Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/42a75e81-4259-49a6-bdf2-3b7976817e78.roa
File: 42a75e81-4259-49a6-bdf2-3b7976817e78.roa (raw, json)
Hash identifier: yQtEwFYVTGL2jtJWKhzoie2Wui0IeQvSpZZrC8bvfRI=
Subject key identifier: AA:12:FB:EB:2D:C9:75:6B:EF:CE:5C:55:12:3D:CA:E0:31:45:FD:DE
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 11A7B294A618633E017EB85D46D22DE29626A1FC
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/42a75e81-4259-49a6-bdf2-3b7976817e78.roa
Signing time: Fri 20 Jun 2025 00:11:18 +0000
ROA not before: Fri 20 Jun 2025 00:11:18 +0000
ROA not after: Fri 25 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc3:5000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
11:a7:b2:94:a6:18:63:3e:01:7e:b8:5d:46:d2:2d:e2:96:26:a1:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Jun 20 00:11:18 2025 GMT
Not After : Jul 25 23:59:59 2025 GMT
Subject: serialNumber=4161113c9d4a7d571786f2cf77ebc6f7c996d57d36aa6f1e8f981740ccb48667, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:ae:16:77:4d:01:dd:71:95:63:75:e4:d2:cc:
7c:15:b9:7c:59:0e:0e:26:fc:0f:f0:58:cc:99:ee:
de:cb:f6:ce:30:e2:12:c4:bb:4e:7b:69:c5:d0:75:
51:68:db:02:96:76:47:63:76:c0:85:9c:38:64:56:
49:65:cb:fd:be:6a:e5:bd:ff:75:29:32:fc:d5:e0:
97:09:5e:30:81:25:44:3f:bb:93:66:94:bd:2f:77:
0f:85:3b:cb:c0:58:ea:be:e6:c6:2d:d5:d5:ad:b4:
52:1c:06:cc:3b:16:25:81:f7:12:ad:bf:4f:ff:ac:
d4:bf:5e:d1:db:a1:7e:fd:c1:51:2e:b3:ef:7a:a4:
34:12:f8:ac:18:ab:2b:4e:75:a3:22:92:6e:08:51:
24:7f:36:55:60:1e:c1:ed:f7:df:7a:79:a3:c6:d2:
55:01:ce:9f:87:18:e8:92:4e:16:cb:b8:10:dd:ee:
e8:37:45:12:08:09:fe:57:09:0b:49:a8:6e:1a:8a:
cf:48:cf:57:47:39:a6:4f:8a:65:39:ad:88:6e:ed:
1b:f3:84:80:1f:79:0d:c5:94:01:7a:34:86:e9:26:
1f:f5:b9:8e:39:71:3e:e7:7e:62:b4:50:c3:f9:0a:
11:81:05:0d:42:68:fc:d3:98:10:eb:13:fd:d8:c1:
ef:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:12:FB:EB:2D:C9:75:6B:EF:CE:5C:55:12:3D:CA:E0:31:45:FD:DE
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/42a75e81-4259-49a6-bdf2-3b7976817e78.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc3:5000::/36
Signature Algorithm: sha256WithRSAEncryption
84:63:97:92:e1:d2:03:7d:77:7e:4c:c5:8e:71:b5:ca:7e:80:
a5:17:89:c8:65:4d:23:3a:2a:39:5d:69:38:6a:4b:d9:c9:64:
94:57:7b:35:1b:68:e4:ce:a1:cd:23:77:8b:e4:70:3e:fd:31:
d5:3e:61:1f:71:fb:95:9c:f3:9f:ce:df:b5:9d:36:01:42:14:
ca:1b:b2:e9:d5:05:79:9a:09:bd:72:44:c2:60:08:b2:1e:1c:
56:2e:5e:13:48:da:f3:7a:b2:b1:02:4c:37:86:45:a9:62:1b:
d1:2e:26:9c:49:72:44:29:60:9a:ff:f4:b9:3c:06:da:57:dc:
10:8b:24:f0:0c:e5:d4:6d:54:1e:f8:6c:d8:2a:84:95:bb:46:
55:b8:08:f9:e4:18:fc:9d:4b:c4:fe:67:2b:8c:eb:c0:ec:4f:
9d:85:b1:ec:72:05:80:69:0a:31:bb:1c:5c:7f:ba:e4:d4:11:
a0:db:07:b8:03:c5:c0:f8:77:e3:44:c0:25:a0:be:79:32:ca:
b8:d8:b4:cb:c6:5a:96:c9:50:93:68:c2:30:55:a2:32:51:68:
26:d5:91:99:fb:db:aa:56:8a:98:89:7d:33:e7:39:c5:a6:9b:
b2:f2:96:12:2a:d2:75:60:bb:9a:55:71:68:7e:6e:8c:83:a3:
17:0f:fa:d5
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUEaeylKYYYz4BfrhdRtIt4pYmofwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA2MjAwMDExMThaFw0yNTA3MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDQxNjExMTNjOWQ0YTdkNTcxNzg2ZjJjZjc3ZWJjNmY3Yzk5NmQ1N2QzNmFh
NmYxZThmOTgxNzQwY2NiNDg2NjcxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL2uFndNAd1xlWN15NLMfBW5fFkODib8D/BYzJnu3sv2zjDiEsS7TntpxdB1
UWjbApZ2R2N2wIWcOGRWSWXL/b5q5b3/dSky/NXglwleMIElRD+7k2aUvS93D4U7
y8BY6r7mxi3V1a20UhwGzDsWJYH3Eq2/T/+s1L9e0duhfv3BUS6z73qkNBL4rBir
K051oyKSbghRJH82VWAewe3333p5o8bSVQHOn4cY6JJOFsu4EN3u6DdFEggJ/lcJ
C0mobhqKz0jPV0c5pk+KZTmtiG7tG/OEgB95DcWUAXo0hukmH/W5jjlxPud+YrRQ
w/kKEYEFDUJo/NOYEOsT/djB7/cCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSqEvvr
Lcl1a+/OXFUSPcrgMUX93jAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
NDJhNzVlODEtNDI1OS00OWE2LWJkZjItM2I3OTc2ODE3ZTc4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCABP8NQ
MA0GCSqGSIb3DQEBCwUAA4IBAQCEY5eS4dIDfXd+TMWOcbXKfoClF4nIZU0jOio5
XWk4akvZyWSUV3s1G2jkzqHNI3eL5HA+/THVPmEfcfuVnPOfzt+1nTYBQhTKG7Lp
1QV5mgm9ckTCYAiyHhxWLl4TSNrzerKxAkw3hkWpYhvRLiacSXJEKWCa//S5PAba
V9wQiyTwDOXUbVQe+GzYKoSVu0ZVuAj55Bj8nUvE/mcrjOvA7E+dhbHscgWAaQox
uxxcf7rk1BGg2we4A8XA+HfjRMAloL55Msq42LTLxlqWyVCTaMIwVaIyUWgm1ZGZ
+9uqVoqYiX0z5znFppuy8pYSKtJ1YLuaVXFofm6Mg6MXD/rV
-----END CERTIFICATE-----
Generated at Sun Jun 29 03:07:13 2025 by rpki-client