Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/afb29442-cb58-4fe7-9319-202c1646019f.roa
File: afb29442-cb58-4fe7-9319-202c1646019f.roa (raw, json)
Hash identifier: WJgs5Uk8dlV1z3hcJSNM15dV/ZnLB/ybM2zLmeyyg88=
Subject key identifier: E3:E7:DA:76:1C:C1:1A:13:B9:7D:EB:60:FB:CA:E7:CB:00:79:CA:A1
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 7F23EEA469C79EBAE0E76E7DFBAE449A3C60C71C
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/afb29442-cb58-4fe7-9319-202c1646019f.roa
Signing time: Fri 20 Jun 2025 00:20:35 +0000
ROA not before: Fri 20 Jun 2025 00:20:35 +0000
ROA not after: Fri 25 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc6::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7f:23:ee:a4:69:c7:9e:ba:e0:e7:6e:7d:fb:ae:44:9a:3c:60:c7:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Jun 20 00:20:35 2025 GMT
Not After : Jul 25 23:59:59 2025 GMT
Subject: serialNumber=f186ee521374dfb0f0094bb38ffb9c1a023cd5999ff7760293bdff8dc11aa6f3, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:5e:a0:c8:bf:3b:5b:c0:dd:37:0f:77:18:4d:
f6:24:5a:03:53:27:30:cb:a9:f1:6d:9b:87:5a:cf:
fc:39:7f:32:17:83:f3:c9:0a:b5:7f:24:42:22:ca:
89:0a:dc:5f:00:bf:f9:68:e6:3d:d5:29:a7:76:25:
d7:43:5b:e8:84:3b:81:a5:45:00:d9:ea:dd:8a:14:
21:0a:92:d0:50:f7:90:07:81:55:bc:e8:16:36:9d:
28:2b:26:a7:66:58:62:ac:46:67:5e:67:fe:28:a9:
0c:b2:0a:9b:82:56:bd:ae:ea:4a:3d:75:2d:0a:5c:
6e:4f:e4:58:c3:c0:f9:29:28:af:c3:b5:ca:04:40:
43:6b:b6:01:a1:ea:9f:5f:6e:47:1f:97:a8:92:fb:
70:1d:3c:d4:d8:b6:c3:24:e6:52:86:98:2e:09:b7:
f8:57:77:3d:d4:1c:4f:89:48:70:51:65:06:84:13:
a1:36:f9:f5:55:3e:34:0f:70:d9:b3:ce:4a:32:48:
c7:69:1b:83:ed:8b:ec:84:86:13:72:fd:79:da:7f:
d2:91:bc:e0:4f:c9:44:50:76:63:22:f3:54:2c:ce:
ed:5e:82:25:bd:a0:cb:f3:cf:fe:d2:cd:39:88:f9:
a9:68:f6:47:e7:0b:6c:6e:b7:66:97:97:88:ad:5e:
10:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:E7:DA:76:1C:C1:1A:13:B9:7D:EB:60:FB:CA:E7:CB:00:79:CA:A1
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/afb29442-cb58-4fe7-9319-202c1646019f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc6::/40
Signature Algorithm: sha256WithRSAEncryption
18:4e:17:d7:21:e1:61:d4:bb:ef:78:42:be:35:b4:76:57:e3:
48:ee:4b:00:b7:a1:57:30:ca:90:0e:28:6b:17:96:a2:18:43:
aa:20:b5:33:a4:94:be:21:f6:c5:97:74:e7:1f:a8:3e:16:49:
a5:0c:69:b3:29:34:51:6f:c9:ef:f6:ed:7e:68:54:65:d8:db:
8a:65:84:72:bf:2c:6f:15:6f:3d:ae:da:8d:75:45:36:3f:18:
ef:ef:2a:65:12:77:af:db:d3:de:2b:c9:b9:21:50:d4:81:6c:
8b:9d:8a:cc:75:19:a5:fd:f2:97:f2:a2:b3:3b:ff:09:e0:99:
79:38:c7:a1:40:3d:b2:97:88:22:eb:fa:6f:5f:49:21:1e:ad:
4a:7a:c5:a1:5e:80:9e:36:bc:1f:33:b3:76:64:53:fd:1d:41:
ee:18:ce:69:77:41:d8:43:b7:b0:3a:f1:e1:03:27:89:e2:21:
f7:4a:06:f9:03:73:4a:fb:c0:d0:d0:14:53:de:d5:b1:ad:3a:
5a:c8:03:e5:8d:44:3a:82:f4:d1:8a:b9:d8:b6:93:a6:99:2b:
18:3d:1a:6e:fb:96:76:73:6c:a4:5c:c7:a0:23:5c:53:03:e6:
72:0d:5a:23:ec:d4:7c:f5:e7:9a:bd:25:7c:ef:9b:33:cd:67:
54:8f:d4:df
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUfyPupGnHnrrg5259+65EmjxgxxwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA2MjAwMDIwMzVaFw0yNTA3MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQGYxODZlZTUyMTM3NGRmYjBmMDA5NGJiMzhmZmI5YzFhMDIzY2Q1OTk5ZmY3
NzYwMjkzYmRmZjhkYzExYWE2ZjMxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANVeoMi/O1vA3TcPdxhN9iRaA1MnMMup8W2bh1rP/Dl/MheD88kKtX8kQiLK
iQrcXwC/+WjmPdUpp3Yl10Nb6IQ7gaVFANnq3YoUIQqS0FD3kAeBVbzoFjadKCsm
p2ZYYqxGZ15n/iipDLIKm4JWva7qSj11LQpcbk/kWMPA+Skor8O1ygRAQ2u2AaHq
n19uRx+XqJL7cB081Ni2wyTmUoaYLgm3+Fd3PdQcT4lIcFFlBoQToTb59VU+NA9w
2bPOSjJIx2kbg+2L7ISGE3L9edp/0pG84E/JRFB2YyLzVCzO7V6CJb2gy/PP/tLN
OYj5qWj2R+cLbG63ZpeXiK1eEMUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTj59p2
HMEaE7l962D7yufLAHnKoTAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
YWZiMjk0NDItY2I1OC00ZmU3LTkzMTktMjAyYzE2NDYwMTlmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACABP8YA
MA0GCSqGSIb3DQEBCwUAA4IBAQAYThfXIeFh1LvveEK+NbR2V+NI7ksAt6FXMMqQ
DihrF5aiGEOqILUzpJS+IfbFl3TnH6g+FkmlDGmzKTRRb8nv9u1+aFRl2NuKZYRy
vyxvFW89rtqNdUU2Pxjv7yplEnev29PeK8m5IVDUgWyLnYrMdRml/fKX8qKzO/8J
4Jl5OMehQD2yl4gi6/pvX0khHq1KesWhXoCeNrwfM7N2ZFP9HUHuGM5pd0HYQ7ew
OvHhAyeJ4iH3Sgb5A3NK+8DQ0BRT3tWxrTpayAPljUQ6gvTRirnYtpOmmSsYPRpu
+5Z2c2ykXMegI1xTA+ZyDVoj7NR89eeavSV875szzWdUj9Tf
-----END CERTIFICATE-----
Generated at Sun Jun 29 03:13:44 2025 by rpki-client