Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/6ab0b120-4886-40dd-bd1e-286dca434f7f.roa
File: 6ab0b120-4886-40dd-bd1e-286dca434f7f.roa (raw, json)
Hash identifier: ABptxkIFR6AgA8Dtmus7a1nQO2Pnt4rTg86KPL8O0GU=
Subject key identifier: 4C:51:55:88:52:06:69:17:FB:21:D7:C1:B3:F9:26:12:D6:B0:C2:23
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 1330F0C10B9135B4EB065B8E1A8EB2D301E6AC30
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/6ab0b120-4886-40dd-bd1e-286dca434f7f.roa
Signing time: Sat 09 Aug 2025 00:21:14 +0000
ROA not before: Sat 09 Aug 2025 00:21:14 +0000
ROA not after: Sat 13 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc1:8800::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
13:30:f0:c1:0b:91:35:b4:eb:06:5b:8e:1a:8e:b2:d3:01:e6:ac:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Aug 9 00:21:14 2025 GMT
Not After : Sep 13 23:59:59 2025 GMT
Subject: serialNumber=25d8c3793e3acdf12cda51e1da31f5bd13de91b5dbcca1957eb27ff578898c2f, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:0a:90:e0:d3:94:65:4b:c4:03:d9:8e:79:d9:
3a:36:a3:a7:83:21:94:22:05:db:5b:70:52:2b:9d:
23:2f:7c:45:7f:c8:7a:15:a6:27:5b:ba:db:5b:6e:
7b:c8:fd:a1:28:2e:25:4c:9d:03:a9:d7:76:61:e7:
ac:68:c2:5f:9a:05:7e:ec:61:53:62:e8:6c:37:a5:
13:7f:49:e1:b0:b5:73:6a:21:12:1d:64:0f:e9:4f:
d0:6f:70:42:52:61:d5:dd:3e:26:66:ed:07:cf:48:
c4:9b:4b:10:5d:97:09:5c:b0:df:2f:3c:eb:d3:6b:
b6:5c:55:4e:7f:17:4d:a8:86:ac:9c:17:c7:ad:a6:
87:1a:bb:5a:56:b2:aa:4d:aa:0e:8e:66:e8:b5:bc:
16:4b:38:f6:d0:31:ee:9b:2c:f9:10:23:10:06:52:
c9:7b:1e:c9:d5:4c:39:74:37:a7:ce:69:7f:94:4a:
ae:58:fe:b3:07:ee:1d:7a:17:84:0f:3d:7b:e7:24:
96:2d:8e:a5:5e:3b:bc:a2:9c:d4:8d:53:f2:d8:a9:
29:55:8f:73:9c:96:13:68:2f:2e:a5:71:d6:e2:53:
53:76:8a:ef:f8:53:38:c1:67:ab:37:2c:2e:6f:0a:
30:fe:4c:c7:0b:5a:41:a3:05:d1:80:f9:98:3d:f9:
47:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:51:55:88:52:06:69:17:FB:21:D7:C1:B3:F9:26:12:D6:B0:C2:23
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/6ab0b120-4886-40dd-bd1e-286dca434f7f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc1:8800::/38
Signature Algorithm: sha256WithRSAEncryption
3e:d1:9a:a0:5d:83:eb:68:65:1d:fb:e9:f1:be:2a:5e:3a:8e:
dc:f0:13:e1:a8:e5:7f:18:b6:09:d2:6d:23:e6:85:5e:48:e2:
79:4c:3d:a8:fc:4f:c2:7d:4a:c1:96:69:b6:ed:92:c2:c1:89:
a6:56:f3:e3:ef:21:71:19:39:75:ba:a0:26:a8:af:10:75:38:
f8:17:95:91:56:c5:b6:4b:d4:33:2b:58:01:dd:7f:02:ca:bc:
3a:ce:98:50:99:a0:39:59:15:1a:3e:b3:16:fb:81:cc:e0:62:
91:6f:42:a8:bf:38:38:6b:95:26:24:e5:2f:3f:be:10:e7:f8:
b0:7c:0c:85:63:a2:09:5b:69:ef:4d:08:b6:91:7c:ac:ad:e8:
2f:9a:5c:17:5b:2c:ee:47:79:34:29:88:83:b0:02:8a:e9:e1:
6c:3e:57:b7:21:7e:b3:c9:d2:67:21:13:ff:f3:40:b3:51:97:
66:11:ee:89:62:1d:e7:5e:89:ec:1b:66:e3:b9:5b:fd:db:3f:
d7:d6:96:c2:e9:c2:3e:82:7c:0e:01:4c:6d:30:89:29:66:cc:
bb:cf:97:6d:ac:5f:e5:26:bb:4d:f8:d3:f0:d5:84:90:f7:0c:
e1:53:37:04:6c:1f:31:29:03:75:11:ea:72:f4:09:2f:77:39:
fd:78:5a:65
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUEzDwwQuRNbTrBluOGo6y0wHmrDAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA4MDkwMDIxMTRaFw0yNTA5MTMyMzU5NTlaMHoxSTBHBgNV
BAUTQDI1ZDhjMzc5M2UzYWNkZjEyY2RhNTFlMWRhMzFmNWJkMTNkZTkxYjVkYmNj
YTE5NTdlYjI3ZmY1Nzg4OThjMmYxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKIKkODTlGVLxAPZjnnZOjajp4MhlCIF21twUiudIy98RX/IehWmJ1u621tu
e8j9oSguJUydA6nXdmHnrGjCX5oFfuxhU2LobDelE39J4bC1c2ohEh1kD+lP0G9w
QlJh1d0+JmbtB89IxJtLEF2XCVyw3y8869NrtlxVTn8XTaiGrJwXx62mhxq7Wlay
qk2qDo5m6LW8Fks49tAx7pss+RAjEAZSyXseydVMOXQ3p85pf5RKrlj+swfuHXoX
hA89e+ckli2OpV47vKKc1I1T8tipKVWPc5yWE2gvLqVx1uJTU3aK7/hTOMFnqzcs
Lm8KMP5MxwtaQaMF0YD5mD35R2MCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRMUVWI
UgZpF/sh18Gz+SYS1rDCIzAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
NmFiMGIxMjAtNDg4Ni00MGRkLWJkMWUtMjg2ZGNhNDM0ZjdmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAiABP8GI
MA0GCSqGSIb3DQEBCwUAA4IBAQA+0ZqgXYPraGUd++nxvipeOo7c8BPhqOV/GLYJ
0m0j5oVeSOJ5TD2o/E/CfUrBlmm27ZLCwYmmVvPj7yFxGTl1uqAmqK8QdTj4F5WR
VsW2S9QzK1gB3X8Cyrw6zphQmaA5WRUaPrMW+4HM4GKRb0Kovzg4a5UmJOUvP74Q
5/iwfAyFY6IJW2nvTQi2kXysregvmlwXWyzuR3k0KYiDsAKK6eFsPle3IX6zydJn
IRP/80CzUZdmEe6JYh3nXonsG2bjuVv92z/X1pbC6cI+gnwOAUxtMIkpZsy7z5dt
rF/lJrtN+NPw1YSQ9wzhUzcEbB8xKQN1Eepy9Akvdzn9eFpl
-----END CERTIFICATE-----
Generated at Sat Aug 23 06:45:24 2025 by rpki-client