Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/b128bc8d-b462-4700-9503-592938317487.roa
File: b128bc8d-b462-4700-9503-592938317487.roa (raw, json)
Hash identifier: isJJJyNR/c4D74A3fsR5AnK/5+5JheC8EfGIGC62yxY=
Subject key identifier: 79:4D:EA:C6:75:81:C9:EB:4F:D3:03:8C:12:A0:67:C5:48:12:DD:11
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 2D694BF5CD9FE606B15CC1F4C46F8EF5ABDE4C69
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/b128bc8d-b462-4700-9503-592938317487.roa
Signing time: Fri 20 Jun 2025 00:10:37 +0000
ROA not before: Fri 20 Jun 2025 00:10:37 +0000
ROA not after: Fri 25 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc0:880::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2d:69:4b:f5:cd:9f:e6:06:b1:5c:c1:f4:c4:6f:8e:f5:ab:de:4c:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Jun 20 00:10:37 2025 GMT
Not After : Jul 25 23:59:59 2025 GMT
Subject: serialNumber=d1f56f3795886cc79a016c908cf02b5e70bb944501f4feee0244cd992a081c6f, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:f8:51:9c:b4:01:d0:11:21:9f:4b:fe:e4:63:
13:62:5e:59:30:96:34:3c:ad:ee:bc:1d:e0:a7:ff:
ca:c6:6c:9a:3d:57:54:c9:e8:a1:81:df:9f:df:b5:
ea:34:aa:a1:35:e8:0e:e0:b4:f1:67:cc:ed:3f:50:
f8:36:17:70:c2:08:b5:80:e0:0f:1c:c8:d0:3c:c3:
1c:a8:ee:7b:6e:ef:7b:17:54:58:d5:94:26:85:de:
6a:e5:f6:5d:f0:1b:fc:b0:c5:6f:73:60:ab:fb:57:
cc:dc:3c:d8:4a:07:61:a5:93:e5:99:96:d2:6b:ba:
0a:5d:38:31:e5:77:22:04:36:f3:82:6d:e3:82:e4:
3b:91:bf:1a:0d:53:c1:22:25:a6:9d:dc:01:c3:db:
b8:fb:2a:99:34:98:bd:dd:c1:5a:12:fc:99:cb:5e:
fe:e1:24:c0:fd:17:72:b1:4c:da:90:b1:01:fc:49:
30:f0:cb:f8:47:5a:46:f4:0d:fb:cd:24:d5:c5:43:
b4:d7:c3:b5:14:a6:11:b9:70:e0:60:63:1e:5c:1d:
f7:99:2d:d9:f9:32:27:6d:18:e3:bb:d1:49:93:a1:
73:2c:c3:ba:6e:61:83:5a:83:2e:b7:7f:81:89:ce:
f0:51:7b:ce:aa:d7:ce:97:47:64:1a:75:76:2f:c2:
9b:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:4D:EA:C6:75:81:C9:EB:4F:D3:03:8C:12:A0:67:C5:48:12:DD:11
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/b128bc8d-b462-4700-9503-592938317487.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc0:880::/48
Signature Algorithm: sha256WithRSAEncryption
08:c0:4d:fc:49:02:33:99:6a:86:45:e1:79:f5:2e:91:2e:a3:
84:fd:c8:89:99:03:b3:ae:73:fa:6f:04:0f:fc:f2:e1:91:ad:
6f:6a:00:6c:88:82:15:9d:60:da:6c:0e:51:90:1d:64:b7:b3:
8c:87:f6:9a:21:e8:2a:66:8e:2b:13:fb:3c:47:87:75:a1:83:
6f:8c:d7:a3:41:ed:63:f8:99:cf:9b:70:78:33:fb:6c:0b:f5:
cc:7a:12:25:d8:c7:e8:7d:26:4a:fb:d5:9c:6a:5b:d5:f7:5c:
04:a4:66:b2:54:be:60:0c:4e:bc:f5:70:43:4b:6a:85:11:8c:
b5:95:42:e8:12:9a:02:c9:e5:9a:93:86:0b:59:8e:6d:06:63:
f7:39:f4:b5:21:27:d5:fb:88:69:91:19:bc:a5:c2:50:6a:94:
25:4c:7e:48:1d:cb:de:d7:3c:29:42:e0:5a:42:f5:8f:98:5d:
c8:09:31:a8:74:5e:37:49:eb:1f:4e:5a:a8:e7:20:59:1c:37:
7c:8f:22:be:ab:9e:d0:a1:24:99:c3:ca:f8:27:8d:f3:bb:64:
66:f9:1c:03:d3:74:0f:25:22:21:b4:2e:9d:11:0b:ff:55:63:
34:40:65:1d:25:24:a5:71:1d:54:e5:ed:89:d5:9f:dc:f0:d2:
5e:50:3e:12
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIULWlL9c2f5gaxXMH0xG+O9aveTGkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA2MjAwMDEwMzdaFw0yNTA3MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQGQxZjU2ZjM3OTU4ODZjYzc5YTAxNmM5MDhjZjAyYjVlNzBiYjk0NDUwMWY0
ZmVlZTAyNDRjZDk5MmEwODFjNmYxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMX4UZy0AdARIZ9L/uRjE2JeWTCWNDyt7rwd4Kf/ysZsmj1XVMnooYHfn9+1
6jSqoTXoDuC08WfM7T9Q+DYXcMIItYDgDxzI0DzDHKjue27vexdUWNWUJoXeauX2
XfAb/LDFb3Ngq/tXzNw82EoHYaWT5ZmW0mu6Cl04MeV3IgQ284Jt44LkO5G/Gg1T
wSIlpp3cAcPbuPsqmTSYvd3BWhL8mcte/uEkwP0XcrFM2pCxAfxJMPDL+EdaRvQN
+80k1cVDtNfDtRSmEblw4GBjHlwd95kt2fkyJ20Y47vRSZOhcyzDum5hg1qDLrd/
gYnO8FF7zqrXzpdHZBp1di/Cm+MCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBR5TerG
dYHJ60/TA4wSoGfFSBLdETAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
YjEyOGJjOGQtYjQ2Mi00NzAwLTk1MDMtNTkyOTM4MzE3NDg3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACABP8AI
gDANBgkqhkiG9w0BAQsFAAOCAQEACMBN/EkCM5lqhkXhefUukS6jhP3IiZkDs65z
+m8ED/zy4ZGtb2oAbIiCFZ1g2mwOUZAdZLezjIf2miHoKmaOKxP7PEeHdaGDb4zX
o0HtY/iZz5tweDP7bAv1zHoSJdjH6H0mSvvVnGpb1fdcBKRmslS+YAxOvPVwQ0tq
hRGMtZVC6BKaAsnlmpOGC1mObQZj9zn0tSEn1fuIaZEZvKXCUGqUJUx+SB3L3tc8
KULgWkL1j5hdyAkxqHReN0nrH05aqOcgWRw3fI8ivque0KEkmcPK+CeN87tkZvkc
A9N0DyUiIbQunREL/1VjNEBlHSUkpXEdVOXtidWf3PDSXlA+Eg==
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:38:32 2025 by rpki-client