Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/2a82b03e-517c-4a81-96ab-2cf6049a7f3d.roa
File: 2a82b03e-517c-4a81-96ab-2cf6049a7f3d.roa (raw, json)
Hash identifier: xEQEkzHebf1+833mWy+5wbNmVxiXcIzDeGU/yP29gsQ=
Subject key identifier: BA:7D:E0:13:1F:9E:46:F9:F2:74:E0:94:7D:83:06:BB:0A:3A:00:CA
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 6A46C019E2DB853798307227105C859A184C1A01
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/2a82b03e-517c-4a81-96ab-2cf6049a7f3d.roa
Signing time: Fri 20 Jun 2025 00:20:33 +0000
ROA not before: Fri 20 Jun 2025 00:20:33 +0000
ROA not after: Fri 25 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc3:6800::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6a:46:c0:19:e2:db:85:37:98:30:72:27:10:5c:85:9a:18:4c:1a:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Jun 20 00:20:33 2025 GMT
Not After : Jul 25 23:59:59 2025 GMT
Subject: serialNumber=5579b59d3f69b4b40e7373657168fa0cf9705bc5f528d1b30c2ca93deba27a0c, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:0e:9d:7f:a6:64:91:93:7f:c6:12:ab:06:ee:
f4:b4:3f:06:17:72:7e:f4:4d:36:3d:24:21:9a:0e:
5a:b7:28:f0:09:74:c6:0e:75:0e:75:23:b8:b2:ba:
53:82:56:63:e2:98:c5:16:04:2d:98:7e:02:b3:8d:
18:ee:fb:b5:9e:7c:23:5c:0d:61:3a:81:ce:fa:36:
eb:e9:24:9d:f5:fd:2d:b4:72:86:77:0c:8c:9f:f7:
2e:f4:c0:a9:0e:04:79:c8:4c:dc:02:7b:16:3b:86:
81:ad:68:f4:68:f9:78:27:ec:60:39:e3:6d:91:da:
b3:e5:07:b6:ee:47:e5:33:4c:d6:7c:d6:a5:62:ac:
48:6d:db:e7:8e:e0:7b:57:d9:5b:f1:18:d4:9a:d9:
1a:68:54:5a:97:4e:f7:a4:28:8e:67:6a:83:ac:09:
13:9c:79:61:0d:31:e4:32:ba:78:b2:8a:37:34:b0:
a6:d3:87:9d:8f:bb:27:0b:61:0e:e4:00:58:1e:d7:
e2:2a:a0:09:9c:23:dd:c8:aa:4c:2b:40:bc:77:ba:
dc:50:6f:bc:f4:47:98:96:8f:41:9e:24:b9:f7:6a:
e2:ca:47:42:58:9c:be:d8:ea:6e:18:16:77:80:b7:
02:c6:7e:94:43:2c:e8:4c:74:31:59:8c:7d:d9:8b:
d2:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:7D:E0:13:1F:9E:46:F9:F2:74:E0:94:7D:83:06:BB:0A:3A:00:CA
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/2a82b03e-517c-4a81-96ab-2cf6049a7f3d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc3:6800::/40
Signature Algorithm: sha256WithRSAEncryption
8e:b1:12:f2:3e:91:e4:08:2a:7c:8e:1e:9f:e7:32:c8:84:c8:
12:dd:b2:c2:5b:0c:67:31:fb:0c:de:06:d2:e0:d5:df:01:3f:
f4:8a:0e:10:bc:df:d7:71:4d:a6:82:01:58:c9:29:ac:4c:04:
f3:e0:c1:d0:ea:00:e3:1a:77:fb:36:32:bd:8b:83:a4:37:0c:
8d:1f:ac:35:11:42:75:e3:51:37:b3:1c:b1:e8:4a:a6:4b:f1:
f6:2b:08:a7:d6:e5:8b:ce:a1:1b:cb:e3:28:3d:51:b9:29:a9:
5a:f8:55:9b:17:5d:c8:ab:9e:b3:58:94:80:9c:83:bc:f4:a5:
40:a0:85:c8:f4:29:9f:2c:a8:4d:24:e1:07:fe:38:f0:fd:72:
9c:95:83:ba:46:a8:06:94:ae:3b:02:9b:72:65:76:63:34:00:
0a:5b:44:18:df:ca:d3:8f:f7:c3:b5:2a:71:aa:7b:0b:37:80:
ad:d5:74:d0:b3:87:5c:04:e7:de:06:41:82:e0:35:50:00:c7:
56:bb:d1:4d:bc:50:46:43:44:fe:f8:af:7b:23:f2:2f:48:c1:
50:f8:29:39:21:6d:f5:a5:d0:1b:50:e6:f6:87:cc:48:93:49:
50:85:4e:db:94:e4:f5:4e:03:3d:1c:19:3b:87:bf:99:d8:0e:
22:b5:8d:31
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUakbAGeLbhTeYMHInEFyFmhhMGgEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA2MjAwMDIwMzNaFw0yNTA3MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDU1NzliNTlkM2Y2OWI0YjQwZTczNzM2NTcxNjhmYTBjZjk3MDViYzVmNTI4
ZDFiMzBjMmNhOTNkZWJhMjdhMGMxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALcOnX+mZJGTf8YSqwbu9LQ/BhdyfvRNNj0kIZoOWrco8Al0xg51DnUjuLK6
U4JWY+KYxRYELZh+ArONGO77tZ58I1wNYTqBzvo26+kknfX9LbRyhncMjJ/3LvTA
qQ4EechM3AJ7FjuGga1o9Gj5eCfsYDnjbZHas+UHtu5H5TNM1nzWpWKsSG3b547g
e1fZW/EY1JrZGmhUWpdO96Qojmdqg6wJE5x5YQ0x5DK6eLKKNzSwptOHnY+7Jwth
DuQAWB7X4iqgCZwj3ciqTCtAvHe63FBvvPRHmJaPQZ4kufdq4spHQlicvtjqbhgW
d4C3AsZ+lEMs6Ex0MVmMfdmL0skCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBS6feAT
H55G+fJ04JR9gwa7CjoAyjAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
MmE4MmIwM2UtNTE3Yy00YTgxLTk2YWItMmNmNjA0OWE3ZjNkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACABP8No
MA0GCSqGSIb3DQEBCwUAA4IBAQCOsRLyPpHkCCp8jh6f5zLIhMgS3bLCWwxnMfsM
3gbS4NXfAT/0ig4QvN/XcU2mggFYySmsTATz4MHQ6gDjGnf7NjK9i4OkNwyNH6w1
EUJ141E3sxyx6EqmS/H2Kwin1uWLzqEby+MoPVG5Kala+FWbF13Iq56zWJSAnIO8
9KVAoIXI9CmfLKhNJOEH/jjw/XKclYO6RqgGlK47AptyZXZjNAAKW0QY38rTj/fD
tSpxqnsLN4Ct1XTQs4dcBOfeBkGC4DVQAMdWu9FNvFBGQ0T++K97I/IvSMFQ+Ck5
IW31pdAbUOb2h8xIk0lQhU7blOT1TgM9HBk7h7+Z2A4itY0x
-----END CERTIFICATE-----
Generated at Sun Jun 29 02:35:07 2025 by rpki-client