Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/4318c3f0-c6a7-430c-bfad-645d9ad814d0.roa
File: 4318c3f0-c6a7-430c-bfad-645d9ad814d0.roa (raw, json)
Hash identifier: LsoXsmSaLKhedbwaib8LO0HXobhVHFqelpFcjeupc4E=
Subject key identifier: 1D:BD:5D:52:CF:43:6A:7D:7F:FB:54:93:90:2A:2D:40:43:62:DC:5C
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 7E3B699CE8F2F7626AC6483C6296D0839C780DB0
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/4318c3f0-c6a7-430c-bfad-645d9ad814d0.roa
Signing time: Fri 20 Jun 2025 00:21:00 +0000
ROA not before: Fri 20 Jun 2025 00:21:00 +0000
ROA not after: Fri 25 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc2:8000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7e:3b:69:9c:e8:f2:f7:62:6a:c6:48:3c:62:96:d0:83:9c:78:0d:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Jun 20 00:21:00 2025 GMT
Not After : Jul 25 23:59:59 2025 GMT
Subject: serialNumber=17c24469cec00adcaf1fe1dea3f5972a2af3d95df7db464a61afa5af072fcda9, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:a7:d3:3b:85:cf:ac:33:63:3a:25:c6:c4:b4:
61:3c:0d:3d:13:75:d9:8d:67:f6:70:1b:b8:54:4f:
f8:f5:81:80:42:68:59:7f:c7:4d:92:d3:c7:bf:59:
04:c4:21:1d:22:a5:f0:8d:a8:7a:a5:63:7a:b9:cf:
0c:18:5f:2a:13:57:92:bc:85:37:98:a2:6a:8c:ca:
a5:c3:98:01:b3:f8:2b:86:89:cb:f8:66:8e:47:0a:
05:a0:e8:3d:22:29:f5:4c:9f:d8:c5:a3:bd:dc:f0:
32:60:14:a7:13:ad:1a:c3:5f:37:2e:84:9c:27:53:
e1:61:fd:66:b8:e3:4d:c3:bb:61:51:32:c1:ea:1c:
ae:1f:08:06:5f:3e:eb:27:cb:d2:4f:9e:75:da:d1:
0c:cb:29:f0:10:3c:7f:9e:02:eb:cb:94:15:a3:36:
18:a3:2b:21:0d:42:1f:45:ea:a0:87:db:a8:9b:1d:
b4:e4:71:38:8b:44:6c:bd:3e:da:b4:0b:ec:b8:4f:
15:a4:1d:cb:f6:8b:83:56:42:c4:74:e8:a1:89:3c:
45:77:73:71:36:fc:c9:59:41:ad:89:f1:d1:e5:83:
dc:70:d4:3c:23:5d:9d:fe:64:59:cf:75:66:9c:30:
b7:9c:29:c4:bb:40:17:d6:9d:33:2a:d7:0c:14:22:
2a:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:BD:5D:52:CF:43:6A:7D:7F:FB:54:93:90:2A:2D:40:43:62:DC:5C
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/4318c3f0-c6a7-430c-bfad-645d9ad814d0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc2:8000::/36
Signature Algorithm: sha256WithRSAEncryption
75:3c:4c:62:d5:b9:b3:c8:48:f9:5b:20:8e:6c:e4:eb:98:af:
d1:bf:ae:75:1c:23:4c:69:1a:94:c6:8e:d6:95:ed:8d:27:7b:
0d:17:53:01:de:9e:cf:fa:1e:15:ef:b9:d7:51:37:3a:cf:8d:
0c:23:78:72:19:09:f4:85:c4:ca:86:44:09:e6:31:d7:af:e0:
51:1d:c8:4a:3f:47:a9:3f:92:40:12:b6:b0:64:49:10:af:17:
58:af:cb:d7:ce:6b:58:87:96:02:6d:49:fe:1b:44:7b:25:9f:
15:e4:b8:d5:df:0d:4a:ae:3c:64:d0:70:8d:6f:55:aa:1f:02:
79:1e:47:a8:cd:93:63:84:5f:03:80:e9:ee:33:4d:7e:d1:88:
cf:82:ce:01:67:dd:56:f2:0b:a9:e7:c0:79:39:84:21:0c:8a:
fc:f8:fd:6a:2d:ea:1f:ec:9c:c8:35:5d:bb:b9:c0:45:5f:9f:
05:95:9b:80:84:c5:87:a0:8c:06:6f:fa:eb:70:f4:f1:12:ea:
92:67:4f:e1:7b:51:4d:cb:d1:2f:6c:f8:eb:39:1d:cd:af:b1:
05:02:89:81:aa:d2:6c:96:67:7a:20:54:29:8e:6a:22:c1:25:
6e:70:3d:e0:34:28:5d:98:7a:e8:e8:cd:52:fe:e7:8c:ca:9a:
f8:a7:8c:5e
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUfjtpnOjy92Jqxkg8YpbQg5x4DbAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA2MjAwMDIxMDBaFw0yNTA3MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDE3YzI0NDY5Y2VjMDBhZGNhZjFmZTFkZWEzZjU5NzJhMmFmM2Q5NWRmN2Ri
NDY0YTYxYWZhNWFmMDcyZmNkYTkxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALKn0zuFz6wzYzolxsS0YTwNPRN12Y1n9nAbuFRP+PWBgEJoWX/HTZLTx79Z
BMQhHSKl8I2oeqVjernPDBhfKhNXkryFN5iiaozKpcOYAbP4K4aJy/hmjkcKBaDo
PSIp9Uyf2MWjvdzwMmAUpxOtGsNfNy6EnCdT4WH9ZrjjTcO7YVEyweocrh8IBl8+
6yfL0k+eddrRDMsp8BA8f54C68uUFaM2GKMrIQ1CH0XqoIfbqJsdtORxOItEbL0+
2rQL7LhPFaQdy/aLg1ZCxHTooYk8RXdzcTb8yVlBrYnx0eWD3HDUPCNdnf5kWc91
Zpwwt5wpxLtAF9adMyrXDBQiKuMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQdvV1S
z0NqfX/7VJOQKi1AQ2LcXDAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
NDMxOGMzZjAtYzZhNy00MzBjLWJmYWQtNjQ1ZDlhZDgxNGQwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCABP8KA
MA0GCSqGSIb3DQEBCwUAA4IBAQB1PExi1bmzyEj5WyCObOTrmK/Rv651HCNMaRqU
xo7Wle2NJ3sNF1MB3p7P+h4V77nXUTc6z40MI3hyGQn0hcTKhkQJ5jHXr+BRHchK
P0epP5JAErawZEkQrxdYr8vXzmtYh5YCbUn+G0R7JZ8V5LjV3w1Krjxk0HCNb1Wq
HwJ5HkeozZNjhF8DgOnuM01+0YjPgs4BZ91W8gup58B5OYQhDIr8+P1qLeof7JzI
NV27ucBFX58FlZuAhMWHoIwGb/rrcPTxEuqSZ0/he1FNy9EvbPjrOR3Nr7EFAomB
qtJslmd6IFQpjmoiwSVucD3gNChdmHro6M1S/ueMypr4p4xe
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:59:06 2025 by rpki-client