Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/7146d24a-48dc-45b1-ac1b-2a6c2d7b7b19.roa
File: 7146d24a-48dc-45b1-ac1b-2a6c2d7b7b19.roa (raw, json)
Hash identifier: wJ0sE3AP2cERCKHPDgtdERtjPIK1HP4shW/pUcfmDcU=
Subject key identifier: E7:BD:0E:8D:41:A4:A6:7A:61:6A:C3:45:B2:74:E3:21:17:4A:A7:45
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 38D17B8C1CEDF008C783AB934C91B089E86AFD96
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/7146d24a-48dc-45b1-ac1b-2a6c2d7b7b19.roa
Signing time: Fri 20 Jun 2025 00:20:20 +0000
ROA not before: Fri 20 Jun 2025 00:20:20 +0000
ROA not after: Fri 25 Jul 2025 23:59:59 +0000
asID: 14618
IP address blocks: 2001:3fc3:800::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 15:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
38:d1:7b:8c:1c:ed:f0:08:c7:83:ab:93:4c:91:b0:89:e8:6a:fd:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Jun 20 00:20:20 2025 GMT
Not After : Jul 25 23:59:59 2025 GMT
Subject: serialNumber=6a2f719247dd9aaaaa9bc349def4a57a7ffa5e2f60f1a9a0a8e323988ab5e670, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:03:47:af:0e:ee:dc:50:9a:9c:fc:e1:36:b2:
be:1c:a6:9a:f0:45:58:92:00:7a:43:1a:b8:f4:65:
d3:0b:bb:c0:9c:9e:18:74:49:75:93:15:e5:00:31:
61:3b:a8:37:71:80:48:20:a6:c6:0f:f0:09:2b:60:
a6:5a:43:21:40:44:44:04:e6:4f:2b:02:b4:3e:dd:
f2:95:3c:91:9b:52:a2:fb:9e:8f:55:4f:af:32:69:
1e:98:9a:d9:33:3a:0a:ce:83:9b:58:28:c1:ea:c3:
06:1f:1a:3b:05:47:3e:34:90:bd:5d:76:ca:b8:4e:
9a:81:f5:34:19:73:c5:e6:40:14:ff:eb:80:3a:91:
04:f9:02:e0:72:6c:16:0c:96:59:fb:f7:21:94:10:
95:fb:a7:dd:25:e1:56:ab:27:50:f0:ab:87:68:28:
f1:5a:eb:7e:0d:94:3b:e7:1c:6f:16:aa:4d:20:f5:
95:3c:ce:f8:fc:b9:86:41:9b:ba:c8:f0:db:f2:fd:
a4:7d:2b:75:5e:c7:9e:62:97:32:90:2e:d2:08:4c:
d7:69:e2:a9:45:b0:02:81:74:9d:e2:c2:e3:e1:c7:
c0:e8:c8:5e:ac:be:8e:97:25:12:44:b5:1c:af:9d:
f2:9e:c1:b1:b6:4a:6b:b8:68:b1:8a:2c:44:02:e3:
89:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:BD:0E:8D:41:A4:A6:7A:61:6A:C3:45:B2:74:E3:21:17:4A:A7:45
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/7146d24a-48dc-45b1-ac1b-2a6c2d7b7b19.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc3:800::/40
Signature Algorithm: sha256WithRSAEncryption
9d:a7:21:79:7d:f2:89:da:05:b9:c7:e3:3c:4d:b7:1a:13:68:
01:08:16:5a:63:35:66:d7:4e:ba:5e:92:41:d4:5e:01:e6:10:
1f:a2:7d:94:df:a6:33:cb:7a:ce:f9:9b:e0:dd:65:c4:7e:c7:
66:ca:75:0f:91:f1:2e:04:5a:5b:c2:15:07:85:8c:f5:bf:4b:
e6:af:51:9f:76:e7:73:05:1f:27:08:62:60:0e:ca:28:31:56:
6a:1c:23:19:29:57:08:14:82:bc:1c:be:21:f4:1a:4b:03:c2:
a3:11:86:7b:be:b3:b7:bf:96:c0:51:58:eb:f0:2e:ff:a2:3f:
11:b7:38:48:fc:10:dd:e8:c4:0f:eb:75:b1:50:72:c0:e5:fb:
2a:5d:b2:76:2f:f9:4d:68:f6:9e:c0:9d:8c:16:fa:32:15:5b:
ba:df:1e:96:dc:c2:af:1f:8e:67:69:d3:6b:cf:e1:b3:81:4f:
c2:b2:4a:65:d8:da:c1:54:0b:d9:c3:b7:ac:18:7b:c5:d9:eb:
9d:eb:ca:cc:4b:bd:53:12:45:b6:6f:00:53:a5:d3:54:81:89:
a0:25:a5:27:96:4d:e3:2c:78:e2:e8:db:36:af:ed:ac:39:95:
49:c6:49:34:95:e6:24:58:64:d0:2a:3b:d5:e9:71:bc:70:e9:
5a:8c:44:62
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUONF7jBzt8AjHg6uTTJGwiehq/ZYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA2MjAwMDIwMjBaFw0yNTA3MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDZhMmY3MTkyNDdkZDlhYWFhYTliYzM0OWRlZjRhNTdhN2ZmYTVlMmY2MGYx
YTlhMGE4ZTMyMzk4OGFiNWU2NzAxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIkDR68O7txQmpz84TayvhymmvBFWJIAekMauPRl0wu7wJyeGHRJdZMV5QAx
YTuoN3GASCCmxg/wCStgplpDIUBERATmTysCtD7d8pU8kZtSovuej1VPrzJpHpia
2TM6Cs6Dm1gowerDBh8aOwVHPjSQvV12yrhOmoH1NBlzxeZAFP/rgDqRBPkC4HJs
FgyWWfv3IZQQlfun3SXhVqsnUPCrh2go8Vrrfg2UO+ccbxaqTSD1lTzO+Py5hkGb
usjw2/L9pH0rdV7HnmKXMpAu0ghM12niqUWwAoF0neLC4+HHwOjIXqy+jpclEkS1
HK+d8p7BsbZKa7hosYosRALjiacCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTnvQ6N
QaSmemFqw0WydOMhF0qnRTAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
NzE0NmQyNGEtNDhkYy00NWIxLWFjMWItMmE2YzJkN2I3YjE5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACABP8MI
MA0GCSqGSIb3DQEBCwUAA4IBAQCdpyF5ffKJ2gW5x+M8TbcaE2gBCBZaYzVm1066
XpJB1F4B5hAfon2U36Yzy3rO+Zvg3WXEfsdmynUPkfEuBFpbwhUHhYz1v0vmr1Gf
dudzBR8nCGJgDsooMVZqHCMZKVcIFIK8HL4h9BpLA8KjEYZ7vrO3v5bAUVjr8C7/
oj8RtzhI/BDd6MQP63WxUHLA5fsqXbJ2L/lNaPaewJ2MFvoyFVu63x6W3MKvH45n
adNrz+GzgU/Cskpl2NrBVAvZw7esGHvF2eud68rMS71TEkW2bwBTpdNUgYmgJaUn
lk3jLHji6Ns2r+2sOZVJxkk0leYkWGTQKjvV6XG8cOlajERi
-----END CERTIFICATE-----
Generated at Sun Jun 29 00:01:20 2025 by rpki-client