Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/9195a704-de86-4692-95c9-30d458a106d5.roa
File: 9195a704-de86-4692-95c9-30d458a106d5.roa (raw, json)
Hash identifier: acCW7OrIbaDFh4OLTOz5IuSiDqJhRc7VKWLR48cPVtQ=
Subject key identifier: A8:7B:0C:97:D6:BC:62:80:CA:61:F5:A7:D0:CD:8F:F1:EA:C4:2F:23
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 1BC4C379CFD028110B880BABF9C5BF8E0BF01135
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/9195a704-de86-4692-95c9-30d458a106d5.roa
Signing time: Fri 20 Jun 2025 00:20:53 +0000
ROA not before: Fri 20 Jun 2025 00:20:53 +0000
ROA not after: Fri 25 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc1:8000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1b:c4:c3:79:cf:d0:28:11:0b:88:0b:ab:f9:c5:bf:8e:0b:f0:11:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Jun 20 00:20:53 2025 GMT
Not After : Jul 25 23:59:59 2025 GMT
Subject: serialNumber=c01cd75b0d5028fcf71c48c8fb04eaaedfaa5dbb506d1f4246ddde9e40ac7975, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:32:07:cc:9c:65:5b:f2:3d:be:4c:d7:79:e1:
67:6a:6d:67:56:f3:13:5e:53:a0:56:3b:9f:a9:a9:
80:b7:bd:01:89:ce:78:db:0c:87:7c:a9:a5:ff:16:
0b:45:f8:ac:c4:bb:e1:b9:56:cb:c1:d6:31:94:89:
28:0c:8f:f6:d0:d8:51:49:f8:72:0e:29:34:e2:98:
7b:31:00:16:8d:ae:04:ec:c1:b5:77:35:ff:a4:da:
72:89:6f:a4:cb:8b:5d:c1:b3:1a:4f:a2:d5:ac:d6:
c2:66:e0:af:43:2d:26:f3:1f:e9:9e:b3:db:19:f3:
4e:aa:86:60:04:fb:ce:91:24:a8:20:7c:fc:db:9d:
50:c9:ed:8a:e6:74:82:b5:9e:fe:39:d5:f3:b9:47:
e1:1b:ca:4b:e2:c8:a8:fa:1b:b9:15:88:0c:e3:98:
e6:e3:1a:5f:35:a4:7d:06:f4:64:cb:2e:3b:94:27:
39:b3:8b:61:9e:1e:66:f9:fd:6a:1a:27:b6:d7:b8:
a1:19:29:15:01:bf:c4:09:b9:9f:e3:21:81:2c:55:
29:02:ad:24:41:a3:98:39:80:e2:59:5f:4b:d2:fe:
5a:a0:26:7e:50:18:34:c5:92:88:07:ef:a6:8b:e3:
35:48:09:64:05:15:39:32:7f:6b:3a:ce:88:33:fb:
93:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:7B:0C:97:D6:BC:62:80:CA:61:F5:A7:D0:CD:8F:F1:EA:C4:2F:23
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/9195a704-de86-4692-95c9-30d458a106d5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc1:8000::/36
Signature Algorithm: sha256WithRSAEncryption
a9:2b:f5:2f:8d:4e:14:c7:f7:55:fc:dd:9c:37:99:32:6c:80:
62:37:55:37:a0:0f:5b:c2:2e:40:57:fe:44:79:e1:c3:75:f1:
f6:28:88:1b:cb:cb:06:8d:3e:4b:c5:cf:e3:c0:68:77:e4:33:
52:d1:07:49:82:49:59:26:e6:e0:ee:32:10:58:95:03:f5:3e:
53:89:24:79:b6:22:bd:f1:c0:c2:ff:00:fd:3b:05:67:9d:32:
e7:63:ce:e1:e3:5e:6d:aa:48:cf:2d:bb:63:f6:64:06:8e:58:
43:83:8a:8a:9f:79:8d:1a:8e:07:dd:8c:03:35:91:27:4e:d8:
64:18:69:5d:dc:4d:19:bf:b6:5c:2b:11:1b:76:7a:1b:8f:df:
a0:70:e6:8b:cb:60:00:58:dd:92:7d:ab:32:cc:7f:c2:79:a7:
a2:b7:4a:7d:4e:59:36:34:92:b2:89:3c:a1:1a:d1:a8:68:7f:
d9:a0:09:c8:1b:d6:b0:f8:c0:26:c7:44:11:fa:49:a8:6c:7a:
bc:9b:5a:5f:df:06:1c:ad:ef:d2:93:7f:c7:9f:b7:d3:89:6a:
29:88:4b:4b:8a:0d:9a:e2:09:5f:df:4d:04:98:30:db:2f:49:
81:a7:36:12:e3:41:b8:3b:65:b2:d1:d5:cb:e5:84:91:dd:b8:
28:f6:b4:ad
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUG8TDec/QKBELiAur+cW/jgvwETUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA2MjAwMDIwNTNaFw0yNTA3MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQGMwMWNkNzViMGQ1MDI4ZmNmNzFjNDhjOGZiMDRlYWFlZGZhYTVkYmI1MDZk
MWY0MjQ2ZGRkZTllNDBhYzc5NzUxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALYyB8ycZVvyPb5M13nhZ2ptZ1bzE15ToFY7n6mpgLe9AYnOeNsMh3yppf8W
C0X4rMS74blWy8HWMZSJKAyP9tDYUUn4cg4pNOKYezEAFo2uBOzBtXc1/6Tacolv
pMuLXcGzGk+i1azWwmbgr0MtJvMf6Z6z2xnzTqqGYAT7zpEkqCB8/NudUMntiuZ0
grWe/jnV87lH4RvKS+LIqPobuRWIDOOY5uMaXzWkfQb0ZMsuO5QnObOLYZ4eZvn9
ahontte4oRkpFQG/xAm5n+MhgSxVKQKtJEGjmDmA4llfS9L+WqAmflAYNMWSiAfv
povjNUgJZAUVOTJ/azrOiDP7k70CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSoewyX
1rxigMph9afQzY/x6sQvIzAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
OTE5NWE3MDQtZGU4Ni00NjkyLTk1YzktMzBkNDU4YTEwNmQ1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCABP8GA
MA0GCSqGSIb3DQEBCwUAA4IBAQCpK/UvjU4Ux/dV/N2cN5kybIBiN1U3oA9bwi5A
V/5EeeHDdfH2KIgby8sGjT5Lxc/jwGh35DNS0QdJgklZJubg7jIQWJUD9T5TiSR5
tiK98cDC/wD9OwVnnTLnY87h415tqkjPLbtj9mQGjlhDg4qKn3mNGo4H3YwDNZEn
TthkGGld3E0Zv7ZcKxEbdnobj9+gcOaLy2AAWN2SfasyzH/Ceaeit0p9Tlk2NJKy
iTyhGtGoaH/ZoAnIG9aw+MAmx0QR+kmobHq8m1pf3wYcre/Sk3/Hn7fTiWopiEtL
ig2a4glf300EmDDbL0mBpzYS40G4O2Wy0dXL5YSR3bgo9rSt
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:47:50 2025 by rpki-client