Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/1d757286-8eda-42c2-aecf-19a8c013dc64.roa
File: 1d757286-8eda-42c2-aecf-19a8c013dc64.roa (raw, json)
Hash identifier: jpSv6fTYtZTS9mo9eNZYCkqYeQ+P+XbDHQeHYtQ5fkQ=
Subject key identifier: 71:FF:0B:EC:F2:0C:BA:08:50:29:47:FB:9D:B8:29:57:BB:15:00:E7
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 255F7260605480D43BB3C2BAE79C4107F7FDDBC9
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/1d757286-8eda-42c2-aecf-19a8c013dc64.roa
Signing time: Fri 20 Jun 2025 00:20:38 +0000
ROA not before: Fri 20 Jun 2025 00:20:38 +0000
ROA not after: Fri 25 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc1:8400::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
25:5f:72:60:60:54:80:d4:3b:b3:c2:ba:e7:9c:41:07:f7:fd:db:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Jun 20 00:20:38 2025 GMT
Not After : Jul 25 23:59:59 2025 GMT
Subject: serialNumber=6f93d9902308a2f90235a57c06260af8b4442222b76414e6c9b4ba9d08f6da30, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:46:94:1f:f7:78:55:9f:b9:c4:7e:64:0d:c2:
67:d0:f7:2d:e8:05:fb:12:3c:66:58:6e:e5:ea:4a:
7d:3d:c2:23:d8:83:83:b6:1c:08:43:0f:42:f1:98:
46:54:15:c9:97:7c:a8:d7:73:d5:bb:a8:3a:1d:6c:
63:01:34:15:4b:c9:ec:14:8e:ee:9b:16:2d:81:68:
f1:9c:14:70:ae:e0:70:2d:fa:17:af:1c:99:35:66:
c2:de:d4:ca:f1:1d:45:bb:89:73:3e:85:59:72:dd:
35:6b:a5:e1:d6:84:50:62:53:b0:2f:d3:eb:30:b7:
bf:0e:95:fd:51:12:a7:ff:ed:a1:c7:5e:9e:e8:1a:
c4:7b:37:fb:7e:78:bb:80:7d:af:b6:7a:d7:98:fd:
ca:cf:90:c7:59:0e:b3:45:c4:4f:1b:38:15:58:a8:
d7:7f:60:aa:85:73:be:85:e8:80:02:4d:1c:67:bd:
ed:10:2e:5c:b6:4a:1b:fb:3f:55:5a:cb:4e:77:18:
b7:31:3e:76:b1:5c:be:d7:cf:ee:4c:18:3c:b6:03:
3f:76:70:ee:5e:9b:e8:1e:79:93:31:17:62:0a:ef:
86:a3:7f:13:41:f9:02:6b:01:de:6e:9e:7a:e2:8e:
8e:3f:3d:c2:93:66:f8:25:d4:0c:a5:e4:0f:5a:2d:
65:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:FF:0B:EC:F2:0C:BA:08:50:29:47:FB:9D:B8:29:57:BB:15:00:E7
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/1d757286-8eda-42c2-aecf-19a8c013dc64.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc1:8400::/38
Signature Algorithm: sha256WithRSAEncryption
25:32:af:38:0f:bf:a7:ed:60:75:c4:8a:27:1e:e1:d9:78:fb:
94:8d:e9:52:f6:bd:55:55:80:ec:b2:c8:29:11:7e:49:4a:21:
9c:42:5e:08:ea:12:c1:64:b6:83:2e:44:df:f9:f8:6b:66:11:
16:3f:3e:0d:c2:7e:9c:27:a7:99:02:7c:42:8f:d0:e0:31:f5:
9f:46:4a:2d:23:8c:20:e4:72:79:54:2b:ad:38:7a:e4:87:f4:
e9:b2:bf:2c:c1:78:38:71:b5:02:71:33:12:72:ef:ac:12:8d:
b6:ee:90:13:e3:32:d1:e3:e9:23:ad:79:3e:20:6f:6c:9f:e2:
a9:31:bc:3c:e0:b9:09:fe:a5:5c:28:a8:f3:11:ce:fc:a6:7b:
1d:26:c3:cb:25:f2:1a:e7:ae:2a:f9:3f:05:fc:13:8d:9b:97:
58:fb:2f:22:40:8b:4b:87:5d:b2:c6:0c:4d:f2:60:45:9c:20:
b0:f2:36:8e:8a:2b:19:12:fb:39:81:29:79:78:c6:aa:de:06:
42:f8:02:f2:bb:a5:36:7e:6f:a7:f4:93:66:21:ee:cf:86:7e:
ce:51:c2:6a:55:a3:e5:57:f6:8a:4c:f3:de:e7:26:8d:18:c4:
99:d9:d6:f0:58:30:4e:8a:7e:a2:9a:32:13:1b:4f:e6:23:74:
a7:8c:29:4a
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUJV9yYGBUgNQ7s8K655xBB/f928kwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA2MjAwMDIwMzhaFw0yNTA3MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDZmOTNkOTkwMjMwOGEyZjkwMjM1YTU3YzA2MjYwYWY4YjQ0NDIyMjJiNzY0
MTRlNmM5YjRiYTlkMDhmNmRhMzAxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKhGlB/3eFWfucR+ZA3CZ9D3LegF+xI8Zlhu5epKfT3CI9iDg7YcCEMPQvGY
RlQVyZd8qNdz1buoOh1sYwE0FUvJ7BSO7psWLYFo8ZwUcK7gcC36F68cmTVmwt7U
yvEdRbuJcz6FWXLdNWul4daEUGJTsC/T6zC3vw6V/VESp//tocdenugaxHs3+354
u4B9r7Z615j9ys+Qx1kOs0XETxs4FVio139gqoVzvoXogAJNHGe97RAuXLZKG/s/
VVrLTncYtzE+drFcvtfP7kwYPLYDP3Zw7l6b6B55kzEXYgrvhqN/E0H5AmsB3m6e
euKOjj89wpNm+CXUDKXkD1otZfECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRx/wvs
8gy6CFApR/uduClXuxUA5zAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
MWQ3NTcyODYtOGVkYS00MmMyLWFlY2YtMTlhOGMwMTNkYzY0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAiABP8GE
MA0GCSqGSIb3DQEBCwUAA4IBAQAlMq84D7+n7WB1xIonHuHZePuUjelS9r1VVYDs
ssgpEX5JSiGcQl4I6hLBZLaDLkTf+fhrZhEWPz4Nwn6cJ6eZAnxCj9DgMfWfRkot
I4wg5HJ5VCutOHrkh/Tpsr8swXg4cbUCcTMScu+sEo227pAT4zLR4+kjrXk+IG9s
n+KpMbw84LkJ/qVcKKjzEc78pnsdJsPLJfIa564q+T8F/BONm5dY+y8iQItLh12y
xgxN8mBFnCCw8jaOiisZEvs5gSl5eMaq3gZC+ALyu6U2fm+n9JNmIe7Phn7OUcJq
VaPlV/aKTPPe5yaNGMSZ2dbwWDBOin6imjITG0/mI3SnjClK
-----END CERTIFICATE-----
Generated at Sun Jun 29 05:18:08 2025 by rpki-client