Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/336f8390-241d-4b6f-9822-91232dc553f3.roa
File: 336f8390-241d-4b6f-9822-91232dc553f3.roa (raw, json)
Hash identifier: Ttd3UlnDuvPGLvNGXqjuEYj71M3iyQhpWHkhv4CbaQM=
Subject key identifier: BC:AE:77:9A:08:5D:B4:0F:FC:FD:4C:D8:A2:D4:94:3C:27:0B:A0:BD
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 73D16812BF46E14D0C7E72BFB0C76396695BE714
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/336f8390-241d-4b6f-9822-91232dc553f3.roa
Signing time: Fri 20 Jun 2025 00:20:24 +0000
ROA not before: Fri 20 Jun 2025 00:20:24 +0000
ROA not after: Fri 25 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc7:6800::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Jun 2025 00:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
73:d1:68:12:bf:46:e1:4d:0c:7e:72:bf:b0:c7:63:96:69:5b:e7:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Jun 20 00:20:24 2025 GMT
Not After : Jul 25 23:59:59 2025 GMT
Subject: serialNumber=2c6ae74f3698b422abb327d7620198e20f7ce8337d1b1a966aa847256c1a26b4, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:2a:e5:66:bf:56:8b:62:2b:0e:16:ef:a2:5a:
83:01:9f:47:fa:9f:6b:b9:0c:ea:0e:35:19:02:f2:
5b:32:9b:c1:6d:29:3d:26:33:eb:3b:88:03:fc:0f:
9c:be:16:c6:f7:bf:a6:49:04:4c:01:3a:06:fd:a1:
da:d5:96:15:84:c5:6e:d2:55:eb:c9:3b:ab:b1:85:
9d:d0:0c:f7:54:94:1b:45:f9:82:c8:24:3b:94:04:
8e:3d:58:98:6f:e1:f7:79:7a:89:55:5a:cc:07:4a:
25:fe:e7:51:87:35:cf:0c:90:a3:ea:ca:8e:ed:50:
4d:d3:5c:21:5b:87:7c:4f:d1:3b:c5:57:01:c0:1f:
4b:fe:7b:79:ad:e8:f4:3b:6e:04:18:d9:d4:01:c3:
a2:7e:f6:03:07:22:7d:d7:5d:f4:04:2c:99:9f:16:
da:0c:c7:c8:b2:41:a8:1f:c9:8b:dc:76:59:7e:4c:
ec:f8:61:30:3b:d4:51:e0:7f:4f:56:7f:96:32:d4:
7a:43:81:78:a1:1f:a9:00:8f:ff:e4:e6:96:e9:ad:
8e:21:70:c8:0b:fe:57:27:6d:60:c1:bb:a0:c9:00:
8b:7e:6e:a7:e0:2f:69:2c:5a:ea:00:4c:27:a0:96:
69:35:3c:3b:60:3d:6a:60:2d:e3:4e:f2:56:ef:25:
7e:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:AE:77:9A:08:5D:B4:0F:FC:FD:4C:D8:A2:D4:94:3C:27:0B:A0:BD
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/336f8390-241d-4b6f-9822-91232dc553f3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc7:6800::/40
Signature Algorithm: sha256WithRSAEncryption
84:32:36:d3:c4:f5:d8:0e:4a:0a:5c:98:5d:c6:45:95:36:2e:
e8:9d:47:b6:1f:b1:03:5e:ae:52:19:58:09:ab:97:8c:6b:96:
80:d6:f8:04:8b:ea:3b:cc:11:c5:1c:1d:04:a2:66:84:62:cb:
2e:6c:67:0b:29:75:10:70:32:8a:80:89:bd:7a:94:46:57:9b:
60:36:d1:d8:71:9e:a4:dc:b4:ff:76:7d:81:59:ef:ba:8d:43:
c7:64:5b:b6:b6:3e:51:3c:36:bd:f8:8c:2a:cc:aa:59:6c:c2:
05:aa:bf:2a:ac:21:e7:f4:4d:fa:43:17:1b:78:c4:81:1e:d1:
03:aa:1d:01:1d:01:52:45:30:37:49:84:a9:27:5d:9c:22:c6:
b6:0c:98:75:8a:65:34:8c:7b:db:b7:f2:0d:f0:8f:88:84:4b:
0d:eb:1f:40:ec:44:75:99:cd:03:15:00:ea:5c:09:ba:d7:fb:
a0:fb:4b:a6:6c:82:b9:dc:47:31:b8:a9:9f:71:79:5b:7e:a3:
f1:83:38:39:14:f9:45:2a:23:d6:61:e6:d5:44:bb:45:8a:33:
f5:a4:34:df:27:37:ce:41:1e:5e:34:e7:f4:30:a6:45:0c:8f:
6c:ba:a8:4f:37:c5:ec:8d:8d:01:d1:0c:87:01:80:62:60:85:
02:79:7c:9e
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUc9FoEr9G4U0MfnK/sMdjlmlb5xQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA2MjAwMDIwMjRaFw0yNTA3MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDJjNmFlNzRmMzY5OGI0MjJhYmIzMjdkNzYyMDE5OGUyMGY3Y2U4MzM3ZDFi
MWE5NjZhYTg0NzI1NmMxYTI2YjQxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANwq5Wa/VotiKw4W76JagwGfR/qfa7kM6g41GQLyWzKbwW0pPSYz6zuIA/wP
nL4Wxve/pkkETAE6Bv2h2tWWFYTFbtJV68k7q7GFndAM91SUG0X5gsgkO5QEjj1Y
mG/h93l6iVVazAdKJf7nUYc1zwyQo+rKju1QTdNcIVuHfE/RO8VXAcAfS/57ea3o
9DtuBBjZ1AHDon72Awcifddd9AQsmZ8W2gzHyLJBqB/Ji9x2WX5M7PhhMDvUUeB/
T1Z/ljLUekOBeKEfqQCP/+TmlumtjiFwyAv+VydtYMG7oMkAi35up+AvaSxa6gBM
J6CWaTU8O2A9amAt407yVu8lfpECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBS8rnea
CF20D/z9TNii1JQ8JwugvTAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
MzM2ZjgzOTAtMjQxZC00YjZmLTk4MjItOTEyMzJkYzU1M2YzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACABP8do
MA0GCSqGSIb3DQEBCwUAA4IBAQCEMjbTxPXYDkoKXJhdxkWVNi7onUe2H7EDXq5S
GVgJq5eMa5aA1vgEi+o7zBHFHB0EomaEYssubGcLKXUQcDKKgIm9epRGV5tgNtHY
cZ6k3LT/dn2BWe+6jUPHZFu2tj5RPDa9+IwqzKpZbMIFqr8qrCHn9E36QxcbeMSB
HtEDqh0BHQFSRTA3SYSpJ12cIsa2DJh1imU0jHvbt/IN8I+IhEsN6x9A7ER1mc0D
FQDqXAm61/ug+0umbIK53EcxuKmfcXlbfqPxgzg5FPlFKiPWYebVRLtFijP1pDTf
JzfOQR5eNOf0MKZFDI9suqhPN8XsjY0B0QyHAYBiYIUCeXye
-----END CERTIFICATE-----
Generated at Sun Jun 29 07:38:06 2025 by rpki-client