Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/a027acd6-b75f-42ce-9bfb-ac426d92b141.roa
File: a027acd6-b75f-42ce-9bfb-ac426d92b141.roa (raw, json)
Hash identifier: a0z5j1Fl5TvP0B/2IB4ApFDS/Tq8MhBeW1c+DuzCfM4=
Subject key identifier: 62:87:F8:30:3F:DB:85:9D:E2:5D:7F:1F:A8:97:B1:60:68:1B:22:E8
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 17252A878D010145D08531D7723962A8B12147F0
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/a027acd6-b75f-42ce-9bfb-ac426d92b141.roa
Signing time: Fri 20 Jun 2025 00:20:05 +0000
ROA not before: Fri 20 Jun 2025 00:20:05 +0000
ROA not after: Fri 25 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc3:4000::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
17:25:2a:87:8d:01:01:45:d0:85:31:d7:72:39:62:a8:b1:21:47:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Jun 20 00:20:05 2025 GMT
Not After : Jul 25 23:59:59 2025 GMT
Subject: serialNumber=9082955a1d4f2f1877208400da0da89fbdc03b086618e7dc82e0bb4def0dc540, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:7d:1f:38:27:35:85:af:ff:3d:14:9b:8d:99:
a6:f0:c6:0f:70:b2:48:f2:fe:b3:ec:72:50:46:8c:
35:05:42:95:35:bc:ba:85:64:0f:00:0f:fe:ad:dc:
4a:7c:43:79:e6:82:61:2f:1f:ba:9a:3b:00:dd:77:
33:05:5a:15:4d:68:57:f1:2a:4e:ec:86:a0:55:2e:
cc:54:ed:f7:a8:56:b6:7b:c5:5e:a6:52:fa:9d:af:
1b:e7:97:31:ce:4b:0d:6f:ad:4b:9b:9b:15:06:d3:
91:94:b4:79:68:2e:1e:eb:19:ea:3b:e9:c8:48:0c:
34:96:ce:3a:b5:71:c1:14:c9:d2:f0:7c:d2:f1:3d:
0b:d0:45:eb:b8:89:aa:6a:2c:0c:d8:b0:f3:cf:44:
9a:67:91:a2:5b:24:b4:ea:e9:dd:11:92:08:a8:5d:
5d:19:01:ea:f0:eb:a0:ab:1d:2d:34:27:6e:06:f7:
d6:92:7c:2d:6d:fe:31:67:98:a0:da:71:d7:21:f1:
82:63:87:3f:21:b8:96:81:ee:36:64:5b:2e:a2:cb:
ce:ff:5e:ef:9c:7a:b1:2a:fd:7a:8d:0f:b2:9c:39:
e9:ce:3b:16:d1:5e:af:d2:31:3b:a2:d9:32:8f:55:
e4:48:d2:2d:62:07:ce:31:83:ba:5d:09:41:65:dd:
33:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:87:F8:30:3F:DB:85:9D:E2:5D:7F:1F:A8:97:B1:60:68:1B:22:E8
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/a027acd6-b75f-42ce-9bfb-ac426d92b141.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc3:4000::/36
Signature Algorithm: sha256WithRSAEncryption
6f:d3:6d:40:58:d1:0a:9d:95:f3:ed:8b:6a:75:71:65:a7:e8:
08:71:b2:8a:dc:0f:63:f9:8d:1d:a1:1b:de:eb:3b:88:f8:5d:
b7:6d:5c:55:09:30:60:22:41:50:58:ac:02:c0:c7:5a:ec:00:
b4:9d:f4:9e:7f:f9:f2:7a:87:f1:a4:48:3a:06:82:d0:f6:b2:
1d:03:e5:92:18:16:2f:98:6f:07:d5:63:e9:97:f1:db:6b:09:
cc:2a:6a:c6:fe:ad:2e:56:6e:b6:e3:42:f6:99:a7:67:54:4b:
e3:e4:d5:45:a5:9c:c0:c2:0b:9f:3b:39:42:34:5f:72:da:2e:
17:98:2e:f3:5e:c8:b5:1c:ab:af:33:34:04:4b:b1:63:f1:11:
18:35:42:76:5b:08:07:73:5e:33:17:ef:56:43:c6:1f:60:34:
45:43:75:19:80:62:8b:89:ec:86:82:68:8a:f8:b8:4f:af:dc:
b4:dc:06:52:de:79:aa:99:af:34:d1:44:81:4f:d1:7a:73:0a:
c0:27:0d:5b:7f:1b:2f:42:8f:4a:32:80:72:a5:3f:57:09:fd:
c8:86:8b:e0:0f:2d:bd:f0:73:8f:35:a2:fa:b4:a1:ea:e1:b4:
3c:d4:ae:f9:dc:36:69:d7:cd:94:d4:c8:f7:56:22:ca:ac:72:
be:a4:e7:64
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUFyUqh40BAUXQhTHXcjliqLEhR/AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA2MjAwMDIwMDVaFw0yNTA3MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDkwODI5NTVhMWQ0ZjJmMTg3NzIwODQwMGRhMGRhODlmYmRjMDNiMDg2NjE4
ZTdkYzgyZTBiYjRkZWYwZGM1NDAxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJt9HzgnNYWv/z0Um42ZpvDGD3CySPL+s+xyUEaMNQVClTW8uoVkDwAP/q3c
SnxDeeaCYS8fupo7AN13MwVaFU1oV/EqTuyGoFUuzFTt96hWtnvFXqZS+p2vG+eX
Mc5LDW+tS5ubFQbTkZS0eWguHusZ6jvpyEgMNJbOOrVxwRTJ0vB80vE9C9BF67iJ
qmosDNiw889EmmeRolsktOrp3RGSCKhdXRkB6vDroKsdLTQnbgb31pJ8LW3+MWeY
oNpx1yHxgmOHPyG4loHuNmRbLqLLzv9e75x6sSr9eo0Pspw56c47FtFer9IxO6LZ
Mo9V5EjSLWIHzjGDul0JQWXdM+UCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRih/gw
P9uFneJdfx+ol7FgaBsi6DAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
YTAyN2FjZDYtYjc1Zi00MmNlLTliZmItYWM0MjZkOTJiMTQxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCABP8NA
MA0GCSqGSIb3DQEBCwUAA4IBAQBv021AWNEKnZXz7YtqdXFlp+gIcbKK3A9j+Y0d
oRve6zuI+F23bVxVCTBgIkFQWKwCwMda7AC0nfSef/nyeofxpEg6BoLQ9rIdA+WS
GBYvmG8H1WPpl/HbawnMKmrG/q0uVm6240L2madnVEvj5NVFpZzAwgufOzlCNF9y
2i4XmC7zXsi1HKuvMzQES7Fj8REYNUJ2WwgHc14zF+9WQ8YfYDRFQ3UZgGKLieyG
gmiK+LhPr9y03AZS3nmqma800USBT9F6cwrAJw1bfxsvQo9KMoBypT9XCf3Ihovg
Dy298HOPNaL6tKHq4bQ81K753DZp182U1Mj3ViLKrHK+pOdk
-----END CERTIFICATE-----
Generated at Sun Jun 29 02:56:36 2025 by rpki-client