Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/baededf2-26d8-42f7-b8bc-fbf1dc4fb03d.roa
File: baededf2-26d8-42f7-b8bc-fbf1dc4fb03d.roa (raw, json)
Hash identifier: 6k82HpzhonmVpkN4DfKNk9ndW3kda6bTLW15fMSCV5k=
Subject key identifier: EF:7F:A5:E1:94:E9:1C:6B:D3:40:97:3D:5A:D8:CC:E4:7D:45:D3:BE
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 3B2544884DC0E1EBA99FB04E8E82688F88DF3220
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/baededf2-26d8-42f7-b8bc-fbf1dc4fb03d.roa
Signing time: Fri 20 Jun 2025 00:20:25 +0000
ROA not before: Fri 20 Jun 2025 00:20:25 +0000
ROA not after: Fri 25 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc7:6000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3b:25:44:88:4d:c0:e1:eb:a9:9f:b0:4e:8e:82:68:8f:88:df:32:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Jun 20 00:20:25 2025 GMT
Not After : Jul 25 23:59:59 2025 GMT
Subject: serialNumber=919a6bb16320f4fdafb5d30620c64f3c7747c8181bbe74507cb056345964b89e, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:d7:8c:9e:bc:86:e9:65:fc:f0:79:53:5e:74:
7f:3e:04:9b:fb:00:40:ad:87:79:e1:9e:a7:14:f7:
c2:17:d8:5a:ec:31:07:c4:a0:2c:0f:cc:4e:7e:3a:
c0:44:5b:f9:1f:17:c1:14:1c:55:3e:56:60:7b:ed:
50:6a:0e:44:34:56:43:2c:7a:a5:c1:fa:c6:dc:a7:
5b:14:51:98:85:c7:20:33:04:01:da:ee:a4:51:c7:
66:8f:85:e6:eb:12:0b:3c:42:46:75:3a:96:e5:23:
f8:d3:34:c1:a6:bb:0b:7d:de:46:2b:c7:4d:21:45:
50:6e:14:f7:33:67:c5:de:1d:03:47:f3:b8:58:ae:
de:45:81:44:92:9f:93:0b:a7:2c:fd:2f:fe:e2:73:
f9:34:20:c4:ac:96:2d:f8:c3:c4:0e:af:f0:ea:e4:
b8:5a:42:20:64:28:0f:c0:64:e3:af:ca:27:a7:30:
2c:72:96:31:f6:37:f6:83:34:9c:93:cf:21:12:13:
20:dc:c3:21:59:ab:03:7c:17:8a:ea:a7:9a:48:b3:
42:2f:5b:09:f2:fd:df:7a:15:08:9f:c5:a5:56:af:
2e:6e:cc:77:a9:2d:75:bb:f5:38:95:75:f8:49:8c:
d6:93:8f:1b:3c:6a:d1:cc:08:82:5e:c9:aa:3d:d0:
e2:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:7F:A5:E1:94:E9:1C:6B:D3:40:97:3D:5A:D8:CC:E4:7D:45:D3:BE
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/baededf2-26d8-42f7-b8bc-fbf1dc4fb03d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc7:6000::/36
Signature Algorithm: sha256WithRSAEncryption
5b:4e:06:bb:64:8c:6a:cb:5c:ee:de:ad:68:65:61:28:d8:7b:
eb:79:7c:f6:89:94:2c:32:b0:10:2b:4c:56:99:6f:1a:59:28:
d1:be:aa:ef:e6:a8:c4:81:74:39:83:60:59:5e:23:06:0f:14:
11:34:1a:6f:a5:f6:74:01:89:0e:61:fd:5e:cf:56:34:86:01:
83:1a:f8:ce:cf:f4:e4:a3:69:09:12:72:42:48:e4:47:30:c3:
91:be:19:65:23:92:b1:cc:fd:82:eb:d1:ce:9e:fe:59:06:c4:
91:de:6e:49:41:aa:2f:c7:05:ae:49:a5:80:94:06:db:ed:a9:
08:67:82:e9:2b:f9:14:5a:33:c6:ff:42:06:b4:2b:13:d5:1d:
b1:dd:36:5e:ff:68:61:eb:7c:45:54:2b:bb:6e:15:04:e1:09:
ac:02:64:b5:22:d4:85:38:53:be:4f:fb:56:67:35:5e:51:83:
ba:4f:6b:ff:85:e7:22:7f:a7:24:88:3c:5a:68:d0:4d:90:8a:
ef:0f:05:fd:b5:1b:53:18:3e:0b:f3:2e:91:60:0d:fc:a5:18:
cd:5f:3d:3b:45:cc:2f:08:c5:95:6c:6f:05:0c:23:1c:a1:bf:
45:14:39:62:9b:fa:6d:cc:67:9b:b2:c8:1f:4f:c2:b1:76:0f:
7f:96:3e:2d
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUOyVEiE3A4eupn7BOjoJoj4jfMiAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA2MjAwMDIwMjVaFw0yNTA3MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDkxOWE2YmIxNjMyMGY0ZmRhZmI1ZDMwNjIwYzY0ZjNjNzc0N2M4MTgxYmJl
NzQ1MDdjYjA1NjM0NTk2NGI4OWUxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANTXjJ68hull/PB5U150fz4Em/sAQK2HeeGepxT3whfYWuwxB8SgLA/MTn46
wERb+R8XwRQcVT5WYHvtUGoORDRWQyx6pcH6xtynWxRRmIXHIDMEAdrupFHHZo+F
5usSCzxCRnU6luUj+NM0waa7C33eRivHTSFFUG4U9zNnxd4dA0fzuFiu3kWBRJKf
kwunLP0v/uJz+TQgxKyWLfjDxA6v8OrkuFpCIGQoD8Bk46/KJ6cwLHKWMfY39oM0
nJPPIRITINzDIVmrA3wXiuqnmkizQi9bCfL933oVCJ/FpVavLm7Md6ktdbv1OJV1
+EmM1pOPGzxq0cwIgl7Jqj3Q4oUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTvf6Xh
lOkca9NAlz1a2MzkfUXTvjAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
YmFlZGVkZjItMjZkOC00MmY3LWI4YmMtZmJmMWRjNGZiMDNkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCABP8dg
MA0GCSqGSIb3DQEBCwUAA4IBAQBbTga7ZIxqy1zu3q1oZWEo2HvreXz2iZQsMrAQ
K0xWmW8aWSjRvqrv5qjEgXQ5g2BZXiMGDxQRNBpvpfZ0AYkOYf1ez1Y0hgGDGvjO
z/Tko2kJEnJCSORHMMORvhllI5KxzP2C69HOnv5ZBsSR3m5JQaovxwWuSaWAlAbb
7akIZ4LpK/kUWjPG/0IGtCsT1R2x3TZe/2hh63xFVCu7bhUE4QmsAmS1ItSFOFO+
T/tWZzVeUYO6T2v/hecif6ckiDxaaNBNkIrvDwX9tRtTGD4L8y6RYA38pRjNXz07
RcwvCMWVbG8FDCMcob9FFDlim/ptzGebssgfT8Kxdg9/lj4t
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:58:18 2025 by rpki-client