Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/89c562b8-1ff3-47cb-a104-ad1da28b42d7.roa
File: 89c562b8-1ff3-47cb-a104-ad1da28b42d7.roa (raw, json)
Hash identifier: fsGKNzjWGIk9hOwC2Z2Bja0mI/uBy3CffFqVDNuL3Hg=
Subject key identifier: F2:97:F2:03:37:33:17:75:4D:1E:E4:1C:0D:3A:FE:72:BE:38:02:91
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 7747C2C77F9808409A534DD1570587441F94ABF3
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/89c562b8-1ff3-47cb-a104-ad1da28b42d7.roa
Signing time: Fri 20 Jun 2025 00:10:52 +0000
ROA not before: Fri 20 Jun 2025 00:10:52 +0000
ROA not after: Fri 25 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc7:7880::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
77:47:c2:c7:7f:98:08:40:9a:53:4d:d1:57:05:87:44:1f:94:ab:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Jun 20 00:10:52 2025 GMT
Not After : Jul 25 23:59:59 2025 GMT
Subject: serialNumber=46da4a611be15f0b2a076145b5cb0505e3b41aab0f87ded2edbdbb56122ff30f, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:99:eb:cf:09:d5:ff:a3:25:d3:f5:bd:78:40:
6f:fb:0f:37:b3:2c:65:b7:2d:44:e4:33:11:fb:6d:
43:2b:05:4b:c1:1e:0b:70:26:20:bf:38:26:1b:12:
e8:d8:cd:22:6a:43:1c:48:0d:74:ca:9e:d2:21:67:
f2:86:5b:41:f0:55:4d:fc:49:02:17:3e:06:99:d1:
64:0f:72:55:4d:9b:d5:46:37:46:7d:e5:ee:cb:54:
62:e1:92:4f:e8:5c:2e:2d:d1:f8:72:90:70:68:f3:
e2:8e:27:44:90:5f:4c:06:04:db:55:28:89:14:b8:
2f:ba:6e:64:e3:dd:de:20:88:e2:70:c7:7e:09:96:
2f:04:04:e9:8e:c3:18:04:af:78:35:79:42:30:55:
20:46:a0:83:2d:7a:ff:97:38:f2:32:a1:46:b3:4d:
15:f2:18:96:3c:0a:ac:76:6e:d2:bb:41:64:73:7d:
67:38:29:d6:d4:8e:29:1e:04:a7:2b:a0:3e:17:14:
9e:e7:90:c2:e1:cb:17:b8:89:61:1e:ea:10:b4:89:
80:f7:ab:a3:bc:60:d2:33:46:44:f5:d7:68:f3:a5:
e2:4a:cb:71:38:88:9f:ca:1a:2c:8d:1c:17:41:e6:
4f:ac:9d:e7:8e:a5:bb:10:03:db:6d:a5:50:da:be:
d2:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:97:F2:03:37:33:17:75:4D:1E:E4:1C:0D:3A:FE:72:BE:38:02:91
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/89c562b8-1ff3-47cb-a104-ad1da28b42d7.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc7:7880::/46
Signature Algorithm: sha256WithRSAEncryption
97:08:82:17:e8:1f:36:e0:9c:d9:cc:4b:5c:8f:0f:c8:19:07:
5e:c6:a5:f0:25:63:60:64:ea:ed:1a:08:d5:98:10:9d:43:69:
51:ee:8a:6a:aa:1f:4f:25:37:90:19:3a:d0:5a:33:06:2d:93:
64:7f:9f:04:07:aa:e7:f5:13:92:26:9f:34:ce:37:40:df:84:
44:0d:e6:d5:e8:9d:8a:28:76:38:ab:b4:31:99:74:f5:ee:be:
0e:71:63:d5:ce:4f:ab:fd:c1:6d:54:e2:de:a2:af:1c:8c:2a:
80:3a:fa:01:2b:2b:e7:56:27:49:ba:69:bd:17:2a:d4:d2:4b:
c1:f9:bd:28:af:93:f3:32:b0:8f:25:b9:bb:0c:1c:4c:08:55:
bf:91:a4:88:63:36:0a:b0:ba:61:a4:9a:cf:90:a0:43:c3:8e:
b3:a5:3d:48:15:6d:94:e1:8e:58:99:d1:eb:49:77:0a:de:00:
ed:b6:d4:a2:a4:56:2c:d9:f5:b1:77:d8:31:ea:97:fb:c4:f5:
53:d9:50:81:c0:54:4b:99:9c:03:fd:23:7b:85:01:2c:f5:47:
c9:aa:0f:a6:0a:56:6a:29:75:05:82:41:e4:97:f8:d6:f8:46:
d5:81:8a:77:8b:25:e8:3a:b0:99:c0:c2:d7:bd:2d:ba:7e:87:
dc:00:3e:b8
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUd0fCx3+YCECaU03RVwWHRB+Uq/MwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA2MjAwMDEwNTJaFw0yNTA3MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDQ2ZGE0YTYxMWJlMTVmMGIyYTA3NjE0NWI1Y2IwNTA1ZTNiNDFhYWIwZjg3
ZGVkMmVkYmRiYjU2MTIyZmYzMGYxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALSZ688J1f+jJdP1vXhAb/sPN7MsZbctROQzEfttQysFS8EeC3AmIL84JhsS
6NjNImpDHEgNdMqe0iFn8oZbQfBVTfxJAhc+BpnRZA9yVU2b1UY3Rn3l7stUYuGS
T+hcLi3R+HKQcGjz4o4nRJBfTAYE21UoiRS4L7puZOPd3iCI4nDHfgmWLwQE6Y7D
GASveDV5QjBVIEaggy16/5c48jKhRrNNFfIYljwKrHZu0rtBZHN9Zzgp1tSOKR4E
pyugPhcUnueQwuHLF7iJYR7qELSJgPero7xg0jNGRPXXaPOl4krLcTiIn8oaLI0c
F0HmT6yd546luxAD222lUNq+0m8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTyl/ID
NzMXdU0e5BwNOv5yvjgCkTAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
ODljNTYyYjgtMWZmMy00N2NiLWExMDQtYWQxZGEyOGI0MmQ3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAiABP8d4
gDANBgkqhkiG9w0BAQsFAAOCAQEAlwiCF+gfNuCc2cxLXI8PyBkHXsal8CVjYGTq
7RoI1ZgQnUNpUe6KaqofTyU3kBk60FozBi2TZH+fBAeq5/UTkiafNM43QN+ERA3m
1eidiih2OKu0MZl09e6+DnFj1c5Pq/3BbVTi3qKvHIwqgDr6ASsr51YnSbppvRcq
1NJLwfm9KK+T8zKwjyW5uwwcTAhVv5GkiGM2CrC6YaSaz5CgQ8OOs6U9SBVtlOGO
WJnR60l3Ct4A7bbUoqRWLNn1sXfYMeqX+8T1U9lQgcBUS5mcA/0je4UBLPVHyaoP
pgpWail1BYJB5Jf41vhG1YGKd4sl6DqwmcDC170tun6H3AA+uA==
-----END CERTIFICATE-----
Generated at Sun Jun 29 02:40:23 2025 by rpki-client