Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/13e0b0a3-49b4-4990-a108-1beddb3a18bc.roa
File: 13e0b0a3-49b4-4990-a108-1beddb3a18bc.roa (raw, json)
Hash identifier: 2S6paEdFqEZsAMpNf58rE8UUp9WwONgWGjasNMsfx2Y=
Subject key identifier: 45:6F:2C:4D:EB:75:20:D5:E9:C8:9B:F2:27:88:EA:D8:8B:EA:63:A0
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 14D0F1AB6D8D7C8115B7CF55249874E4034D84DF
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/13e0b0a3-49b4-4990-a108-1beddb3a18bc.roa
Signing time: Fri 20 Jun 2025 00:10:41 +0000
ROA not before: Fri 20 Jun 2025 00:10:41 +0000
ROA not after: Fri 25 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc7:28c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
14:d0:f1:ab:6d:8d:7c:81:15:b7:cf:55:24:98:74:e4:03:4d:84:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Jun 20 00:10:41 2025 GMT
Not After : Jul 25 23:59:59 2025 GMT
Subject: serialNumber=caf5a6c50076db09da4817ebb610bfbf558516f8b6fa4a31c05b1fb23ff3b9ce, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:92:28:62:ed:a0:03:91:98:31:02:6b:7a:e9:
57:0c:6a:0d:71:e4:1a:3f:53:19:3c:6f:bc:14:d8:
34:9e:ee:b4:7b:e0:e3:cc:cd:78:1a:79:f7:a0:2d:
bd:d5:48:c7:0e:15:06:26:dd:36:2c:28:2f:c5:fc:
18:4d:60:ed:ca:f2:6a:76:dc:72:a7:78:bc:de:bf:
33:de:5e:00:90:10:1c:57:3f:90:e7:df:cd:34:55:
1d:b3:3b:8d:9d:85:ec:05:08:84:77:9a:17:36:95:
f4:14:aa:b3:84:93:02:3b:ff:8a:33:14:ee:8a:af:
d8:0a:68:70:e1:48:56:ae:76:89:61:93:e2:88:cd:
62:27:41:1f:b7:87:77:3a:2f:d0:52:be:2c:94:3e:
61:e1:22:d2:1f:2f:12:b0:80:80:85:da:dd:b8:b9:
64:f8:ea:f0:7c:02:b7:c5:ae:af:f7:df:3d:2a:87:
12:1a:b7:e9:9c:b0:a4:c6:87:3b:fc:bb:86:f8:f9:
6f:8e:82:6a:70:58:fd:dc:4e:02:aa:c3:0e:4e:39:
80:d3:e2:26:1e:f5:de:3a:19:71:f7:e3:72:63:79:
d7:6e:19:73:c4:ca:0b:f3:85:99:de:2d:a2:d2:74:
dc:f0:dd:9f:d5:d8:a5:57:52:81:35:ba:07:c7:2f:
87:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:6F:2C:4D:EB:75:20:D5:E9:C8:9B:F2:27:88:EA:D8:8B:EA:63:A0
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/13e0b0a3-49b4-4990-a108-1beddb3a18bc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc7:28c0::/48
Signature Algorithm: sha256WithRSAEncryption
34:40:ce:53:b6:f9:33:f6:96:42:3a:9a:9b:7a:c6:5c:64:82:
6a:62:ce:f3:83:18:78:1c:6e:27:ff:e6:16:45:c3:6f:b7:76:
3a:d1:60:7b:b8:f0:01:fa:22:b5:35:fe:74:68:58:f1:b9:ea:
a9:4f:56:7d:84:76:31:d5:f8:93:ca:11:6e:ad:78:9c:2f:40:
b6:e9:d2:68:82:db:0e:0d:45:e7:d0:3a:37:3c:10:62:65:15:
08:a6:ce:78:cf:d4:04:e8:33:9a:68:3d:c7:40:ba:a4:43:59:
57:00:fb:37:4b:f6:3c:2f:45:93:a7:74:9f:61:44:b2:d0:ce:
29:f3:b3:b6:5e:7f:2e:c2:4a:47:85:f6:54:a9:99:2a:fc:ed:
6f:75:13:67:a1:1b:5a:49:3a:32:bf:26:63:4b:b6:eb:10:40:
52:b6:c3:a8:f3:39:de:55:b6:f4:b1:ab:fd:e1:c3:ad:9b:04:
2a:c7:a2:ad:33:38:54:16:5d:22:29:f3:18:8a:7d:c2:af:66:
b5:74:06:04:d1:57:e2:f4:44:5e:22:bb:f4:0b:e7:b5:c4:ee:
b8:16:60:db:0e:63:bc:56:e7:1f:ed:e7:45:1a:28:f6:a6:5d:
33:19:87:56:d9:45:e5:49:fc:2a:85:6a:44:2c:b5:b4:79:13:
df:db:ee:0a
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUFNDxq22NfIEVt89VJJh05ANNhN8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA2MjAwMDEwNDFaFw0yNTA3MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQGNhZjVhNmM1MDA3NmRiMDlkYTQ4MTdlYmI2MTBiZmJmNTU4NTE2ZjhiNmZh
NGEzMWMwNWIxZmIyM2ZmM2I5Y2UxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOCSKGLtoAORmDECa3rpVwxqDXHkGj9TGTxvvBTYNJ7utHvg48zNeBp596At
vdVIxw4VBibdNiwoL8X8GE1g7cryanbccqd4vN6/M95eAJAQHFc/kOffzTRVHbM7
jZ2F7AUIhHeaFzaV9BSqs4STAjv/ijMU7oqv2ApocOFIVq52iWGT4ojNYidBH7eH
dzov0FK+LJQ+YeEi0h8vErCAgIXa3bi5ZPjq8HwCt8Wur/ffPSqHEhq36ZywpMaH
O/y7hvj5b46CanBY/dxOAqrDDk45gNPiJh713joZcffjcmN5124Zc8TKC/OFmd4t
otJ03PDdn9XYpVdSgTW6B8cvh2MCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRFbyxN
63Ug1enIm/IniOrYi+pjoDAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
MTNlMGIwYTMtNDliNC00OTkwLWExMDgtMWJlZGRiM2ExOGJjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACABP8co
wDANBgkqhkiG9w0BAQsFAAOCAQEANEDOU7b5M/aWQjqam3rGXGSCamLO84MYeBxu
J//mFkXDb7d2OtFge7jwAfoitTX+dGhY8bnqqU9WfYR2MdX4k8oRbq14nC9AtunS
aILbDg1F59A6NzwQYmUVCKbOeM/UBOgzmmg9x0C6pENZVwD7N0v2PC9Fk6d0n2FE
stDOKfOztl5/LsJKR4X2VKmZKvztb3UTZ6EbWkk6Mr8mY0u26xBAUrbDqPM53lW2
9LGr/eHDrZsEKseirTM4VBZdIinzGIp9wq9mtXQGBNFX4vREXiK79AvntcTuuBZg
2w5jvFbnH+3nRRoo9qZdMxmHVtlF5Un8KoVqRCy1tHkT39vuCg==
-----END CERTIFICATE-----
Generated at Sun Jun 29 02:56:30 2025 by rpki-client