Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/a027acd6-b75f-42ce-9bfb-ac426d92b141.roa
File: a027acd6-b75f-42ce-9bfb-ac426d92b141.roa (raw, json)
Hash identifier: 4rDqLF3QDU9459i4GqRhql9gCIB8Yb+E6TSgK7iMbOs=
Subject key identifier: F3:3C:4C:3B:F6:4C:15:0D:2A:88:ED:31:BE:EA:A9:01:4A:1C:5E:C6
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 0D2AB465359C1B2110B084F1D313A0CF38830193
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/a027acd6-b75f-42ce-9bfb-ac426d92b141.roa
Signing time: Sat 09 Aug 2025 00:30:07 +0000
ROA not before: Sat 09 Aug 2025 00:30:07 +0000
ROA not after: Sat 13 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc3:4000::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0d:2a:b4:65:35:9c:1b:21:10:b0:84:f1:d3:13:a0:cf:38:83:01:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Aug 9 00:30:07 2025 GMT
Not After : Sep 13 23:59:59 2025 GMT
Subject: serialNumber=37bec0a776cbb5a62422786204bf72dfdf1b6cd06c0c0aef382aced37315c8e8, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:be:83:49:63:23:86:08:9c:6f:1f:75:dc:e9:
f5:c3:e0:3d:c4:4d:9f:fb:1f:94:a1:c8:67:59:07:
45:07:ed:00:a8:41:3a:05:fe:64:67:e2:77:49:0a:
d2:34:17:bb:f7:d1:34:53:8a:78:2b:2b:75:e9:40:
63:2f:f6:f9:56:10:c3:b7:6e:cd:3e:93:eb:ad:a8:
31:0e:39:bc:b3:13:46:b6:0d:68:f3:ea:59:ba:98:
9c:08:78:d5:05:b4:29:6a:2e:c7:1f:7e:57:2c:3d:
db:cf:f1:32:db:17:cf:fa:fa:2f:aa:3c:e9:b2:a3:
75:6c:ac:f8:dd:c9:fe:5d:b7:59:80:f1:1f:ee:28:
49:ff:ab:3c:79:20:5f:65:e0:3f:09:05:17:ed:40:
f2:a7:1e:85:d3:66:12:fd:59:a7:cb:7d:88:ba:aa:
08:3d:25:b7:49:77:f2:e2:6a:91:1e:05:fc:d3:46:
5d:af:65:a6:3a:19:1d:8d:d1:ed:3b:31:71:6c:12:
b1:99:82:6b:aa:0d:18:37:7c:10:1b:1f:8d:53:71:
bf:42:b5:9d:9f:d4:31:dc:e6:df:c4:a3:94:8c:90:
c6:56:e1:ea:87:76:58:62:a4:de:3c:a5:6c:d0:5f:
bf:71:bd:66:c8:e1:5d:fc:6e:b8:4c:4e:d1:8d:46:
27:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:3C:4C:3B:F6:4C:15:0D:2A:88:ED:31:BE:EA:A9:01:4A:1C:5E:C6
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/a027acd6-b75f-42ce-9bfb-ac426d92b141.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc3:4000::/36
Signature Algorithm: sha256WithRSAEncryption
82:cd:23:63:77:d1:77:1b:70:0e:9b:58:43:fb:e9:9b:1c:73:
d1:ab:29:f2:d7:d0:5f:82:20:b0:97:ba:85:6e:43:9f:ec:4b:
d0:43:b3:dd:9e:46:ab:d3:e2:be:f2:b8:96:6a:ef:75:16:e3:
cd:7c:58:c9:20:d8:75:d6:9c:f7:e5:08:7b:c8:a0:58:90:a3:
6b:1c:92:c1:4c:04:84:df:46:bd:b9:1d:bf:70:24:14:a1:64:
37:6f:f3:1a:32:16:35:f0:3c:49:45:ba:f4:5b:78:46:6f:fa:
f7:19:5e:e1:2b:b3:77:7d:c2:ca:47:c4:fc:b6:ee:a5:c5:d9:
3f:25:6f:41:14:14:02:67:28:d2:6d:c1:21:74:77:8b:92:7f:
10:2a:48:17:b8:1e:d2:ca:ad:37:14:46:7a:fe:6c:3c:70:e6:
b6:b5:bd:ab:c4:48:e4:4d:bd:08:5d:ec:d6:2c:3d:e5:67:1a:
2b:87:16:e3:57:24:fd:2c:ce:e3:b5:28:3b:f8:b6:d9:07:3b:
21:a4:02:5e:4e:4c:3c:ae:db:a2:24:e9:47:c9:ad:f8:56:04:
46:4c:bc:91:e3:2c:b5:8a:73:44:5f:60:32:55:2b:dc:78:61:
42:b6:66:32:c0:cd:d9:c9:34:72:93:8a:cb:b6:a9:4c:70:de:
5c:92:2e:0a
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUDSq0ZTWcGyEQsITx0xOgzziDAZMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA4MDkwMDMwMDdaFw0yNTA5MTMyMzU5NTlaMHoxSTBHBgNV
BAUTQDM3YmVjMGE3NzZjYmI1YTYyNDIyNzg2MjA0YmY3MmRmZGYxYjZjZDA2YzBj
MGFlZjM4MmFjZWQzNzMxNWM4ZTgxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM++g0ljI4YInG8fddzp9cPgPcRNn/sflKHIZ1kHRQftAKhBOgX+ZGfid0kK
0jQXu/fRNFOKeCsrdelAYy/2+VYQw7duzT6T662oMQ45vLMTRrYNaPPqWbqYnAh4
1QW0KWouxx9+Vyw928/xMtsXz/r6L6o86bKjdWys+N3J/l23WYDxH+4oSf+rPHkg
X2XgPwkFF+1A8qcehdNmEv1Zp8t9iLqqCD0lt0l38uJqkR4F/NNGXa9lpjoZHY3R
7TsxcWwSsZmCa6oNGDd8EBsfjVNxv0K1nZ/UMdzm38SjlIyQxlbh6od2WGKk3jyl
bNBfv3G9ZsjhXfxuuExO0Y1GJ+sCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTzPEw7
9kwVDSqI7TG+6qkBShxexjAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
YTAyN2FjZDYtYjc1Zi00MmNlLTliZmItYWM0MjZkOTJiMTQxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCABP8NA
MA0GCSqGSIb3DQEBCwUAA4IBAQCCzSNjd9F3G3AOm1hD++mbHHPRqyny19BfgiCw
l7qFbkOf7EvQQ7Pdnkar0+K+8riWau91FuPNfFjJINh11pz35Qh7yKBYkKNrHJLB
TASE30a9uR2/cCQUoWQ3b/MaMhY18DxJRbr0W3hGb/r3GV7hK7N3fcLKR8T8tu6l
xdk/JW9BFBQCZyjSbcEhdHeLkn8QKkgXuB7Syq03FEZ6/mw8cOa2tb2rxEjkTb0I
XezWLD3lZxorhxbjVyT9LM7jtSg7+LbZBzshpAJeTkw8rtuiJOlHya34VgRGTLyR
4yy1inNEX2AyVSvceGFCtmYywM3ZyTRyk4rLtqlMcN5cki4K
-----END CERTIFICATE-----
Generated at Sat Aug 23 10:07:21 2025 by rpki-client