Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/bb6731f4-6cec-4564-8c6d-9e46397fac5a.roa
File: bb6731f4-6cec-4564-8c6d-9e46397fac5a.roa (raw, json)
Hash identifier: 4W464GbcM4rGQ5dPakgxBOxTijSFFhmKteNvoz9xgWY=
Subject key identifier: 34:7C:8C:2F:CE:0E:93:E6:49:B7:E9:81:2F:DA:87:DE:F6:6E:2C:D3
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 547827C6938D334867BE6DD943ADC0E3D48D97C1
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/bb6731f4-6cec-4564-8c6d-9e46397fac5a.roa
Signing time: Fri 20 Jun 2025 00:21:03 +0000
ROA not before: Fri 20 Jun 2025 00:21:03 +0000
ROA not after: Fri 25 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc3:2000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
54:78:27:c6:93:8d:33:48:67:be:6d:d9:43:ad:c0:e3:d4:8d:97:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Jun 20 00:21:03 2025 GMT
Not After : Jul 25 23:59:59 2025 GMT
Subject: serialNumber=e7eb23e30063a9176abb5585df68231163c85ea9fda2844f0b9a28e84fb412d7, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:c6:60:25:2a:5d:a3:41:3c:18:fc:e4:ee:a4:
50:e7:37:e7:7c:2f:78:28:ea:8d:f4:40:f4:51:2d:
86:04:bc:ab:80:9f:77:5d:e0:d6:c1:cb:a9:7d:cb:
7d:a2:88:2b:bb:04:c0:4f:c7:1f:2d:12:6e:9a:ef:
dd:d1:1e:3a:9f:f2:c9:26:4d:dc:e8:19:3f:e3:62:
b0:94:a6:14:3e:e2:3d:72:39:5f:3a:91:bb:9c:25:
c5:33:63:5c:5d:29:84:20:86:f5:6e:81:22:5c:39:
16:5e:a9:b5:3c:77:37:16:db:94:e7:09:87:6b:62:
d2:d5:ca:ba:ee:9e:9f:af:91:fe:5c:c4:ca:44:b8:
85:0a:39:d4:ca:0d:8d:b2:89:8b:9e:fc:28:8c:a3:
65:86:3c:5a:21:62:65:12:90:35:a8:e7:7f:d8:af:
d6:ab:0e:08:73:4f:02:e0:25:f1:cd:81:49:fe:6a:
98:b1:19:5b:08:a4:2c:ae:e7:ee:c9:b2:6f:a0:af:
ba:e3:0b:87:3a:79:9d:6e:e9:35:55:d9:68:a7:6c:
6e:97:7a:d7:d4:66:11:3f:ea:c0:83:ef:73:c4:0d:
a3:67:df:c6:dc:ca:ce:13:ce:74:3d:39:c9:13:3a:
2d:5e:e0:e3:dd:4e:72:c1:1e:6e:3d:09:38:c0:5e:
1c:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:7C:8C:2F:CE:0E:93:E6:49:B7:E9:81:2F:DA:87:DE:F6:6E:2C:D3
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/bb6731f4-6cec-4564-8c6d-9e46397fac5a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc3:2000::/36
Signature Algorithm: sha256WithRSAEncryption
40:03:c4:83:12:ca:cc:9c:5c:54:91:35:80:82:23:cb:59:3d:
78:74:b5:fe:61:de:e8:a5:92:44:0d:ec:b9:0d:c2:49:7c:e5:
25:22:65:b6:91:77:5f:e8:50:88:0d:42:50:a4:2f:fd:77:aa:
32:fd:e4:27:e6:b8:96:a4:1f:fc:5c:68:fa:3b:8f:69:fb:09:
fe:a5:c4:30:2d:1d:22:88:ef:bd:cf:30:07:69:e3:b2:08:61:
d3:ac:38:d3:e1:32:81:02:c0:42:43:f1:b3:31:c8:ea:ec:20:
e4:a9:f9:80:52:38:86:4e:4d:7b:97:80:fb:4a:96:72:e0:be:
7d:84:6f:1a:d0:61:b7:d7:1c:c9:dd:db:c5:7b:72:5f:81:ab:
e9:32:99:84:c9:7f:eb:47:5b:fa:05:67:b1:a5:b5:22:42:99:
e2:79:ea:6b:7e:3c:09:46:01:9b:83:c3:6e:ce:b5:ba:7f:cd:
ec:49:e9:3b:72:bf:8a:47:f4:02:cf:13:8b:2d:f2:81:bc:ae:
ab:cd:7d:7d:4d:9a:f4:44:b2:1a:45:15:8e:b7:10:7c:fe:5e:
e3:ff:46:75:05:8e:68:46:61:9b:a4:63:c8:ee:8e:78:dd:68:
b1:bd:9a:e0:6e:93:cc:9f:35:c2:b5:b1:a4:c1:78:ff:8d:93:
f2:91:ae:a0
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUVHgnxpONM0hnvm3ZQ63A49SNl8EwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA2MjAwMDIxMDNaFw0yNTA3MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQGU3ZWIyM2UzMDA2M2E5MTc2YWJiNTU4NWRmNjgyMzExNjNjODVlYTlmZGEy
ODQ0ZjBiOWEyOGU4NGZiNDEyZDcxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ3GYCUqXaNBPBj85O6kUOc353wveCjqjfRA9FEthgS8q4Cfd13g1sHLqX3L
faKIK7sEwE/HHy0Sbprv3dEeOp/yySZN3OgZP+NisJSmFD7iPXI5XzqRu5wlxTNj
XF0phCCG9W6BIlw5Fl6ptTx3NxbblOcJh2ti0tXKuu6en6+R/lzEykS4hQo51MoN
jbKJi578KIyjZYY8WiFiZRKQNajnf9iv1qsOCHNPAuAl8c2BSf5qmLEZWwikLK7n
7smyb6CvuuMLhzp5nW7pNVXZaKdsbpd619RmET/qwIPvc8QNo2ffxtzKzhPOdD05
yRM6LV7g491OcsEebj0JOMBeHH0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQ0fIwv
zg6T5km36YEv2ofe9m4s0zAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
YmI2NzMxZjQtNmNlYy00NTY0LThjNmQtOWU0NjM5N2ZhYzVhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCABP8Mg
MA0GCSqGSIb3DQEBCwUAA4IBAQBAA8SDEsrMnFxUkTWAgiPLWT14dLX+Yd7opZJE
Dey5DcJJfOUlImW2kXdf6FCIDUJQpC/9d6oy/eQn5riWpB/8XGj6O49p+wn+pcQw
LR0iiO+9zzAHaeOyCGHTrDjT4TKBAsBCQ/GzMcjq7CDkqfmAUjiGTk17l4D7SpZy
4L59hG8a0GG31xzJ3dvFe3JfgavpMpmEyX/rR1v6BWexpbUiQpnieeprfjwJRgGb
g8NuzrW6f83sSek7cr+KR/QCzxOLLfKBvK6rzX19TZr0RLIaRRWOtxB8/l7j/0Z1
BY5oRmGbpGPI7o543WixvZrgbpPMnzXCtbGkwXj/jZPyka6g
-----END CERTIFICATE-----
Generated at Sun Jun 29 05:09:01 2025 by rpki-client