Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/7da13080-67e7-4ae7-b0bb-d85b087719b7.roa
File: 7da13080-67e7-4ae7-b0bb-d85b087719b7.roa (raw, json)
Hash identifier: SIEFVty7OBDlfcdKHvnZBdaC4qtuiuy/x26VgpzWINo=
Subject key identifier: 51:07:75:34:7E:F2:79:28:D2:F1:24:B7:0E:FD:99:F0:8C:5F:11:4D
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 63CB38B5B2298D3B932A74A2B7D6C930BEA21297
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/7da13080-67e7-4ae7-b0bb-d85b087719b7.roa
Signing time: Fri 20 Jun 2025 00:11:15 +0000
ROA not before: Fri 20 Jun 2025 00:11:15 +0000
ROA not after: Fri 25 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc7:7000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
63:cb:38:b5:b2:29:8d:3b:93:2a:74:a2:b7:d6:c9:30:be:a2:12:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Jun 20 00:11:15 2025 GMT
Not After : Jul 25 23:59:59 2025 GMT
Subject: serialNumber=f9a5a68e156053d54dd0ba1d3a36f80c9bd00f7d671a8ad30d4d75e7825ee366, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:77:1d:16:63:86:4c:6f:5c:7f:33:07:bc:2a:
43:70:51:30:ec:31:b3:26:cc:26:99:76:49:b8:23:
18:cb:4e:cb:68:27:10:34:f9:ce:45:64:7d:fd:ed:
51:6f:e2:64:87:02:39:4f:cf:f4:8b:8e:3a:f6:bc:
55:ef:50:29:3b:83:16:9d:61:9b:d9:7d:85:91:c3:
e5:fe:90:d9:29:aa:e7:a1:c2:ea:ef:94:14:6a:54:
db:18:68:91:07:2b:e2:11:32:83:33:50:97:5a:71:
fe:48:f6:e9:02:15:8f:d1:18:be:0e:6d:91:4a:77:
96:87:26:c3:9e:88:1c:f3:1e:6e:50:21:bb:da:a2:
0a:bf:01:a0:84:b9:7b:85:59:a3:08:ef:9b:91:55:
4f:dd:60:a0:72:4c:f7:fe:29:fd:5e:46:2b:18:bf:
8a:e1:1b:50:bc:53:d2:86:32:a9:5e:c9:c5:10:8b:
9a:50:9a:66:a8:45:a6:4c:38:6d:58:42:4d:77:4f:
15:cb:38:0a:9f:ef:8d:c6:3a:bf:22:58:5e:63:ad:
9f:f8:0a:c8:7b:8c:89:6a:3d:4e:e6:50:3e:5e:50:
ad:18:37:d1:30:ed:8e:b2:eb:4a:a3:43:79:c6:e7:
ad:98:11:2f:5c:37:d2:c7:c3:33:2a:08:fe:7f:1f:
db:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:07:75:34:7E:F2:79:28:D2:F1:24:B7:0E:FD:99:F0:8C:5F:11:4D
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/7da13080-67e7-4ae7-b0bb-d85b087719b7.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc7:7000::/36
Signature Algorithm: sha256WithRSAEncryption
54:d2:52:c8:9b:7c:44:7d:b2:fb:88:b5:c6:72:e3:f9:4c:f8:
1d:03:8a:61:05:6d:60:b1:31:aa:31:fb:83:6c:55:1a:a2:72:
e5:62:c3:4d:91:43:f0:37:18:13:0d:f3:88:fd:46:15:f4:41:
f6:ad:dd:ce:9e:80:2c:e4:d2:86:25:43:32:c2:25:ff:86:4b:
ef:43:fb:db:e9:0e:b2:06:2a:f7:02:29:fe:bf:dc:e6:f2:57:
74:0c:8c:1d:10:da:b6:84:cf:71:f2:1d:f0:60:a7:ce:9c:5a:
0f:7a:6f:4a:06:30:58:f7:db:b7:9b:c2:ed:7f:db:67:8e:cb:
c0:9d:3c:58:8a:09:96:26:32:24:5b:dc:02:b1:33:08:a5:0f:
e0:64:41:1b:48:b4:ca:5a:98:48:13:1a:ad:65:81:78:80:8d:
2e:79:46:41:7d:11:f3:94:23:2f:f6:f2:47:f5:63:81:b2:2d:
8f:3d:fc:7e:e7:4b:ee:32:c2:bd:3b:7a:5d:27:f1:f7:3c:fc:
01:20:94:3e:42:61:d8:1d:8a:6f:8f:c1:95:0a:f3:58:a2:3a:
72:26:ae:c1:4c:f3:ac:a3:c4:44:e3:18:cf:54:41:25:54:ff:
02:41:2a:70:1b:f7:13:b4:61:e9:46:13:57:6e:63:53:bc:3d:
be:78:98:29
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUY8s4tbIpjTuTKnSit9bJML6iEpcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA2MjAwMDExMTVaFw0yNTA3MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQGY5YTVhNjhlMTU2MDUzZDU0ZGQwYmExZDNhMzZmODBjOWJkMDBmN2Q2NzFh
OGFkMzBkNGQ3NWU3ODI1ZWUzNjYxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALV3HRZjhkxvXH8zB7wqQ3BRMOwxsybMJpl2SbgjGMtOy2gnEDT5zkVkff3t
UW/iZIcCOU/P9IuOOva8Ve9QKTuDFp1hm9l9hZHD5f6Q2Smq56HC6u+UFGpU2xho
kQcr4hEygzNQl1px/kj26QIVj9EYvg5tkUp3locmw56IHPMeblAhu9qiCr8BoIS5
e4VZowjvm5FVT91goHJM9/4p/V5GKxi/iuEbULxT0oYyqV7JxRCLmlCaZqhFpkw4
bVhCTXdPFcs4Cp/vjcY6vyJYXmOtn/gKyHuMiWo9TuZQPl5QrRg30TDtjrLrSqND
ecbnrZgRL1w30sfDMyoI/n8f25ECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRRB3U0
fvJ5KNLxJLcO/ZnwjF8RTTAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
N2RhMTMwODAtNjdlNy00YWU3LWIwYmItZDg1YjA4NzcxOWI3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCABP8dw
MA0GCSqGSIb3DQEBCwUAA4IBAQBU0lLIm3xEfbL7iLXGcuP5TPgdA4phBW1gsTGq
MfuDbFUaonLlYsNNkUPwNxgTDfOI/UYV9EH2rd3OnoAs5NKGJUMywiX/hkvvQ/vb
6Q6yBir3Ain+v9zm8ld0DIwdENq2hM9x8h3wYKfOnFoPem9KBjBY99u3m8Ltf9tn
jsvAnTxYigmWJjIkW9wCsTMIpQ/gZEEbSLTKWphIExqtZYF4gI0ueUZBfRHzlCMv
9vJH9WOBsi2PPfx+50vuMsK9O3pdJ/H3PPwBIJQ+QmHYHYpvj8GVCvNYojpyJq7B
TPOso8RE4xjPVEElVP8CQSpwG/cTtGHpRhNXbmNTvD2+eJgp
-----END CERTIFICATE-----
Generated at Sun Jun 29 03:03:20 2025 by rpki-client