Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/c70179f2-6d6a-4082-9c0e-863ea2322937.roa
File: c70179f2-6d6a-4082-9c0e-863ea2322937.roa (raw, json)
Hash identifier: Ki6BXE6OAmUTwWx7lnfR3PimtXZPOQS9mw44Mnhgf/Y=
Subject key identifier: F5:39:FC:AE:95:9E:B5:80:02:F9:EE:14:B5:58:34:10:49:63:A1:67
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 245CD9EA22AE058847ABA582FE7A4DA67C4EFCA4
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/c70179f2-6d6a-4082-9c0e-863ea2322937.roa
Signing time: Fri 08 Aug 2025 00:40:11 +0000
ROA not before: Fri 08 Aug 2025 00:40:11 +0000
ROA not after: Fri 12 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc7:4000::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
24:5c:d9:ea:22:ae:05:88:47:ab:a5:82:fe:7a:4d:a6:7c:4e:fc:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Aug 8 00:40:11 2025 GMT
Not After : Sep 12 23:59:59 2025 GMT
Subject: serialNumber=106d0bf245dbfa5deb807bbfd4c64b7d96281939389c1e33fd588e83d8e9f313, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:b7:fb:66:91:58:2b:e3:75:0e:d8:bd:5b:8c:
14:f8:13:63:85:68:df:b7:f5:68:ea:80:b5:70:2d:
bc:92:9a:3a:b5:34:cc:a0:2e:7e:eb:f3:2a:6d:58:
68:4d:06:f4:44:15:1b:76:d0:80:db:48:d7:6d:25:
72:19:32:70:2c:7e:ad:80:dd:41:7c:08:a4:08:dc:
40:3e:55:e4:b4:42:34:f6:68:4a:b6:5c:24:0d:e1:
c5:e9:5c:5f:d9:b4:9e:b5:12:ca:eb:bc:02:94:1e:
17:1d:28:79:ad:95:34:f7:24:de:71:ba:29:a8:8c:
b4:1b:44:38:79:8b:7a:34:92:00:c8:10:b5:c2:67:
3d:d2:68:56:b2:2d:ba:3a:dc:7b:fc:69:eb:db:da:
83:fd:9b:47:83:bb:ee:14:41:e6:64:de:65:75:46:
4b:70:37:78:f9:fb:b4:10:00:13:cc:53:16:ac:81:
1a:c6:96:14:33:eb:a5:0d:e2:77:a4:bf:6a:d5:f2:
0b:7e:21:94:2a:01:d8:30:53:3a:20:99:fe:fd:a6:
5f:12:bb:84:93:5d:58:9f:c4:f2:93:da:89:5f:1b:
51:45:cb:f7:af:67:74:0f:f9:1f:fe:fb:f9:29:e4:
10:95:8e:69:9f:ae:d9:9c:64:b2:34:66:16:70:fb:
d6:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:39:FC:AE:95:9E:B5:80:02:F9:EE:14:B5:58:34:10:49:63:A1:67
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/c70179f2-6d6a-4082-9c0e-863ea2322937.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc7:4000::/36
Signature Algorithm: sha256WithRSAEncryption
aa:8e:74:98:64:84:b4:68:e5:66:82:d7:d9:37:71:26:91:a9:
08:c4:63:a1:a2:5a:6c:bc:32:fb:f9:b3:ee:98:f8:08:5f:21:
69:9c:43:39:b0:16:a2:40:ad:70:6f:7e:f5:e6:f6:c2:b3:2d:
86:6a:a9:f4:19:dc:66:2a:6a:7d:67:9b:b3:bf:70:44:22:74:
4c:9e:9f:c4:f4:02:64:25:50:74:96:82:93:a4:9c:d1:09:a2:
e5:1c:4f:f2:08:7c:9c:82:62:40:07:0a:fd:19:2e:04:01:01:
2c:00:a3:3d:38:78:88:42:47:5e:41:9b:60:dd:8c:bb:08:c9:
ad:c8:c5:03:d0:7a:73:0e:08:be:8d:6e:9a:04:b5:15:46:c2:
c5:78:66:77:b9:2e:f3:c7:3d:8d:8d:3e:30:cb:04:de:ed:86:
99:45:6c:a9:dc:65:bb:18:9a:3e:84:4f:f1:35:6c:62:6f:5b:
ec:74:bf:ed:d7:2d:94:d8:bf:31:f1:d4:49:31:40:24:85:e5:
a2:8d:8d:c1:5c:22:d4:45:29:46:76:ac:c7:c1:f8:46:39:61:
0d:ff:9e:14:7e:28:c8:a2:24:95:75:72:6d:08:cb:ba:40:c2:
43:4d:47:0d:01:25:60:f6:c9:fa:18:e8:77:21:7c:f1:91:8d:
11:7b:e6:e1
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUJFzZ6iKuBYhHq6WC/npNpnxO/KQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA4MDgwMDQwMTFaFw0yNTA5MTIyMzU5NTlaMHoxSTBHBgNV
BAUTQDEwNmQwYmYyNDVkYmZhNWRlYjgwN2JiZmQ0YzY0YjdkOTYyODE5MzkzODlj
MWUzM2ZkNTg4ZTgzZDhlOWYzMTMxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMK3+2aRWCvjdQ7YvVuMFPgTY4Vo37f1aOqAtXAtvJKaOrU0zKAufuvzKm1Y
aE0G9EQVG3bQgNtI120lchkycCx+rYDdQXwIpAjcQD5V5LRCNPZoSrZcJA3hxelc
X9m0nrUSyuu8ApQeFx0oea2VNPck3nG6KaiMtBtEOHmLejSSAMgQtcJnPdJoVrIt
ujrce/xp69vag/2bR4O77hRB5mTeZXVGS3A3ePn7tBAAE8xTFqyBGsaWFDPrpQ3i
d6S/atXyC34hlCoB2DBTOiCZ/v2mXxK7hJNdWJ/E8pPaiV8bUUXL969ndA/5H/77
+SnkEJWOaZ+u2ZxksjRmFnD71tcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBT1Ofyu
lZ61gAL57hS1WDQQSWOhZzAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
YzcwMTc5ZjItNmQ2YS00MDgyLTljMGUtODYzZWEyMzIyOTM3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCABP8dA
MA0GCSqGSIb3DQEBCwUAA4IBAQCqjnSYZIS0aOVmgtfZN3EmkakIxGOholpsvDL7
+bPumPgIXyFpnEM5sBaiQK1wb3715vbCsy2Gaqn0GdxmKmp9Z5uzv3BEInRMnp/E
9AJkJVB0loKTpJzRCaLlHE/yCHycgmJABwr9GS4EAQEsAKM9OHiIQkdeQZtg3Yy7
CMmtyMUD0HpzDgi+jW6aBLUVRsLFeGZ3uS7zxz2NjT4wywTe7YaZRWyp3GW7GJo+
hE/xNWxib1vsdL/t1y2U2L8x8dRJMUAkheWijY3BXCLURSlGdqzHwfhGOWEN/54U
fijIoiSVdXJtCMu6QMJDTUcNASVg9sn6GOh3IXzxkY0Re+bh
-----END CERTIFICATE-----
Generated at Sat Aug 23 06:45:21 2025 by rpki-client