Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/5a3e112d-c8b5-4a42-9b7a-a5c567b6db32.roa
File: 5a3e112d-c8b5-4a42-9b7a-a5c567b6db32.roa (raw, json)
Hash identifier: iuBOL0OUD2jkkOYSToOzkqgjnEyAshj0zZydmnYtgLI=
Subject key identifier: 19:10:0B:B5:6A:63:1D:D8:51:0D:32:13:9A:4A:74:04:CA:3A:66:2D
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 5474C61EC942F3A79AE4B66988570EC6969A3F60
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/5a3e112d-c8b5-4a42-9b7a-a5c567b6db32.roa
Signing time: Fri 20 Jun 2025 00:20:29 +0000
ROA not before: Fri 20 Jun 2025 00:20:29 +0000
ROA not after: Fri 25 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc3:8800::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
54:74:c6:1e:c9:42:f3:a7:9a:e4:b6:69:88:57:0e:c6:96:9a:3f:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Jun 20 00:20:29 2025 GMT
Not After : Jul 25 23:59:59 2025 GMT
Subject: serialNumber=2ca4064a060e0f6648507d5e7b929c8ca74ba1123424cff75273061b612be3ac, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:f7:d6:6f:e8:90:41:0c:f9:d6:97:2b:a7:1b:
d9:b2:d0:e8:b0:00:6d:c6:9f:07:25:ba:fd:a3:15:
48:e5:31:06:77:5f:84:0a:42:37:28:26:52:9b:f2:
71:06:05:90:7d:ac:50:8c:e0:a6:b4:d1:a3:15:1b:
e1:2e:3b:a0:fb:2f:75:96:36:c8:53:9d:1c:02:76:
e0:09:7d:c3:6d:c0:ab:21:c0:c4:5d:65:55:42:61:
67:5d:9e:03:32:b8:f5:06:64:77:1b:63:76:0a:26:
d5:43:8c:fd:f3:cc:b6:58:d3:2e:dd:5f:c1:59:0e:
80:43:c4:10:9e:61:0f:f1:84:6e:ec:83:42:fe:b6:
24:24:35:c4:1b:42:dc:80:6c:4a:ee:2e:99:4e:16:
ba:7b:cd:fa:50:aa:91:19:d0:13:bb:e8:b8:2e:63:
a3:38:d2:7a:26:8a:15:d6:17:f4:ae:63:c9:59:d2:
ad:0a:c5:0f:9b:70:85:40:bd:c1:d6:ea:74:4e:6f:
ca:6a:6e:ca:ba:af:5a:eb:53:4b:b5:77:76:50:e9:
ff:ec:83:15:46:bc:09:d0:38:7f:1d:a9:68:6e:a5:
27:7e:e6:bb:38:52:3c:03:2f:96:14:b7:78:d9:f5:
6d:89:c1:32:c4:78:f7:5e:b2:c5:33:16:03:10:01:
5e:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:10:0B:B5:6A:63:1D:D8:51:0D:32:13:9A:4A:74:04:CA:3A:66:2D
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/5a3e112d-c8b5-4a42-9b7a-a5c567b6db32.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc3:8800::/40
Signature Algorithm: sha256WithRSAEncryption
1a:ab:c2:6c:96:be:65:13:c7:2e:9d:a7:03:e5:57:4a:d2:10:
fd:41:83:48:05:89:5a:36:b1:8b:7c:03:ad:bc:d2:d9:58:be:
45:0b:69:cc:3b:43:76:7f:28:43:05:57:3b:f1:fa:5c:c1:19:
f4:19:04:84:0d:6f:24:5e:58:70:19:64:f3:e0:46:f3:8b:14:
4b:db:44:3b:e7:48:84:83:8d:9c:ad:80:67:ee:0d:c6:3e:86:
c3:03:5a:ef:b9:bb:ac:bf:7f:38:c9:c4:ce:10:c6:9a:0e:34:
1d:cc:35:69:9e:ff:dd:0c:0f:28:d9:c3:01:58:ec:ec:13:23:
f9:08:82:00:5d:19:a2:1b:3f:ab:d9:0d:91:4b:c6:8d:42:30:
40:14:18:5b:b9:26:f1:5d:82:d4:c4:d2:59:2a:a5:e7:c1:91:
16:db:98:a9:02:a2:43:8e:94:82:a7:14:8f:6d:76:ae:83:b3:
4f:f9:c7:c4:b6:b9:01:c0:45:64:51:34:4c:cc:01:db:d7:cf:
fa:d8:39:3c:5d:aa:03:a4:f2:e2:ef:6e:09:82:5e:8d:55:76:
74:be:28:d5:68:ae:ec:62:76:e3:fb:35:8c:9d:79:c2:ec:e6:
cd:d2:73:58:26:9d:95:f9:7f:00:45:86:e1:a3:35:9e:fc:01:
cd:0c:ae:11
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUVHTGHslC86ea5LZpiFcOxpaaP2AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA2MjAwMDIwMjlaFw0yNTA3MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDJjYTQwNjRhMDYwZTBmNjY0ODUwN2Q1ZTdiOTI5YzhjYTc0YmExMTIzNDI0
Y2ZmNzUyNzMwNjFiNjEyYmUzYWMxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL/31m/okEEM+daXK6cb2bLQ6LAAbcafByW6/aMVSOUxBndfhApCNygmUpvy
cQYFkH2sUIzgprTRoxUb4S47oPsvdZY2yFOdHAJ24Al9w23AqyHAxF1lVUJhZ12e
AzK49QZkdxtjdgom1UOM/fPMtljTLt1fwVkOgEPEEJ5hD/GEbuyDQv62JCQ1xBtC
3IBsSu4umU4WunvN+lCqkRnQE7vouC5jozjSeiaKFdYX9K5jyVnSrQrFD5twhUC9
wdbqdE5vympuyrqvWutTS7V3dlDp/+yDFUa8CdA4fx2paG6lJ37muzhSPAMvlhS3
eNn1bYnBMsR4916yxTMWAxABXukCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQZEAu1
amMd2FENMhOaSnQEyjpmLTAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
NWEzZTExMmQtYzhiNS00YTQyLTliN2EtYTVjNTY3YjZkYjMyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACABP8OI
MA0GCSqGSIb3DQEBCwUAA4IBAQAaq8Jslr5lE8cunacD5VdK0hD9QYNIBYlaNrGL
fAOtvNLZWL5FC2nMO0N2fyhDBVc78fpcwRn0GQSEDW8kXlhwGWTz4EbzixRL20Q7
50iEg42crYBn7g3GPobDA1rvubusv384ycTOEMaaDjQdzDVpnv/dDA8o2cMBWOzs
EyP5CIIAXRmiGz+r2Q2RS8aNQjBAFBhbuSbxXYLUxNJZKqXnwZEW25ipAqJDjpSC
pxSPbXaug7NP+cfEtrkBwEVkUTRMzAHb18/62Dk8XaoDpPLi724Jgl6NVXZ0vijV
aK7sYnbj+zWMnXnC7ObN0nNYJp2V+X8ARYbhozWe/AHNDK4R
-----END CERTIFICATE-----
Generated at Sun Jun 29 05:00:58 2025 by rpki-client