Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/1f7b2e34-a041-4b12-a5b0-5af0d6f43b9a.roa
File: 1f7b2e34-a041-4b12-a5b0-5af0d6f43b9a.roa (raw, json)
Hash identifier: 7H6fAz872IoKHs0xhaPc5jE97c0xP9PrUi3AOYS8Ss8=
Subject key identifier: 02:02:49:FF:82:D0:85:1D:EA:FA:3D:EE:7F:50:27:CD:40:5A:E5:B6
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: D3C153A9FE0D365B20DE348339F8AB96A8E253
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/1f7b2e34-a041-4b12-a5b0-5af0d6f43b9a.roa
Signing time: Fri 20 Jun 2025 00:20:52 +0000
ROA not before: Fri 20 Jun 2025 00:20:52 +0000
ROA not after: Fri 25 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc1:8c00::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
d3:c1:53:a9:fe:0d:36:5b:20:de:34:83:39:f8:ab:96:a8:e2:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Jun 20 00:20:52 2025 GMT
Not After : Jul 25 23:59:59 2025 GMT
Subject: serialNumber=5efaef74f825472646b0fd6abb977d456fbee24ba1470bae8bde378a968cf7f6, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:7a:55:26:ef:e3:94:81:7c:f2:a5:4c:bb:cf:
01:89:47:c7:f8:da:ce:30:d0:35:63:7c:10:a6:a1:
6b:1c:84:05:da:e6:87:cc:00:82:42:92:4f:5e:aa:
dc:35:c8:05:87:f0:20:45:ef:a3:66:7e:b5:70:9d:
7c:1b:11:24:11:f4:fa:52:3a:bd:69:63:51:71:37:
c3:ff:6a:cc:b5:d6:47:65:93:fd:04:79:94:88:33:
62:63:81:98:7c:eb:46:e3:07:b4:f5:ab:0c:ff:51:
ee:4d:d9:d8:50:12:35:58:02:6a:32:d2:f0:8f:43:
ab:5a:89:9e:d6:15:fe:a4:6e:f0:f5:31:4f:3b:37:
e0:76:2f:b9:6f:6b:e6:2f:bc:fb:33:51:0a:f3:07:
8a:0a:75:86:42:eb:82:23:6a:1e:82:a9:a8:85:b6:
84:72:6c:2d:c6:9c:52:c2:c4:02:b2:8e:fc:36:1b:
ac:7d:46:75:57:8c:ab:57:83:7b:60:91:1b:ba:80:
19:6a:05:e9:e4:d7:cb:d0:3a:78:16:50:c6:c7:b3:
c7:64:19:cd:8e:71:45:a3:2d:cc:c4:c5:f8:b2:a4:
24:6d:ab:aa:f3:f7:23:5d:2a:ae:f7:f2:88:e1:c2:
0a:d7:58:b4:03:76:cb:69:96:40:82:fb:4b:e2:cb:
8c:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:02:49:FF:82:D0:85:1D:EA:FA:3D:EE:7F:50:27:CD:40:5A:E5:B6
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/1f7b2e34-a041-4b12-a5b0-5af0d6f43b9a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc1:8c00::/38
Signature Algorithm: sha256WithRSAEncryption
79:ad:f7:f4:aa:8c:23:e2:51:2e:1b:19:a0:11:32:ed:94:4a:
f5:19:35:b4:52:30:2b:2f:8b:8b:5c:b5:76:fb:88:fe:fa:a8:
2e:35:e9:cb:af:57:a1:48:7f:03:1e:e4:13:6f:dd:3e:79:39:
58:40:95:a2:28:34:d8:82:06:78:92:55:0d:a0:40:10:11:75:
25:fe:45:78:fc:9b:2a:6c:09:07:28:59:f6:d3:ea:79:fd:fa:
16:b1:ed:bd:5e:0a:5d:99:52:e8:a1:9f:20:77:74:2f:00:f8:
0b:e6:74:61:47:07:d9:b6:71:5d:74:39:02:6b:ef:32:35:98:
4b:f5:81:b1:78:27:6c:2d:1a:ad:40:84:fa:d8:f9:2d:c2:00:
88:d9:ca:41:d5:92:1a:3f:df:18:a9:05:66:91:83:d5:62:3c:
8e:b1:87:5c:4c:4a:ac:96:dd:19:18:1b:15:e7:8c:80:97:e1:
7f:95:73:e9:59:5f:47:da:d3:86:2b:88:26:95:68:24:18:49:
b7:ff:3a:9e:c1:1f:3f:55:e3:32:09:46:38:fa:d4:7e:7f:79:
4f:d3:9c:9e:4d:48:3a:1e:61:9e:f8:b9:d1:ac:d1:e2:b9:79:
af:83:a5:86:a6:1d:90:60:f8:0a:57:52:db:23:58:d9:e7:38:
63:d6:1f:20
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUANPBU6n+DTZbIN40gzn4q5ao4lMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA2MjAwMDIwNTJaFw0yNTA3MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDVlZmFlZjc0ZjgyNTQ3MjY0NmIwZmQ2YWJiOTc3ZDQ1NmZiZWUyNGJhMTQ3
MGJhZThiZGUzNzhhOTY4Y2Y3ZjYxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK56VSbv45SBfPKlTLvPAYlHx/jazjDQNWN8EKahaxyEBdrmh8wAgkKST16q
3DXIBYfwIEXvo2Z+tXCdfBsRJBH0+lI6vWljUXE3w/9qzLXWR2WT/QR5lIgzYmOB
mHzrRuMHtPWrDP9R7k3Z2FASNVgCajLS8I9Dq1qJntYV/qRu8PUxTzs34HYvuW9r
5i+8+zNRCvMHigp1hkLrgiNqHoKpqIW2hHJsLcacUsLEArKO/DYbrH1GdVeMq1eD
e2CRG7qAGWoF6eTXy9A6eBZQxsezx2QZzY5xRaMtzMTF+LKkJG2rqvP3I10qrvfy
iOHCCtdYtAN2y2mWQIL7S+LLjK8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQCAkn/
gtCFHer6Pe5/UCfNQFrltjAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
MWY3YjJlMzQtYTA0MS00YjEyLWE1YjAtNWFmMGQ2ZjQzYjlhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAiABP8GM
MA0GCSqGSIb3DQEBCwUAA4IBAQB5rff0qowj4lEuGxmgETLtlEr1GTW0UjArL4uL
XLV2+4j++qguNenLr1ehSH8DHuQTb90+eTlYQJWiKDTYggZ4klUNoEAQEXUl/kV4
/JsqbAkHKFn20+p5/foWse29XgpdmVLooZ8gd3QvAPgL5nRhRwfZtnFddDkCa+8y
NZhL9YGxeCdsLRqtQIT62PktwgCI2cpB1ZIaP98YqQVmkYPVYjyOsYdcTEqslt0Z
GBsV54yAl+F/lXPpWV9H2tOGK4gmlWgkGEm3/zqewR8/VeMyCUY4+tR+f3lP05ye
TUg6HmGe+LnRrNHiuXmvg6WGph2QYPgKV1LbI1jZ5zhj1h8g
-----END CERTIFICATE-----
Generated at Sun Jun 29 02:34:00 2025 by rpki-client