Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/0b1379a0-a965-4871-ba33-de2086e8028e.roa
File: 0b1379a0-a965-4871-ba33-de2086e8028e.roa (raw, json)
Hash identifier: DKZRwyuxnEAPjXxpLJrJNzyxp5tlk5OE75y7p/WyPNA=
Subject key identifier: D0:C3:61:9F:AD:50:BC:F9:45:3F:E5:E5:AA:37:57:52:9A:C9:97:9E
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 0A8FC3C0D4D2B82618C0DCF7C17A104068A43207
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/0b1379a0-a965-4871-ba33-de2086e8028e.roa
Signing time: Fri 20 Jun 2025 00:10:45 +0000
ROA not before: Fri 20 Jun 2025 00:10:45 +0000
ROA not after: Fri 25 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc7:f000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Jun 2025 00:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0a:8f:c3:c0:d4:d2:b8:26:18:c0:dc:f7:c1:7a:10:40:68:a4:32:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Jun 20 00:10:45 2025 GMT
Not After : Jul 25 23:59:59 2025 GMT
Subject: serialNumber=1fca8bb2689cd9199ba2bbe0c4b83d27642e9925ef958876000f0202efe5a0d6, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:6e:e1:64:7b:e3:34:a2:dd:15:55:90:ad:c2:
f1:45:34:c5:2e:d0:03:dd:30:a0:bf:35:58:31:32:
37:d8:fd:70:f5:b6:5a:49:51:3e:46:87:ac:41:8f:
dd:b6:01:bf:78:f5:4e:88:b9:04:33:25:df:90:79:
38:05:38:bf:fb:8a:c2:9e:10:00:0f:4e:f3:11:c6:
02:b1:73:6e:c0:a0:93:c1:dd:86:58:92:ad:9d:85:
f3:42:06:88:72:90:f8:21:7e:be:c3:5d:08:be:45:
77:d1:13:b5:a4:fa:07:6d:a4:03:f6:c4:5c:3f:1f:
43:60:b6:30:94:5c:db:ed:c2:50:b1:05:a0:c2:ed:
5c:a8:68:06:e7:2f:8e:71:3b:76:7e:12:06:75:fb:
c8:12:a3:1d:47:fb:54:3c:57:2c:8b:99:27:dd:ec:
8b:7c:36:e2:7f:c3:60:07:d1:74:e2:3a:0c:85:b2:
9f:a1:94:3e:49:3a:48:77:eb:eb:a6:e3:d7:cd:a9:
21:7f:7b:58:d5:76:69:6c:8e:f4:a9:fe:62:b1:f1:
b9:23:ae:f0:ab:65:18:74:84:88:2e:91:6f:9e:3c:
09:26:33:0a:f0:04:d2:8b:be:ba:90:ea:28:52:24:
0b:8b:6b:ff:53:21:6f:62:ad:2e:eb:73:72:9f:e8:
1d:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:C3:61:9F:AD:50:BC:F9:45:3F:E5:E5:AA:37:57:52:9A:C9:97:9E
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/0b1379a0-a965-4871-ba33-de2086e8028e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc7:f000::/36
Signature Algorithm: sha256WithRSAEncryption
4d:71:97:75:d7:60:04:32:36:68:ff:c8:b4:c0:96:ef:db:91:
b4:e1:e1:3f:8c:4a:14:a3:a0:80:93:ae:e2:95:44:83:06:3c:
7b:db:e4:e8:04:be:dc:a5:7e:d9:5c:63:e2:91:12:37:84:24:
d7:98:3c:09:4b:5d:09:37:15:43:bc:63:d5:e5:a4:63:98:8c:
6d:e6:f2:a8:26:e4:c0:4f:ba:2e:d1:8a:65:6a:01:18:d1:11:
4e:1d:b5:14:b8:9c:94:c7:6a:4e:f5:00:25:ee:06:f0:85:cb:
30:c4:b7:d4:37:60:66:ff:fa:8f:f9:78:c3:b0:a3:14:a1:f4:
6c:f6:bf:5d:51:36:c3:c4:41:e1:a1:70:11:cd:97:61:4e:30:
12:b7:27:c6:ce:7c:2a:26:1a:44:73:f0:e1:28:18:0a:3a:1f:
81:18:2c:e2:51:b5:84:0a:99:7b:19:bd:39:5f:50:07:2c:3a:
5a:a8:80:47:38:95:a5:e6:55:9f:38:86:1b:bf:a6:bb:b0:ae:
c3:ca:cd:78:47:9e:61:7c:07:18:1a:ee:94:43:a1:78:95:71:
c8:9f:cb:36:b8:5d:0b:ac:2d:6c:c5:e8:8e:56:5a:a2:54:e1:
03:e5:15:ab:be:83:29:2e:f4:f1:d5:79:d1:bc:e3:d8:7d:26:
18:d1:aa:01
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUCo/DwNTSuCYYwNz3wXoQQGikMgcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA2MjAwMDEwNDVaFw0yNTA3MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDFmY2E4YmIyNjg5Y2Q5MTk5YmEyYmJlMGM0YjgzZDI3NjQyZTk5MjVlZjk1
ODg3NjAwMGYwMjAyZWZlNWEwZDYxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMZu4WR74zSi3RVVkK3C8UU0xS7QA90woL81WDEyN9j9cPW2WklRPkaHrEGP
3bYBv3j1Toi5BDMl35B5OAU4v/uKwp4QAA9O8xHGArFzbsCgk8HdhliSrZ2F80IG
iHKQ+CF+vsNdCL5Fd9ETtaT6B22kA/bEXD8fQ2C2MJRc2+3CULEFoMLtXKhoBucv
jnE7dn4SBnX7yBKjHUf7VDxXLIuZJ93si3w24n/DYAfRdOI6DIWyn6GUPkk6SHfr
66bj182pIX97WNV2aWyO9Kn+YrHxuSOu8KtlGHSEiC6Rb548CSYzCvAE0ou+upDq
KFIkC4tr/1Mhb2KtLutzcp/oHUcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTQw2Gf
rVC8+UU/5eWqN1dSmsmXnjAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
MGIxMzc5YTAtYTk2NS00ODcxLWJhMzMtZGUyMDg2ZTgwMjhlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCABP8fw
MA0GCSqGSIb3DQEBCwUAA4IBAQBNcZd112AEMjZo/8i0wJbv25G04eE/jEoUo6CA
k67ilUSDBjx72+ToBL7cpX7ZXGPikRI3hCTXmDwJS10JNxVDvGPV5aRjmIxt5vKo
JuTAT7ou0YplagEY0RFOHbUUuJyUx2pO9QAl7gbwhcswxLfUN2Bm//qP+XjDsKMU
ofRs9r9dUTbDxEHhoXARzZdhTjAStyfGznwqJhpEc/DhKBgKOh+BGCziUbWECpl7
Gb05X1AHLDpaqIBHOJWl5lWfOIYbv6a7sK7Dys14R55hfAcYGu6UQ6F4lXHIn8s2
uF0LrC1sxeiOVlqiVOED5RWrvoMpLvTx1XnRvOPYfSYY0aoB
-----END CERTIFICATE-----
Generated at Sun Jun 29 07:39:31 2025 by rpki-client