Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/78ea1ce2-8d09-441d-ad92-848a5871e58b.roa
File: 78ea1ce2-8d09-441d-ad92-848a5871e58b.roa (raw, json)
Hash identifier: Z8jhGBn+qgb74gDBX2UTr052hqqAUvY3UNLtHafV8cA=
Subject key identifier: 98:6E:05:8B:0F:42:03:34:6E:5E:1E:EE:08:80:8D:DD:61:CC:C8:B3
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 50E76EE278FECDEE341C2F376EB1112855472F2C
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/78ea1ce2-8d09-441d-ad92-848a5871e58b.roa
Signing time: Fri 20 Jun 2025 00:21:05 +0000
ROA not before: Fri 20 Jun 2025 00:21:05 +0000
ROA not after: Fri 25 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc3::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
50:e7:6e:e2:78:fe:cd:ee:34:1c:2f:37:6e:b1:11:28:55:47:2f:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Jun 20 00:21:05 2025 GMT
Not After : Jul 25 23:59:59 2025 GMT
Subject: serialNumber=782db262dd5bff282473e56aa787d2d7cb5445e428236f859350a3aadb10aa79, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:23:12:74:b6:ae:21:84:12:78:51:65:1d:7e:
ce:65:3c:32:06:4c:32:fe:d6:b5:95:a3:b0:79:ba:
0b:df:1f:36:10:48:e3:12:2d:38:c9:fe:41:6c:10:
15:ce:a4:b8:af:4d:7e:1c:7d:b0:c7:24:54:2e:66:
36:6e:c3:b6:06:aa:b5:8b:fc:fa:f8:31:86:48:00:
af:44:9a:bf:df:77:a7:8b:54:4b:9e:8f:48:91:87:
af:d3:74:0f:74:75:f5:ce:38:b5:7b:f1:40:1f:8a:
3f:cf:72:7c:a2:22:7a:2c:6b:bb:99:69:3a:d2:06:
ec:94:47:7e:1b:48:e6:ff:ed:fc:2d:35:2f:7a:98:
5f:9f:b4:51:6c:fb:e8:67:e4:8e:5e:0b:ff:5a:57:
92:3c:f0:0a:8a:95:b1:78:05:ea:f6:de:1c:6c:81:
2e:f3:14:38:e2:f4:7d:f4:68:19:4e:f8:4c:ed:c2:
b7:4f:a4:2a:22:76:87:7d:2f:c0:3e:43:f0:ca:11:
f1:80:de:b3:0f:4d:b1:ff:ab:6f:3f:e9:5e:32:15:
70:c2:2a:36:c3:b8:e7:ee:50:ca:c5:76:98:35:30:
d8:8e:55:63:b8:70:03:6c:cc:9d:95:da:90:94:0d:
41:1a:e2:42:6b:5a:75:15:bb:e9:c9:cb:5b:f5:37:
c7:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:6E:05:8B:0F:42:03:34:6E:5E:1E:EE:08:80:8D:DD:61:CC:C8:B3
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/78ea1ce2-8d09-441d-ad92-848a5871e58b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc3::/36
Signature Algorithm: sha256WithRSAEncryption
ab:6c:28:56:b9:6e:b6:08:87:c6:6e:4a:f3:81:81:a2:b0:22:
72:2a:2c:fa:65:97:fa:f9:80:cf:80:c8:d1:9d:4a:0d:59:4c:
f7:5a:fa:e7:32:76:ed:d4:58:a9:e4:37:de:90:63:14:5b:87:
83:6f:66:28:5f:c8:a2:6e:32:e6:90:81:d2:0b:b5:ca:55:df:
cc:fc:f8:82:16:d6:fd:56:5b:fa:9d:55:d3:e2:ce:c8:b3:00:
5b:51:35:82:c5:7a:7c:24:5b:b9:50:0c:05:5a:52:79:d7:e1:
57:a2:b8:be:d7:ce:5b:88:ec:07:c3:ee:55:10:85:55:9d:4f:
20:02:9e:93:60:ff:8e:91:67:d0:48:42:56:35:59:81:94:0a:
5c:b6:ad:a5:82:8e:66:e2:d2:91:89:1d:3e:d3:f9:bb:2d:45:
bb:e4:d4:10:2d:d1:04:d3:5d:c4:87:85:ef:c4:8c:8c:09:36:
d6:61:60:a0:76:54:16:ac:85:6f:d6:ed:c1:05:c2:66:d4:9e:
05:32:00:2e:6c:4a:27:de:61:d5:fa:26:d9:a6:af:e9:80:b4:
ac:c5:9b:3a:9a:ac:26:4a:56:00:02:87:6a:2f:5d:f5:8f:2a:
be:59:a3:60:c9:0f:64:d6:fb:e0:c2:1f:d2:ab:b0:ba:e2:e9:
62:ea:58:30
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUUOdu4nj+ze40HC83brERKFVHLywwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA2MjAwMDIxMDVaFw0yNTA3MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDc4MmRiMjYyZGQ1YmZmMjgyNDczZTU2YWE3ODdkMmQ3Y2I1NDQ1ZTQyODIz
NmY4NTkzNTBhM2FhZGIxMGFhNzkxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK8jEnS2riGEEnhRZR1+zmU8MgZMMv7WtZWjsHm6C98fNhBI4xItOMn+QWwQ
Fc6kuK9Nfhx9sMckVC5mNm7DtgaqtYv8+vgxhkgAr0Sav993p4tUS56PSJGHr9N0
D3R19c44tXvxQB+KP89yfKIieixru5lpOtIG7JRHfhtI5v/t/C01L3qYX5+0UWz7
6Gfkjl4L/1pXkjzwCoqVsXgF6vbeHGyBLvMUOOL0ffRoGU74TO3Ct0+kKiJ2h30v
wD5D8MoR8YDesw9Nsf+rbz/pXjIVcMIqNsO45+5QysV2mDUw2I5VY7hwA2zMnZXa
kJQNQRriQmtadRW76cnLW/U3x+8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSYbgWL
D0IDNG5eHu4IgI3dYczIszAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
NzhlYTFjZTItOGQwOS00NDFkLWFkOTItODQ4YTU4NzFlNThiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCABP8MA
MA0GCSqGSIb3DQEBCwUAA4IBAQCrbChWuW62CIfGbkrzgYGisCJyKiz6ZZf6+YDP
gMjRnUoNWUz3WvrnMnbt1Fip5DfekGMUW4eDb2YoX8iibjLmkIHSC7XKVd/M/PiC
Ftb9Vlv6nVXT4s7IswBbUTWCxXp8JFu5UAwFWlJ51+FXori+185biOwHw+5VEIVV
nU8gAp6TYP+OkWfQSEJWNVmBlApctq2lgo5m4tKRiR0+0/m7LUW75NQQLdEE013E
h4XvxIyMCTbWYWCgdlQWrIVv1u3BBcJm1J4FMgAubEon3mHV+ibZpq/pgLSsxZs6
mqwmSlYAAodqL131jyq+WaNgyQ9k1vvgwh/Sq7C64uli6lgw
-----END CERTIFICATE-----
Generated at Sun Jun 29 02:57:51 2025 by rpki-client