Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/6ab0b120-4886-40dd-bd1e-286dca434f7f.roa
File: 6ab0b120-4886-40dd-bd1e-286dca434f7f.roa (raw, json)
Hash identifier: wTfJHesTiFB3zkjccyrmG3NdlO1jYQxLgW3czaKBds4=
Subject key identifier: CA:D9:F9:11:B4:99:55:8B:E6:D2:C3:9F:B7:7D:FF:2B:78:76:53:F6
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 0D11145C3E26EF1A65F9301127BB5F49EE38E596
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/6ab0b120-4886-40dd-bd1e-286dca434f7f.roa
Signing time: Fri 20 Jun 2025 00:20:55 +0000
ROA not before: Fri 20 Jun 2025 00:20:55 +0000
ROA not after: Fri 25 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc1:8800::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0d:11:14:5c:3e:26:ef:1a:65:f9:30:11:27:bb:5f:49:ee:38:e5:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Jun 20 00:20:55 2025 GMT
Not After : Jul 25 23:59:59 2025 GMT
Subject: serialNumber=6cbd3e90bf3d956247d3cb0a9897c197eb141fd40cf56ce094bc0386dbf58762, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:3b:8c:fc:29:bc:06:f0:97:a0:3e:8a:9e:9d:
4f:e4:07:b5:5c:c4:b8:40:6a:a9:7a:5d:13:f3:98:
f4:b8:fa:0d:4c:3e:b3:1b:6c:10:75:72:7a:68:fa:
74:8a:83:f4:33:a4:40:e6:dc:85:f8:bf:59:e5:cb:
5d:da:63:92:3b:ae:40:7c:40:a3:d7:80:d7:69:e9:
8e:de:02:f8:15:c0:c6:47:e3:a3:69:22:86:94:26:
52:7c:08:fc:bd:3e:c4:8b:e1:b8:a3:bd:97:13:05:
5b:09:d1:2d:ba:23:2c:46:37:29:06:ad:7f:7b:5a:
59:55:32:94:d0:0d:50:4a:b1:aa:4f:6a:8a:5a:fe:
92:1b:20:c7:79:55:e2:af:66:68:5a:d1:55:23:e6:
b9:d7:27:49:0d:32:08:cf:c2:34:63:9e:ae:9a:b1:
52:f2:60:30:27:fa:4c:35:5e:48:ae:3d:c2:dc:08:
19:0b:c1:cb:71:ee:d2:2d:7c:9b:bc:1a:69:b6:2c:
b8:c4:b8:2f:26:e9:e6:08:30:61:61:ce:1d:9d:2f:
7e:ff:6a:5b:ee:5a:20:b9:02:e3:60:c1:e5:2e:62:
7f:7d:62:28:82:12:69:42:25:29:67:5a:fa:67:bf:
a8:bf:27:03:3f:6a:d1:ee:90:40:7c:7a:fc:23:f9:
68:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:D9:F9:11:B4:99:55:8B:E6:D2:C3:9F:B7:7D:FF:2B:78:76:53:F6
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/6ab0b120-4886-40dd-bd1e-286dca434f7f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc1:8800::/38
Signature Algorithm: sha256WithRSAEncryption
85:90:fa:12:67:47:56:a0:6b:53:2a:b5:2a:a6:3b:d9:00:c4:
e9:e4:1d:f5:43:c9:7d:00:fc:78:93:15:33:d7:22:ac:60:4a:
70:e8:53:ab:58:71:99:6b:d7:8d:03:51:d4:4a:52:f4:52:ed:
28:e8:9e:f9:a0:8f:c8:ab:77:6a:8e:dc:b6:d8:79:68:9c:c1:
07:d4:29:8b:4d:95:9d:cb:f9:bb:41:be:4e:92:0e:e3:6c:a2:
2c:bd:56:ea:10:4f:48:76:f6:f4:0f:af:2d:7c:59:02:18:20:
a6:4e:22:9a:f2:04:77:ec:ab:e5:dc:3c:fb:8d:42:7f:56:9d:
74:80:56:0e:3b:7a:a3:75:4a:fc:be:d3:88:f2:52:41:2d:ed:
9b:18:a9:d2:ba:9e:99:dc:ff:e2:8d:e5:64:bd:3f:3a:93:36:
25:f8:56:89:bc:15:22:49:68:08:33:b2:11:e3:33:64:15:d2:
58:19:4a:bc:27:e0:b9:47:72:e2:9d:6f:af:04:ab:1e:72:2a:
c0:2e:7d:9c:de:5c:98:65:09:a8:0b:6a:91:f7:16:de:e1:bf:
d5:b5:6b:2a:31:b3:45:70:c6:31:eb:1a:3c:8e:51:f9:2a:ac:
79:d5:48:5b:04:29:29:ea:05:65:ee:1b:0d:ef:d7:60:9a:00:
48:85:94:6a
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUDREUXD4m7xpl+TARJ7tfSe445ZYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA2MjAwMDIwNTVaFw0yNTA3MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDZjYmQzZTkwYmYzZDk1NjI0N2QzY2IwYTk4OTdjMTk3ZWIxNDFmZDQwY2Y1
NmNlMDk0YmMwMzg2ZGJmNTg3NjIxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKI7jPwpvAbwl6A+ip6dT+QHtVzEuEBqqXpdE/OY9Lj6DUw+sxtsEHVyemj6
dIqD9DOkQObchfi/WeXLXdpjkjuuQHxAo9eA12npjt4C+BXAxkfjo2kihpQmUnwI
/L0+xIvhuKO9lxMFWwnRLbojLEY3KQatf3taWVUylNANUEqxqk9qilr+khsgx3lV
4q9maFrRVSPmudcnSQ0yCM/CNGOerpqxUvJgMCf6TDVeSK49wtwIGQvBy3Hu0i18
m7waabYsuMS4Lybp5ggwYWHOHZ0vfv9qW+5aILkC42DB5S5if31iKIISaUIlKWda
+me/qL8nAz9q0e6QQHx6/CP5aOkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTK2fkR
tJlVi+bSw5+3ff8reHZT9jAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
NmFiMGIxMjAtNDg4Ni00MGRkLWJkMWUtMjg2ZGNhNDM0ZjdmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAiABP8GI
MA0GCSqGSIb3DQEBCwUAA4IBAQCFkPoSZ0dWoGtTKrUqpjvZAMTp5B31Q8l9APx4
kxUz1yKsYEpw6FOrWHGZa9eNA1HUSlL0Uu0o6J75oI/Iq3dqjty22HlonMEH1CmL
TZWdy/m7Qb5Okg7jbKIsvVbqEE9Idvb0D68tfFkCGCCmTiKa8gR37Kvl3Dz7jUJ/
Vp10gFYOO3qjdUr8vtOI8lJBLe2bGKnSup6Z3P/ijeVkvT86kzYl+FaJvBUiSWgI
M7IR4zNkFdJYGUq8J+C5R3LinW+vBKsecirALn2c3lyYZQmoC2qR9xbe4b/VtWsq
MbNFcMYx6xo8jlH5Kqx51UhbBCkp6gVl7hsN79dgmgBIhZRq
-----END CERTIFICATE-----
Generated at Sun Jun 29 03:00:19 2025 by rpki-client