Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/c2e3ffab-b8ab-476f-9c6e-5e4842d705f6.roa
File: c2e3ffab-b8ab-476f-9c6e-5e4842d705f6.roa (raw, json)
Hash identifier: 5RUuZHTULo+Y4HRyeAZMjI7igGDAKmFLJg90QKQ/sKQ=
Subject key identifier: 74:BF:40:7A:54:F1:FC:43:18:19:F7:37:25:9C:04:DA:E3:3E:3C:1D
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 457356E93A68611B2E9D6863D889493D14F6D769
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/c2e3ffab-b8ab-476f-9c6e-5e4842d705f6.roa
Signing time: Fri 20 Jun 2025 00:20:31 +0000
ROA not before: Fri 20 Jun 2025 00:20:31 +0000
ROA not after: Fri 25 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc7:1800::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
45:73:56:e9:3a:68:61:1b:2e:9d:68:63:d8:89:49:3d:14:f6:d7:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Jun 20 00:20:31 2025 GMT
Not After : Jul 25 23:59:59 2025 GMT
Subject: serialNumber=dea4ee20060576a283e61a266b19d6aba30355cec4cc65c29b926ded8d59b7c2, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:ae:0a:09:28:7a:fd:a3:d2:c7:53:8a:77:12:
69:30:65:ab:a8:6c:7b:92:fb:7c:a5:d7:1f:58:13:
a6:7e:bd:25:61:9d:4b:4d:35:86:f5:60:5e:3a:03:
40:5b:b2:52:36:04:79:d3:22:18:f5:32:66:63:14:
de:2f:3c:5e:c5:5a:2f:32:31:ae:79:ff:39:10:76:
29:75:68:a0:3b:47:7a:89:2b:28:fb:65:ac:26:c2:
a0:1c:14:24:06:f0:3e:95:41:c6:32:d4:9c:3b:04:
28:2c:94:28:77:02:55:f2:4a:5a:7d:58:42:4f:ca:
f2:02:b1:3e:f7:e3:49:03:75:a8:63:79:58:bf:d9:
74:77:55:77:a4:22:27:61:6f:58:ed:da:8f:e3:15:
73:d8:55:5b:41:5d:50:88:98:77:1c:cc:5b:1c:f4:
d8:81:90:c7:5a:36:95:8d:90:b5:8b:82:77:17:41:
ed:bc:3a:50:d7:31:6e:b4:a0:9f:e7:9d:43:78:5d:
eb:1b:ee:f3:6b:db:bb:5c:87:62:39:f0:5b:48:51:
46:1e:ca:60:a7:ef:3a:99:71:1a:8b:02:6b:15:8c:
83:2f:51:73:d5:54:75:1c:e8:53:09:82:70:77:8a:
62:57:9d:28:01:b1:d6:4a:4d:eb:dc:1a:7b:5c:82:
8a:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:BF:40:7A:54:F1:FC:43:18:19:F7:37:25:9C:04:DA:E3:3E:3C:1D
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/c2e3ffab-b8ab-476f-9c6e-5e4842d705f6.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc7:1800::/40
Signature Algorithm: sha256WithRSAEncryption
2f:ad:ef:0e:e7:78:0c:9c:53:bc:57:db:25:f9:e9:e8:22:32:
ef:86:12:56:fe:98:07:6f:62:11:3e:df:79:0c:c1:8b:1a:9c:
c8:b7:28:be:44:5e:81:af:1c:96:b6:c5:8b:09:ca:68:ad:e5:
25:3c:cc:b2:5b:9f:ca:b0:16:7b:47:3a:b4:bd:7a:df:23:3e:
f9:ea:45:b7:42:99:76:d8:93:fd:a9:f0:20:68:ab:ba:d7:5e:
ea:d7:2a:1e:4c:ea:4f:50:bf:d1:ad:01:9e:0c:7b:d0:2d:d1:
51:56:ea:90:49:88:cc:ed:26:4e:21:67:09:cd:80:a9:1f:10:
b2:47:4d:db:3b:d7:c6:d5:86:fe:0e:d3:a3:95:59:b2:80:9b:
86:49:ca:ec:05:ee:66:e8:5d:c2:ad:f4:fd:e7:fe:62:c9:3d:
e5:de:a5:4f:60:0f:27:23:47:85:70:d0:93:d3:fe:af:1a:7d:
16:4c:98:1e:be:2a:dc:c0:95:45:bb:f9:5d:10:fb:cc:98:07:
b9:76:b7:90:37:cf:6c:fa:33:17:25:64:61:a4:5f:1d:37:45:
03:25:bc:5e:d7:02:07:34:0a:02:93:c2:41:29:35:c7:32:d3:
8f:e6:00:37:45:d0:e1:40:07:b8:a5:6e:63:ab:e0:60:4b:f9:
78:01:16:87
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIURXNW6TpoYRsunWhj2IlJPRT212kwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA2MjAwMDIwMzFaFw0yNTA3MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQGRlYTRlZTIwMDYwNTc2YTI4M2U2MWEyNjZiMTlkNmFiYTMwMzU1Y2VjNGNj
NjVjMjliOTI2ZGVkOGQ1OWI3YzIxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANuuCgkoev2j0sdTincSaTBlq6hse5L7fKXXH1gTpn69JWGdS001hvVgXjoD
QFuyUjYEedMiGPUyZmMU3i88XsVaLzIxrnn/ORB2KXVooDtHeokrKPtlrCbCoBwU
JAbwPpVBxjLUnDsEKCyUKHcCVfJKWn1YQk/K8gKxPvfjSQN1qGN5WL/ZdHdVd6Qi
J2FvWO3aj+MVc9hVW0FdUIiYdxzMWxz02IGQx1o2lY2QtYuCdxdB7bw6UNcxbrSg
n+edQ3hd6xvu82vbu1yHYjnwW0hRRh7KYKfvOplxGosCaxWMgy9Rc9VUdRzoUwmC
cHeKYledKAGx1kpN69wae1yCivcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBR0v0B6
VPH8QxgZ9zclnATa4z48HTAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
YzJlM2ZmYWItYjhhYi00NzZmLTljNmUtNWU0ODQyZDcwNWY2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACABP8cY
MA0GCSqGSIb3DQEBCwUAA4IBAQAvre8O53gMnFO8V9sl+enoIjLvhhJW/pgHb2IR
Pt95DMGLGpzItyi+RF6BrxyWtsWLCcporeUlPMyyW5/KsBZ7Rzq0vXrfIz756kW3
Qpl22JP9qfAgaKu6117q1yoeTOpPUL/RrQGeDHvQLdFRVuqQSYjM7SZOIWcJzYCp
HxCyR03bO9fG1Yb+DtOjlVmygJuGScrsBe5m6F3CrfT95/5iyT3l3qVPYA8nI0eF
cNCT0/6vGn0WTJgevircwJVFu/ldEPvMmAe5dreQN89s+jMXJWRhpF8dN0UDJbxe
1wIHNAoCk8JBKTXHMtOP5gA3RdDhQAe4pW5jq+BgS/l4ARaH
-----END CERTIFICATE-----
Generated at Sun Jun 29 05:05:48 2025 by rpki-client