Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/bb926853-f3ad-4f1a-b024-12b34c55d5bc.roa
File: bb926853-f3ad-4f1a-b024-12b34c55d5bc.roa (raw, json)
Hash identifier: X5CLFCE/K0uxITHkat5/i4bO7dE/akPU1mWICAqUYow=
Subject key identifier: 62:4A:42:E7:FF:05:10:B4:27:1B:78:91:9B:49:5F:9E:C9:2B:E5:09
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 1BECA7216DFE9BA17B7BECA0919A372CF81DD52F
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/bb926853-f3ad-4f1a-b024-12b34c55d5bc.roa
Signing time: Fri 20 Jun 2025 00:10:48 +0000
ROA not before: Fri 20 Jun 2025 00:10:48 +0000
ROA not after: Fri 25 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc7:f880::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1b:ec:a7:21:6d:fe:9b:a1:7b:7b:ec:a0:91:9a:37:2c:f8:1d:d5:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Jun 20 00:10:48 2025 GMT
Not After : Jul 25 23:59:59 2025 GMT
Subject: serialNumber=bb3a8df70bbbb2036dcd34a3cf099c303103ccf9a0ecbd92f7cab712895ace79, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:d4:d5:44:17:c7:31:05:93:41:39:73:8a:6d:
86:0a:05:96:0a:c8:22:03:54:66:c8:b7:a6:d6:ba:
1a:55:5b:77:16:07:6c:31:01:9f:b6:b0:95:51:67:
c8:32:58:e8:7e:ff:da:02:9f:dd:4f:42:08:2b:76:
d1:93:6c:5e:5e:50:73:95:74:13:49:32:25:56:4c:
83:ac:93:d7:30:2b:2f:cc:ce:42:c0:36:0d:20:3d:
69:28:4b:7f:b5:bd:86:88:76:fd:47:24:78:a3:24:
3a:ee:f2:ff:77:ce:a3:b3:8e:2b:b1:ed:d0:60:13:
08:db:ef:be:7c:11:f9:fb:92:ab:95:9a:a8:5e:10:
78:b3:26:81:e4:a4:43:b5:a0:63:db:fe:01:91:09:
ab:ac:11:c7:68:88:94:a6:66:aa:e1:37:4f:a7:f6:
61:7a:f3:45:a7:eb:92:f2:54:8a:3b:0b:dd:31:4b:
f7:91:bb:da:a8:4e:fc:c8:34:b2:d7:ba:d1:4a:d0:
46:0b:b0:fa:ca:2b:fe:1d:d4:5c:19:4b:b6:8b:db:
f6:30:08:33:bf:91:d1:3c:5d:b0:a7:e3:b9:d0:47:
a9:5f:15:0a:ec:2e:ad:55:ad:b8:c1:24:0e:75:ca:
86:de:d5:cd:77:3d:e0:2c:cf:5b:02:77:59:15:b4:
6b:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:4A:42:E7:FF:05:10:B4:27:1B:78:91:9B:49:5F:9E:C9:2B:E5:09
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/bb926853-f3ad-4f1a-b024-12b34c55d5bc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc7:f880::/48
Signature Algorithm: sha256WithRSAEncryption
36:09:d7:e5:41:d3:83:c3:5c:02:56:13:36:f6:08:dc:1b:56:
e5:c9:0b:45:03:8e:7d:7c:72:d8:a3:7b:5c:9e:f2:3c:c0:c6:
be:4d:41:98:b2:db:24:0d:2c:b1:85:d9:02:8a:8b:f1:79:6f:
0d:76:e9:bc:97:d0:3d:55:9d:ae:98:1c:c0:69:39:10:1b:45:
81:22:5a:8e:52:a8:b9:17:97:13:08:7d:07:82:1a:a3:12:cc:
34:b1:cc:23:db:58:f3:a9:6e:9f:e6:5b:95:3b:33:f8:fb:b4:
b2:0c:7b:30:3c:89:d5:33:ad:b7:d2:7f:1c:87:8f:6d:98:3c:
61:d3:4f:2f:c7:23:72:d6:a6:f4:df:9f:4b:6f:9a:34:15:5e:
ef:7c:62:e6:08:a7:92:de:5c:a0:5c:d7:80:5c:3d:cc:a0:3c:
d4:d4:8a:f3:e6:99:4e:8c:48:73:f0:b5:8b:58:4c:8f:27:ff:
9a:74:f4:02:89:a9:76:a7:af:fa:d1:1c:c6:93:20:eb:85:13:
e6:4e:a1:e9:0a:bc:3a:1f:47:82:8b:4e:50:82:7f:8e:6f:c2:
0e:5d:9f:dc:47:62:9f:24:e5:20:2d:26:dc:b4:2e:e3:41:cf:
53:10:08:f7:12:39:b2:2f:ea:9c:55:9b:14:88:c6:41:a4:eb:
34:17:a2:98
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUG+ynIW3+m6F7e+ygkZo3LPgd1S8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA2MjAwMDEwNDhaFw0yNTA3MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQGJiM2E4ZGY3MGJiYmIyMDM2ZGNkMzRhM2NmMDk5YzMwMzEwM2NjZjlhMGVj
YmQ5MmY3Y2FiNzEyODk1YWNlNzkxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMbU1UQXxzEFk0E5c4pthgoFlgrIIgNUZsi3pta6GlVbdxYHbDEBn7awlVFn
yDJY6H7/2gKf3U9CCCt20ZNsXl5Qc5V0E0kyJVZMg6yT1zArL8zOQsA2DSA9aShL
f7W9hoh2/UckeKMkOu7y/3fOo7OOK7Ht0GATCNvvvnwR+fuSq5WaqF4QeLMmgeSk
Q7WgY9v+AZEJq6wRx2iIlKZmquE3T6f2YXrzRafrkvJUijsL3TFL95G72qhO/Mg0
ste60UrQRguw+sor/h3UXBlLtovb9jAIM7+R0TxdsKfjudBHqV8VCuwurVWtuMEk
DnXKht7VzXc94CzPWwJ3WRW0a5sCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRiSkLn
/wUQtCcbeJGbSV+eySvlCTAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
YmI5MjY4NTMtZjNhZC00ZjFhLWIwMjQtMTJiMzRjNTVkNWJjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACABP8f4
gDANBgkqhkiG9w0BAQsFAAOCAQEANgnX5UHTg8NcAlYTNvYI3BtW5ckLRQOOfXxy
2KN7XJ7yPMDGvk1BmLLbJA0ssYXZAoqL8XlvDXbpvJfQPVWdrpgcwGk5EBtFgSJa
jlKouReXEwh9B4IaoxLMNLHMI9tY86lun+ZblTsz+Pu0sgx7MDyJ1TOtt9J/HIeP
bZg8YdNPL8cjctam9N+fS2+aNBVe73xi5ginkt5coFzXgFw9zKA81NSK8+aZToxI
c/C1i1hMjyf/mnT0Aompdqev+tEcxpMg64UT5k6h6Qq8Oh9HgotOUIJ/jm/CDl2f
3EdinyTlIC0m3LQu40HPUxAI9xI5si/qnFWbFIjGQaTrNBeimA==
-----END CERTIFICATE-----
Generated at Sun Jun 29 02:54:03 2025 by rpki-client