Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/c956296d-d626-42b2-a9ef-bb988f4c3cc9.roa
File: c956296d-d626-42b2-a9ef-bb988f4c3cc9.roa (raw, json)
Hash identifier: VPwQwuzxO9FbFQmYdYM72s0K8r3HUlbLFuI+s1SR+YY=
Subject key identifier: 3B:79:11:56:5F:09:65:3C:BA:28:0E:BF:3E:D1:36:3A:17:B7:4E:2F
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 343A762816FF084B18FE8040FFD55F069A7C6D4A
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/c956296d-d626-42b2-a9ef-bb988f4c3cc9.roa
Signing time: Fri 20 Jun 2025 00:11:26 +0000
ROA not before: Fri 20 Jun 2025 00:11:26 +0000
ROA not after: Fri 25 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc3:58c0::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
34:3a:76:28:16:ff:08:4b:18:fe:80:40:ff:d5:5f:06:9a:7c:6d:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Jun 20 00:11:26 2025 GMT
Not After : Jul 25 23:59:59 2025 GMT
Subject: serialNumber=d75bdf3d9a32ba2290f2de6b7aa4fe87ebe42636e05be68fbdcc129f2c04d58b, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:9e:fe:74:55:a0:80:7c:5b:41:c8:e0:d1:72:
22:38:8a:b0:bf:80:3a:b5:ad:75:d9:36:55:0d:f7:
27:f2:b7:36:a0:94:70:3c:0b:e6:6d:3d:b4:be:c2:
1e:39:b3:d3:d7:a0:72:4b:08:d4:51:30:d5:29:52:
2d:ba:a9:5d:0e:51:ae:0f:34:a8:af:b3:7b:11:2c:
76:52:15:2d:83:22:34:0d:ba:2c:41:af:71:f9:f8:
81:fe:49:9e:5d:66:33:18:b6:06:7b:57:03:e7:12:
a4:20:9b:36:11:e3:3d:d8:f4:21:70:68:47:2f:5a:
1a:9e:ac:a7:ea:5c:bd:87:91:9e:1e:c1:5a:dc:b8:
fb:9f:f8:9b:fe:bf:ca:6f:4d:fc:57:6f:26:0b:79:
ba:b6:bc:c2:9d:e9:fa:a5:86:b3:14:3f:cf:da:48:
6e:62:e8:96:63:e3:73:96:92:9b:b4:46:3f:a3:5e:
5b:5b:d4:9c:1c:8c:09:b9:ea:bb:b5:e8:8f:a6:e7:
bd:31:c3:e2:c1:56:5c:e9:e0:e5:79:52:0b:c8:16:
f8:73:fe:ba:fd:da:38:79:03:c2:95:09:69:62:3d:
83:1a:66:b9:52:30:15:6e:6f:fc:a5:23:97:99:bd:
c1:4c:ab:fd:63:29:91:b8:f5:23:35:55:ef:81:d4:
13:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:79:11:56:5F:09:65:3C:BA:28:0E:BF:3E:D1:36:3A:17:B7:4E:2F
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/c956296d-d626-42b2-a9ef-bb988f4c3cc9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc3:58c0::/46
Signature Algorithm: sha256WithRSAEncryption
67:b1:68:f3:46:07:f8:24:0b:1e:14:dd:a9:86:ed:77:a1:94:
51:ba:6a:8d:f5:d3:67:43:15:1d:ec:76:cc:1d:68:54:19:94:
7b:f8:10:a5:5f:b5:31:17:7e:d5:1a:87:4d:4f:60:8d:c7:e2:
77:1a:f5:7d:f4:50:2b:1f:95:ef:3f:84:3b:a1:c4:ac:84:37:
2d:9d:ee:9c:af:4e:27:73:ad:64:99:8a:e3:c3:d8:d0:7e:47:
09:3e:4e:2d:ea:f0:f2:3c:18:fd:d4:a2:ae:0c:68:74:7e:de:
7f:b9:68:59:1f:d8:a6:26:5c:7b:f0:b6:40:a3:9d:b1:27:79:
f6:c1:7b:55:74:5b:f5:20:38:2c:00:b0:65:54:c2:7b:d2:4c:
26:b0:8a:b2:01:81:52:92:a6:b0:43:f1:da:d9:09:b3:ab:fc:
c4:01:bf:4c:32:e8:2e:6b:84:e0:93:c4:87:a9:03:27:d7:43:
28:d8:7c:3b:4e:2b:20:c3:ac:a3:d2:72:52:6f:14:b6:48:18:
42:71:17:c3:c7:f5:60:34:63:60:14:d1:e9:32:ea:5c:7a:5d:
0c:01:c2:fa:9f:aa:ef:2f:01:bf:b2:db:20:ae:fd:9f:f6:3e:
30:97:f7:de:ee:17:d6:90:29:d5:95:8d:20:b4:62:5b:ef:bd:
fd:5c:6f:6a
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUNDp2KBb/CEsY/oBA/9VfBpp8bUowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA2MjAwMDExMjZaFw0yNTA3MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQGQ3NWJkZjNkOWEzMmJhMjI5MGYyZGU2YjdhYTRmZTg3ZWJlNDI2MzZlMDVi
ZTY4ZmJkY2MxMjlmMmMwNGQ1OGIxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAO6e/nRVoIB8W0HI4NFyIjiKsL+AOrWtddk2VQ33J/K3NqCUcDwL5m09tL7C
Hjmz09egcksI1FEw1SlSLbqpXQ5Rrg80qK+zexEsdlIVLYMiNA26LEGvcfn4gf5J
nl1mMxi2BntXA+cSpCCbNhHjPdj0IXBoRy9aGp6sp+pcvYeRnh7BWty4+5/4m/6/
ym9N/FdvJgt5ura8wp3p+qWGsxQ/z9pIbmLolmPjc5aSm7RGP6NeW1vUnByMCbnq
u7Xoj6bnvTHD4sFWXOng5XlSC8gW+HP+uv3aOHkDwpUJaWI9gxpmuVIwFW5v/KUj
l5m9wUyr/WMpkbj1IzVV74HUE50CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQ7eRFW
XwllPLooDr8+0TY6F7dOLzAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
Yzk1NjI5NmQtZDYyNi00MmIyLWE5ZWYtYmI5ODhmNGMzY2M5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAiABP8NY
wDANBgkqhkiG9w0BAQsFAAOCAQEAZ7Fo80YH+CQLHhTdqYbtd6GUUbpqjfXTZ0MV
Hex2zB1oVBmUe/gQpV+1MRd+1RqHTU9gjcfidxr1ffRQKx+V7z+EO6HErIQ3LZ3u
nK9OJ3OtZJmK48PY0H5HCT5OLerw8jwY/dSirgxodH7ef7loWR/YpiZce/C2QKOd
sSd59sF7VXRb9SA4LACwZVTCe9JMJrCKsgGBUpKmsEPx2tkJs6v8xAG/TDLoLmuE
4JPEh6kDJ9dDKNh8O04rIMOso9JyUm8UtkgYQnEXw8f1YDRjYBTR6TLqXHpdDAHC
+p+q7y8Bv7LbIK79n/Y+MJf33u4X1pAp1ZWNILRiW++9/Vxvag==
-----END CERTIFICATE-----
Generated at Sun Jun 29 05:10:11 2025 by rpki-client