Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/440b3734-74c6-4eea-9712-42440de9c3b4.roa
File: 440b3734-74c6-4eea-9712-42440de9c3b4.roa (raw, json)
Hash identifier: sCeO8HEEzaeRQJlYaPnflQPHAf15ST62J5POXHblJfo=
Subject key identifier: AC:52:0B:0D:41:31:C5:2D:D0:CD:EE:DC:BB:6A:70:0C:4C:20:CA:B8
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 1E65EE4CA813AAA09C8167B12D1193B5F83A710D
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/440b3734-74c6-4eea-9712-42440de9c3b4.roa
Signing time: Fri 20 Jun 2025 00:20:06 +0000
ROA not before: Fri 20 Jun 2025 00:20:06 +0000
ROA not after: Fri 25 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc7::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1e:65:ee:4c:a8:13:aa:a0:9c:81:67:b1:2d:11:93:b5:f8:3a:71:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Jun 20 00:20:06 2025 GMT
Not After : Jul 25 23:59:59 2025 GMT
Subject: serialNumber=5767e6e27a0dbfc595ae9be388a52a3c839a2f5fa95562e1cdd4ecead11db0af, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:6d:89:4c:6e:ee:86:10:fb:85:25:07:2f:c2:
43:95:c9:f5:c1:7d:82:d7:5a:c7:f5:b8:b8:e8:6f:
aa:2d:7f:31:4d:57:c4:3f:39:3e:d6:ec:76:f5:4e:
39:1a:af:1a:e7:4f:e9:24:0b:50:58:84:8d:8d:f2:
b7:38:e4:c7:01:ec:b6:f6:f8:3f:21:e3:f8:10:22:
bd:2f:77:24:4b:c1:8b:7f:5f:8a:8b:8f:f2:06:16:
8a:64:ad:7d:59:77:fc:c1:2c:4f:40:28:6d:23:58:
6a:4b:41:bd:c7:8f:72:1c:5b:87:60:41:d7:7e:6a:
2e:59:d8:38:8f:4b:98:ae:0e:66:f6:d1:52:38:27:
40:76:4e:0f:26:d7:4a:c8:bf:39:af:21:8c:f7:56:
81:ab:d4:0e:cb:82:87:5e:4e:65:5a:0c:71:d8:20:
2b:32:4a:33:77:ce:c4:24:57:2e:ac:67:0e:ca:c6:
fc:d4:45:de:d1:32:7b:49:ef:5f:6d:18:f8:f3:0b:
88:e7:d6:94:0b:cf:7d:99:23:45:c1:cd:a0:30:a9:
5a:e9:cc:c0:7f:14:77:f3:42:1a:b4:c0:59:8c:fd:
6f:76:7b:20:d5:72:dc:f3:d2:48:dc:d4:89:65:02:
24:3d:b3:fe:02:5f:8d:90:aa:69:7d:bb:67:9a:3d:
94:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:52:0B:0D:41:31:C5:2D:D0:CD:EE:DC:BB:6A:70:0C:4C:20:CA:B8
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/440b3734-74c6-4eea-9712-42440de9c3b4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc7::/36
Signature Algorithm: sha256WithRSAEncryption
61:1f:b7:9b:85:ad:84:09:8e:a3:71:42:93:33:33:f0:70:85:
a5:ea:44:07:af:85:02:1a:68:69:51:e1:08:2d:76:ca:29:54:
25:a5:b0:fc:b3:29:ad:41:87:c2:1c:6f:1d:7c:8a:20:02:9b:
6d:4b:f5:80:7f:5b:97:fe:80:29:8c:52:8e:bb:d2:c8:51:bf:
48:7d:53:5b:41:bd:9c:a1:51:ef:70:27:6d:87:6c:0a:04:4c:
07:b6:95:bd:16:1d:47:0f:18:5c:1e:da:08:20:37:05:07:8a:
63:3d:dc:20:2c:ec:16:43:52:7c:fa:b1:56:1e:51:c5:2b:26:
62:63:a3:d3:40:6a:3f:b7:83:72:0d:66:e4:8c:ec:40:17:12:
b1:d0:f6:82:a8:d3:52:08:22:78:4e:f2:a4:cd:8d:69:bc:47:
c2:1d:f3:73:ee:de:13:31:41:ce:35:b1:cc:87:9e:9a:1b:34:
05:cc:21:bc:5b:18:3b:24:ed:8d:fe:1b:42:44:0e:29:26:06:
f1:fe:46:cb:b0:6c:b7:f5:fb:6c:36:37:71:30:a6:89:e4:77:
1e:51:5e:be:33:41:7b:94:e1:09:28:d0:e9:ba:b8:27:d6:c0:
54:6d:da:fa:4d:b7:87:01:40:76:15:d4:2f:3f:22:8c:6b:2e:
4f:ae:b0:d0
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUHmXuTKgTqqCcgWexLRGTtfg6cQ0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA2MjAwMDIwMDZaFw0yNTA3MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDU3NjdlNmUyN2EwZGJmYzU5NWFlOWJlMzg4YTUyYTNjODM5YTJmNWZhOTU1
NjJlMWNkZDRlY2VhZDExZGIwYWYxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKptiUxu7oYQ+4UlBy/CQ5XJ9cF9gtdax/W4uOhvqi1/MU1XxD85PtbsdvVO
ORqvGudP6SQLUFiEjY3ytzjkxwHstvb4PyHj+BAivS93JEvBi39fiouP8gYWimSt
fVl3/MEsT0AobSNYaktBvcePchxbh2BB135qLlnYOI9LmK4OZvbRUjgnQHZODybX
Ssi/Oa8hjPdWgavUDsuCh15OZVoMcdggKzJKM3fOxCRXLqxnDsrG/NRF3tEye0nv
X20Y+PMLiOfWlAvPfZkjRcHNoDCpWunMwH8Ud/NCGrTAWYz9b3Z7INVy3PPSSNzU
iWUCJD2z/gJfjZCqaX27Z5o9lAMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSsUgsN
QTHFLdDN7ty7anAMTCDKuDAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
NDQwYjM3MzQtNzRjNi00ZWVhLTk3MTItNDI0NDBkZTljM2I0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCABP8cA
MA0GCSqGSIb3DQEBCwUAA4IBAQBhH7ebha2ECY6jcUKTMzPwcIWl6kQHr4UCGmhp
UeEILXbKKVQlpbD8symtQYfCHG8dfIogApttS/WAf1uX/oApjFKOu9LIUb9IfVNb
Qb2coVHvcCdth2wKBEwHtpW9Fh1HDxhcHtoIIDcFB4pjPdwgLOwWQ1J8+rFWHlHF
KyZiY6PTQGo/t4NyDWbkjOxAFxKx0PaCqNNSCCJ4TvKkzY1pvEfCHfNz7t4TMUHO
NbHMh56aGzQFzCG8Wxg7JO2N/htCRA4pJgbx/kbLsGy39ftsNjdxMKaJ5HceUV6+
M0F7lOEJKNDpurgn1sBUbdr6TbeHAUB2FdQvPyKMay5PrrDQ
-----END CERTIFICATE-----
Generated at Sun Jun 29 03:26:51 2025 by rpki-client