Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/654f1481-ba50-463b-9997-0d385dd9b0a3.roa
File: 654f1481-ba50-463b-9997-0d385dd9b0a3.roa (raw, json)
Hash identifier: mGn74KJrc7KRMQMJXx947Dds/cqqrAmg+TNoQ1fwYNk=
Subject key identifier: C7:06:51:56:A9:46:B9:D3:CA:1E:B3:84:EE:B1:A6:B7:61:A6:69:43
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 7AC0B96C337047E60702981B6C80C01C961D086F
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/654f1481-ba50-463b-9997-0d385dd9b0a3.roa
Signing time: Fri 20 Jun 2025 00:10:38 +0000
ROA not before: Fri 20 Jun 2025 00:10:38 +0000
ROA not after: Fri 25 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc0:800::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Jun 2025 00:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7a:c0:b9:6c:33:70:47:e6:07:02:98:1b:6c:80:c0:1c:96:1d:08:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Jun 20 00:10:38 2025 GMT
Not After : Jul 25 23:59:59 2025 GMT
Subject: serialNumber=88931230808e27be15725a1f7c328ba90c60033d2026cdf94baa98b3eaab49b1, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:02:a2:c6:a6:59:7f:1c:18:ff:77:ec:5d:78:
6e:49:e7:99:25:e2:bd:b7:27:9f:2c:a7:48:ec:47:
f5:7a:62:a0:72:76:6b:0d:cc:83:42:b1:07:aa:8c:
10:7b:aa:a3:41:95:7a:f2:cf:c6:b1:40:b9:d3:56:
af:91:87:65:d4:fb:99:66:27:11:81:70:ba:1c:53:
72:26:ab:2c:e5:c8:d0:2c:e4:05:88:6a:c9:7f:58:
9a:a8:91:e4:8c:ba:af:d4:c2:6f:40:37:0a:26:86:
7f:12:ab:25:63:a5:e7:cf:b7:59:e4:2b:70:e0:e7:
82:98:f0:c3:3a:12:c4:72:fd:d9:8b:8f:3b:dc:9a:
7b:0f:4c:7a:87:45:15:f5:33:b5:d5:e4:81:4b:bc:
63:78:f2:57:10:66:87:3a:3c:c5:54:5a:c6:4a:a1:
2a:c1:7a:d8:95:ca:74:7e:21:21:a4:3a:d1:89:85:
10:c3:2a:dc:57:ac:08:ed:db:b8:1e:92:51:54:bc:
98:3c:26:2b:0d:3d:5b:11:91:4a:83:a7:49:a8:e7:
f1:2c:05:fa:5f:e2:65:93:ef:fb:49:e5:9c:fc:58:
16:ea:b2:9c:52:f3:fe:47:09:07:01:cb:8b:64:ff:
f0:43:3b:99:ef:b2:d8:ec:73:3b:fe:1f:c1:da:a5:
86:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:06:51:56:A9:46:B9:D3:CA:1E:B3:84:EE:B1:A6:B7:61:A6:69:43
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/654f1481-ba50-463b-9997-0d385dd9b0a3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc0:800::/40
Signature Algorithm: sha256WithRSAEncryption
74:33:bb:01:df:ee:42:0c:88:ef:ff:26:51:01:37:0f:e0:2f:
08:56:e0:c2:99:9c:92:cd:bf:87:8a:0f:52:1b:f8:2f:bd:e0:
e0:f9:01:f4:fb:be:d7:ff:52:3f:8f:ea:9b:7e:30:55:44:66:
46:1d:ee:91:7d:99:2f:d7:2e:23:d5:e4:34:4a:05:5c:dd:07:
eb:79:fc:c0:0d:f0:b5:be:ec:ea:3f:ca:fa:f6:3b:08:3e:68:
43:15:1b:b6:39:80:d2:58:99:8d:c5:69:f8:47:fd:36:e3:4c:
14:34:b7:66:73:4f:21:18:cb:d9:de:b4:61:ef:90:64:fd:27:
7b:08:22:28:d4:dc:d7:45:3e:b5:07:a7:f3:17:1c:70:1b:b2:
b7:39:d4:4a:f8:a5:84:ae:b8:da:2b:63:bb:d6:80:40:d2:2a:
01:14:0d:6b:a9:3c:2a:12:67:68:25:08:eb:ea:54:19:1e:46:
30:c9:3d:59:68:8b:ed:3f:14:43:0b:53:79:db:47:15:dc:03:
f0:dd:10:48:bf:e0:76:e4:2c:91:31:64:7d:03:3b:5e:95:23:
87:41:c4:d5:04:fc:9e:02:f6:9c:5a:58:98:6b:70:1c:ad:af:
5f:dc:13:e3:85:e1:52:bc:f5:94:80:45:73:c6:15:02:63:bd:
07:b4:90:9e
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUesC5bDNwR+YHApgbbIDAHJYdCG8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA2MjAwMDEwMzhaFw0yNTA3MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDg4OTMxMjMwODA4ZTI3YmUxNTcyNWExZjdjMzI4YmE5MGM2MDAzM2QyMDI2
Y2RmOTRiYWE5OGIzZWFhYjQ5YjExLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANECosamWX8cGP937F14bknnmSXivbcnnyynSOxH9XpioHJ2aw3Mg0KxB6qM
EHuqo0GVevLPxrFAudNWr5GHZdT7mWYnEYFwuhxTciarLOXI0CzkBYhqyX9YmqiR
5Iy6r9TCb0A3CiaGfxKrJWOl58+3WeQrcODngpjwwzoSxHL92YuPO9yaew9MeodF
FfUztdXkgUu8Y3jyVxBmhzo8xVRaxkqhKsF62JXKdH4hIaQ60YmFEMMq3FesCO3b
uB6SUVS8mDwmKw09WxGRSoOnSajn8SwF+l/iZZPv+0nlnPxYFuqynFLz/kcJBwHL
i2T/8EM7me+y2OxzO/4fwdqlhjsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTHBlFW
qUa508oes4Tusaa3YaZpQzAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
NjU0ZjE0ODEtYmE1MC00NjNiLTk5OTctMGQzODVkZDliMGEzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACABP8AI
MA0GCSqGSIb3DQEBCwUAA4IBAQB0M7sB3+5CDIjv/yZRATcP4C8IVuDCmZySzb+H
ig9SG/gvveDg+QH0+77X/1I/j+qbfjBVRGZGHe6RfZkv1y4j1eQ0SgVc3QfrefzA
DfC1vuzqP8r69jsIPmhDFRu2OYDSWJmNxWn4R/0240wUNLdmc08hGMvZ3rRh75Bk
/Sd7CCIo1NzXRT61B6fzFxxwG7K3OdRK+KWErrjaK2O71oBA0ioBFA1rqTwqEmdo
JQjr6lQZHkYwyT1ZaIvtPxRDC1N520cV3APw3RBIv+B25CyRMWR9AztelSOHQcTV
BPyeAvacWliYa3Acra9f3BPjheFSvPWUgEVzxhUCY70HtJCe
-----END CERTIFICATE-----
Generated at Sun Jun 29 07:39:28 2025 by rpki-client