Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/3710654a-38ee-4fc2-8f68-9612ab45bbc3.roa
File: 3710654a-38ee-4fc2-8f68-9612ab45bbc3.roa (raw, json)
Hash identifier: hv3Ejvyd81+XT/drrnkgmiZ5SoZR2FEW1jyMgb4wLsU=
Subject key identifier: 9D:B9:E5:F7:33:13:DC:91:3B:07:9B:8B:0F:23:CF:DB:6B:BD:DF:D3
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 380204F1888F20FE8DDC5EBD624C33BFA011A197
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/3710654a-38ee-4fc2-8f68-9612ab45bbc3.roa
Signing time: Fri 20 Jun 2025 00:11:17 +0000
ROA not before: Fri 20 Jun 2025 00:11:17 +0000
ROA not after: Fri 25 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc3:5840::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
38:02:04:f1:88:8f:20:fe:8d:dc:5e:bd:62:4c:33:bf:a0:11:a1:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Jun 20 00:11:17 2025 GMT
Not After : Jul 25 23:59:59 2025 GMT
Subject: serialNumber=732c4679522262a99ede9013aa2a77ec98b22e5262a2618913d723a2c814f470, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:1b:a4:c7:e7:71:13:0b:88:21:ac:9d:a1:35:
19:f6:61:53:5f:c7:cc:44:70:c2:13:3f:c4:83:1b:
6a:f0:d2:c4:7d:d8:a3:86:17:c1:0b:32:1d:09:66:
71:8c:fd:8c:cc:97:00:26:70:f9:f9:19:db:50:01:
88:0a:23:d3:18:57:36:26:b0:3f:53:83:ff:68:0e:
f4:c1:1d:5d:a6:74:2a:d1:a2:b8:98:d8:ac:a4:b1:
a7:59:6a:1c:c5:5a:8a:38:6f:90:52:23:51:35:65:
ae:5e:11:7c:50:c8:b7:ba:c8:f0:d3:3d:a8:70:3c:
cf:49:26:a3:f1:82:14:2a:97:6c:e4:60:a7:1d:9d:
eb:6c:37:40:58:05:4a:bf:d2:c0:95:4f:4c:c5:aa:
65:72:12:04:3a:bc:3e:19:75:b7:46:91:0d:df:3c:
96:92:34:a0:39:6e:a9:d4:73:8f:3c:b5:54:8c:11:
58:8b:22:e8:7a:0b:02:ad:93:e3:de:fb:36:2a:32:
06:48:be:1d:fe:49:17:32:be:a3:5a:a5:7e:8a:46:
9d:7a:ba:3b:6d:9b:b5:d0:e9:84:e4:1c:af:af:54:
12:ed:05:55:74:78:60:41:5d:8f:68:61:87:47:90:
6e:70:8c:a1:e3:36:08:da:63:24:9d:fa:dd:04:e3:
73:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:B9:E5:F7:33:13:DC:91:3B:07:9B:8B:0F:23:CF:DB:6B:BD:DF:D3
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/3710654a-38ee-4fc2-8f68-9612ab45bbc3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc3:5840::/46
Signature Algorithm: sha256WithRSAEncryption
96:6a:fc:05:ad:16:89:09:1f:c1:18:00:70:a4:e3:1a:5a:57:
b4:04:87:a3:76:8f:e7:0b:bb:af:7a:ba:a3:7a:91:9c:c6:ca:
4b:4d:66:ae:52:23:b1:ed:db:2d:d3:9e:cb:ea:69:ff:61:97:
7f:6f:ca:62:88:21:6a:1a:15:2e:31:ea:73:1c:cc:e6:b0:d6:
f3:a8:83:ec:af:0c:19:1a:8b:eb:a5:b3:f6:c3:e4:00:60:da:
be:b7:a3:f5:d9:0c:40:a1:d8:cc:e9:73:4a:e8:6c:55:0e:3c:
a7:ed:8d:e0:51:db:71:41:2b:50:3d:35:71:f5:fe:b6:59:1f:
dd:db:9a:29:1b:38:9f:e7:3e:4f:7e:8d:34:f8:1e:a0:c1:af:
65:92:da:f9:cb:e9:79:f9:66:aa:3c:e7:93:ea:ed:75:fa:cd:
ba:46:31:ad:07:d7:44:0a:f8:89:1d:df:10:97:d7:51:42:80:
9d:97:f0:67:81:eb:32:5b:66:e3:05:1b:86:40:ac:06:7e:52:
6f:22:3f:c3:b5:1f:f8:d0:17:15:30:97:99:2c:62:85:8a:4c:
7c:d6:4f:38:64:aa:53:47:c3:85:1d:7d:99:c6:a2:b2:0a:ae:
15:57:2c:a2:ae:0a:e9:f8:8f:7d:ae:36:d1:f7:fe:94:9e:03:
d4:cf:0f:b0
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUOAIE8YiPIP6N3F69Ykwzv6ARoZcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA2MjAwMDExMTdaFw0yNTA3MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDczMmM0Njc5NTIyMjYyYTk5ZWRlOTAxM2FhMmE3N2VjOThiMjJlNTI2MmEy
NjE4OTEzZDcyM2EyYzgxNGY0NzAxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAI8bpMfncRMLiCGsnaE1GfZhU1/HzERwwhM/xIMbavDSxH3Yo4YXwQsyHQlm
cYz9jMyXACZw+fkZ21ABiAoj0xhXNiawP1OD/2gO9MEdXaZ0KtGiuJjYrKSxp1lq
HMVaijhvkFIjUTVlrl4RfFDIt7rI8NM9qHA8z0kmo/GCFCqXbORgpx2d62w3QFgF
Sr/SwJVPTMWqZXISBDq8Phl1t0aRDd88lpI0oDluqdRzjzy1VIwRWIsi6HoLAq2T
4977NioyBki+Hf5JFzK+o1qlfopGnXq6O22btdDphOQcr69UEu0FVXR4YEFdj2hh
h0eQbnCMoeM2CNpjJJ363QTjcx0CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSdueX3
MxPckTsHm4sPI8/ba73f0zAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
MzcxMDY1NGEtMzhlZS00ZmMyLThmNjgtOTYxMmFiNDViYmMzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAiABP8NY
QDANBgkqhkiG9w0BAQsFAAOCAQEAlmr8Ba0WiQkfwRgAcKTjGlpXtASHo3aP5wu7
r3q6o3qRnMbKS01mrlIjse3bLdOey+pp/2GXf2/KYoghahoVLjHqcxzM5rDW86iD
7K8MGRqL66Wz9sPkAGDavrej9dkMQKHYzOlzSuhsVQ48p+2N4FHbcUErUD01cfX+
tlkf3duaKRs4n+c+T36NNPgeoMGvZZLa+cvpeflmqjznk+rtdfrNukYxrQfXRAr4
iR3fEJfXUUKAnZfwZ4HrMltm4wUbhkCsBn5SbyI/w7Uf+NAXFTCXmSxihYpMfNZP
OGSqU0fDhR19mcaisgquFVcsoq4K6fiPfa420ff+lJ4D1M8PsA==
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:22:43 2025 by rpki-client