Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/50b0c8f5-9b03-4d00-b7bc-30a253b83be3.roa
File: 50b0c8f5-9b03-4d00-b7bc-30a253b83be3.roa (raw, json)
Hash identifier: euiYuLRDJ5pRkxSXI50+KauDzQz5P+xTOTaBSKn14NM=
Subject key identifier: 49:A1:A7:D2:D4:00:50:30:6C:C2:00:28:34:C2:56:2F:46:1C:96:19
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 6C6EDFCB40CC0D24D5340B302B302B9BAB574E0A
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/50b0c8f5-9b03-4d00-b7bc-30a253b83be3.roa
Signing time: Fri 20 Jun 2025 00:21:00 +0000
ROA not before: Fri 20 Jun 2025 00:21:00 +0000
ROA not after: Fri 25 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc7:c000::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6c:6e:df:cb:40:cc:0d:24:d5:34:0b:30:2b:30:2b:9b:ab:57:4e:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Jun 20 00:21:00 2025 GMT
Not After : Jul 25 23:59:59 2025 GMT
Subject: serialNumber=2a3314fd93678b5ff5bf190a45c6fa5ea107737771ee47ebdb71a846074b17b7, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:af:ea:ac:5c:ce:79:2e:ea:59:1c:b8:b3:71:
c7:f6:8d:4c:c0:1a:42:ff:ce:eb:c9:e0:fe:d9:5d:
e2:58:93:53:5b:28:b6:cc:b7:12:16:35:10:d4:cc:
27:0e:6c:fe:c0:da:78:6f:e1:0c:1f:2e:b4:c9:b7:
3f:34:7d:1f:19:27:54:4a:e1:2a:b4:ff:0c:9f:66:
3e:a9:d0:94:56:f5:7e:2a:8c:20:44:75:13:85:37:
bb:9d:4c:8a:6d:41:b2:37:3b:77:db:bf:8a:80:03:
6b:9d:c7:44:74:fc:fc:f0:3c:8b:64:d6:56:d9:b3:
87:bd:87:0b:58:90:b2:b2:f7:a7:f0:42:e7:85:39:
a8:5b:71:b6:4f:e5:af:7a:e7:07:7e:66:f9:7e:35:
06:53:1a:f6:6e:fd:b5:ae:d6:46:1e:e8:a8:cd:34:
32:4e:21:b8:6d:d1:90:73:73:14:be:7f:30:b0:94:
ec:cc:85:58:fd:cf:27:6c:0e:0b:fd:43:17:08:4d:
92:58:a2:83:5a:aa:3a:ab:8c:42:25:52:66:93:57:
47:5a:5c:f1:81:6f:d3:4b:75:11:eb:5a:bb:96:06:
93:bb:13:22:fc:01:dc:a4:c6:40:c5:64:27:a5:a5:
39:a4:3e:57:cc:42:4e:9d:1f:7f:f0:93:97:22:41:
76:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:A1:A7:D2:D4:00:50:30:6C:C2:00:28:34:C2:56:2F:46:1C:96:19
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/50b0c8f5-9b03-4d00-b7bc-30a253b83be3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc7:c000::/36
Signature Algorithm: sha256WithRSAEncryption
58:6c:0a:66:14:df:b0:6a:4a:d4:c1:60:c6:7a:12:52:ae:24:
70:10:51:ce:cc:07:97:05:99:92:7b:6d:e7:b2:da:60:19:5b:
dd:19:87:59:55:fa:45:2b:f2:a4:50:25:78:11:1e:e8:ba:eb:
03:12:07:c5:f9:31:72:a1:a4:3e:35:03:2a:d7:f8:55:2f:65:
29:00:91:cf:cd:7d:5c:07:1a:11:36:21:4f:87:61:2a:e4:2b:
49:6a:13:f8:64:01:19:51:3e:03:79:47:b9:95:86:3f:8d:8c:
03:bb:f6:18:ae:e1:80:0f:cf:62:33:87:68:f3:93:f5:0c:f6:
3e:fa:64:c8:9f:40:3c:e3:5d:42:27:f6:16:c4:ce:62:37:da:
d5:47:2e:05:65:fa:d2:03:b3:e2:2f:9e:4f:08:18:72:32:6f:
10:e8:48:8d:7a:70:d9:e4:bc:30:88:75:e8:38:9c:74:04:1d:
4b:b2:a9:3b:41:2a:19:ef:98:d6:a9:99:95:a3:05:84:5f:1f:
bd:0f:fc:19:90:60:0a:cc:ab:b0:14:b3:07:7a:2b:19:0f:ff:
66:a0:f5:e3:f0:76:78:d3:5a:7d:b7:b3:d1:6a:9b:3f:17:07:
60:e5:55:2a:69:02:9a:03:80:c8:d9:28:c1:2b:da:b9:14:5f:
23:88:41:b3
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUbG7fy0DMDSTVNAswKzArm6tXTgowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA2MjAwMDIxMDBaFw0yNTA3MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDJhMzMxNGZkOTM2NzhiNWZmNWJmMTkwYTQ1YzZmYTVlYTEwNzczNzc3MWVl
NDdlYmRiNzFhODQ2MDc0YjE3YjcxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALuv6qxcznku6lkcuLNxx/aNTMAaQv/O68ng/tld4liTU1sotsy3EhY1ENTM
Jw5s/sDaeG/hDB8utMm3PzR9HxknVErhKrT/DJ9mPqnQlFb1fiqMIER1E4U3u51M
im1Bsjc7d9u/ioADa53HRHT8/PA8i2TWVtmzh72HC1iQsrL3p/BC54U5qFtxtk/l
r3rnB35m+X41BlMa9m79ta7WRh7oqM00Mk4huG3RkHNzFL5/MLCU7MyFWP3PJ2wO
C/1DFwhNkliig1qqOquMQiVSZpNXR1pc8YFv00t1Eetau5YGk7sTIvwB3KTGQMVk
J6WlOaQ+V8xCTp0ff/CTlyJBdscCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRJoafS
1ABQMGzCACg0wlYvRhyWGTAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
NTBiMGM4ZjUtOWIwMy00ZDAwLWI3YmMtMzBhMjUzYjgzYmUzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCABP8fA
MA0GCSqGSIb3DQEBCwUAA4IBAQBYbApmFN+wakrUwWDGehJSriRwEFHOzAeXBZmS
e23nstpgGVvdGYdZVfpFK/KkUCV4ER7ouusDEgfF+TFyoaQ+NQMq1/hVL2UpAJHP
zX1cBxoRNiFPh2Eq5CtJahP4ZAEZUT4DeUe5lYY/jYwDu/YYruGAD89iM4do85P1
DPY++mTIn0A8411CJ/YWxM5iN9rVRy4FZfrSA7PiL55PCBhyMm8Q6EiNenDZ5Lww
iHXoOJx0BB1Lsqk7QSoZ75jWqZmVowWEXx+9D/wZkGAKzKuwFLMHeisZD/9moPXj
8HZ401p9t7PRaps/Fwdg5VUqaQKaA4DI2SjBK9q5FF8jiEGz
-----END CERTIFICATE-----
Generated at Sun Jun 29 02:39:37 2025 by rpki-client