Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/0869fd21-e07d-44bc-b068-73be998c5028.roa
File: 0869fd21-e07d-44bc-b068-73be998c5028.roa (raw, json)
Hash identifier: FdIjLwHxtOACbDV0bAgxls9qp4fTLr4AHSKQGBJiX3k=
Subject key identifier: 34:3D:34:5B:EE:2C:42:41:50:29:2D:5C:D7:1F:3D:C0:86:75:45:58
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 6BDAE2F67FD858BF7BEED5319625760BE31330D5
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/0869fd21-e07d-44bc-b068-73be998c5028.roa
Signing time: Fri 20 Jun 2025 00:10:45 +0000
ROA not before: Fri 20 Jun 2025 00:10:45 +0000
ROA not after: Fri 25 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc7:f800::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6b:da:e2:f6:7f:d8:58:bf:7b:ee:d5:31:96:25:76:0b:e3:13:30:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Jun 20 00:10:45 2025 GMT
Not After : Jul 25 23:59:59 2025 GMT
Subject: serialNumber=25aaed3078ec860a1047ee59dc423b9488747357dc2cca507622f2196b95058a, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:10:08:4d:39:29:3f:14:3b:d0:f5:47:04:d4:
52:92:31:fd:ec:57:87:10:d8:7c:24:be:7b:f1:e6:
31:4a:fc:c7:22:2b:11:bf:12:50:45:81:75:7f:75:
7a:16:4f:68:38:5b:75:4f:27:65:7c:67:ee:d7:13:
ef:eb:82:5d:34:39:c9:45:c5:af:64:71:33:6b:a2:
e1:f4:0a:06:09:dc:89:90:04:13:24:1c:e5:ec:5a:
49:9c:a7:c7:e1:da:25:bf:7e:9b:2d:51:28:b1:7e:
a7:59:8e:9f:f4:45:51:55:2c:75:9a:65:7b:e5:e6:
41:e7:6b:56:08:03:e8:67:7e:c0:f7:5a:e2:ec:38:
e2:c7:73:30:a5:c9:1f:ce:1e:2d:9f:b8:94:16:cb:
9d:68:d4:90:73:1e:e4:18:c4:28:c8:fc:2a:cb:0d:
11:88:34:a3:50:66:b4:35:91:84:b1:80:17:0a:98:
10:ba:e9:fd:bc:70:d5:3d:5f:c2:31:2b:47:c1:80:
cc:ec:b2:2f:ed:24:9f:66:98:16:5c:cb:a9:23:f3:
c2:08:bb:f1:33:49:02:01:fd:63:df:d8:0f:38:d7:
fc:69:f8:95:c1:58:e9:44:18:31:9b:8a:eb:a2:50:
81:d4:39:38:ed:2e:68:ff:17:15:c9:e7:cb:b9:7c:
f8:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:3D:34:5B:EE:2C:42:41:50:29:2D:5C:D7:1F:3D:C0:86:75:45:58
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/0869fd21-e07d-44bc-b068-73be998c5028.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc7:f800::/40
Signature Algorithm: sha256WithRSAEncryption
2b:62:99:e9:7b:2c:1a:a7:92:e8:fc:fd:53:d7:27:6f:62:93:
c0:e2:3a:a6:28:70:53:85:0a:83:15:c8:e8:7b:74:83:3a:08:
e9:ea:b0:53:c0:3e:57:ea:62:85:e6:1a:99:1d:5a:5a:01:27:
e8:9a:a6:7e:ed:45:24:79:fe:8c:f0:82:6f:ef:8b:d6:8b:67:
c5:08:43:54:63:77:ee:68:94:6b:c2:2e:47:cd:24:7a:9a:ce:
19:41:6d:d8:40:2f:7b:d3:1a:d1:a5:c5:60:51:63:82:65:ec:
f9:55:ff:6c:d1:15:3f:b1:de:69:8b:db:50:f9:e7:8f:37:ab:
78:3f:88:7e:48:38:6e:ce:b7:fe:dc:00:56:d4:f8:8e:f5:e2:
23:66:17:19:1d:c0:9b:d3:b8:ac:1c:d3:ef:04:f0:6b:2f:62:
58:7c:b3:32:c8:ba:ea:39:88:48:eb:ea:03:a8:e1:9f:58:2b:
cf:6b:a9:a0:fd:13:5b:02:5f:d7:e3:ad:51:a9:6a:53:be:45:
ee:66:8d:ae:15:a1:bd:50:b3:20:17:69:ee:56:42:ba:b8:7f:
f0:b4:6a:60:88:42:70:cb:0a:6c:7f:06:18:9e:b0:99:d5:e0:
e2:a3:53:fa:af:58:a2:2a:98:18:8d:87:aa:3f:65:7d:65:d4:
b0:ee:25:5c
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUa9ri9n/YWL977tUxliV2C+MTMNUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA2MjAwMDEwNDVaFw0yNTA3MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDI1YWFlZDMwNzhlYzg2MGExMDQ3ZWU1OWRjNDIzYjk0ODg3NDczNTdkYzJj
Y2E1MDc2MjJmMjE5NmI5NTA1OGExLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALwQCE05KT8UO9D1RwTUUpIx/exXhxDYfCS+e/HmMUr8xyIrEb8SUEWBdX91
ehZPaDhbdU8nZXxn7tcT7+uCXTQ5yUXFr2RxM2ui4fQKBgnciZAEEyQc5exaSZyn
x+HaJb9+my1RKLF+p1mOn/RFUVUsdZple+XmQedrVggD6Gd+wPda4uw44sdzMKXJ
H84eLZ+4lBbLnWjUkHMe5BjEKMj8KssNEYg0o1BmtDWRhLGAFwqYELrp/bxw1T1f
wjErR8GAzOyyL+0kn2aYFlzLqSPzwgi78TNJAgH9Y9/YDzjX/Gn4lcFY6UQYMZuK
66JQgdQ5OO0uaP8XFcnny7l8+N0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQ0PTRb
7ixCQVApLVzXHz3AhnVFWDAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
MDg2OWZkMjEtZTA3ZC00NGJjLWIwNjgtNzNiZTk5OGM1MDI4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACABP8f4
MA0GCSqGSIb3DQEBCwUAA4IBAQArYpnpeywap5Lo/P1T1ydvYpPA4jqmKHBThQqD
Fcjoe3SDOgjp6rBTwD5X6mKF5hqZHVpaASfomqZ+7UUkef6M8IJv74vWi2fFCENU
Y3fuaJRrwi5HzSR6ms4ZQW3YQC970xrRpcVgUWOCZez5Vf9s0RU/sd5pi9tQ+eeP
N6t4P4h+SDhuzrf+3ABW1PiO9eIjZhcZHcCb07isHNPvBPBrL2JYfLMyyLrqOYhI
6+oDqOGfWCvPa6mg/RNbAl/X461RqWpTvkXuZo2uFaG9ULMgF2nuVkK6uH/wtGpg
iEJwywpsfwYYnrCZ1eDio1P6r1iiKpgYjYeqP2V9ZdSw7iVc
-----END CERTIFICATE-----
Generated at Sun Jun 29 03:18:27 2025 by rpki-client