Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/640762f4-b911-441a-995b-675a2c1eb24d.roa
File: 640762f4-b911-441a-995b-675a2c1eb24d.roa (raw, json)
Hash identifier: v897L15O4HPIPmDxRRTmeLDnNTvZndSYLHBmvYBOESQ=
Subject key identifier: 13:56:B6:78:4C:B4:27:E0:12:54:35:72:4A:5E:9E:43:97:63:61:96
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 17507B217DA1D73C33437476AF62B536BB005A8D
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/640762f4-b911-441a-995b-675a2c1eb24d.roa
Signing time: Fri 20 Jun 2025 00:11:29 +0000
ROA not before: Fri 20 Jun 2025 00:11:29 +0000
ROA not after: Fri 25 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc7:2000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Jun 2025 00:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
17:50:7b:21:7d:a1:d7:3c:33:43:74:76:af:62:b5:36:bb:00:5a:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Jun 20 00:11:29 2025 GMT
Not After : Jul 25 23:59:59 2025 GMT
Subject: serialNumber=53d5be21d9aa35a01bb517fe0a04f3e8f9c2f74e2e1ad4766241564032748c4b, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:21:44:90:33:e2:2e:91:86:db:3c:3f:3d:93:
fc:7a:eb:14:7f:22:ca:bf:28:68:e9:8a:6c:89:fc:
f4:91:8c:09:fb:0f:21:cc:d9:bf:00:8d:a7:13:ef:
27:d7:43:dd:a0:b9:1f:86:eb:48:c0:0a:2a:4f:64:
36:1d:a9:e5:11:ea:c8:c6:eb:34:1b:0a:02:3f:7c:
95:2e:0d:d1:bf:05:e5:24:e0:23:b6:0c:b7:43:d9:
06:d0:6c:51:ed:d1:f4:e1:94:83:74:dd:30:71:93:
a6:77:1a:7c:7e:98:75:8e:c3:c5:4d:5b:2f:22:55:
34:ac:19:c8:26:b9:8b:b4:c7:1f:e2:9e:a9:2e:b0:
16:01:08:ec:89:f2:1c:e3:3d:63:67:a7:dc:a2:02:
77:8b:c3:2f:9a:a4:c0:6d:0f:f0:3f:20:85:0c:6e:
41:34:3c:84:20:c5:f7:6d:34:04:66:58:0f:33:5f:
37:ba:6b:41:e3:3b:85:b4:c9:9c:d2:b7:99:ff:16:
34:3c:82:e6:76:da:6b:c2:34:16:3b:2f:a5:e5:ce:
bc:da:a0:6e:31:d1:42:08:68:52:d1:13:51:62:27:
e1:79:27:59:99:21:2d:df:19:d5:7b:ef:85:10:a4:
2e:26:b9:7b:23:43:ce:24:cf:4f:34:7b:53:c4:4f:
66:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:56:B6:78:4C:B4:27:E0:12:54:35:72:4A:5E:9E:43:97:63:61:96
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/640762f4-b911-441a-995b-675a2c1eb24d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc7:2000::/36
Signature Algorithm: sha256WithRSAEncryption
11:6c:62:21:53:67:72:eb:fb:c2:c2:5c:10:da:72:a6:a9:7b:
74:95:18:9a:65:e2:00:ce:a1:4b:34:ad:7d:60:91:f6:79:64:
d1:88:b1:e7:3b:ef:c6:35:35:5b:a3:25:fb:c2:03:4a:d2:f3:
cd:fe:d7:44:ba:e8:73:c0:27:1e:b4:70:71:86:9a:c3:a1:cf:
dd:28:34:69:56:f2:7d:89:e2:20:6f:9b:09:51:bb:23:08:c0:
c8:33:f1:43:c8:ba:2d:02:d8:a4:f5:ab:98:3a:98:1a:de:45:
1a:89:7d:d8:f1:46:ee:a1:5d:cd:28:9e:10:29:e3:b7:4e:b8:
aa:65:09:7c:2d:99:5d:82:ef:99:36:d9:08:08:f6:5e:84:6e:
65:20:84:ac:cc:be:5e:5a:63:8f:8e:6e:c1:7a:e0:f4:1d:4d:
2f:78:88:19:90:45:65:b7:82:5e:15:a1:f7:50:c9:85:23:9b:
03:d4:70:8f:d6:7f:be:fa:3c:d0:cf:2d:ba:e2:53:74:03:21:
34:4a:df:57:8e:5f:23:df:9a:82:a3:5c:e2:85:89:19:7e:1d:
48:f1:3d:63:24:fc:0d:26:33:34:dc:d5:d0:7f:bf:18:1d:0f:
b5:0a:c2:ef:96:f5:07:9d:37:7d:de:b2:c7:d9:6a:a4:8d:35:
b0:3e:c8:9a
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUF1B7IX2h1zwzQ3R2r2K1NrsAWo0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA2MjAwMDExMjlaFw0yNTA3MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDUzZDViZTIxZDlhYTM1YTAxYmI1MTdmZTBhMDRmM2U4ZjljMmY3NGUyZTFh
ZDQ3NjYyNDE1NjQwMzI3NDhjNGIxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKYhRJAz4i6Rhts8Pz2T/HrrFH8iyr8oaOmKbIn89JGMCfsPIczZvwCNpxPv
J9dD3aC5H4brSMAKKk9kNh2p5RHqyMbrNBsKAj98lS4N0b8F5STgI7YMt0PZBtBs
Ue3R9OGUg3TdMHGTpncafH6YdY7DxU1bLyJVNKwZyCa5i7THH+KeqS6wFgEI7Iny
HOM9Y2en3KICd4vDL5qkwG0P8D8ghQxuQTQ8hCDF9200BGZYDzNfN7prQeM7hbTJ
nNK3mf8WNDyC5nbaa8I0FjsvpeXOvNqgbjHRQghoUtETUWIn4XknWZkhLd8Z1Xvv
hRCkLia5eyNDziTPTzR7U8RPZnMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQTVrZ4
TLQn4BJUNXJKXp5Dl2NhljAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
NjQwNzYyZjQtYjkxMS00NDFhLTk5NWItNjc1YTJjMWViMjRkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCABP8cg
MA0GCSqGSIb3DQEBCwUAA4IBAQARbGIhU2dy6/vCwlwQ2nKmqXt0lRiaZeIAzqFL
NK19YJH2eWTRiLHnO+/GNTVboyX7wgNK0vPN/tdEuuhzwCcetHBxhprDoc/dKDRp
VvJ9ieIgb5sJUbsjCMDIM/FDyLotAtik9auYOpga3kUaiX3Y8UbuoV3NKJ4QKeO3
TriqZQl8LZldgu+ZNtkICPZehG5lIISszL5eWmOPjm7BeuD0HU0veIgZkEVlt4Je
FaH3UMmFI5sD1HCP1n+++jzQzy264lN0AyE0St9Xjl8j35qCo1zihYkZfh1I8T1j
JPwNJjM03NXQf78YHQ+1CsLvlvUHnTd93rLH2WqkjTWwPsia
-----END CERTIFICATE-----
Generated at Sun Jun 29 07:43:30 2025 by rpki-client