Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/5f56f4ae-d187-4a43-b0c2-afd02c09dd64.roa
File: 5f56f4ae-d187-4a43-b0c2-afd02c09dd64.roa (raw, json)
Hash identifier: DkNnVxzDXuBFHcPYpA9OiFR58MCnKmqf55ptTAqcCZc=
Subject key identifier: D9:1E:35:FC:44:53:40:23:F0:8A:11:12:F9:46:AB:3D:EC:A2:3A:1C
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 46355D6482099D92B6D6AA8D732E6454EB2D7DCA
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/5f56f4ae-d187-4a43-b0c2-afd02c09dd64.roa
Signing time: Tue 10 Jun 2025 17:30:07 +0000
ROA not before: Tue 10 Jun 2025 17:30:07 +0000
ROA not after: Tue 15 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc6:100::/44 maxlen: 44
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
46:35:5d:64:82:09:9d:92:b6:d6:aa:8d:73:2e:64:54:eb:2d:7d:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Jun 10 17:30:07 2025 GMT
Not After : Jul 15 23:59:59 2025 GMT
Subject: serialNumber=3ec6871d37c38ab7611f5c431725e991f05d13e092850a22f6f932262a4de1a5, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:8e:67:88:63:c9:b3:e2:4e:28:b6:9d:21:c6:
bb:98:7b:f5:3a:86:06:83:eb:62:41:78:db:72:ab:
af:4f:c4:c5:d8:fc:0b:2a:10:2c:1e:c8:b9:a4:14:
38:28:73:69:d4:07:ab:91:8d:9f:63:e6:82:39:68:
de:90:85:3c:87:f4:2a:c0:55:87:bf:97:a9:95:9f:
7f:bc:88:e9:47:7e:22:a2:8b:d7:38:b5:aa:05:f5:
c8:2b:56:8c:35:50:aa:8a:99:bf:10:15:41:00:73:
a4:66:2d:b9:01:c7:ac:40:35:dd:9b:b9:b1:8b:9f:
64:4b:a1:92:48:e3:6b:ad:e7:7b:dd:99:dd:39:3c:
f1:19:a8:b0:48:5a:3d:72:2e:f4:43:7b:09:74:3d:
ab:46:02:bc:05:65:cb:7d:82:a5:c0:4e:a0:37:ef:
06:a2:43:b2:8d:88:ce:ed:e8:98:83:5f:94:1b:28:
4c:cd:a9:cf:93:61:5e:33:e8:16:26:32:2a:7d:3d:
21:6f:ab:a2:eb:9a:1c:f9:97:5c:a6:e2:94:f2:ca:
dc:b4:6a:29:e2:66:dc:aa:78:b8:a4:69:06:79:5a:
c7:1c:80:63:66:26:b3:65:fe:07:4a:67:38:59:f2:
c5:37:0f:4f:ee:c7:d8:fa:63:57:84:a0:ab:7b:b2:
09:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:1E:35:FC:44:53:40:23:F0:8A:11:12:F9:46:AB:3D:EC:A2:3A:1C
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/5f56f4ae-d187-4a43-b0c2-afd02c09dd64.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc6:100::/44
Signature Algorithm: sha256WithRSAEncryption
62:7a:34:77:da:46:86:04:f5:fe:d8:a5:d0:9f:8f:26:a4:c8:
51:13:85:5f:9b:a7:bd:d7:ed:78:23:ba:b4:b6:e0:f0:f2:fe:
86:aa:88:e3:f5:a7:8b:f9:4b:9b:b4:05:6a:59:8f:18:a3:24:
2d:86:58:ac:fb:bf:3d:49:3f:92:89:18:f8:4a:6b:88:0b:9e:
80:75:65:bb:90:1b:9e:c2:1b:24:e6:fa:1e:7c:1d:44:b1:3b:
6a:3e:2b:7d:00:45:63:b8:58:1d:e5:ae:47:5b:98:0b:4a:75:
82:09:77:b0:9a:8b:78:6f:b1:ef:4a:cb:1d:01:0b:6a:8b:59:
ec:c9:12:d3:f1:ac:ac:dc:36:a3:14:73:2f:56:ce:91:07:30:
8c:5e:ab:60:98:84:54:fa:4a:52:86:be:d8:f0:ae:fe:31:1d:
81:f8:a6:e6:c8:91:f6:40:16:c4:8c:79:57:6e:5e:ea:04:24:
15:e2:eb:e4:46:c7:ff:71:cb:cd:11:ea:dc:08:09:26:d1:7c:
92:2a:ef:8b:02:f9:0b:c8:c1:93:4c:9f:01:1b:75:38:d0:1d:
f8:e8:54:fe:70:07:72:f3:0a:14:b3:0c:9d:25:e9:2f:a2:f0:
6d:68:83:a2:88:5b:0c:cf:81:03:da:0b:b4:22:97:91:16:e7:
b7:a4:50:9a
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIURjVdZIIJnZK21qqNcy5kVOstfcowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA2MTAxNzMwMDdaFw0yNTA3MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDNlYzY4NzFkMzdjMzhhYjc2MTFmNWM0MzE3MjVlOTkxZjA1ZDEzZTA5Mjg1
MGEyMmY2ZjkzMjI2MmE0ZGUxYTUxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMaOZ4hjybPiTii2nSHGu5h79TqGBoPrYkF423Krr0/Exdj8CyoQLB7IuaQU
OChzadQHq5GNn2Pmgjlo3pCFPIf0KsBVh7+XqZWff7yI6Ud+IqKL1zi1qgX1yCtW
jDVQqoqZvxAVQQBzpGYtuQHHrEA13Zu5sYufZEuhkkjja63ne92Z3Tk88RmosEha
PXIu9EN7CXQ9q0YCvAVly32CpcBOoDfvBqJDso2Izu3omINflBsoTM2pz5NhXjPo
FiYyKn09IW+rouuaHPmXXKbilPLK3LRqKeJm3Kp4uKRpBnlaxxyAY2Yms2X+B0pn
OFnyxTcPT+7H2PpjV4Sgq3uyCc0CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTZHjX8
RFNAI/CKERL5Rqs97KI6HDAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
NWY1NmY0YWUtZDE4Ny00YTQzLWIwYzItYWZkMDJjMDlkZDY0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHBCABP8YB
ADANBgkqhkiG9w0BAQsFAAOCAQEAYno0d9pGhgT1/til0J+PJqTIUROFX5unvdft
eCO6tLbg8PL+hqqI4/Wni/lLm7QFalmPGKMkLYZYrPu/PUk/kokY+EpriAuegHVl
u5AbnsIbJOb6HnwdRLE7aj4rfQBFY7hYHeWuR1uYC0p1ggl3sJqLeG+x70rLHQEL
aotZ7MkS0/GsrNw2oxRzL1bOkQcwjF6rYJiEVPpKUoa+2PCu/jEdgfim5siR9kAW
xIx5V25e6gQkFeLr5EbH/3HLzRHq3AgJJtF8kirviwL5C8jBk0yfARt1ONAd+OhU
/nAHcvMKFLMMnSXpL6LwbWiDoohbDM+BA9oLtCKXkRbnt6RQmg==
-----END CERTIFICATE-----
Generated at Sun Jun 29 02:58:51 2025 by rpki-client