Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/7a702f26-ffbc-4360-bbd5-3f1d03920b68.roa
File: 7a702f26-ffbc-4360-bbd5-3f1d03920b68.roa (raw, json)
Hash identifier: ZMigZpa81WP4VdGlFEvjHtFAt8aLrCpbujWY9hKubFg=
Subject key identifier: 82:BC:27:EF:C5:AC:AB:CF:3A:19:8A:F3:BC:80:27:65:9B:16:57:AF
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 54CFA1E517B0272D0B5704B33C7462534857B0D9
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/7a702f26-ffbc-4360-bbd5-3f1d03920b68.roa
Signing time: Fri 20 Jun 2025 00:11:25 +0000
ROA not before: Fri 20 Jun 2025 00:11:25 +0000
ROA not after: Fri 25 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc7:b880::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Jun 2025 00:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
54:cf:a1:e5:17:b0:27:2d:0b:57:04:b3:3c:74:62:53:48:57:b0:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Jun 20 00:11:25 2025 GMT
Not After : Jul 25 23:59:59 2025 GMT
Subject: serialNumber=4e583f0b3d287fdaa19995f46679081cd5f3c85a13d5b30061acb3768c6129a7, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:49:8c:6d:1e:91:01:9f:2b:2b:eb:2b:20:6e:
4e:ee:e2:0a:31:e7:23:b6:be:01:41:44:50:e0:c8:
03:0c:28:39:34:10:25:9e:b8:b6:4f:d5:0a:cc:2a:
7d:c0:8e:f6:09:c5:b6:fc:5d:4c:48:c2:17:2a:db:
60:4c:3e:ec:15:31:6c:be:0f:c0:75:59:9f:ae:01:
3d:a2:18:e2:8a:f6:87:23:1f:0c:f5:51:a3:e5:a0:
3b:16:f6:4f:17:61:d7:6c:78:fd:7d:39:e7:46:78:
8f:c3:4d:20:3e:7f:b5:84:df:6f:cf:14:67:1c:03:
c7:51:c1:d8:62:8c:42:07:f6:50:04:ff:88:c3:69:
c9:f3:00:db:87:b0:dd:17:b0:f4:c1:f9:17:c6:ba:
71:c1:a9:22:a4:f2:2c:49:3c:b5:2c:d2:84:45:aa:
18:01:e9:b4:b7:fc:47:de:1e:ec:2c:bf:f6:e8:56:
79:59:9a:56:e7:2f:1d:d8:41:df:67:5d:ec:4a:80:
de:65:19:00:0b:36:05:77:ea:5b:7b:e8:41:d9:08:
f8:8e:6a:de:38:71:91:1d:c2:da:a0:f3:e1:94:9d:
a8:a2:f4:05:71:17:ce:84:05:8c:23:16:51:a0:4e:
68:2e:5b:69:0e:d4:d3:7d:10:49:bd:9e:e7:c3:6e:
bf:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:BC:27:EF:C5:AC:AB:CF:3A:19:8A:F3:BC:80:27:65:9B:16:57:AF
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/7a702f26-ffbc-4360-bbd5-3f1d03920b68.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc7:b880::/46
Signature Algorithm: sha256WithRSAEncryption
35:75:45:65:dd:59:60:47:25:d0:d3:63:cb:ad:82:15:96:e9:
d0:c6:76:f8:d3:be:5f:e2:0f:eb:41:98:6f:b6:67:8f:52:06:
2e:1a:fe:7d:3e:96:d1:e9:6c:83:70:81:0a:e2:77:1e:ab:25:
12:c9:86:be:c1:40:de:b6:35:47:a2:91:2d:3b:56:db:3f:3c:
0a:05:55:a9:b9:51:86:1e:2e:96:aa:27:5c:0a:1f:85:9d:2e:
2f:1a:c4:16:a6:2e:63:a0:46:e7:43:26:74:d5:6b:a0:fd:58:
cf:35:22:21:99:73:07:18:dc:37:ae:d3:8d:4a:ea:ad:b1:20:
0b:be:24:ec:44:57:fa:f9:e9:c1:1f:de:f1:db:d5:8c:36:55:
c3:9c:53:c0:58:3e:b3:0e:a6:5a:5a:6f:25:e1:5b:a4:65:9f:
00:df:a6:90:d0:29:af:6c:f7:a4:dd:be:27:8f:af:9d:37:a2:
bd:b5:e9:f1:a1:02:65:7e:3f:cb:67:0e:1d:a2:23:38:11:f4:
42:c9:34:ef:0a:19:72:a6:42:67:fe:6b:05:d3:d5:6e:5e:4b:
d1:b6:58:36:16:69:b9:75:62:de:03:a0:f1:59:8d:35:98:07:
ad:25:ab:79:df:d8:f0:fb:77:2f:91:ea:10:19:3b:af:40:e1:
c6:ac:58:29
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUVM+h5RewJy0LVwSzPHRiU0hXsNkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA2MjAwMDExMjVaFw0yNTA3MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDRlNTgzZjBiM2QyODdmZGFhMTk5OTVmNDY2NzkwODFjZDVmM2M4NWExM2Q1
YjMwMDYxYWNiMzc2OGM2MTI5YTcxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALpJjG0ekQGfKyvrKyBuTu7iCjHnI7a+AUFEUODIAwwoOTQQJZ64tk/VCswq
fcCO9gnFtvxdTEjCFyrbYEw+7BUxbL4PwHVZn64BPaIY4or2hyMfDPVRo+WgOxb2
Txdh12x4/X0550Z4j8NNID5/tYTfb88UZxwDx1HB2GKMQgf2UAT/iMNpyfMA24ew
3Rew9MH5F8a6ccGpIqTyLEk8tSzShEWqGAHptLf8R94e7Cy/9uhWeVmaVucvHdhB
32dd7EqA3mUZAAs2BXfqW3voQdkI+I5q3jhxkR3C2qDz4ZSdqKL0BXEXzoQFjCMW
UaBOaC5baQ7U030QSb2e58NuvzcCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSCvCfv
xayrzzoZivO8gCdlmxZXrzAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
N2E3MDJmMjYtZmZiYy00MzYwLWJiZDUtM2YxZDAzOTIwYjY4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAiABP8e4
gDANBgkqhkiG9w0BAQsFAAOCAQEANXVFZd1ZYEcl0NNjy62CFZbp0MZ2+NO+X+IP
60GYb7Znj1IGLhr+fT6W0elsg3CBCuJ3HqslEsmGvsFA3rY1R6KRLTtW2z88CgVV
qblRhh4ulqonXAofhZ0uLxrEFqYuY6BG50MmdNVroP1YzzUiIZlzBxjcN67TjUrq
rbEgC74k7ERX+vnpwR/e8dvVjDZVw5xTwFg+sw6mWlpvJeFbpGWfAN+mkNApr2z3
pN2+J4+vnTeivbXp8aECZX4/y2cOHaIjOBH0Qsk07woZcqZCZ/5rBdPVbl5L0bZY
NhZpuXVi3gOg8VmNNZgHrSWred/Y8Pt3L5HqEBk7r0DhxqxYKQ==
-----END CERTIFICATE-----
Generated at Sun Jun 29 07:43:09 2025 by rpki-client