Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/50f59e85-50ab-4b5a-9119-096ba93f86f2.roa
File: 50f59e85-50ab-4b5a-9119-096ba93f86f2.roa (raw, json)
Hash identifier: XLYuFPhVWUkbUZrbqCj9MoITsTNm9nENQSQR4qxfEDY=
Subject key identifier: 0D:3E:6B:D6:B9:E4:5E:9A:86:A6:A6:82:D9:F9:F0:AE:C5:EB:01:65
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 4A439E1A2D0CD486205A6CEA746C14A69422AFE7
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/50f59e85-50ab-4b5a-9119-096ba93f86f2.roa
Signing time: Fri 20 Jun 2025 00:20:09 +0000
ROA not before: Fri 20 Jun 2025 00:20:09 +0000
ROA not after: Fri 25 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc3:1000::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4a:43:9e:1a:2d:0c:d4:86:20:5a:6c:ea:74:6c:14:a6:94:22:af:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Jun 20 00:20:09 2025 GMT
Not After : Jul 25 23:59:59 2025 GMT
Subject: serialNumber=01419afa89017290ce7e815b872f2745eb186be9c16950e05e2c5b1787114a53, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:f0:8d:2b:80:47:1b:a1:eb:1d:5f:36:cf:f4:
41:58:de:03:51:3f:08:58:a8:e2:fb:2c:ee:b9:8f:
4d:8b:4c:3a:b0:9c:47:10:68:02:af:22:3e:75:43:
16:44:5b:30:90:d8:d4:5b:95:8c:2b:59:f1:fb:75:
ce:a5:32:04:ef:37:11:ac:86:5e:e2:94:91:ed:9f:
7c:f9:72:36:2f:e5:0c:ab:09:5d:3b:81:dd:c8:6d:
b5:52:48:ba:96:c8:72:4d:33:96:81:ff:31:74:22:
d1:3a:a4:50:2e:76:11:be:a4:0b:59:dd:ec:b3:8a:
67:29:84:a6:3b:29:77:0d:85:38:ac:3f:03:bf:37:
98:7e:3d:bb:7e:55:15:3b:00:e7:7f:80:75:a1:bb:
fe:06:5a:44:79:66:02:ea:0d:11:45:b0:19:1d:b2:
90:b6:a4:5c:72:2d:72:d2:26:8f:f4:22:35:4a:c2:
8b:a2:f9:d6:91:e0:eb:5f:97:4e:7a:18:96:3d:39:
39:de:e1:8f:49:59:f1:8c:f9:43:66:8a:77:bd:e5:
c1:c6:7c:c9:ff:7b:2f:d1:4f:a5:e4:e0:7c:18:f2:
ef:6a:14:15:c8:3c:28:9a:fc:12:8e:ae:15:d4:f8:
62:19:fe:87:5f:21:c3:1c:b0:28:87:53:ae:0e:e8:
38:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:3E:6B:D6:B9:E4:5E:9A:86:A6:A6:82:D9:F9:F0:AE:C5:EB:01:65
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/50f59e85-50ab-4b5a-9119-096ba93f86f2.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc3:1000::/36
Signature Algorithm: sha256WithRSAEncryption
5c:bf:b7:42:61:d6:36:0b:af:d7:59:59:26:8d:46:d2:00:a6:
3f:f9:0c:b9:9f:1b:f9:fc:96:5c:59:1c:e3:c5:98:7d:ea:26:
f3:50:cd:28:11:71:21:72:5e:98:5e:d4:d3:8d:80:7b:df:91:
32:2a:b1:38:b2:e8:20:a7:26:35:06:7a:64:16:c6:2a:5d:e3:
03:93:8f:77:29:d1:66:90:46:bd:75:ef:cb:c5:c2:2b:5c:35:
d8:92:e6:17:89:79:a0:61:b5:c5:dc:6a:93:f6:3b:e6:bf:2b:
7a:40:11:3b:c2:cb:ac:f2:60:55:06:18:51:55:ed:b7:8e:bb:
0e:f6:b7:70:87:ed:46:44:ac:70:4e:1c:ad:89:29:3c:0e:bd:
ab:e3:c6:21:56:ae:36:1a:e5:f1:ca:40:eb:a5:aa:b0:6e:6b:
f5:4a:d6:a4:69:e7:70:bf:56:21:b8:db:7a:81:c1:64:e4:1b:
b8:72:26:ff:e9:57:4c:f4:84:a2:9a:da:42:dc:5b:af:85:bc:
fd:ac:16:ee:9b:8f:a8:59:77:89:ef:72:78:db:52:97:13:b4:
65:9d:74:81:02:55:66:c5:91:aa:9b:3d:14:a0:ed:73:9e:8b:
c5:62:08:bd:82:e1:b8:4e:af:bf:73:b5:ee:01:eb:0a:d9:63:
d2:45:8e:17
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUSkOeGi0M1IYgWmzqdGwUppQir+cwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA2MjAwMDIwMDlaFw0yNTA3MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDAxNDE5YWZhODkwMTcyOTBjZTdlODE1Yjg3MmYyNzQ1ZWIxODZiZTljMTY5
NTBlMDVlMmM1YjE3ODcxMTRhNTMxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK7wjSuARxuh6x1fNs/0QVjeA1E/CFio4vss7rmPTYtMOrCcRxBoAq8iPnVD
FkRbMJDY1FuVjCtZ8ft1zqUyBO83EayGXuKUke2ffPlyNi/lDKsJXTuB3chttVJI
upbIck0zloH/MXQi0TqkUC52Eb6kC1nd7LOKZymEpjspdw2FOKw/A783mH49u35V
FTsA53+AdaG7/gZaRHlmAuoNEUWwGR2ykLakXHItctImj/QiNUrCi6L51pHg61+X
TnoYlj05Od7hj0lZ8Yz5Q2aKd73lwcZ8yf97L9FPpeTgfBjy72oUFcg8KJr8Eo6u
FdT4Yhn+h18hwxywKIdTrg7oOIkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQNPmvW
ueRemoampoLZ+fCuxesBZTAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
NTBmNTllODUtNTBhYi00YjVhLTkxMTktMDk2YmE5M2Y4NmYyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCABP8MQ
MA0GCSqGSIb3DQEBCwUAA4IBAQBcv7dCYdY2C6/XWVkmjUbSAKY/+Qy5nxv5/JZc
WRzjxZh96ibzUM0oEXEhcl6YXtTTjYB735EyKrE4suggpyY1BnpkFsYqXeMDk493
KdFmkEa9de/LxcIrXDXYkuYXiXmgYbXF3GqT9jvmvyt6QBE7wsus8mBVBhhRVe23
jrsO9rdwh+1GRKxwThytiSk8Dr2r48YhVq42GuXxykDrpaqwbmv1Stakaedwv1Yh
uNt6gcFk5Bu4cib/6VdM9ISimtpC3Fuvhbz9rBbum4+oWXeJ73J421KXE7RlnXSB
AlVmxZGqmz0UoO1znovFYgi9guG4Tq+/c7XuAesK2WPSRY4X
-----END CERTIFICATE-----
Generated at Sun Jun 29 05:18:32 2025 by rpki-client