Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/4723f2a2-88af-42fa-b700-a780f4cd2903.roa
File: 4723f2a2-88af-42fa-b700-a780f4cd2903.roa (raw, json)
Hash identifier: ZfD4O0YEsLQ9G/QjaTE12ve0oyhfLIi8LSREc9IwK4E=
Subject key identifier: 22:6F:28:D4:02:D7:76:E0:86:6A:E9:8E:3B:3D:0D:4A:A4:D6:37:A5
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 45829DB0C1FCE54B7C8B260DD417199ADA45F01D
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/4723f2a2-88af-42fa-b700-a780f4cd2903.roa
Signing time: Fri 20 Jun 2025 00:20:37 +0000
ROA not before: Fri 20 Jun 2025 00:20:37 +0000
ROA not after: Fri 25 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc3:a000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
45:82:9d:b0:c1:fc:e5:4b:7c:8b:26:0d:d4:17:19:9a:da:45:f0:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Jun 20 00:20:37 2025 GMT
Not After : Jul 25 23:59:59 2025 GMT
Subject: serialNumber=689f453e5a1476d64fbbbb48afe18e06b541398cdd0bcec48c7a45873a754936, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:ff:19:b7:da:fa:66:74:3e:48:a3:74:d0:fc:
80:cf:82:48:61:00:87:51:89:0a:24:b0:8d:00:b7:
30:0d:39:26:65:52:e0:6f:9b:9f:e1:a8:db:b4:14:
3b:95:94:9d:a1:9b:2c:ac:13:c6:95:75:ea:fb:cf:
6a:43:c5:03:73:5a:c2:ec:68:77:fc:2b:7b:e6:02:
28:88:9a:d5:07:31:d6:60:e8:3c:73:d2:b6:d1:dd:
83:c8:9e:60:b8:4a:0a:e5:5f:87:d4:b4:0f:6c:63:
1f:35:1d:c9:ce:e4:d0:07:1c:37:50:2b:78:b4:1f:
84:38:26:9c:54:16:c9:57:3c:48:5f:af:27:36:db:
95:05:b2:f4:85:4b:aa:d7:cf:8e:67:1d:84:00:12:
10:79:ce:ea:e0:0e:02:94:1a:d7:02:86:cd:5d:5b:
04:1c:d1:d7:ec:c9:e0:10:6e:8e:0c:69:65:8f:d1:
28:6a:94:58:cf:a9:0b:a5:6c:74:51:1c:d8:12:31:
34:69:83:5f:73:f4:bc:0f:a2:18:2a:6d:bc:65:61:
fb:e2:64:5c:60:10:65:4f:41:0d:ca:7f:74:f9:bc:
b8:df:e4:4a:3a:68:13:16:84:9b:e7:fa:f8:f9:53:
ed:ca:02:6e:73:44:7b:ed:aa:f4:43:f8:22:c6:4b:
c2:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:6F:28:D4:02:D7:76:E0:86:6A:E9:8E:3B:3D:0D:4A:A4:D6:37:A5
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/4723f2a2-88af-42fa-b700-a780f4cd2903.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc3:a000::/36
Signature Algorithm: sha256WithRSAEncryption
90:6e:71:6c:ba:1f:e1:8a:35:fe:b3:1d:ee:1e:a8:e0:30:8b:
14:d4:a9:53:8d:e8:b1:64:5c:48:3b:4a:e2:5f:f7:b1:7c:ee:
34:87:0f:78:32:ca:2d:06:4b:8d:dd:19:73:11:ea:3d:19:3e:
2c:9b:e3:fa:c1:a8:0c:dd:cb:8c:29:29:7e:3e:32:24:8d:14:
6c:83:7d:58:3b:f5:41:59:f8:84:c1:12:c7:76:3f:17:01:c4:
97:5e:46:5e:3e:e5:f5:98:1f:9c:fc:76:1f:d4:0a:a4:0d:fa:
a3:82:b2:df:95:cd:97:6a:18:dc:bf:07:d3:9a:9b:50:15:a4:
38:57:92:4a:b8:4d:c5:1e:fc:72:e5:ed:18:72:c6:46:9a:af:
b9:bc:e0:72:d7:9d:d3:b1:bf:44:8c:5d:2a:84:b0:3c:c4:dc:
17:e0:21:dc:2e:d4:59:03:a8:2a:57:a1:55:28:cc:29:11:dd:
71:34:ed:01:00:c5:23:5d:f1:2a:76:67:f3:20:10:b7:77:0a:
73:4c:c9:26:8e:8c:dc:99:c7:44:88:ad:38:7b:50:2b:7f:72:
c3:2a:30:d7:77:f4:a1:5b:08:20:93:4b:6c:a0:12:9d:37:d4:
1a:71:7c:34:3a:49:d9:6e:2b:dd:81:79:97:b7:c6:92:b3:61:
d4:41:79:70
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIURYKdsMH85Ut8iyYN1BcZmtpF8B0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA2MjAwMDIwMzdaFw0yNTA3MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDY4OWY0NTNlNWExNDc2ZDY0ZmJiYmI0OGFmZTE4ZTA2YjU0MTM5OGNkZDBi
Y2VjNDhjN2E0NTg3M2E3NTQ5MzYxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANX/Gbfa+mZ0PkijdND8gM+CSGEAh1GJCiSwjQC3MA05JmVS4G+bn+Go27QU
O5WUnaGbLKwTxpV16vvPakPFA3Nawuxod/wre+YCKIia1Qcx1mDoPHPSttHdg8ie
YLhKCuVfh9S0D2xjHzUdyc7k0AccN1AreLQfhDgmnFQWyVc8SF+vJzbblQWy9IVL
qtfPjmcdhAASEHnO6uAOApQa1wKGzV1bBBzR1+zJ4BBujgxpZY/RKGqUWM+pC6Vs
dFEc2BIxNGmDX3P0vA+iGCptvGVh++JkXGAQZU9BDcp/dPm8uN/kSjpoExaEm+f6
+PlT7coCbnNEe+2q9EP4IsZLwh0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQibyjU
Atd24IZq6Y47PQ1KpNY3pTAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
NDcyM2YyYTItODhhZi00MmZhLWI3MDAtYTc4MGY0Y2QyOTAzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCABP8Og
MA0GCSqGSIb3DQEBCwUAA4IBAQCQbnFsuh/hijX+sx3uHqjgMIsU1KlTjeixZFxI
O0riX/exfO40hw94MsotBkuN3RlzEeo9GT4sm+P6wagM3cuMKSl+PjIkjRRsg31Y
O/VBWfiEwRLHdj8XAcSXXkZePuX1mB+c/HYf1AqkDfqjgrLflc2XahjcvwfTmptQ
FaQ4V5JKuE3FHvxy5e0YcsZGmq+5vOBy153Tsb9EjF0qhLA8xNwX4CHcLtRZA6gq
V6FVKMwpEd1xNO0BAMUjXfEqdmfzIBC3dwpzTMkmjozcmcdEiK04e1Arf3LDKjDX
d/ShWwggk0tsoBKdN9QacXw0OknZbivdgXmXt8aSs2HUQXlw
-----END CERTIFICATE-----
Generated at Sun Jun 29 03:16:48 2025 by rpki-client