Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/bb6731f4-6cec-4564-8c6d-9e46397fac5a.roa
File: bb6731f4-6cec-4564-8c6d-9e46397fac5a.roa (raw, json)
Hash identifier: PR2ewdQZFXf7afygetJPwwE3Jsdoo8Jb0YA1jm9zcRs=
Subject key identifier: 16:A2:D4:4B:DB:67:4D:37:40:70:72:6A:F3:FB:60:59:82:F4:08:B9
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 60F99D2BF9A84C9C103DB04441FC5E7957C14388
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/bb6731f4-6cec-4564-8c6d-9e46397fac5a.roa
Signing time: Sat 09 Aug 2025 00:21:25 +0000
ROA not before: Sat 09 Aug 2025 00:21:25 +0000
ROA not after: Sat 13 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc3:2000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 12:50:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
60:f9:9d:2b:f9:a8:4c:9c:10:3d:b0:44:41:fc:5e:79:57:c1:43:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Aug 9 00:21:25 2025 GMT
Not After : Sep 13 23:59:59 2025 GMT
Subject: serialNumber=6401a7eca6d2782a87bca4d5e990024650f054ac59e4adf9b7d2093cdce2190f, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:93:74:6b:97:f6:57:9a:3c:6c:72:1b:74:81:
7e:f2:8a:dc:c8:e8:f5:0a:c8:ce:54:d6:b3:7d:a6:
4d:cf:84:d9:ea:7a:a3:a4:65:c6:ec:60:c2:51:74:
59:e2:8a:98:a5:fa:5b:5f:00:fa:48:0f:97:4b:a4:
29:ea:5f:d3:52:8b:99:4a:05:a6:08:24:e3:64:8f:
09:89:34:74:7d:34:45:f9:eb:dc:63:4a:c2:60:42:
d8:94:1b:41:f3:d1:0d:c0:56:f2:40:00:b2:6e:c1:
22:f7:33:a9:ed:a4:10:7a:ac:09:d6:e1:d0:af:54:
fe:d9:43:ae:ec:f4:2d:f0:f3:56:95:04:37:bb:7d:
bb:4a:28:9d:9a:99:9d:04:c0:56:fa:cd:de:f6:c0:
94:4b:9b:bf:cb:85:ce:35:f6:31:d6:12:c0:e4:c5:
18:44:35:5a:73:66:9c:6f:56:3d:a6:42:14:94:f4:
68:a5:b6:88:1f:3a:e7:24:c2:97:3e:a7:df:3f:e3:
b3:52:a5:ea:66:ea:b3:f6:c3:08:35:04:32:52:00:
6d:ff:da:bc:a7:34:a1:6a:94:34:7f:4a:e5:2c:21:
c0:35:0f:41:8f:68:58:24:d7:38:2a:e4:69:7a:ce:
da:86:15:c5:26:d3:0c:a3:45:b1:ec:ec:1d:40:09:
0a:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:A2:D4:4B:DB:67:4D:37:40:70:72:6A:F3:FB:60:59:82:F4:08:B9
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/bb6731f4-6cec-4564-8c6d-9e46397fac5a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc3:2000::/36
Signature Algorithm: sha256WithRSAEncryption
8a:bc:89:aa:22:6d:27:73:93:da:8b:af:ed:70:c3:44:4a:9c:
46:c5:6a:2e:03:3e:3f:c6:ac:1c:e9:a3:eb:e6:f2:82:c1:83:
7f:1f:21:5c:99:c4:eb:67:02:65:15:0e:a9:f8:72:51:86:e4:
a6:03:a8:77:72:38:66:8e:29:d4:98:58:78:44:ff:dd:71:e7:
80:cb:97:69:b3:28:1b:e4:d9:9e:eb:1b:02:97:a2:31:96:b1:
98:02:0e:5e:8e:92:9b:0a:c7:9d:96:fb:db:33:85:9a:82:32:
a6:e0:e3:2e:01:6a:31:c0:a5:7e:0c:f4:e2:c1:99:be:4d:92:
40:3d:c6:92:a8:23:e1:18:6c:16:85:08:b5:78:36:2d:9e:91:
e8:fc:4d:83:77:44:0d:29:e2:55:2a:1d:49:03:37:a1:49:cb:
45:08:b3:d4:17:de:86:45:96:62:42:f0:91:47:a9:21:d6:0f:
c8:13:44:aa:61:ec:a4:44:10:43:85:c8:31:94:d3:d2:5c:af:
64:d2:de:32:d0:63:ba:49:ed:13:b2:34:ce:0b:86:5d:1c:c2:
25:73:8f:21:ad:55:c8:aa:3f:5f:05:f7:b5:8c:ee:95:68:a1:
c3:35:7b:3d:44:7c:b1:50:ff:c3:eb:6a:22:66:81:35:17:3f:
d9:b3:c6:0e
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUYPmdK/moTJwQPbBEQfxeeVfBQ4gwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA4MDkwMDIxMjVaFw0yNTA5MTMyMzU5NTlaMHoxSTBHBgNV
BAUTQDY0MDFhN2VjYTZkMjc4MmE4N2JjYTRkNWU5OTAwMjQ2NTBmMDU0YWM1OWU0
YWRmOWI3ZDIwOTNjZGNlMjE5MGYxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL+TdGuX9leaPGxyG3SBfvKK3Mjo9QrIzlTWs32mTc+E2ep6o6RlxuxgwlF0
WeKKmKX6W18A+kgPl0ukKepf01KLmUoFpggk42SPCYk0dH00Rfnr3GNKwmBC2JQb
QfPRDcBW8kAAsm7BIvczqe2kEHqsCdbh0K9U/tlDruz0LfDzVpUEN7t9u0oonZqZ
nQTAVvrN3vbAlEubv8uFzjX2MdYSwOTFGEQ1WnNmnG9WPaZCFJT0aKW2iB865yTC
lz6n3z/js1Kl6mbqs/bDCDUEMlIAbf/avKc0oWqUNH9K5SwhwDUPQY9oWCTXOCrk
aXrO2oYVxSbTDKNFsezsHUAJCkUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQWotRL
22dNN0Bwcmrz+2BZgvQIuTAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
YmI2NzMxZjQtNmNlYy00NTY0LThjNmQtOWU0NjM5N2ZhYzVhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCABP8Mg
MA0GCSqGSIb3DQEBCwUAA4IBAQCKvImqIm0nc5Pai6/tcMNESpxGxWouAz4/xqwc
6aPr5vKCwYN/HyFcmcTrZwJlFQ6p+HJRhuSmA6h3cjhmjinUmFh4RP/dceeAy5dp
sygb5Nme6xsCl6IxlrGYAg5ejpKbCsedlvvbM4WagjKm4OMuAWoxwKV+DPTiwZm+
TZJAPcaSqCPhGGwWhQi1eDYtnpHo/E2Dd0QNKeJVKh1JAzehSctFCLPUF96GRZZi
QvCRR6kh1g/IE0SqYeykRBBDhcgxlNPSXK9k0t4y0GO6Se0TsjTOC4ZdHMIlc48h
rVXIqj9fBfe1jO6VaKHDNXs9RHyxUP/D62oiZoE1Fz/Zs8YO
-----END CERTIFICATE-----
Generated at Sat Aug 23 18:29:32 2025 by rpki-client