Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/3e9ca5f6-88cd-4fa7-8ab6-a2d678013349.roa
File: 3e9ca5f6-88cd-4fa7-8ab6-a2d678013349.roa (raw, json)
Hash identifier: l8k8ob8RYEG8CFiTwAoI6QSNTl1TgFX1fmv+f5u1GjY=
Subject key identifier: 55:E4:03:C5:3A:84:E6:EB:FF:D3:FD:CF:D1:78:50:AA:99:56:E0:12
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 5CA2B8247263663003453589AC1DBDB7B674214C
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/3e9ca5f6-88cd-4fa7-8ab6-a2d678013349.roa
Signing time: Fri 20 Jun 2025 00:11:29 +0000
ROA not before: Fri 20 Jun 2025 00:11:29 +0000
ROA not after: Fri 25 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc7:2800::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5c:a2:b8:24:72:63:66:30:03:45:35:89:ac:1d:bd:b7:b6:74:21:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Jun 20 00:11:29 2025 GMT
Not After : Jul 25 23:59:59 2025 GMT
Subject: serialNumber=129fd7c7b2b3b85e88dc6d2be773265c91f41e1f78a3d6b0a30c0579c6c29756, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:6c:03:2b:7c:3d:e0:9a:5c:00:95:7f:92:95:
4c:05:2e:f0:d2:8c:57:5b:4c:5e:a0:17:1f:40:19:
e1:d3:c1:94:62:7b:f5:41:13:83:2a:2a:72:2f:43:
d7:7b:b2:59:4e:e0:3d:80:9e:a7:0f:43:74:a1:bd:
65:72:76:6c:81:9a:43:23:46:f9:55:4f:62:76:60:
00:0f:bb:ca:8e:8e:18:62:2a:95:3b:70:9a:ed:4f:
3e:d1:e8:71:8d:98:43:44:04:f5:0f:50:e2:66:66:
37:23:2e:61:16:9a:e4:d4:ca:fb:46:7f:3a:26:23:
82:75:cf:05:ca:e9:1e:92:0e:00:6c:50:2f:8a:97:
65:e6:f0:8c:66:a5:b3:bb:ca:08:71:a3:14:d1:b6:
54:cc:ea:d6:39:21:7e:fc:87:e5:de:6e:11:fb:8d:
7d:a7:09:a2:df:c2:3c:03:65:2c:d4:08:0e:1f:df:
88:93:9a:00:06:95:35:3d:2b:f5:44:01:4c:f1:78:
03:b5:ff:d1:e9:cb:54:6c:7a:5a:7e:a1:57:a4:75:
2a:35:d5:f9:a0:7a:5c:e8:16:61:e8:cd:94:1b:d1:
fa:09:d8:84:f3:3f:b2:1b:76:4f:c0:72:37:5b:b4:
2a:b1:b7:10:14:7e:0e:ba:8a:df:07:fa:f0:0f:8e:
04:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:E4:03:C5:3A:84:E6:EB:FF:D3:FD:CF:D1:78:50:AA:99:56:E0:12
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/3e9ca5f6-88cd-4fa7-8ab6-a2d678013349.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc7:2800::/40
Signature Algorithm: sha256WithRSAEncryption
97:15:9f:4a:4e:30:70:4e:2b:9c:17:a1:95:8b:fd:a5:8c:f6:
00:58:ce:b1:a3:83:bf:ba:56:5d:10:66:9d:fc:ac:74:1d:99:
e8:31:26:42:77:03:f2:76:89:52:07:5b:ab:63:00:9e:d2:cb:
b0:96:d4:76:ed:91:97:b6:62:62:e4:2e:1c:9b:0f:93:0b:8c:
c0:e8:48:ac:97:68:a8:a5:bd:7d:18:5f:bb:b7:37:14:5f:bc:
53:30:a4:0e:43:f4:6c:de:d3:9b:68:06:c1:7e:7e:c9:73:f9:
51:39:93:5e:d1:74:d4:28:49:a0:07:ee:40:b9:22:e1:e1:21:
4f:8e:66:da:c9:7b:16:bd:b3:c3:f8:2b:22:30:74:36:4e:0a:
5f:00:e2:18:4d:44:4f:d5:a3:d8:a7:18:37:72:6d:80:ad:e2:
9c:f6:af:53:3e:45:7f:c1:b3:c5:c0:9b:a5:62:3c:84:f6:f4:
6f:e2:3d:64:50:58:9d:89:5a:4e:71:5d:b4:c5:5c:37:61:3b:
39:32:37:b3:cd:91:28:dc:a7:19:75:3c:23:46:b2:79:9f:88:
08:9e:6c:19:91:23:50:ec:00:50:e9:f3:d9:d4:5f:af:a6:07:
56:49:a5:ed:58:89:ad:a9:9c:e5:1a:f4:24:74:95:38:19:39:
22:82:8a:37
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUXKK4JHJjZjADRTWJrB29t7Z0IUwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA2MjAwMDExMjlaFw0yNTA3MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDEyOWZkN2M3YjJiM2I4NWU4OGRjNmQyYmU3NzMyNjVjOTFmNDFlMWY3OGEz
ZDZiMGEzMGMwNTc5YzZjMjk3NTYxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMVsAyt8PeCaXACVf5KVTAUu8NKMV1tMXqAXH0AZ4dPBlGJ79UETgyoqci9D
13uyWU7gPYCepw9DdKG9ZXJ2bIGaQyNG+VVPYnZgAA+7yo6OGGIqlTtwmu1PPtHo
cY2YQ0QE9Q9Q4mZmNyMuYRaa5NTK+0Z/OiYjgnXPBcrpHpIOAGxQL4qXZebwjGal
s7vKCHGjFNG2VMzq1jkhfvyH5d5uEfuNfacJot/CPANlLNQIDh/fiJOaAAaVNT0r
9UQBTPF4A7X/0enLVGx6Wn6hV6R1KjXV+aB6XOgWYejNlBvR+gnYhPM/sht2T8By
N1u0KrG3EBR+DrqK3wf68A+OBNUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRV5APF
OoTm6//T/c/ReFCqmVbgEjAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
M2U5Y2E1ZjYtODhjZC00ZmE3LThhYjYtYTJkNjc4MDEzMzQ5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACABP8co
MA0GCSqGSIb3DQEBCwUAA4IBAQCXFZ9KTjBwTiucF6GVi/2ljPYAWM6xo4O/ulZd
EGad/Kx0HZnoMSZCdwPydolSB1urYwCe0suwltR27ZGXtmJi5C4cmw+TC4zA6Eis
l2iopb19GF+7tzcUX7xTMKQOQ/Rs3tObaAbBfn7Jc/lROZNe0XTUKEmgB+5AuSLh
4SFPjmbayXsWvbPD+CsiMHQ2TgpfAOIYTURP1aPYpxg3cm2AreKc9q9TPkV/wbPF
wJulYjyE9vRv4j1kUFidiVpOcV20xVw3YTs5MjezzZEo3KcZdTwjRrJ5n4gInmwZ
kSNQ7ABQ6fPZ1F+vpgdWSaXtWImtqZzlGvQkdJU4GTkigoo3
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:59:58 2025 by rpki-client