Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/3b361956-44bc-47e7-9213-cd7854c555f8.roa
File: 3b361956-44bc-47e7-9213-cd7854c555f8.roa (raw, json)
Hash identifier: 1zX/y3KpTY5iY4/AJPGWUBLRaC5qE0wEV5or4jRLGOM=
Subject key identifier: D9:0E:E7:49:DB:4F:FE:9E:89:87:8D:17:E3:58:81:39:A2:39:EA:8D
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 5A90BB0836FB456F0253C3C27DF1F32F3649F1C7
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/3b361956-44bc-47e7-9213-cd7854c555f8.roa
Signing time: Fri 20 Jun 2025 00:20:28 +0000
ROA not before: Fri 20 Jun 2025 00:20:28 +0000
ROA not after: Fri 25 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc7:4000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5a:90:bb:08:36:fb:45:6f:02:53:c3:c2:7d:f1:f3:2f:36:49:f1:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Jun 20 00:20:28 2025 GMT
Not After : Jul 25 23:59:59 2025 GMT
Subject: serialNumber=b4f7d5db6a64615d9df3d369dd008e2a7fcfb163baf92f612f871b57ae4678e8, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:8c:ad:d7:ab:90:c6:e1:a5:e8:ff:0a:4f:b8:
c3:07:0c:e2:a8:47:af:a5:d5:6f:f4:bc:b3:06:6a:
f0:4e:f1:b2:04:a5:aa:31:4e:f0:07:0f:91:00:85:
c2:14:b1:39:ea:79:93:40:83:86:e7:97:29:3a:82:
2f:e2:6d:b7:c8:ae:47:78:53:7d:b7:e4:09:f4:80:
5f:54:fc:ac:80:a8:b2:8d:0d:16:24:e1:f8:c2:93:
66:96:91:74:7b:d3:29:01:b2:a3:ef:87:35:0e:f2:
d2:e0:f2:f0:cd:6c:88:3b:39:8a:ab:69:6c:37:4a:
1c:50:14:dd:a0:9d:7c:72:ff:ac:cf:dc:c8:31:77:
d7:49:76:39:74:e8:41:8b:75:89:4c:f1:63:5a:ee:
9e:36:cf:ea:7c:49:c3:9c:5f:2c:76:3e:47:4d:a2:
47:6b:b0:81:ab:35:7f:e5:85:61:21:10:61:99:a1:
fd:43:8d:57:66:80:01:ae:79:89:de:71:aa:6d:a4:
45:41:9f:12:5a:09:97:97:f0:e6:40:6d:a4:05:58:
09:09:63:81:1b:b7:e5:3a:e7:43:43:47:7e:97:80:
df:c5:b7:7f:83:1c:d0:3a:c3:92:8b:f6:01:e2:67:
ed:43:e8:c8:50:73:4f:f6:71:75:a3:b0:a9:bf:1b:
f9:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:0E:E7:49:DB:4F:FE:9E:89:87:8D:17:E3:58:81:39:A2:39:EA:8D
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/3b361956-44bc-47e7-9213-cd7854c555f8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc7:4000::/36
Signature Algorithm: sha256WithRSAEncryption
36:4c:c3:72:1c:48:cc:fd:f9:45:09:44:a8:bb:58:fe:ec:b1:
ac:ee:17:3c:b4:bf:5c:a4:44:78:41:1f:9e:8e:c4:e2:03:6a:
18:8e:58:0a:5f:0d:ca:da:d6:7c:dc:56:82:50:39:46:34:a3:
a9:2d:89:80:4a:4b:af:f9:4d:f6:83:4e:b3:b7:47:17:d6:42:
0e:be:f3:9f:0f:db:a9:6d:92:63:b9:5b:6f:14:ea:bf:d6:8a:
4f:72:5f:82:e9:5f:67:48:a1:e8:4c:e8:e0:63:1f:77:d5:de:
8f:e8:1a:a1:b9:e1:e4:dd:21:3d:04:1b:89:48:8f:43:d0:a8:
5b:9c:f8:60:9f:88:f8:75:2c:18:43:0e:d1:90:fb:1c:41:42:
83:38:d1:90:93:29:05:ba:5b:0a:38:0b:89:d6:65:78:26:b3:
7d:52:93:86:e1:f9:77:8b:47:72:ee:dc:d7:37:cb:b7:08:90:
2d:76:08:41:96:46:ca:06:d1:80:78:e7:a1:35:cc:22:b9:a6:
a8:e7:b9:c1:9c:53:e6:e2:79:6e:12:8a:4b:80:f9:e7:cf:10:
42:18:63:ca:0c:63:fd:94:4c:01:f6:45:90:4f:fc:28:e9:83:
f2:c7:f0:60:c0:c9:5e:94:be:a3:aa:78:15:a1:be:5a:30:c7:
ca:dc:9b:05
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUWpC7CDb7RW8CU8PCffHzLzZJ8ccwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA2MjAwMDIwMjhaFw0yNTA3MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQGI0ZjdkNWRiNmE2NDYxNWQ5ZGYzZDM2OWRkMDA4ZTJhN2ZjZmIxNjNiYWY5
MmY2MTJmODcxYjU3YWU0Njc4ZTgxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOqMrderkMbhpej/Ck+4wwcM4qhHr6XVb/S8swZq8E7xsgSlqjFO8AcPkQCF
whSxOep5k0CDhueXKTqCL+Jtt8iuR3hTfbfkCfSAX1T8rICoso0NFiTh+MKTZpaR
dHvTKQGyo++HNQ7y0uDy8M1siDs5iqtpbDdKHFAU3aCdfHL/rM/cyDF310l2OXTo
QYt1iUzxY1runjbP6nxJw5xfLHY+R02iR2uwgas1f+WFYSEQYZmh/UONV2aAAa55
id5xqm2kRUGfEloJl5fw5kBtpAVYCQljgRu35TrnQ0NHfpeA38W3f4Mc0DrDkov2
AeJn7UPoyFBzT/ZxdaOwqb8b+QcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTZDudJ
20/+nomHjRfjWIE5ojnqjTAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
M2IzNjE5NTYtNDRiYy00N2U3LTkyMTMtY2Q3ODU0YzU1NWY4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCABP8dA
MA0GCSqGSIb3DQEBCwUAA4IBAQA2TMNyHEjM/flFCUSou1j+7LGs7hc8tL9cpER4
QR+ejsTiA2oYjlgKXw3K2tZ83FaCUDlGNKOpLYmASkuv+U32g06zt0cX1kIOvvOf
D9upbZJjuVtvFOq/1opPcl+C6V9nSKHoTOjgYx931d6P6BqhueHk3SE9BBuJSI9D
0KhbnPhgn4j4dSwYQw7RkPscQUKDONGQkykFulsKOAuJ1mV4JrN9UpOG4fl3i0dy
7tzXN8u3CJAtdghBlkbKBtGAeOehNcwiuaao57nBnFPm4nluEopLgPnnzxBCGGPK
DGP9lEwB9kWQT/wo6YPyx/BgwMlelL6jqngVob5aMMfK3JsF
-----END CERTIFICATE-----
Generated at Sun Jun 29 03:18:39 2025 by rpki-client