Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/215a2c9b-4dc1-48db-846e-de75149ba3ec.roa
File: 215a2c9b-4dc1-48db-846e-de75149ba3ec.roa (raw, json)
Hash identifier: s0B9sDa1NZDVD9DDpdeyuWOH/NJ+BYZL1lel9jidpp8=
Subject key identifier: 0F:1D:0F:0B:8B:04:03:AC:8D:01:00:8A:72:77:25:48:F9:9E:CC:E4
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 29C5C8BE4088EB7AA1BD1A01292C57CA250F250F
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/215a2c9b-4dc1-48db-846e-de75149ba3ec.roa
Signing time: Fri 20 Jun 2025 00:21:01 +0000
ROA not before: Fri 20 Jun 2025 00:21:01 +0000
ROA not after: Fri 25 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc2::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
29:c5:c8:be:40:88:eb:7a:a1:bd:1a:01:29:2c:57:ca:25:0f:25:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Jun 20 00:21:01 2025 GMT
Not After : Jul 25 23:59:59 2025 GMT
Subject: serialNumber=b2d044af50883f61d4f5c5e107119a6e116a9906447e92a9407883babafe7aa2, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:c7:1e:4b:c7:41:24:13:b5:7d:cd:b1:82:79:
c3:82:50:7a:7f:c4:55:de:bb:6e:da:65:9c:19:a3:
87:86:de:9d:69:95:7c:9c:ba:b0:d9:b2:c9:c8:67:
38:95:59:bc:1f:29:5d:b5:11:6b:29:dd:03:b8:f1:
aa:c8:78:8f:38:10:51:71:fd:16:c4:6d:00:01:01:
46:44:58:bf:ad:77:77:c0:1e:f2:5e:71:73:f8:e1:
98:8d:dd:19:78:d3:40:10:cb:98:c4:d8:b2:04:56:
ed:41:de:86:46:1a:0e:c1:75:ef:32:e7:cf:ea:5f:
25:32:0b:0f:be:a5:e1:0c:7b:3e:49:d7:ee:ea:1a:
74:32:77:52:83:1d:2a:bd:e6:45:ba:c1:2e:ce:4f:
af:e8:6d:99:01:77:cb:0a:9c:5c:59:8c:3e:8a:23:
2f:3b:25:ac:6e:58:99:d0:f2:b8:4f:60:90:e9:f5:
c7:8e:76:e4:87:d2:d3:5d:f8:77:ca:6c:66:6a:59:
bd:31:bf:fb:02:1d:2b:95:18:0f:f3:b9:4b:8e:36:
ad:ae:4a:3c:9d:8c:19:02:e9:10:eb:0f:9b:be:6f:
0d:33:43:5d:07:84:db:13:b7:22:b5:65:a2:3b:9e:
47:e6:0e:36:28:d7:4d:64:37:0f:cd:64:d1:7a:ab:
d5:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:1D:0F:0B:8B:04:03:AC:8D:01:00:8A:72:77:25:48:F9:9E:CC:E4
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/215a2c9b-4dc1-48db-846e-de75149ba3ec.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc2::/32
Signature Algorithm: sha256WithRSAEncryption
14:59:5b:94:19:2a:c2:2d:74:33:44:72:40:62:0a:07:ab:31:
fd:ab:72:70:12:43:1a:58:6d:43:90:5a:94:b0:cb:65:e3:d1:
03:9e:10:9a:78:41:b2:48:f6:b2:9b:e4:0e:17:a9:9c:7d:ef:
b1:6f:cc:25:09:92:15:30:18:a6:2b:61:46:53:db:a5:c3:29:
56:f4:8e:5c:3e:d6:ec:ca:2c:2c:77:11:03:a0:46:ae:08:36:
ef:ed:bf:e1:22:9a:48:e4:70:82:9f:f2:f6:07:b3:c3:d8:23:
20:9e:5c:0b:d5:6e:25:16:78:a4:66:81:e1:73:5f:13:ce:89:
a2:88:b4:6c:38:73:70:c4:b2:70:e7:bb:b4:73:79:6a:1a:03:
a2:70:6a:3e:b4:de:34:0f:0a:b6:f7:17:0b:4e:e8:6d:24:d0:
12:9b:e5:d2:8e:1a:e5:ac:3a:29:89:1d:52:51:7c:26:77:c6:
b5:49:67:34:7a:93:ff:a7:39:99:54:0b:0e:05:15:b2:f7:e0:
4d:7d:04:ca:69:6b:29:17:85:a4:91:cb:ec:f4:fa:62:bb:68:
53:a0:f5:a8:05:d7:9a:bd:46:8f:fe:d1:28:67:f0:61:5b:33:
bf:f2:ac:5d:dd:4b:cf:0d:77:21:d8:f1:b0:15:a4:d1:b4:f5:
23:60:ed:d0
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgIUKcXIvkCI63qhvRoBKSxXyiUPJQ8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA2MjAwMDIxMDFaFw0yNTA3MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQGIyZDA0NGFmNTA4ODNmNjFkNGY1YzVlMTA3MTE5YTZlMTE2YTk5MDY0NDdl
OTJhOTQwNzg4M2JhYmFmZTdhYTIxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJrHHkvHQSQTtX3NsYJ5w4JQen/EVd67btplnBmjh4benWmVfJy6sNmyychn
OJVZvB8pXbURayndA7jxqsh4jzgQUXH9FsRtAAEBRkRYv613d8Ae8l5xc/jhmI3d
GXjTQBDLmMTYsgRW7UHehkYaDsF17zLnz+pfJTILD76l4Qx7PknX7uoadDJ3UoMd
Kr3mRbrBLs5Pr+htmQF3ywqcXFmMPoojLzslrG5YmdDyuE9gkOn1x4525IfS0134
d8psZmpZvTG/+wIdK5UYD/O5S442ra5KPJ2MGQLpEOsPm75vDTNDXQeE2xO3IrVl
ojueR+YONijXTWQ3D81k0Xqr1ekCAwEAAaOCAiIwggIeMB0GA1UdDgQWBBQPHQ8L
iwQDrI0BAIpydyVI+Z7M5DAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
MjE1YTJjOWItNGRjMS00OGRiLTg0NmUtZGU3NTE0OWJhM2VjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACABP8Iw
DQYJKoZIhvcNAQELBQADggEBABRZW5QZKsItdDNEckBiCgerMf2rcnASQxpYbUOQ
WpSwy2Xj0QOeEJp4QbJI9rKb5A4XqZx977FvzCUJkhUwGKYrYUZT26XDKVb0jlw+
1uzKLCx3EQOgRq4INu/tv+EimkjkcIKf8vYHs8PYIyCeXAvVbiUWeKRmgeFzXxPO
iaKItGw4c3DEsnDnu7RzeWoaA6Jwaj603jQPCrb3FwtO6G0k0BKb5dKOGuWsOimJ
HVJRfCZ3xrVJZzR6k/+nOZlUCw4FFbL34E19BMppaykXhaSRy+z0+mK7aFOg9agF
15q9Ro/+0Shn8GFbM7/yrF3dS88NdyHY8bAVpNG09SNg7dA=
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:54:42 2025 by rpki-client