Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/40f9b1f2-5ad7-442e-b02a-156712d4fa19.roa
File: 40f9b1f2-5ad7-442e-b02a-156712d4fa19.roa (raw, json)
Hash identifier: avrvPrEwDcpiDwrIg1og4gAv6i/sglWmx6ZoCIANMZc=
Subject key identifier: B0:1B:D1:5A:E6:9E:82:41:7C:D1:C6:F5:EE:49:85:C6:27:B4:2A:0E
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 2F00985D9AC0ABF41A348E0196E45C6C374A349A
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/40f9b1f2-5ad7-442e-b02a-156712d4fa19.roa
Signing time: Fri 20 Jun 2025 00:11:28 +0000
ROA not before: Fri 20 Jun 2025 00:11:28 +0000
ROA not after: Fri 25 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc7:5000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2f:00:98:5d:9a:c0:ab:f4:1a:34:8e:01:96:e4:5c:6c:37:4a:34:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Jun 20 00:11:28 2025 GMT
Not After : Jul 25 23:59:59 2025 GMT
Subject: serialNumber=45b83f84959db8443bbe0ddbc1dff8861096f141af2667878e869d4328cfaee2, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:d6:d7:bd:92:fd:a5:de:b6:0d:7f:1b:8b:8c:
6d:99:de:c4:88:0e:0f:32:03:d5:0b:20:e7:de:5a:
b5:7f:38:36:8b:7b:12:af:90:cc:93:e3:ee:91:eb:
a4:3c:82:93:db:70:4d:ee:95:13:9c:b5:bb:40:43:
a1:26:d8:41:c7:11:fe:52:e0:08:ce:3b:49:1c:23:
01:48:3e:be:06:31:ea:0f:18:90:46:a5:93:4d:d9:
ae:2d:f8:54:bd:0a:1a:85:07:50:ac:e4:62:c6:f4:
90:4a:e6:91:12:6e:fb:3d:1a:b5:96:51:73:b8:59:
6c:01:62:ce:6e:da:f5:e2:28:68:ad:0c:d8:b4:5d:
14:4a:87:6c:8e:e0:fb:57:3d:98:33:b3:49:c0:f9:
79:78:4e:95:8c:12:78:0c:e2:7f:d0:9e:dd:58:46:
fc:74:63:c0:8b:e7:69:e0:a9:88:74:d2:41:9a:5b:
b3:3f:ec:51:57:b4:c9:da:f8:51:ca:29:38:ca:bc:
ad:39:ae:e8:5f:53:83:ea:10:22:4e:0e:ad:51:06:
16:98:37:a0:11:8f:61:c1:55:bb:61:bb:63:bc:bd:
15:6e:fb:85:77:cb:10:5c:1c:24:e3:d9:85:28:7a:
43:36:6e:40:c0:e9:d4:17:67:f7:45:20:b3:34:20:
52:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:1B:D1:5A:E6:9E:82:41:7C:D1:C6:F5:EE:49:85:C6:27:B4:2A:0E
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/40f9b1f2-5ad7-442e-b02a-156712d4fa19.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc7:5000::/36
Signature Algorithm: sha256WithRSAEncryption
42:95:fd:dc:c9:8d:0e:34:cc:8d:7e:10:dd:08:54:f6:1c:9f:
61:c4:3d:b2:29:24:d6:a3:77:25:81:c9:d8:85:13:b0:d0:e6:
0a:6f:a1:33:33:b7:30:56:36:6b:82:23:d6:ab:aa:4e:34:3a:
99:3c:a6:ae:90:bb:25:ce:da:06:86:36:f0:a9:bc:59:7f:9c:
f2:da:04:62:9d:58:23:94:4e:3d:84:5b:77:15:60:62:82:5b:
80:e0:b1:95:01:99:8a:68:2a:92:45:15:9b:3f:be:01:b5:ec:
b9:43:62:b8:3c:b4:4c:6a:03:d1:ea:3f:c4:7b:d9:ff:90:f8:
84:ab:a1:e0:18:d3:10:41:1c:67:2d:90:46:ce:98:dc:08:e1:
28:35:84:0c:87:71:e2:5b:bc:41:09:64:87:28:4f:bc:ff:8e:
db:e0:49:6e:22:e6:6d:44:41:9a:a2:d0:d2:cb:ec:3d:14:6d:
59:6a:b8:74:6a:c6:3c:e3:eb:1d:f6:a2:88:19:1e:0c:5a:7d:
4a:78:ee:f1:73:50:28:08:28:ae:4c:79:6d:1d:42:e3:e5:a8:
f2:63:ea:2e:fd:1d:f7:b0:89:33:21:16:d5:c5:bc:f9:28:74:
2a:33:26:13:6b:c4:d2:91:42:8d:6a:3d:bc:d3:64:fc:51:da:
45:0b:83:e2
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIULwCYXZrAq/QaNI4BluRcbDdKNJowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA2MjAwMDExMjhaFw0yNTA3MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDQ1YjgzZjg0OTU5ZGI4NDQzYmJlMGRkYmMxZGZmODg2MTA5NmYxNDFhZjI2
Njc4NzhlODY5ZDQzMjhjZmFlZTIxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKnW172S/aXetg1/G4uMbZnexIgODzID1Qsg595atX84Not7Eq+QzJPj7pHr
pDyCk9twTe6VE5y1u0BDoSbYQccR/lLgCM47SRwjAUg+vgYx6g8YkEalk03Zri34
VL0KGoUHUKzkYsb0kErmkRJu+z0atZZRc7hZbAFizm7a9eIoaK0M2LRdFEqHbI7g
+1c9mDOzScD5eXhOlYwSeAzif9Ce3VhG/HRjwIvnaeCpiHTSQZpbsz/sUVe0ydr4
UcopOMq8rTmu6F9Tg+oQIk4OrVEGFpg3oBGPYcFVu2G7Y7y9FW77hXfLEFwcJOPZ
hSh6QzZuQMDp1Bdn90UgszQgUpsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSwG9Fa
5p6CQXzRxvXuSYXGJ7QqDjAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
NDBmOWIxZjItNWFkNy00NDJlLWIwMmEtMTU2NzEyZDRmYTE5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCABP8dQ
MA0GCSqGSIb3DQEBCwUAA4IBAQBClf3cyY0ONMyNfhDdCFT2HJ9hxD2yKSTWo3cl
gcnYhROw0OYKb6EzM7cwVjZrgiPWq6pONDqZPKaukLslztoGhjbwqbxZf5zy2gRi
nVgjlE49hFt3FWBigluA4LGVAZmKaCqSRRWbP74Btey5Q2K4PLRMagPR6j/Ee9n/
kPiEq6HgGNMQQRxnLZBGzpjcCOEoNYQMh3HiW7xBCWSHKE+8/47b4EluIuZtREGa
otDSy+w9FG1Zarh0asY84+sd9qKIGR4MWn1KeO7xc1AoCCiuTHltHULj5ajyY+ou
/R33sIkzIRbVxbz5KHQqMyYTa8TSkUKNaj2802T8UdpFC4Pi
-----END CERTIFICATE-----
Generated at Sun Jun 29 05:10:04 2025 by rpki-client