Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/2b3faf28-e8b7-4e39-99e4-e3cb6577dafb.roa
File: 2b3faf28-e8b7-4e39-99e4-e3cb6577dafb.roa (raw, json)
Hash identifier: qCapyT+2rU2dc2RvM4kGvXqR7kdlHlshy51KGqkxJ1Y=
Subject key identifier: 98:FE:D5:2A:C4:1F:34:D2:48:34:92:2C:DC:55:3A:21:1B:F9:47:36
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 2F56CEB9AF054C4CF5F4BECC479F73C164E1AD33
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/2b3faf28-e8b7-4e39-99e4-e3cb6577dafb.roa
Signing time: Fri 20 Jun 2025 00:20:58 +0000
ROA not before: Fri 20 Jun 2025 00:20:58 +0000
ROA not after: Fri 25 Jul 2025 23:59:59 +0000
asID: 14618
IP address blocks: 2001:3fc4::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 15:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2f:56:ce:b9:af:05:4c:4c:f5:f4:be:cc:47:9f:73:c1:64:e1:ad:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Jun 20 00:20:58 2025 GMT
Not After : Jul 25 23:59:59 2025 GMT
Subject: serialNumber=f8ce804f1f5560476f4a98def440f322964ce40543e7bb612cb38b271b916f6c, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:d8:43:66:4e:bf:54:f0:15:a2:55:cc:66:01:
1e:00:3c:6a:3a:e7:62:e2:f7:08:e2:37:d1:90:5d:
2b:95:21:78:4d:40:c7:f8:74:ae:0a:db:a5:d4:bb:
76:01:be:9e:cb:b3:9f:99:44:80:6f:03:d2:f3:aa:
f0:1e:12:44:b5:6e:88:54:05:bc:bf:70:d8:4b:07:
71:b5:3d:eb:c2:38:46:f1:db:58:0c:85:f8:53:27:
73:95:45:81:01:48:fd:49:ee:f9:21:49:d0:f0:1a:
b2:4e:3c:6b:37:75:17:f4:9b:9e:95:a6:56:3a:ee:
35:06:6b:35:39:37:56:eb:a2:45:12:e4:66:21:e3:
77:e7:b0:15:32:c5:14:99:fa:9e:b0:d9:94:4c:2d:
62:13:43:67:9a:a0:5e:8b:61:5d:36:4c:b3:71:eb:
aa:85:42:ac:e2:f9:b9:2c:1c:39:c2:c8:e4:a3:1c:
72:ea:37:cc:1f:f1:42:65:1a:89:eb:59:07:d5:4f:
60:e4:a7:7c:12:32:de:5c:59:4e:19:4b:4c:fc:65:
6c:24:ec:e0:98:b6:8e:cd:f6:be:d0:a7:e7:97:84:
83:b3:83:fb:9d:d8:2b:00:7c:d4:d7:a9:42:9d:a7:
f0:d8:66:47:eb:d1:f2:3a:53:b6:79:bf:20:52:f0:
c2:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:FE:D5:2A:C4:1F:34:D2:48:34:92:2C:DC:55:3A:21:1B:F9:47:36
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/2b3faf28-e8b7-4e39-99e4-e3cb6577dafb.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc4::/36
Signature Algorithm: sha256WithRSAEncryption
7e:fa:37:c2:e0:ce:0e:dc:35:b0:72:d1:7e:07:22:0d:da:29:
b3:fe:a7:be:96:b9:4b:93:95:84:d7:d7:8e:73:b8:00:df:8d:
2a:d9:02:bc:d5:41:44:08:fc:51:73:7f:74:c6:75:51:53:e0:
01:fd:fb:6e:50:be:1e:2f:f1:67:b1:2e:aa:2a:e1:36:e5:f6:
4a:78:68:9e:aa:9c:d9:5e:a4:f9:99:43:27:e8:46:99:d8:89:
b6:36:37:10:ea:0e:33:9a:e4:14:a3:4b:47:42:51:e1:9a:1f:
05:b6:4b:e3:3d:d9:9a:06:56:ec:ba:8b:8c:4b:ed:05:a0:a2:
0a:93:5c:49:ab:37:bb:b9:c7:ee:d4:89:a5:43:bf:7a:72:a8:
f7:a3:43:94:36:f2:53:7c:2e:6a:3e:86:eb:2f:b9:8d:ca:96:
9c:ba:8e:be:e3:3b:89:66:4f:8a:ec:5a:3b:e9:3a:a3:8d:39:
82:ef:4b:b9:6d:ca:5b:b2:32:60:52:48:cf:3d:68:6f:1b:8b:
2c:46:cd:44:7b:31:1d:33:27:87:16:88:c8:a7:c6:23:28:62:
15:d0:83:ff:86:3d:b7:b9:43:14:2d:89:c2:52:6a:01:9e:44:
e9:03:67:f8:32:59:75:3d:75:15:62:aa:5c:da:a9:c5:aa:d3:
a6:4e:32:0e
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUL1bOua8FTEz19L7MR59zwWThrTMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA2MjAwMDIwNThaFw0yNTA3MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQGY4Y2U4MDRmMWY1NTYwNDc2ZjRhOThkZWY0NDBmMzIyOTY0Y2U0MDU0M2U3
YmI2MTJjYjM4YjI3MWI5MTZmNmMxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALTYQ2ZOv1TwFaJVzGYBHgA8ajrnYuL3COI30ZBdK5UheE1Ax/h0rgrbpdS7
dgG+nsuzn5lEgG8D0vOq8B4SRLVuiFQFvL9w2EsHcbU968I4RvHbWAyF+FMnc5VF
gQFI/Unu+SFJ0PAask48azd1F/SbnpWmVjruNQZrNTk3VuuiRRLkZiHjd+ewFTLF
FJn6nrDZlEwtYhNDZ5qgXothXTZMs3HrqoVCrOL5uSwcOcLI5KMccuo3zB/xQmUa
ietZB9VPYOSnfBIy3lxZThlLTPxlbCTs4Ji2js32vtCn55eEg7OD+53YKwB81Nep
Qp2n8NhmR+vR8jpTtnm/IFLwwuECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSY/tUq
xB800kg0kizcVTohG/lHNjAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
MmIzZmFmMjgtZThiNy00ZTM5LTk5ZTQtZTNjYjY1NzdkYWZiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCABP8QA
MA0GCSqGSIb3DQEBCwUAA4IBAQB++jfC4M4O3DWwctF+ByIN2imz/qe+lrlLk5WE
19eOc7gA340q2QK81UFECPxRc390xnVRU+AB/ftuUL4eL/FnsS6qKuE25fZKeGie
qpzZXqT5mUMn6EaZ2Im2NjcQ6g4zmuQUo0tHQlHhmh8FtkvjPdmaBlbsuouMS+0F
oKIKk1xJqze7ucfu1ImlQ796cqj3o0OUNvJTfC5qPobrL7mNypacuo6+4zuJZk+K
7Fo76TqjjTmC70u5bcpbsjJgUkjPPWhvG4ssRs1EezEdMyeHFojIp8YjKGIV0IP/
hj23uUMULYnCUmoBnkTpA2f4Mll1PXUVYqpc2qnFqtOmTjIO
-----END CERTIFICATE-----
Generated at Sat Jun 28 23:56:24 2025 by rpki-client