Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/a972fe9b-c39f-48d1-8b19-c14cbaf16237.roa
File: a972fe9b-c39f-48d1-8b19-c14cbaf16237.roa (raw, json)
Hash identifier: 7aX63worfG7fDf8DJ35p0eWbrMGcwX8qayHLUaYGzUg=
Subject key identifier: 87:30:EB:B0:15:B8:E6:4F:94:E2:13:6A:EC:FA:FF:EE:B7:27:7A:73
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 42361D292AB6EBEA7E870CE6FBA08123E6648C63
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/a972fe9b-c39f-48d1-8b19-c14cbaf16237.roa
Signing time: Fri 20 Jun 2025 00:20:53 +0000
ROA not before: Fri 20 Jun 2025 00:20:53 +0000
ROA not after: Fri 25 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc1::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
42:36:1d:29:2a:b6:eb:ea:7e:87:0c:e6:fb:a0:81:23:e6:64:8c:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Jun 20 00:20:53 2025 GMT
Not After : Jul 25 23:59:59 2025 GMT
Subject: serialNumber=33f859903b557f1261112de79635ddbfd2f0674f3e50fe6919b214d3b0001a17, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:90:1a:d4:ae:37:63:31:0a:c4:bc:ef:6a:22:
05:f5:01:11:96:dc:9e:9f:82:ba:62:2f:dd:af:97:
3a:15:b2:ff:56:52:1d:ab:4f:48:89:51:0f:74:b5:
ff:43:b8:64:3a:4c:6f:b4:5f:bb:77:74:17:40:9e:
46:b4:9a:48:04:77:4c:50:f8:d9:4f:18:15:fc:79:
67:fc:3a:77:6f:cd:57:a5:8c:38:d8:05:f2:7d:3c:
c9:68:27:75:6b:e9:0c:fa:80:f6:0f:1d:0d:b8:11:
39:88:4d:2b:c1:7a:d0:a4:11:07:bf:bc:d6:4f:6b:
ea:79:22:d8:f4:17:d0:f2:ea:73:01:bb:89:32:15:
7d:53:8f:17:f0:4c:a3:dd:18:a1:28:d1:33:64:fa:
cd:e7:e2:2a:7c:5c:a4:7b:eb:3a:53:80:ae:12:f8:
1b:29:a9:59:71:cc:20:66:9d:00:ab:39:b5:f6:12:
a0:19:6d:ee:a2:cc:ff:6a:6e:49:1d:b6:dd:c2:e6:
26:2a:06:31:5a:ae:15:bf:99:54:cb:60:12:b2:20:
75:fc:ea:46:eb:94:e7:e2:74:25:73:1a:e7:6e:ca:
ae:eb:4c:e0:a4:ed:93:44:c2:6f:ab:27:a0:75:46:
2b:29:a1:74:01:eb:1a:d2:da:e7:dc:d7:ad:50:28:
b7:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:30:EB:B0:15:B8:E6:4F:94:E2:13:6A:EC:FA:FF:EE:B7:27:7A:73
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/a972fe9b-c39f-48d1-8b19-c14cbaf16237.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc1::/32
Signature Algorithm: sha256WithRSAEncryption
54:ab:ba:41:45:21:e4:3f:ac:1a:98:41:ee:09:22:ed:04:5f:
e3:ce:02:4f:f1:ff:70:68:5a:12:ad:d2:fc:40:4b:72:9f:18:
1c:cf:c9:ca:ca:1b:a0:1f:4b:f6:ca:41:56:5b:6e:8d:e9:78:
21:dd:85:7c:76:4b:64:88:cc:2b:49:79:c2:38:f2:89:2f:08:
fd:dc:d7:ec:f3:c1:96:0f:4b:b5:bf:fa:53:32:a6:9f:fd:97:
98:83:a7:a8:b0:d3:09:b1:20:f5:2f:c1:fb:a7:2f:45:87:59:
62:6c:b2:41:8e:a6:cf:16:c2:73:f6:c5:42:72:9a:e4:71:9c:
f1:d2:91:c7:cd:6a:a5:dc:56:36:09:93:3d:7d:6b:22:66:f9:
45:3c:0a:2b:10:66:c3:e3:dd:69:34:2f:25:2d:82:a9:c5:98:
d0:8b:8e:fa:6a:12:d1:1a:c9:6f:df:a3:0a:b8:ea:c1:fa:73:
39:a2:b1:fc:7d:ca:be:3c:f5:7f:fd:7e:d1:a1:30:1f:e2:ca:
f1:ca:0a:3a:32:d1:b3:28:55:77:3f:00:79:b2:72:86:66:d6:
8a:c8:d9:71:8e:85:01:26:0f:0b:b8:ad:1d:cf:ea:50:e9:4f:
a0:a8:59:e4:c2:a7:68:8e:15:2e:cf:63:68:0e:2d:0b:0e:50:
ba:a8:d8:e9
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgIUQjYdKSq26+p+hwzm+6CBI+ZkjGMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA2MjAwMDIwNTNaFw0yNTA3MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDMzZjg1OTkwM2I1NTdmMTI2MTExMmRlNzk2MzVkZGJmZDJmMDY3NGYzZTUw
ZmU2OTE5YjIxNGQzYjAwMDFhMTcxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ2QGtSuN2MxCsS872oiBfUBEZbcnp+CumIv3a+XOhWy/1ZSHatPSIlRD3S1
/0O4ZDpMb7Rfu3d0F0CeRrSaSAR3TFD42U8YFfx5Z/w6d2/NV6WMONgF8n08yWgn
dWvpDPqA9g8dDbgROYhNK8F60KQRB7+81k9r6nki2PQX0PLqcwG7iTIVfVOPF/BM
o90YoSjRM2T6zefiKnxcpHvrOlOArhL4GympWXHMIGadAKs5tfYSoBlt7qLM/2pu
SR223cLmJioGMVquFb+ZVMtgErIgdfzqRuuU5+J0JXMa527KrutM4KTtk0TCb6sn
oHVGKymhdAHrGtLa59zXrVAotwcCAwEAAaOCAiIwggIeMB0GA1UdDgQWBBSHMOuw
FbjmT5TiE2rs+v/utyd6czAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
YTk3MmZlOWItYzM5Zi00OGQxLThiMTktYzE0Y2JhZjE2MjM3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACABP8Ew
DQYJKoZIhvcNAQELBQADggEBAFSrukFFIeQ/rBqYQe4JIu0EX+POAk/x/3BoWhKt
0vxAS3KfGBzPycrKG6AfS/bKQVZbbo3peCHdhXx2S2SIzCtJecI48okvCP3c1+zz
wZYPS7W/+lMypp/9l5iDp6iw0wmxIPUvwfunL0WHWWJsskGOps8WwnP2xUJymuRx
nPHSkcfNaqXcVjYJkz19ayJm+UU8CisQZsPj3Wk0LyUtgqnFmNCLjvpqEtEayW/f
owq46sH6czmisfx9yr489X/9ftGhMB/iyvHKCjoy0bMoVXc/AHmycoZm1orI2XGO
hQEmDwu4rR3P6lDpT6CoWeTCp2iOFS7PY2gOLQsOULqo2Ok=
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:58:29 2025 by rpki-client