Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/9623dcba-6a97-4717-ac77-dd16d3c33f78.roa
File: 9623dcba-6a97-4717-ac77-dd16d3c33f78.roa (raw, json)
Hash identifier: VsVbGPT7baM3UK1vLqkAOR7cdgVTxpzdhu+6l16eV1M=
Subject key identifier: C6:5B:E5:B2:0F:75:89:00:1A:5F:93:C6:20:48:17:C9:50:75:1A:37
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 56CF023883E16EE62F765AA715C0CA168E0D21FC
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/9623dcba-6a97-4717-ac77-dd16d3c33f78.roa
Signing time: Fri 20 Jun 2025 00:21:04 +0000
ROA not before: Fri 20 Jun 2025 00:21:04 +0000
ROA not after: Fri 25 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc5::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
56:cf:02:38:83:e1:6e:e6:2f:76:5a:a7:15:c0:ca:16:8e:0d:21:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Jun 20 00:21:04 2025 GMT
Not After : Jul 25 23:59:59 2025 GMT
Subject: serialNumber=ed1725b601890950546daa3693f8f9819cbbb7bba13d50926e46de1b00a3a7c5, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:99:17:b6:c5:c2:ca:e0:79:07:c7:52:4b:58:
44:d2:fe:01:d9:12:56:fc:9a:e1:cb:05:5d:19:9a:
d9:00:ad:3e:43:25:db:03:91:25:e0:54:bd:cd:4f:
0a:d4:20:4d:4a:22:2d:d2:ef:5b:f4:07:e2:de:70:
25:44:e7:ce:0c:bb:5e:9b:0e:e3:2c:6f:08:56:d1:
1e:91:16:17:dc:a4:32:ba:bd:2e:9c:9a:48:cd:49:
3b:23:99:e1:45:39:2d:0c:6f:e2:68:3e:3e:03:53:
80:b2:79:40:0b:81:f3:63:2f:fc:1e:56:11:42:14:
eb:61:bc:51:9c:30:b9:2a:9c:20:87:c4:a2:57:0a:
47:87:09:6d:12:15:8a:be:5c:08:42:d3:f4:46:bc:
12:da:83:c0:2a:a6:3b:d9:bb:32:45:ef:ab:f7:29:
05:60:c7:9b:2b:ce:24:4e:b3:91:ae:44:d1:55:86:
82:5c:40:2d:f3:99:b9:30:ad:10:2e:f1:94:d8:0a:
3c:15:7e:ac:36:28:c3:31:79:35:eb:33:d0:91:f8:
8e:e2:bd:10:c2:5d:91:46:f6:00:2d:f1:a0:4f:cc:
ca:c6:d3:14:7b:a8:c4:aa:e4:93:5c:8b:3b:5b:94:
f8:24:e3:a5:ec:dc:5b:30:12:3e:10:44:be:98:73:
d6:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:5B:E5:B2:0F:75:89:00:1A:5F:93:C6:20:48:17:C9:50:75:1A:37
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/9623dcba-6a97-4717-ac77-dd16d3c33f78.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc5::/36
Signature Algorithm: sha256WithRSAEncryption
30:1b:6e:ca:a9:1b:a4:d7:79:92:3c:7b:9f:01:a1:35:b3:4d:
36:f3:c6:e3:00:02:56:0f:35:41:b8:4e:c0:d4:e4:06:b3:7f:
a0:99:cc:7b:3f:4e:84:96:f8:3e:5c:57:fc:b8:60:4e:bb:71:
7f:9e:ed:b1:7f:20:6b:d0:df:2d:df:b6:1a:71:7e:1c:96:92:
91:2d:eb:58:68:4e:4a:a3:10:1c:c3:9e:28:32:8b:fd:f1:b9:
2e:97:98:c0:ff:72:ab:92:56:d7:27:51:e8:58:c9:cb:db:9b:
ee:40:8f:57:77:63:6e:0e:9f:69:6f:9e:41:e1:80:6f:14:b4:
25:fc:3c:c8:fb:2f:a0:fa:22:54:ef:52:2d:ca:e8:a5:b8:61:
4d:3c:98:a8:39:dd:97:bd:cc:9e:06:f4:1c:65:7e:e9:59:3b:
71:cc:bf:04:9f:d5:bd:db:06:b4:91:fa:3a:12:4d:54:8e:b5:
40:13:b3:ff:fe:a1:64:03:2d:24:b0:18:d8:69:fd:e6:70:38:
d3:9d:f5:5e:5b:aa:7e:61:03:35:06:41:ca:42:18:f3:8a:1b:
cd:96:30:63:4f:59:6d:d8:bc:46:7c:b8:3b:b6:3f:eb:4f:60:
54:b3:7b:18:04:42:fd:9b:82:dc:14:8c:b6:ca:4e:c7:63:c2:
c3:21:d8:8c
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUVs8COIPhbuYvdlqnFcDKFo4NIfwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA2MjAwMDIxMDRaFw0yNTA3MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQGVkMTcyNWI2MDE4OTA5NTA1NDZkYWEzNjkzZjhmOTgxOWNiYmI3YmJhMTNk
NTA5MjZlNDZkZTFiMDBhM2E3YzUxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKSZF7bFwsrgeQfHUktYRNL+AdkSVvya4csFXRma2QCtPkMl2wORJeBUvc1P
CtQgTUoiLdLvW/QH4t5wJUTnzgy7XpsO4yxvCFbRHpEWF9ykMrq9LpyaSM1JOyOZ
4UU5LQxv4mg+PgNTgLJ5QAuB82Mv/B5WEUIU62G8UZwwuSqcIIfEolcKR4cJbRIV
ir5cCELT9Ea8EtqDwCqmO9m7MkXvq/cpBWDHmyvOJE6zka5E0VWGglxALfOZuTCt
EC7xlNgKPBV+rDYowzF5Nesz0JH4juK9EMJdkUb2AC3xoE/MysbTFHuoxKrkk1yL
O1uU+CTjpezcWzASPhBEvphz1i0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTGW+Wy
D3WJABpfk8YgSBfJUHUaNzAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
OTYyM2RjYmEtNmE5Ny00NzE3LWFjNzctZGQxNmQzYzMzZjc4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCABP8UA
MA0GCSqGSIb3DQEBCwUAA4IBAQAwG27KqRuk13mSPHufAaE1s00288bjAAJWDzVB
uE7A1OQGs3+gmcx7P06Elvg+XFf8uGBOu3F/nu2xfyBr0N8t37YacX4clpKRLetY
aE5KoxAcw54oMov98bkul5jA/3KrklbXJ1HoWMnL25vuQI9Xd2NuDp9pb55B4YBv
FLQl/DzI+y+g+iJU71ItyuiluGFNPJioOd2XvcyeBvQcZX7pWTtxzL8En9W92wa0
kfo6Ek1UjrVAE7P//qFkAy0ksBjYaf3mcDjTnfVeW6p+YQM1BkHKQhjzihvNljBj
T1lt2LxGfLg7tj/rT2BUs3sYBEL9m4LcFIy2yk7HY8LDIdiM
-----END CERTIFICATE-----
Generated at Sun Jun 29 03:18:53 2025 by rpki-client