Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/a4592271-0371-4e59-91d6-8cede30d6d9a.roa
File: a4592271-0371-4e59-91d6-8cede30d6d9a.roa (raw, json)
Hash identifier: nRQn86Wt6/IHol6MfgGqpeIPkoLbMHnC0QHyRgg1EZE=
Subject key identifier: EA:90:98:E7:2E:47:89:83:1A:BC:5E:8B:A3:D8:07:78:3E:2A:AC:57
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 16D7A88C05AA23A85D2D2F8F9672C8D91FC77AA0
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/a4592271-0371-4e59-91d6-8cede30d6d9a.roa
Signing time: Fri 20 Jun 2025 00:10:50 +0000
ROA not before: Fri 20 Jun 2025 00:10:50 +0000
ROA not after: Fri 25 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc7:b8c0::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
16:d7:a8:8c:05:aa:23:a8:5d:2d:2f:8f:96:72:c8:d9:1f:c7:7a:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Jun 20 00:10:50 2025 GMT
Not After : Jul 25 23:59:59 2025 GMT
Subject: serialNumber=55a4ec9e229dbec5c53af195755cd4d1c3e251a7b84aed9721c0cef7499809ef, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:4e:2e:9f:b0:3b:fe:00:86:66:30:c4:2a:ce:
13:67:87:5a:b4:9e:c8:7a:56:39:b8:76:c6:3b:aa:
14:09:bc:3c:0d:3f:82:bf:23:e4:48:bf:56:a2:19:
bc:e3:41:fd:73:00:5b:e5:5c:6c:33:b2:a4:df:be:
3c:a0:26:a3:ad:0d:3e:ba:1c:e2:c9:2f:f0:2b:07:
25:cb:80:9f:40:d6:cb:3c:19:fc:b5:38:58:11:c7:
39:1c:b7:13:1e:7c:52:2f:4c:5e:99:32:81:a4:4c:
d4:a5:9c:62:16:79:cb:97:e3:dc:06:ee:48:ca:a5:
d9:72:60:66:a5:4a:e1:8b:8a:ad:8c:af:0a:73:7e:
8f:f2:2a:9e:98:01:ab:95:ea:3c:a2:8d:22:1d:65:
cb:a0:bc:9f:65:c4:2e:b7:8b:24:5c:38:5f:82:66:
d6:8f:4a:05:c8:91:ed:f8:cd:b1:31:61:4f:e9:77:
47:5d:9e:b8:a0:71:0b:e1:88:39:7c:27:d9:9a:37:
7b:ff:18:6d:46:a7:f9:c0:8a:1a:0e:7e:0d:8a:f0:
4e:c4:aa:85:29:7a:f4:b8:a8:ce:fd:6a:96:04:b7:
39:a4:b0:b5:e1:7c:20:c1:a9:66:0a:c6:41:88:f2:
e5:b5:b0:ac:4a:e5:4b:71:2d:e0:ca:b2:a5:3b:b4:
e9:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:90:98:E7:2E:47:89:83:1A:BC:5E:8B:A3:D8:07:78:3E:2A:AC:57
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/a4592271-0371-4e59-91d6-8cede30d6d9a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc7:b8c0::/46
Signature Algorithm: sha256WithRSAEncryption
7e:45:b1:41:f5:45:f9:29:a4:42:78:44:de:e4:ef:32:77:51:
35:a7:5e:ee:75:fe:3d:67:45:2d:ab:e2:44:05:64:95:ac:ef:
69:bc:1d:4b:dc:20:98:10:38:1d:53:19:62:ed:83:0d:31:4c:
66:81:7e:ae:0c:17:6d:c4:34:e4:f1:32:59:c3:4b:f4:d3:65:
1a:a9:3e:b5:ad:49:1e:81:bb:cd:d1:0b:b8:46:b7:a0:78:8e:
b5:cd:26:58:ad:7f:62:4c:0a:fc:e5:15:ce:45:58:fb:f3:77:
af:7c:7b:4e:c1:1d:9b:0d:1c:75:eb:39:12:f2:32:5e:52:63:
71:04:9b:10:44:2a:08:8a:9d:1e:bb:c1:f4:02:a3:44:ff:20:
6c:a0:7f:41:4c:da:d6:99:0f:a9:80:3f:ff:26:bf:3b:67:3c:
78:42:72:14:2b:5b:3f:bf:3e:01:61:ca:8e:19:fb:a6:1d:a6:
8a:6c:a3:61:1c:cb:12:f5:4c:fe:80:6f:8d:90:96:00:a0:af:
a5:ec:47:97:79:5c:8b:63:78:58:b9:d7:1d:a9:2a:45:0f:ea:
ae:50:0c:da:32:68:d8:9b:1e:ae:f9:59:fb:69:e2:f3:4f:47:
82:b3:a2:6e:92:a8:e7:12:fa:c6:88:2c:14:7f:9e:cf:c6:4e:
06:9b:ed:4a
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUFteojAWqI6hdLS+PlnLI2R/HeqAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA2MjAwMDEwNTBaFw0yNTA3MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDU1YTRlYzllMjI5ZGJlYzVjNTNhZjE5NTc1NWNkNGQxYzNlMjUxYTdiODRh
ZWQ5NzIxYzBjZWY3NDk5ODA5ZWYxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALJOLp+wO/4AhmYwxCrOE2eHWrSeyHpWObh2xjuqFAm8PA0/gr8j5Ei/VqIZ
vONB/XMAW+VcbDOypN++PKAmo60NProc4skv8CsHJcuAn0DWyzwZ/LU4WBHHORy3
Ex58Ui9MXpkygaRM1KWcYhZ5y5fj3AbuSMql2XJgZqVK4YuKrYyvCnN+j/IqnpgB
q5XqPKKNIh1ly6C8n2XELreLJFw4X4Jm1o9KBciR7fjNsTFhT+l3R12euKBxC+GI
OXwn2Zo3e/8YbUan+cCKGg5+DYrwTsSqhSl69Liozv1qlgS3OaSwteF8IMGpZgrG
QYjy5bWwrErlS3Et4MqypTu06UUCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTqkJjn
LkeJgxq8Xouj2Ad4PiqsVzAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
YTQ1OTIyNzEtMDM3MS00ZTU5LTkxZDYtOGNlZGUzMGQ2ZDlhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAiABP8e4
wDANBgkqhkiG9w0BAQsFAAOCAQEAfkWxQfVF+SmkQnhE3uTvMndRNade7nX+PWdF
LaviRAVklazvabwdS9wgmBA4HVMZYu2DDTFMZoF+rgwXbcQ05PEyWcNL9NNlGqk+
ta1JHoG7zdELuEa3oHiOtc0mWK1/YkwK/OUVzkVY+/N3r3x7TsEdmw0cdes5EvIy
XlJjcQSbEEQqCIqdHrvB9AKjRP8gbKB/QUza1pkPqYA//ya/O2c8eEJyFCtbP78+
AWHKjhn7ph2mimyjYRzLEvVM/oBvjZCWAKCvpexHl3lci2N4WLnXHakqRQ/qrlAM
2jJo2JservlZ+2ni809HgrOibpKo5xL6xogsFH+ez8ZOBpvtSg==
-----END CERTIFICATE-----
Generated at Sun Jun 29 03:03:55 2025 by rpki-client