Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/874d8aa0-85dd-4eab-a13b-64fd443394da.roa
File: 874d8aa0-85dd-4eab-a13b-64fd443394da.roa (raw, json)
Hash identifier: /w6KFgJJLcQaseutB5n0m5VEOwPzSnUOgTh16gVX2Q0=
Subject key identifier: D6:A0:8D:68:CE:3D:58:6F:78:EC:3C:BA:1D:DD:43:BE:A3:03:C7:58
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 3971040433C6696EBDA5A67EFE1B2A3D98146251
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/874d8aa0-85dd-4eab-a13b-64fd443394da.roa
Signing time: Fri 20 Jun 2025 00:11:19 +0000
ROA not before: Fri 20 Jun 2025 00:11:19 +0000
ROA not after: Fri 25 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc3:5800::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
39:71:04:04:33:c6:69:6e:bd:a5:a6:7e:fe:1b:2a:3d:98:14:62:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Jun 20 00:11:19 2025 GMT
Not After : Jul 25 23:59:59 2025 GMT
Subject: serialNumber=e26a682a7b3cb256949abe521cd42c8f6aad0f67b211f6fe61856e8b2ad7e1eb, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:c3:43:50:b1:11:29:89:00:6c:a7:d6:7c:ca:
19:1f:c2:49:41:01:5e:78:90:d6:21:e8:63:88:c6:
b3:8d:94:5d:77:43:5a:0e:c9:4b:5c:83:ab:51:b1:
cc:22:6a:98:52:95:2b:45:2c:65:ed:71:f8:3b:85:
bf:01:0c:c6:05:0d:7e:4a:c7:5a:4c:fb:22:c0:0f:
a0:55:a7:b6:f9:be:b6:6b:50:4d:3d:a3:9e:61:fa:
f0:0f:a2:04:a7:a1:4b:42:68:70:a9:12:58:05:35:
b1:f6:d1:aa:3e:45:89:fc:fc:bd:a5:f4:3d:45:62:
01:3d:f5:6d:ff:26:56:96:21:ed:d2:2d:3d:bd:3f:
3a:99:ee:12:f7:ba:fc:58:16:ee:62:05:d8:de:0a:
8c:42:2b:76:33:4e:45:08:2b:72:bb:40:83:0e:78:
99:c4:45:f5:42:89:f7:71:01:98:31:8a:3c:2a:d5:
e1:45:39:83:7d:7f:1c:df:10:aa:46:d5:f8:2c:1a:
96:ed:81:da:aa:6e:67:8f:5c:1d:4c:d9:a3:db:21:
b1:f9:5e:96:e7:e4:1f:1a:4c:29:62:4b:ef:07:88:
4d:8f:03:94:79:01:8c:01:a7:9b:de:1b:f6:e2:04:
07:1c:c9:96:bf:0b:49:be:19:56:7f:a8:f8:e3:7e:
c9:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:A0:8D:68:CE:3D:58:6F:78:EC:3C:BA:1D:DD:43:BE:A3:03:C7:58
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/874d8aa0-85dd-4eab-a13b-64fd443394da.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc3:5800::/40
Signature Algorithm: sha256WithRSAEncryption
aa:4f:2f:3f:c6:9a:b9:a5:4b:11:7f:65:ed:37:06:43:3e:9e:
d1:9b:bc:d1:04:ef:9d:4d:07:81:1a:e3:65:3f:2b:00:7d:88:
67:8e:d1:34:12:c5:e3:9d:7a:90:05:2b:a5:6d:0d:e7:1c:a4:
4a:48:65:12:69:33:32:a1:0d:c0:7e:58:16:62:e6:f4:0e:4b:
93:87:30:e5:f2:e0:2a:5f:13:07:fd:83:c2:de:13:28:e4:23:
fb:87:6c:b4:ee:d4:3e:a7:f0:59:b0:aa:f5:b9:67:3d:2c:2e:
d9:5b:84:d1:d7:d5:1a:ee:32:01:e4:1d:07:68:d4:ce:0e:02:
03:07:eb:07:0f:38:fc:58:4d:2f:ef:17:6d:38:af:2b:d6:ea:
36:96:99:e2:c7:c3:51:68:68:e0:21:e7:7a:b6:d1:63:3d:24:
c6:50:58:a3:50:59:32:61:9a:61:6a:2a:84:fb:07:3d:2d:f5:
0b:8d:11:19:c5:42:ca:56:12:f3:79:06:3a:cf:92:14:33:08:
df:2f:76:69:6b:a0:ba:1f:43:78:b3:06:5d:28:bf:e5:80:07:
b2:de:67:63:27:c0:2d:d4:85:b7:96:b7:56:69:8f:0c:9a:bf:
8a:d6:ee:d3:7d:63:0e:9e:a2:ec:55:57:c9:a8:81:fb:41:a1:
5c:5c:ea:6d
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUOXEEBDPGaW69paZ+/hsqPZgUYlEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA2MjAwMDExMTlaFw0yNTA3MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQGUyNmE2ODJhN2IzY2IyNTY5NDlhYmU1MjFjZDQyYzhmNmFhZDBmNjdiMjEx
ZjZmZTYxODU2ZThiMmFkN2UxZWIxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMnDQ1CxESmJAGyn1nzKGR/CSUEBXniQ1iHoY4jGs42UXXdDWg7JS1yDq1Gx
zCJqmFKVK0UsZe1x+DuFvwEMxgUNfkrHWkz7IsAPoFWntvm+tmtQTT2jnmH68A+i
BKehS0JocKkSWAU1sfbRqj5Fifz8vaX0PUViAT31bf8mVpYh7dItPb0/OpnuEve6
/FgW7mIF2N4KjEIrdjNORQgrcrtAgw54mcRF9UKJ93EBmDGKPCrV4UU5g31/HN8Q
qkbV+Cwalu2B2qpuZ49cHUzZo9shsflelufkHxpMKWJL7weITY8DlHkBjAGnm94b
9uIEBxzJlr8LSb4ZVn+o+ON+ySECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTWoI1o
zj1Yb3jsPLod3UO+owPHWDAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
ODc0ZDhhYTAtODVkZC00ZWFiLWExM2ItNjRmZDQ0MzM5NGRhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACABP8NY
MA0GCSqGSIb3DQEBCwUAA4IBAQCqTy8/xpq5pUsRf2XtNwZDPp7Rm7zRBO+dTQeB
GuNlPysAfYhnjtE0EsXjnXqQBSulbQ3nHKRKSGUSaTMyoQ3AflgWYub0DkuThzDl
8uAqXxMH/YPC3hMo5CP7h2y07tQ+p/BZsKr1uWc9LC7ZW4TR19Ua7jIB5B0HaNTO
DgIDB+sHDzj8WE0v7xdtOK8r1uo2lpnix8NRaGjgIed6ttFjPSTGUFijUFkyYZph
aiqE+wc9LfULjREZxULKVhLzeQY6z5IUMwjfL3Zpa6C6H0N4swZdKL/lgAey3mdj
J8At1IW3lrdWaY8Mmr+K1u7TfWMOnqLsVVfJqIH7QaFcXOpt
-----END CERTIFICATE-----
Generated at Sun Jun 29 03:08:36 2025 by rpki-client