Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/2a0347bc-2355-45ba-953f-4658b951cf4b.roa
File: 2a0347bc-2355-45ba-953f-4658b951cf4b.roa (raw, json)
Hash identifier: 6Ud7Sr571+mo14/2tSNwyPa7MIgYnrqazjf2uJPak8k=
Subject key identifier: F0:95:0E:94:D7:F8:E8:48:CB:B7:5A:17:E4:7D:90:7F:DA:39:2B:59
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 1DBC47622F460C6C89512CA8C0EBC2D69B7D4299
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/2a0347bc-2355-45ba-953f-4658b951cf4b.roa
Signing time: Fri 20 Jun 2025 00:11:13 +0000
ROA not before: Fri 20 Jun 2025 00:11:13 +0000
ROA not after: Fri 25 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc7:78c0::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1d:bc:47:62:2f:46:0c:6c:89:51:2c:a8:c0:eb:c2:d6:9b:7d:42:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Jun 20 00:11:13 2025 GMT
Not After : Jul 25 23:59:59 2025 GMT
Subject: serialNumber=740d6743aa24494811e63f4372edff06f8213d24e1b3268d26219caa0a63a692, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f6:d5:05:76:45:05:bf:41:ea:60:0f:76:0e:e7:
63:9a:7f:81:4e:a6:a1:85:a7:74:17:2f:38:43:93:
b4:28:da:b4:88:23:40:9e:d8:6a:18:59:7c:4b:86:
8d:b8:82:34:a9:d3:28:7a:cc:58:3f:10:bd:c2:42:
8a:62:84:95:87:eb:e3:9c:72:e3:64:9c:60:d0:d7:
a5:8f:c3:fb:bf:3c:b2:0a:7a:2c:c5:8c:fd:d9:a7:
50:48:0b:bd:97:ae:65:29:19:0f:30:14:2c:9b:18:
2b:95:37:33:ca:ac:50:5c:cc:4d:ed:2d:f0:59:ba:
5d:7f:68:80:08:2d:01:01:4e:91:cc:aa:82:5d:7a:
6b:61:71:de:11:0d:38:7d:2a:9c:2d:70:16:99:b7:
3d:cb:cb:ea:13:82:f6:60:b1:73:8b:0c:dd:f5:67:
71:f4:f7:57:19:64:9c:50:7e:b5:19:62:16:87:7a:
1b:07:14:15:b6:22:c6:c2:56:67:58:48:a1:b9:fa:
2d:a6:e6:f7:60:ab:d4:07:9a:ef:64:e0:f7:89:d1:
8b:34:30:76:61:15:3e:71:d0:0c:45:50:58:26:57:
fb:b0:95:27:a8:89:8c:bb:bf:e7:21:41:d6:28:0d:
fc:82:78:ac:60:34:7e:5e:e7:98:a9:d6:17:4d:0c:
fa:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:95:0E:94:D7:F8:E8:48:CB:B7:5A:17:E4:7D:90:7F:DA:39:2B:59
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/2a0347bc-2355-45ba-953f-4658b951cf4b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc7:78c0::/46
Signature Algorithm: sha256WithRSAEncryption
16:73:0b:21:d1:e9:83:3d:01:3d:1e:28:da:69:d8:d6:a8:08:
f9:8c:c7:05:77:88:a2:db:59:11:7b:0a:47:65:de:7f:98:a0:
67:54:70:d7:5e:f7:d6:bc:9e:04:bf:70:d0:d3:01:da:79:fc:
d4:60:a9:52:aa:4f:47:1d:5b:64:43:4d:c1:30:64:53:21:2b:
1f:7f:cd:62:96:99:58:1e:84:85:c3:2b:69:c3:4d:28:01:3d:
a2:dd:2a:5d:a3:d0:0c:d0:d6:2e:e8:b7:c3:7b:a2:08:f4:02:
b9:69:d8:9b:84:7a:ff:60:8e:7f:e5:6f:99:38:dc:b1:8a:ed:
91:c5:3b:67:90:8d:dc:93:16:07:8e:3d:97:b2:ad:18:17:26:
2d:9b:b1:f2:3f:e3:35:bd:da:9e:cf:b7:da:52:7a:82:84:ea:
5d:a8:e5:57:94:87:3c:e8:2a:a9:08:8f:40:b3:7d:1b:45:d8:
3d:85:49:eb:3f:10:53:32:c2:99:23:3d:84:9c:7e:b2:69:f8:
aa:fd:7e:8a:67:0d:9f:ae:f1:54:38:cc:38:1f:3c:a5:13:bb:
75:24:0f:89:5d:36:e6:56:4b:7e:43:b3:08:e1:37:35:70:a5:
7b:01:2d:a1:71:a3:63:a9:22:b2:73:30:c1:8c:f0:39:6a:a7:
f5:0f:92:40
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUHbxHYi9GDGyJUSyowOvC1pt9QpkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA2MjAwMDExMTNaFw0yNTA3MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDc0MGQ2NzQzYWEyNDQ5NDgxMWU2M2Y0MzcyZWRmZjA2ZjgyMTNkMjRlMWIz
MjY4ZDI2MjE5Y2FhMGE2M2E2OTIxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPbVBXZFBb9B6mAPdg7nY5p/gU6moYWndBcvOEOTtCjatIgjQJ7YahhZfEuG
jbiCNKnTKHrMWD8QvcJCimKElYfr45xy42ScYNDXpY/D+788sgp6LMWM/dmnUEgL
vZeuZSkZDzAULJsYK5U3M8qsUFzMTe0t8Fm6XX9ogAgtAQFOkcyqgl16a2Fx3hEN
OH0qnC1wFpm3PcvL6hOC9mCxc4sM3fVncfT3VxlknFB+tRliFod6GwcUFbYixsJW
Z1hIobn6Labm92Cr1Aea72Tg94nRizQwdmEVPnHQDEVQWCZX+7CVJ6iJjLu/5yFB
1igN/IJ4rGA0fl7nmKnWF00M+rkCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTwlQ6U
1/joSMu3WhfkfZB/2jkrWTAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
MmEwMzQ3YmMtMjM1NS00NWJhLTk1M2YtNDY1OGI5NTFjZjRiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAiABP8d4
wDANBgkqhkiG9w0BAQsFAAOCAQEAFnMLIdHpgz0BPR4o2mnY1qgI+YzHBXeIottZ
EXsKR2Xef5igZ1Rw11731ryeBL9w0NMB2nn81GCpUqpPRx1bZENNwTBkUyErH3/N
YpaZWB6EhcMracNNKAE9ot0qXaPQDNDWLui3w3uiCPQCuWnYm4R6/2COf+VvmTjc
sYrtkcU7Z5CN3JMWB449l7KtGBcmLZux8j/jNb3ans+32lJ6goTqXajlV5SHPOgq
qQiPQLN9G0XYPYVJ6z8QUzLCmSM9hJx+smn4qv1+imcNn67xVDjMOB88pRO7dSQP
iV025lZLfkOzCOE3NXClewEtoXGjY6kisnMwwYzwOWqn9Q+SQA==
-----END CERTIFICATE-----
Generated at Sun Jun 29 03:42:10 2025 by rpki-client