Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/8d33474a-7193-4fb1-90e2-82106a40b461.roa
File: 8d33474a-7193-4fb1-90e2-82106a40b461.roa (raw, json)
Hash identifier: cIcW3uJGnr5hhwSoaFjaczAUhQfFagw4qyWK9yiEXK0=
Subject key identifier: 23:B2:CB:3B:67:13:27:C0:01:D9:17:ED:23:39:B4:BF:4A:CD:DA:E8
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 5BA129A5024C9E74BC8A2BF0B316A415C2DCD351
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/8d33474a-7193-4fb1-90e2-82106a40b461.roa
Signing time: Fri 20 Jun 2025 00:20:26 +0000
ROA not before: Fri 20 Jun 2025 00:20:26 +0000
ROA not after: Fri 25 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc3:2800::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5b:a1:29:a5:02:4c:9e:74:bc:8a:2b:f0:b3:16:a4:15:c2:dc:d3:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Jun 20 00:20:26 2025 GMT
Not After : Jul 25 23:59:59 2025 GMT
Subject: serialNumber=76502bcbab6e24d2af905e0035a0a4755c72b21bfc04fd222ae10bca456daf61, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:08:85:ef:65:a1:9e:af:71:06:4f:cb:94:15:
7b:85:e5:5d:61:3e:2a:3a:d2:1c:61:98:97:84:32:
ab:a3:6b:f7:e5:01:5f:30:ac:b0:39:ea:78:95:8f:
55:4e:2d:73:dd:f3:99:07:ad:20:a3:3a:fe:22:16:
ff:8c:87:35:0b:0a:61:c8:30:6a:05:9f:44:0c:98:
f1:a7:ad:fc:05:92:dc:09:78:ec:25:c8:31:d7:97:
fe:55:45:5f:0e:d7:7c:96:02:0c:ae:ae:4f:91:11:
34:14:2f:65:65:b5:b9:c6:68:45:80:60:04:4d:52:
fb:b4:1c:23:11:40:a1:e0:49:08:37:fc:bb:d5:92:
03:40:24:b0:8d:a7:1a:12:99:a7:7b:8f:51:45:0e:
32:92:3d:48:f5:e3:25:d9:2a:c5:6a:e2:41:16:32:
e7:54:95:f2:39:57:98:0d:8d:cb:3a:1e:7e:d7:f4:
cd:d3:3c:cd:de:9c:0d:0b:09:85:b5:13:c6:cc:fa:
4f:e5:69:e2:79:b4:a0:87:4c:4a:c6:aa:92:53:6d:
ea:f9:31:ca:e1:3a:fc:d8:82:02:f0:9f:46:69:07:
95:ae:72:7a:50:96:44:64:4d:fd:92:f7:3a:ab:f9:
4b:34:9c:3f:5e:8f:39:7f:65:80:fa:22:77:1e:db:
ca:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:B2:CB:3B:67:13:27:C0:01:D9:17:ED:23:39:B4:BF:4A:CD:DA:E8
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/8d33474a-7193-4fb1-90e2-82106a40b461.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc3:2800::/40
Signature Algorithm: sha256WithRSAEncryption
2d:53:6b:81:c4:26:d9:fb:bd:4e:81:b6:c3:f5:8d:60:ad:87:
7e:70:3b:4f:f7:43:06:a7:3e:46:10:f1:d1:d5:e5:6e:94:95:
8f:7e:e2:dd:b2:01:77:81:45:3d:dc:b6:15:46:5d:91:e1:a4:
ec:44:b3:12:50:91:75:d8:3e:8f:5b:05:85:e0:d9:3a:98:91:
06:da:02:12:e6:52:ac:13:6b:3a:d2:4c:5f:91:bf:59:20:36:
76:27:51:da:2a:27:69:4b:77:27:45:f0:56:f3:89:a6:21:e0:
9a:30:44:e2:cc:6f:66:f4:7f:74:80:e2:d8:bb:90:aa:d5:fa:
a3:6f:44:e2:a9:28:3c:0d:2a:9d:eb:9e:15:af:2c:79:07:f5:
3a:d0:29:f0:85:da:dc:a9:8f:1b:ef:98:f1:72:96:de:95:10:
c2:9c:46:3f:c7:aa:c7:d1:05:e4:11:53:f1:22:de:39:e0:3a:
31:8d:60:5c:f9:21:80:b7:f9:ad:8f:50:e4:bd:46:d3:17:7a:
48:27:65:1c:02:88:b3:7e:86:00:82:af:20:8c:5c:69:0a:2c:
8a:2c:33:d9:d4:0d:fd:60:45:7f:12:41:9c:1a:d5:41:2c:cc:
56:48:91:c7:78:04:65:4b:e9:d7:49:b4:79:59:31:f4:30:81:
53:15:a8:bb
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUW6EppQJMnnS8iivwsxakFcLc01EwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA2MjAwMDIwMjZaFw0yNTA3MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDc2NTAyYmNiYWI2ZTI0ZDJhZjkwNWUwMDM1YTBhNDc1NWM3MmIyMWJmYzA0
ZmQyMjJhZTEwYmNhNDU2ZGFmNjExLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ0Ihe9loZ6vcQZPy5QVe4XlXWE+KjrSHGGYl4Qyq6Nr9+UBXzCssDnqeJWP
VU4tc93zmQetIKM6/iIW/4yHNQsKYcgwagWfRAyY8aet/AWS3Al47CXIMdeX/lVF
Xw7XfJYCDK6uT5ERNBQvZWW1ucZoRYBgBE1S+7QcIxFAoeBJCDf8u9WSA0AksI2n
GhKZp3uPUUUOMpI9SPXjJdkqxWriQRYy51SV8jlXmA2Nyzoeftf0zdM8zd6cDQsJ
hbUTxsz6T+Vp4nm0oIdMSsaqklNt6vkxyuE6/NiCAvCfRmkHla5yelCWRGRN/ZL3
Oqv5SzScP16POX9lgPoidx7byjcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQjsss7
ZxMnwAHZF+0jObS/Ss3a6DAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
OGQzMzQ3NGEtNzE5My00ZmIxLTkwZTItODIxMDZhNDBiNDYxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACABP8Mo
MA0GCSqGSIb3DQEBCwUAA4IBAQAtU2uBxCbZ+71OgbbD9Y1grYd+cDtP90MGpz5G
EPHR1eVulJWPfuLdsgF3gUU93LYVRl2R4aTsRLMSUJF12D6PWwWF4Nk6mJEG2gIS
5lKsE2s60kxfkb9ZIDZ2J1HaKidpS3cnRfBW84mmIeCaMETizG9m9H90gOLYu5Cq
1fqjb0TiqSg8DSqd654Vryx5B/U60CnwhdrcqY8b75jxcpbelRDCnEY/x6rH0QXk
EVPxIt454DoxjWBc+SGAt/mtj1DkvUbTF3pIJ2UcAoizfoYAgq8gjFxpCiyKLDPZ
1A39YEV/EkGcGtVBLMxWSJHHeARlS+nXSbR5WTH0MIFTFai7
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:22:41 2025 by rpki-client