Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/c9fc58bf-3415-4839-940e-603e1b7d42f6.roa
File: c9fc58bf-3415-4839-940e-603e1b7d42f6.roa (raw, json)
Hash identifier: vjDV2FexrlznKPXaa/vqRb6MwTNFs/LtTxSFjVV3TiI=
Subject key identifier: 00:36:13:36:8E:99:2D:3C:77:3D:25:3D:B9:3E:A6:C8:28:29:5E:28
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 5438BF394ED95DCA0C0F838FCA6DF741B12820BC
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/c9fc58bf-3415-4839-940e-603e1b7d42f6.roa
Signing time: Fri 20 Jun 2025 00:20:07 +0000
ROA not before: Fri 20 Jun 2025 00:20:07 +0000
ROA not after: Fri 25 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc7:e000::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
54:38:bf:39:4e:d9:5d:ca:0c:0f:83:8f:ca:6d:f7:41:b1:28:20:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Jun 20 00:20:07 2025 GMT
Not After : Jul 25 23:59:59 2025 GMT
Subject: serialNumber=41a3fb35a23ede6001e2fc74ac271f2e9ca0a94eb58f187a23da74b6de53b14c, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:5e:63:a7:c8:ee:ce:2a:2c:9a:05:09:0d:72:
e5:08:68:8d:8e:cc:6a:e7:3c:a5:02:74:5a:aa:99:
ab:44:6f:30:be:6e:37:2d:cd:d3:b5:1f:44:af:1d:
33:92:92:88:d5:36:b6:ac:0b:69:79:19:0d:31:59:
58:9b:b7:03:64:f5:60:aa:cf:ea:3d:8c:45:11:39:
27:b5:ef:a6:8a:27:c4:f3:c8:b7:fb:a8:79:34:90:
b8:af:60:bb:40:b6:c0:1f:d5:47:0e:35:7e:ad:03:
a1:37:b5:a3:8e:a4:79:38:b7:5b:c0:63:ac:63:01:
31:0b:03:5f:61:fb:ef:16:dc:73:f5:92:4e:f0:40:
96:29:b8:66:1e:db:84:cc:ab:28:32:ee:43:80:9d:
90:91:28:83:61:b1:58:e0:fe:4b:fa:cc:37:00:e9:
94:d8:57:f1:7b:65:b8:9e:1d:be:d9:96:27:67:02:
24:df:bf:35:ec:ca:0f:98:39:cc:57:2b:4e:65:48:
14:4a:71:e0:b3:23:40:ca:d1:02:6c:e3:31:58:ed:
f6:ef:0c:07:97:f6:f7:2f:e9:75:f8:f9:d5:f9:52:
19:af:31:52:7e:10:87:45:85:28:ba:66:0a:44:da:
06:ff:5f:1c:b6:15:7f:bd:7e:08:05:db:a6:d8:83:
5f:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:36:13:36:8E:99:2D:3C:77:3D:25:3D:B9:3E:A6:C8:28:29:5E:28
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/c9fc58bf-3415-4839-940e-603e1b7d42f6.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc7:e000::/36
Signature Algorithm: sha256WithRSAEncryption
74:2b:5e:80:c1:95:a2:96:18:89:75:a0:2c:86:24:24:93:ad:
5f:0c:f6:40:09:57:e7:c7:57:ac:8d:90:01:09:7f:bf:17:50:
7d:f1:f3:0f:ee:9d:75:71:73:e6:c6:fd:56:25:f4:48:97:85:
35:d2:b4:bf:a2:98:f2:fb:b6:77:7b:39:29:fe:dd:10:25:81:
1b:39:84:37:8d:dc:cd:1d:54:9b:73:a4:fb:02:80:98:09:58:
6a:61:b2:21:e3:62:7d:2b:7d:7e:aa:38:03:6e:7f:58:5b:fe:
78:5b:3c:5f:61:60:e0:3c:36:05:3d:22:36:ba:2d:4a:0c:27:
3e:23:46:d3:97:54:d9:fd:ef:fb:46:ac:79:b0:9c:63:26:df:
0e:1a:aa:ad:68:18:5a:8d:f1:15:83:0d:05:94:b6:8e:23:4e:
22:6f:7f:52:71:63:f8:be:de:20:53:57:88:13:60:71:41:df:
0b:9a:ab:ff:28:dc:66:14:dc:fd:09:50:18:f9:ca:32:1f:e7:
65:35:38:d2:39:ad:66:e8:d3:ac:cc:75:06:62:d5:7e:89:8c:
40:a8:13:a2:30:94:1e:36:df:80:80:62:1a:89:4b:1f:fa:a2:
cc:e5:b3:01:e6:3c:b8:6b:30:b0:4f:b1:8d:c6:05:2d:21:51:
7c:4c:9b:ff
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUVDi/OU7ZXcoMD4OPym33QbEoILwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA2MjAwMDIwMDdaFw0yNTA3MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDQxYTNmYjM1YTIzZWRlNjAwMWUyZmM3NGFjMjcxZjJlOWNhMGE5NGViNThm
MTg3YTIzZGE3NGI2ZGU1M2IxNGMxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJxeY6fI7s4qLJoFCQ1y5QhojY7Mauc8pQJ0WqqZq0RvML5uNy3N07UfRK8d
M5KSiNU2tqwLaXkZDTFZWJu3A2T1YKrP6j2MRRE5J7XvpoonxPPIt/uoeTSQuK9g
u0C2wB/VRw41fq0DoTe1o46keTi3W8BjrGMBMQsDX2H77xbcc/WSTvBAlim4Zh7b
hMyrKDLuQ4CdkJEog2GxWOD+S/rMNwDplNhX8XtluJ4dvtmWJ2cCJN+/NezKD5g5
zFcrTmVIFEpx4LMjQMrRAmzjMVjt9u8MB5f29y/pdfj51flSGa8xUn4Qh0WFKLpm
CkTaBv9fHLYVf71+CAXbptiDX90CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQANhM2
jpktPHc9JT25PqbIKCleKDAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
YzlmYzU4YmYtMzQxNS00ODM5LTk0MGUtNjAzZTFiN2Q0MmY2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCABP8fg
MA0GCSqGSIb3DQEBCwUAA4IBAQB0K16AwZWilhiJdaAshiQkk61fDPZACVfnx1es
jZABCX+/F1B98fMP7p11cXPmxv1WJfRIl4U10rS/opjy+7Z3ezkp/t0QJYEbOYQ3
jdzNHVSbc6T7AoCYCVhqYbIh42J9K31+qjgDbn9YW/54WzxfYWDgPDYFPSI2ui1K
DCc+I0bTl1TZ/e/7Rqx5sJxjJt8OGqqtaBhajfEVgw0FlLaOI04ib39ScWP4vt4g
U1eIE2BxQd8Lmqv/KNxmFNz9CVAY+coyH+dlNTjSOa1m6NOszHUGYtV+iYxAqBOi
MJQeNt+AgGIaiUsf+qLM5bMB5jy4azCwT7GNxgUtIVF8TJv/
-----END CERTIFICATE-----
Generated at Sun Jun 29 05:22:30 2025 by rpki-client