Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/4c3a78bf-d9cf-418f-8a3a-8c3e72470c1c.roa
File: 4c3a78bf-d9cf-418f-8a3a-8c3e72470c1c.roa (raw, json)
Hash identifier: h/KVzh+5OBUKJd50EdeBQfgJK0mBXqoRMBwEVHvNO84=
Subject key identifier: 83:75:2D:65:05:88:68:87:9B:24:41:65:2D:DC:29:9A:F2:1B:9B:90
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 116A09932EF229927728D23C95D3118D75F6C712
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/4c3a78bf-d9cf-418f-8a3a-8c3e72470c1c.roa
Signing time: Fri 20 Jun 2025 00:10:47 +0000
ROA not before: Fri 20 Jun 2025 00:10:47 +0000
ROA not after: Fri 25 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc0:840::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
11:6a:09:93:2e:f2:29:92:77:28:d2:3c:95:d3:11:8d:75:f6:c7:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Jun 20 00:10:47 2025 GMT
Not After : Jul 25 23:59:59 2025 GMT
Subject: serialNumber=e3054377c857fc006385508a10d81f76f3b6c82926c506077eb2f4c3f6bc963f, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:1e:5e:d8:19:2a:b7:4e:6d:cc:df:fa:99:f1:
51:6b:50:de:6d:79:d2:18:76:8a:2c:72:f8:8f:e3:
15:53:02:86:56:ec:96:78:7f:e4:e2:24:3b:f2:91:
2d:ba:c8:f5:c0:48:63:72:86:6c:12:cb:80:e6:80:
a7:7b:f4:49:91:46:ca:ab:c2:08:c1:65:2b:59:6e:
2c:f8:6f:83:b6:20:63:02:ec:a5:37:ef:e1:89:bd:
69:5d:6a:66:b3:dc:fb:f3:1a:03:12:9b:73:6c:f4:
fb:f8:58:9c:0c:d8:d9:58:51:37:dc:df:d6:72:3a:
54:4b:40:6e:9e:7d:c6:37:84:28:83:d3:b2:2c:13:
f0:b6:35:f4:36:f6:8f:90:11:4f:f6:e2:cb:c8:5d:
f0:2a:fa:43:9d:0d:0b:34:37:24:05:d2:3a:28:34:
c4:15:fc:36:80:92:85:cb:f2:9d:59:d6:b2:a6:f9:
ac:97:8f:53:92:71:b5:97:8f:f3:4f:63:15:f0:4c:
a6:1f:d3:fa:a8:36:63:10:6a:eb:f1:fc:05:61:bd:
1f:68:04:91:6e:7e:37:bb:c2:e2:5d:82:18:a9:c1:
15:dc:b6:ef:36:42:f8:df:ed:8e:b5:00:99:15:d5:
8b:6b:b3:88:a1:90:bb:d7:71:37:73:58:4b:2d:65:
52:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:75:2D:65:05:88:68:87:9B:24:41:65:2D:DC:29:9A:F2:1B:9B:90
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/4c3a78bf-d9cf-418f-8a3a-8c3e72470c1c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc0:840::/48
Signature Algorithm: sha256WithRSAEncryption
8a:1c:f3:0f:7d:26:cd:d6:16:ed:39:ba:d3:3d:0f:bc:2c:f0:
a4:20:01:ab:4c:f0:9e:d7:45:ab:a4:02:30:77:d5:dd:3d:94:
2d:73:06:88:da:c9:62:74:fa:81:b1:1e:ed:67:1a:cd:96:d0:
65:28:fa:84:b8:af:ec:97:01:2b:4c:89:6b:85:07:22:9a:b7:
f7:6e:65:af:38:70:15:1e:e9:e8:47:cf:96:62:70:7e:92:4c:
a8:72:64:8c:d6:e9:6f:19:44:8b:76:cc:cd:6d:0b:72:71:14:
e8:a2:71:35:cc:1f:37:1f:63:e9:2d:43:04:f6:19:30:39:fc:
3f:05:d5:96:a2:cd:c9:6d:e6:f1:a2:92:3c:5f:7c:ac:87:e9:
1e:5e:16:c6:3a:84:d5:fd:09:88:ca:43:4b:72:5a:84:af:13:
8f:5a:a6:91:74:36:07:63:cb:2b:cd:2a:d5:ab:79:fc:85:32:
12:ec:19:5c:b6:f8:d3:b2:84:da:bb:19:71:48:1f:8f:19:f0:
6b:a8:6a:e7:6f:2c:e4:dd:4d:2a:82:09:d3:b7:ef:5f:84:fd:
62:5a:85:6f:1f:24:b6:ce:8e:d7:b2:33:21:a0:39:5f:07:a9:
4a:8b:0d:cc:8d:9e:3d:3a:df:5b:c0:f1:ab:0d:83:a2:68:d8:
b8:84:2b:08
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUEWoJky7yKZJ3KNI8ldMRjXX2xxIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA2MjAwMDEwNDdaFw0yNTA3MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQGUzMDU0Mzc3Yzg1N2ZjMDA2Mzg1NTA4YTEwZDgxZjc2ZjNiNmM4MjkyNmM1
MDYwNzdlYjJmNGMzZjZiYzk2M2YxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJIeXtgZKrdObczf+pnxUWtQ3m150hh2iixy+I/jFVMChlbslnh/5OIkO/KR
LbrI9cBIY3KGbBLLgOaAp3v0SZFGyqvCCMFlK1luLPhvg7YgYwLspTfv4Ym9aV1q
ZrPc+/MaAxKbc2z0+/hYnAzY2VhRN9zf1nI6VEtAbp59xjeEKIPTsiwT8LY19Db2
j5ART/biy8hd8Cr6Q50NCzQ3JAXSOig0xBX8NoCShcvynVnWsqb5rJePU5JxtZeP
809jFfBMph/T+qg2YxBq6/H8BWG9H2gEkW5+N7vC4l2CGKnBFdy27zZC+N/tjrUA
mRXVi2uziKGQu9dxN3NYSy1lUgMCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSDdS1l
BYhoh5skQWUt3Cma8hubkDAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
NGMzYTc4YmYtZDljZi00MThmLThhM2EtOGMzZTcyNDcwYzFjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACABP8AI
QDANBgkqhkiG9w0BAQsFAAOCAQEAihzzD30mzdYW7Tm60z0PvCzwpCABq0zwntdF
q6QCMHfV3T2ULXMGiNrJYnT6gbEe7WcazZbQZSj6hLiv7JcBK0yJa4UHIpq3925l
rzhwFR7p6EfPlmJwfpJMqHJkjNbpbxlEi3bMzW0LcnEU6KJxNcwfNx9j6S1DBPYZ
MDn8PwXVlqLNyW3m8aKSPF98rIfpHl4WxjqE1f0JiMpDS3JahK8Tj1qmkXQ2B2PL
K80q1at5/IUyEuwZXLb407KE2rsZcUgfjxnwa6hq528s5N1NKoIJ07fvX4T9YlqF
bx8kts6O17IzIaA5XwepSosNzI2ePTrfW8Dxqw2DomjYuIQrCA==
-----END CERTIFICATE-----
Generated at Sun Jun 29 05:10:17 2025 by rpki-client