Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/5f7a981a-824d-48e6-969a-7779a7b7a199.roa
File: 5f7a981a-824d-48e6-969a-7779a7b7a199.roa (raw, json)
Hash identifier: Wl8ZlU92DSCY4TyBztEBgvvwOafdKF3KTmD7RxrlXX8=
Subject key identifier: 76:FF:AE:1C:2F:44:9C:41:71:37:E0:1B:70:56:BE:DF:68:9F:D7:BF
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 02CA7B01704A6C9E0F2668DD0689BF630F429FF2
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/5f7a981a-824d-48e6-969a-7779a7b7a199.roa
Signing time: Fri 20 Jun 2025 00:20:55 +0000
ROA not before: Fri 20 Jun 2025 00:20:55 +0000
ROA not after: Fri 25 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc7:8000::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
02:ca:7b:01:70:4a:6c:9e:0f:26:68:dd:06:89:bf:63:0f:42:9f:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Jun 20 00:20:55 2025 GMT
Not After : Jul 25 23:59:59 2025 GMT
Subject: serialNumber=3bb75dd5c98d78c8125bc51d9f4fd8cf548f1324b42b582f91bd2c613ce1b17c, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:7d:4e:ca:57:70:8a:de:71:cf:91:9c:71:94:
2f:3b:2f:af:72:29:51:eb:67:dc:f6:d5:88:8d:45:
54:fd:86:4d:29:9d:a3:42:2d:4a:6b:ef:07:2f:62:
56:4e:33:ee:fe:e9:61:b8:98:d2:b9:bb:2f:4c:8b:
f3:ae:94:21:01:ca:4d:ce:e5:e4:10:51:96:a1:d9:
42:2d:3f:3d:0b:e0:72:24:4b:5b:c4:b8:35:4b:a6:
4b:f5:5a:8b:e9:eb:2f:e4:0c:0d:04:80:ec:b6:81:
3b:30:45:75:dd:33:45:95:fd:8e:d6:ad:b3:41:39:
9e:a4:a3:be:01:ce:15:a2:19:8f:7b:20:37:ff:43:
30:f7:ae:77:99:d0:c8:c9:02:12:75:9d:c6:6d:a9:
16:d0:4c:ef:3a:01:7a:b7:b8:98:ec:01:54:3e:55:
de:09:32:de:c4:26:df:5d:88:66:ed:ea:a3:fc:2e:
9b:4e:0a:a4:6d:2b:5b:47:69:9a:13:88:2c:29:80:
de:12:f0:b0:d6:dc:cb:84:4b:1f:21:ff:cb:e9:bc:
8a:c9:b7:c6:ad:37:dc:83:a0:4d:af:96:61:f3:75:
34:64:fa:e7:8b:6c:bf:56:0c:14:5d:3f:b1:44:d0:
cc:81:8e:00:01:ea:91:7f:6a:7a:6f:04:62:67:0b:
c0:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:FF:AE:1C:2F:44:9C:41:71:37:E0:1B:70:56:BE:DF:68:9F:D7:BF
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/5f7a981a-824d-48e6-969a-7779a7b7a199.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc7:8000::/36
Signature Algorithm: sha256WithRSAEncryption
1b:13:a3:9e:a9:bf:60:16:89:70:99:63:78:bd:64:15:31:e1:
a8:f9:c6:e3:b7:6f:63:33:03:cd:42:46:1e:e6:86:1b:19:e0:
b4:b9:b1:d0:96:c5:f3:2b:92:e0:53:f5:56:9d:b8:a5:d6:17:
dd:9a:88:b0:9b:59:d1:95:62:e9:bd:a0:80:99:54:dd:e5:6a:
5d:a2:57:04:20:e3:40:58:e9:a5:bf:70:33:7e:19:05:55:63:
63:be:aa:6f:3d:4b:51:a3:79:1b:96:8c:52:e1:65:f0:8b:3e:
7d:f1:43:87:20:3e:16:72:e1:33:8d:2a:0c:ac:64:ab:e9:5a:
ec:4a:62:f9:be:6a:39:5f:b9:31:1d:23:17:66:33:7f:a1:df:
fc:42:28:e1:4a:05:42:f0:1a:66:df:4b:24:65:98:13:af:1d:
a0:5f:4d:f2:90:de:8d:98:fa:c8:03:f9:ce:4c:aa:ff:e5:6c:
9e:34:6f:39:89:b4:ab:2c:b1:00:22:89:4d:4e:e0:fb:41:94:
cd:2d:ac:2e:60:75:af:b5:d2:e1:38:fc:58:2a:16:ca:26:eb:
40:03:d7:40:d9:48:9c:86:8f:3b:d9:9f:c1:e7:a8:2e:8d:23:
ce:2c:47:01:10:59:13:56:db:08:59:21:29:3e:95:04:10:43:
33:0b:85:ac
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUAsp7AXBKbJ4PJmjdBom/Yw9Cn/IwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA2MjAwMDIwNTVaFw0yNTA3MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDNiYjc1ZGQ1Yzk4ZDc4YzgxMjViYzUxZDlmNGZkOGNmNTQ4ZjEzMjRiNDJi
NTgyZjkxYmQyYzYxM2NlMWIxN2MxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOR9TspXcIrecc+RnHGULzsvr3IpUetn3PbViI1FVP2GTSmdo0ItSmvvBy9i
Vk4z7v7pYbiY0rm7L0yL866UIQHKTc7l5BBRlqHZQi0/PQvgciRLW8S4NUumS/Va
i+nrL+QMDQSA7LaBOzBFdd0zRZX9jtats0E5nqSjvgHOFaIZj3sgN/9DMPeud5nQ
yMkCEnWdxm2pFtBM7zoBere4mOwBVD5V3gky3sQm312IZu3qo/wum04KpG0rW0dp
mhOILCmA3hLwsNbcy4RLHyH/y+m8ism3xq033IOgTa+WYfN1NGT654tsv1YMFF0/
sUTQzIGOAAHqkX9qem8EYmcLwHkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBR2/64c
L0ScQXE34BtwVr7faJ/XvzAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
NWY3YTk4MWEtODI0ZC00OGU2LTk2OWEtNzc3OWE3YjdhMTk5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCABP8eA
MA0GCSqGSIb3DQEBCwUAA4IBAQAbE6Oeqb9gFolwmWN4vWQVMeGo+cbjt29jMwPN
QkYe5oYbGeC0ubHQlsXzK5LgU/VWnbil1hfdmoiwm1nRlWLpvaCAmVTd5WpdolcE
IONAWOmlv3AzfhkFVWNjvqpvPUtRo3kbloxS4WXwiz598UOHID4WcuEzjSoMrGSr
6VrsSmL5vmo5X7kxHSMXZjN/od/8QijhSgVC8Bpm30skZZgTrx2gX03ykN6NmPrI
A/nOTKr/5WyeNG85ibSrLLEAIolNTuD7QZTNLawuYHWvtdLhOPxYKhbKJutAA9dA
2Uicho872Z/B56gujSPOLEcBEFkTVtsIWSEpPpUEEEMzC4Ws
-----END CERTIFICATE-----
Generated at Sun Jun 29 03:04:17 2025 by rpki-client