Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/73ed1ee7-6ac5-4ab1-90b4-41a0fe75ac58.roa
File: 73ed1ee7-6ac5-4ab1-90b4-41a0fe75ac58.roa (raw, json)
Hash identifier: 5dvKrY25VMY5IKQW118gTyF5RWoWVnK3atLIwE3Y96s=
Subject key identifier: F0:67:1F:20:A5:28:CE:E6:D6:01:DD:11:57:A5:27:02:9A:A5:E1:B2
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 1EC014B7A9E801581157B667302127C34DC160F8
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/73ed1ee7-6ac5-4ab1-90b4-41a0fe75ac58.roa
Signing time: Fri 20 Jun 2025 00:11:21 +0000
ROA not before: Fri 20 Jun 2025 00:11:21 +0000
ROA not after: Fri 25 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc7:b000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1e:c0:14:b7:a9:e8:01:58:11:57:b6:67:30:21:27:c3:4d:c1:60:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Jun 20 00:11:21 2025 GMT
Not After : Jul 25 23:59:59 2025 GMT
Subject: serialNumber=307dd30a39208e80b9e94c04af06f7c5423b327138d65af5598c30573176a04b, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:21:eb:50:8c:22:3d:74:cc:40:5b:57:74:7c:
2b:37:68:29:38:44:97:6c:1e:4a:64:e2:56:5c:24:
af:08:9b:9f:a7:20:16:a8:dc:ea:81:84:a6:d5:13:
13:63:80:e6:e7:84:26:32:ff:74:e0:89:72:27:c8:
c8:b1:a3:43:d7:6f:34:99:5b:bb:ca:54:36:b4:04:
ac:45:57:e4:24:bf:a8:da:87:94:19:db:ca:c5:38:
b1:5b:66:c6:48:79:b1:9d:e6:43:56:77:1b:66:c5:
f0:7e:2b:1d:e7:2a:00:f1:19:41:ec:1e:29:1a:26:
49:0c:d7:f0:5c:f4:94:88:9c:18:00:4f:9e:f1:97:
d6:c5:3d:67:14:08:cf:18:cc:06:31:c1:26:fe:22:
ac:ec:d1:63:ec:d8:67:80:72:4b:8b:10:02:6c:af:
61:db:f1:e2:bd:6d:8e:fc:23:27:08:2e:fc:c3:7f:
1d:96:f9:e4:9c:90:e3:bb:70:61:57:63:80:3b:e8:
3b:be:6c:b2:4a:ef:33:b7:1a:26:29:34:e0:7d:c8:
f0:97:45:21:7d:6d:25:74:f6:80:76:a3:2e:9c:22:
be:a8:2b:25:73:7e:4c:10:14:f1:bf:81:43:9d:b1:
db:e3:05:d1:30:b9:a6:3a:2d:c8:96:de:08:2e:1e:
d7:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:67:1F:20:A5:28:CE:E6:D6:01:DD:11:57:A5:27:02:9A:A5:E1:B2
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/73ed1ee7-6ac5-4ab1-90b4-41a0fe75ac58.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc7:b000::/36
Signature Algorithm: sha256WithRSAEncryption
33:7d:6a:27:13:e9:3e:d9:a3:f8:bc:eb:d4:2b:69:bd:de:78:
60:5a:54:3b:10:71:63:54:34:6e:b8:19:89:82:84:ed:1a:74:
f8:6c:a5:36:52:15:cb:e6:cc:97:3d:bf:20:6e:23:f8:ca:42:
99:a9:18:99:2e:13:b1:c3:c3:26:30:c5:63:f5:15:f5:26:a8:
9e:3b:b6:c1:0d:03:27:a2:09:2b:f9:bc:81:3a:4a:7f:d4:14:
cc:18:5f:83:86:da:1b:e9:3a:00:2e:de:d8:06:fa:1c:bb:b3:
d0:06:48:f3:d6:53:40:e9:0d:12:1b:af:4d:4f:2e:c7:ab:12:
93:bd:ee:0a:e3:a5:2a:07:84:f9:ee:d1:a7:0c:66:30:e0:6c:
f9:43:f9:dc:8a:9a:1f:d9:04:5a:b2:9c:8a:c9:d4:3f:92:82:
82:51:d2:17:6e:91:17:29:42:43:f7:95:b4:9d:eb:ae:62:c9:
d1:87:5d:f9:25:35:74:5b:4c:ce:e6:5d:b6:37:74:a6:3f:c8:
6e:77:4c:ab:1e:c7:8e:f7:8c:49:e0:0d:81:4f:fd:26:e7:d0:
97:89:e6:78:30:a7:87:b3:bb:35:1a:be:c7:f1:e2:be:3b:8d:
36:d7:22:10:d1:68:21:f1:54:93:06:00:91:dd:42:35:ea:e4:
f4:d9:87:53
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUHsAUt6noAVgRV7ZnMCEnw03BYPgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA2MjAwMDExMjFaFw0yNTA3MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDMwN2RkMzBhMzkyMDhlODBiOWU5NGMwNGFmMDZmN2M1NDIzYjMyNzEzOGQ2
NWFmNTU5OGMzMDU3MzE3NmEwNGIxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANoh61CMIj10zEBbV3R8KzdoKThEl2weSmTiVlwkrwibn6cgFqjc6oGEptUT
E2OA5ueEJjL/dOCJcifIyLGjQ9dvNJlbu8pUNrQErEVX5CS/qNqHlBnbysU4sVtm
xkh5sZ3mQ1Z3G2bF8H4rHecqAPEZQeweKRomSQzX8Fz0lIicGABPnvGX1sU9ZxQI
zxjMBjHBJv4irOzRY+zYZ4ByS4sQAmyvYdvx4r1tjvwjJwgu/MN/HZb55JyQ47tw
YVdjgDvoO75sskrvM7caJik04H3I8JdFIX1tJXT2gHajLpwivqgrJXN+TBAU8b+B
Q52x2+MF0TC5pjotyJbeCC4e190CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTwZx8g
pSjO5tYB3RFXpScCmqXhsjAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
NzNlZDFlZTctNmFjNS00YWIxLTkwYjQtNDFhMGZlNzVhYzU4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCABP8ew
MA0GCSqGSIb3DQEBCwUAA4IBAQAzfWonE+k+2aP4vOvUK2m93nhgWlQ7EHFjVDRu
uBmJgoTtGnT4bKU2UhXL5syXPb8gbiP4ykKZqRiZLhOxw8MmMMVj9RX1JqieO7bB
DQMnogkr+byBOkp/1BTMGF+Dhtob6ToALt7YBvocu7PQBkjz1lNA6Q0SG69NTy7H
qxKTve4K46UqB4T57tGnDGYw4Gz5Q/ncipof2QRaspyKydQ/koKCUdIXbpEXKUJD
95W0neuuYsnRh135JTV0W0zO5l22N3SmP8hud0yrHseO94xJ4A2BT/0m59CXieZ4
MKeHs7s1Gr7H8eK+O4021yIQ0Wgh8VSTBgCR3UI16uT02YdT
-----END CERTIFICATE-----
Generated at Sun Jun 29 05:00:25 2025 by rpki-client