Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/1ae9d8b2-218c-4376-936d-185032ce890b.roa
File: 1ae9d8b2-218c-4376-936d-185032ce890b.roa (raw, json)
Hash identifier: Fx6y+4KUlJUadAsZfxVkEHjduOcIMa8YwAuE961i9NE=
Subject key identifier: 65:2A:F4:8C:B2:A7:4B:DA:BC:CA:C2:D6:CD:7F:46:04:B3:CC:89:FA
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 5E6EF63C4238DEF1E0B6C35EDA15056797F2EAE5
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/1ae9d8b2-218c-4376-936d-185032ce890b.roa
Signing time: Fri 20 Jun 2025 00:10:50 +0000
ROA not before: Fri 20 Jun 2025 00:10:50 +0000
ROA not after: Fri 25 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc7:f840::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5e:6e:f6:3c:42:38:de:f1:e0:b6:c3:5e:da:15:05:67:97:f2:ea:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Jun 20 00:10:50 2025 GMT
Not After : Jul 25 23:59:59 2025 GMT
Subject: serialNumber=3f40df69c5fd74bbd6dfdcb41a40e7633f0a969d552256a4c9144ca4a8c91343, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:7c:3d:72:53:df:bd:21:5a:9d:59:35:a6:70:
21:d8:0d:ab:da:07:77:87:a2:3b:4d:45:65:58:4c:
32:08:04:12:1e:e7:61:b0:ee:ce:1b:a6:76:b5:57:
68:55:24:99:e0:28:a5:51:9a:da:d9:cc:34:32:3b:
1c:1f:3f:39:cc:5c:50:36:62:66:67:14:58:f9:50:
f6:f3:75:12:b6:13:16:1b:82:77:8f:71:67:cf:e7:
73:bc:c8:5d:3c:d2:15:cc:6b:29:17:97:ee:d3:c4:
23:39:b7:b5:00:54:cc:ae:98:1e:e7:15:c3:23:b9:
ad:50:61:ee:f1:83:1c:61:ad:35:37:c6:c7:e7:03:
c4:bd:d2:16:fc:56:70:68:e6:05:e2:7d:4b:64:04:
30:83:0b:46:be:d1:e5:f4:33:2d:b8:c8:ed:e0:04:
78:a7:28:01:8e:ac:45:f4:ff:f5:d9:ee:8b:e4:ab:
41:79:65:43:e8:9d:ae:eb:e6:99:93:63:3e:70:ba:
d7:f9:6d:01:ba:72:d1:b2:1e:2f:a2:99:6d:c7:22:
53:b8:ee:7b:f5:45:54:5a:a8:ac:f3:50:41:f3:c3:
f1:b1:f6:a8:59:dd:15:67:fb:bd:cd:ed:27:bf:f2:
3a:43:52:0b:c7:cd:16:af:c9:60:af:76:7f:bd:ef:
5d:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:2A:F4:8C:B2:A7:4B:DA:BC:CA:C2:D6:CD:7F:46:04:B3:CC:89:FA
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/1ae9d8b2-218c-4376-936d-185032ce890b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc7:f840::/48
Signature Algorithm: sha256WithRSAEncryption
05:fe:c9:c9:b9:fb:21:7f:a7:54:d4:f4:9e:90:b0:15:56:1c:
78:80:23:6c:ba:b5:e0:e3:cb:02:ce:28:46:e7:86:be:a7:54:
df:be:12:ec:c6:05:c9:84:81:14:41:58:4e:22:e8:1e:c6:80:
ff:a2:c7:17:11:ff:9d:ad:4b:b2:29:7b:cc:7b:29:f2:88:fd:
20:59:23:04:5b:bd:82:36:42:94:33:1f:d6:20:b6:29:62:ef:
98:0d:72:f9:e5:27:e3:8b:ab:44:d0:36:0e:6f:76:d2:e3:44:
21:01:cf:8e:ba:52:a9:e0:f3:9b:33:49:79:94:f0:6f:bc:d8:
3c:b8:f6:e4:62:1b:a2:1c:1d:40:cb:4e:7a:8d:04:33:e9:44:
5d:8f:25:81:7e:74:57:48:15:bc:0e:65:7a:35:b5:2a:85:91:
98:cd:cc:31:d2:23:40:70:8c:d9:0c:ec:5f:2a:d1:a0:44:cf:
8b:73:2f:7c:5f:74:34:81:b4:22:6a:16:c9:35:2d:41:07:05:
d5:da:38:70:63:80:1b:1f:6d:bb:69:27:4b:3d:22:c2:74:90:
fe:00:35:5d:b8:b3:7d:a6:47:c2:f8:0d:52:79:4a:0d:1e:31:
dd:fc:d4:8e:58:f5:db:25:96:6a:89:04:07:60:1a:0f:54:6d:
d3:7b:19:62
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUXm72PEI43vHgtsNe2hUFZ5fy6uUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA2MjAwMDEwNTBaFw0yNTA3MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDNmNDBkZjY5YzVmZDc0YmJkNmRmZGNiNDFhNDBlNzYzM2YwYTk2OWQ1NTIy
NTZhNGM5MTQ0Y2E0YThjOTEzNDMxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOd8PXJT370hWp1ZNaZwIdgNq9oHd4eiO01FZVhMMggEEh7nYbDuzhumdrVX
aFUkmeAopVGa2tnMNDI7HB8/OcxcUDZiZmcUWPlQ9vN1ErYTFhuCd49xZ8/nc7zI
XTzSFcxrKReX7tPEIzm3tQBUzK6YHucVwyO5rVBh7vGDHGGtNTfGx+cDxL3SFvxW
cGjmBeJ9S2QEMIMLRr7R5fQzLbjI7eAEeKcoAY6sRfT/9dnui+SrQXllQ+idruvm
mZNjPnC61/ltAbpy0bIeL6KZbcciU7jue/VFVFqorPNQQfPD8bH2qFndFWf7vc3t
J7/yOkNSC8fNFq/JYK92f73vXS8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRlKvSM
sqdL2rzKwtbNf0YEs8yJ+jAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
MWFlOWQ4YjItMjE4Yy00Mzc2LTkzNmQtMTg1MDMyY2U4OTBiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACABP8f4
QDANBgkqhkiG9w0BAQsFAAOCAQEABf7Jybn7IX+nVNT0npCwFVYceIAjbLq14OPL
As4oRueGvqdU374S7MYFyYSBFEFYTiLoHsaA/6LHFxH/na1Lsil7zHsp8oj9IFkj
BFu9gjZClDMf1iC2KWLvmA1y+eUn44urRNA2Dm920uNEIQHPjrpSqeDzmzNJeZTw
b7zYPLj25GIbohwdQMtOeo0EM+lEXY8lgX50V0gVvA5lejW1KoWRmM3MMdIjQHCM
2QzsXyrRoETPi3MvfF90NIG0ImoWyTUtQQcF1do4cGOAGx9tu2knSz0iwnSQ/gA1
XbizfaZHwvgNUnlKDR4x3fzUjlj12yWWaokEB2AaD1Rt03sZYg==
-----END CERTIFICATE-----
Generated at Sun Jun 29 05:12:10 2025 by rpki-client