa:e6:83:96:78:9f:f7:db:33:00:c4:4d:
58:b6:ca:58:32:f0:01:1a:cb:c7:e3:d6:fa:7f:06:
ca:05:2b:08:4f:c4:11:7e:8c:88:cd:dc:be:02:a5:
2c:14:fd:ad:ce:df:38:97:12:2d:dc:86:f2:a6:d1:
5e:2f:28:88:72:06:c0:78:a4:84:12:88:6f:97:39:
aa:26:5b:f2:3b:cd:3c:cb:07:36:03:51:a3:f4:0f:
04:a0:42:bf:00:1f:da:47:2e:ed:39:51:54:7f:ec:
ab:9f:88:97:c0:ab:77:4e:f0:6a:8e:28:c6:8b:11:
fa:aa:f1:28:10:f2:0a:75:a1:e1:0b:f5:4f:b4:de:
70:59:ff:ad:a6:99:c8:06:4a:fb:69:c7:ba:2e:16:
b1:3b:6d:d6:f7:3b:3c:9e:d6:46:8f:c9:a8:f9:55:
89:74:86:da:41:cf:45:9e:49:55:5b:32:fe:4a:9a:
63:a9:ec:a7:ce:54:e5:8f:41:f1:91:ff:67:17:84:
64:fa:42:3a:be:f7:21:6a:e3:97:02:d8:df:ec:11:
de:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:E1:1A:7F:46:F2:DE:CB:D8:4B:1A:1B:CF:3C:3B:2A:7A:0D:5A:E0
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/07aa2549-9eea-428d-a23d-c0e66b59cdb0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc1:8000::/38
Signature Algorithm: sha256WithRSAEncryption
74:43:0e:76:5d:9d:cc:c5:74:0f:a8:45:df:75:cb:5b:0a:b7:
22:cc:d7:53:14:02:50:f6:b5:2c:d5:84:94:6a:19:35:20:75:
28:3b:5d:db:4d:3d:11:09:46:15:7f:1a:7d:7f:b3:97:cb:63:
b2:b6:7d:2a:ca:f1:6c:67:a2:c0:b0:02:45:e4:1e:e6:9a:78:
20:99:54:f9:13:32:d2:a1:b5:1c:d6:b5:df:27:55:98:83:cc:
74:b2:b5:5f:6f:57:17:71:5c:6e:d8:95:35:fb:90:ed:53:f8:
30:2d:b8:1a:9c:32:d1:c2:3e:3f:d4:2f:e3:ff:4d:d8:00:84:
e6:57:0f:b3:4c:0b:84:65:f9:9a:12:14:3f:45:61:7a:26:33:
41:7b:ae:e4:df:3e:8a:73:e6:9c:35:23:54:c9:40:62:e5:31:
2b:1a:1a:b8:48:f2:49:c3:fa:61:ca:94:72:fe:cb:0d:34:b6:
e8:58:92:87:41:cb:64:52:75:f0:17:46:8d:91:bf:68:f8:67:
ce:b3:98:3b:d3:32:af:ef:16:86:3e:1d:b0:11:3f:b1:fb:b8:
70:2b:fc:e6:13:30:e2:bf:8e:3c:eb:5c:dc:3b:fd:70:38:15:
6f:99:61:a9:4a:a2:e0:6c:2c:cb:f3:79:49:e0:76:4d:42:98:
5d:3f:db:95
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUFHnF5X+sV0gfQIOpWr53oaxSf0QwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA2MjAwMDIwNTRaFw0yNTA3MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQGY4MjQ2NDBmMDRiM2I5OWUwMjkyYjY0ZDlhNzQyZTQ2YTk5NThmNDQ3ZDEz
OWI2NmZkYmI0ZWIzODYxYmQ5OTgxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAI67cMz1soGrAJe1CU4nkcDOPwKAFx3MYPpMElYds99wSC4XZ+vvOJgVgsuJ
l5lk+uaDlnif99szAMRNWLbKWDLwARrLx+PW+n8GygUrCE/EEX6MiM3cvgKlLBT9
rc7fOJcSLdyG8qbRXi8oiHIGwHikhBKIb5c5qiZb8jvNPMsHNgNRo/QPBKBCvwAf
2kcu7TlRVH/sq5+Il8Crd07wao4oxosR+qrxKBDyCnWh4Qv1T7TecFn/raaZyAZK
+2nHui4WsTtt1vc7PJ7WRo/JqPlViXSG2kHPRZ5JVVsy/kqaY6nsp85U5Y9B8ZH/
ZxeEZPpCOr73IWrjlwLY3+wR3jUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQO4Rp/
RvLey9hLGhvPPDsqeg1a4DAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
MDdhYTI1NDktOWVlYS00MjhkLWEyM2QtYzBlNjZiNTljZGIwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAiABP8GA
MA0GCSqGSIb3DQEBCwUAA4IBAQB0Qw52XZ3MxXQPqEXfdctbCrcizNdTFAJQ9rUs
1YSUahk1IHUoO13bTT0RCUYVfxp9f7OXy2Oytn0qyvFsZ6LAsAJF5B7mmnggmVT5
EzLSobUc1rXfJ1WYg8x0srVfb1cXcVxu2JU1+5DtU/gwLbganDLRwj4/1C/j/03Y
AITmVw+zTAuEZfmaEhQ/RWF6JjNBe67k3z6Kc+acNSNUyUBi5TErGhq4SPJJw/ph
ypRy/ssNNLboWJKHQctkUnXwF0aNkb9o+GfOs5g70zKv7xaGPh2wET+x+7hwK/zm
EzDiv44861zcO/1wOBVvmWGpSqLgbCzL83lJ4HZNQphdP9uV
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:54:58 2025 by rpki-client