Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/cb8e2b63-db40-4825-9c5a-943662c198a5.roa
File: cb8e2b63-db40-4825-9c5a-943662c198a5.roa (raw, json)
Hash identifier: KCyiRfXRFKw0FagUYr01YsndqpFyHS15iLBXF1S3qRc=
Subject key identifier: 8F:61:56:0F:7A:44:EC:2C:EF:09:17:5D:B5:84:25:08:BF:21:5A:A6
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 7C483D0853602BD8FFD94A61B756B1C30DD18936
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/cb8e2b63-db40-4825-9c5a-943662c198a5.roa
Signing time: Fri 20 Jun 2025 00:11:24 +0000
ROA not before: Fri 20 Jun 2025 00:11:24 +0000
ROA not after: Fri 25 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc7:7840::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7c:48:3d:08:53:60:2b:d8:ff:d9:4a:61:b7:56:b1:c3:0d:d1:89:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Jun 20 00:11:24 2025 GMT
Not After : Jul 25 23:59:59 2025 GMT
Subject: serialNumber=c2177861da9643dd73910832975f68eda545be1ad590962ef8a817902fd255c2, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:e5:c1:59:ad:32:3a:a6:ff:49:18:d3:db:de:
b9:1b:23:ef:a3:aa:b6:25:b9:bf:87:83:b7:5a:23:
2b:bb:4c:03:ad:74:c3:f4:79:57:70:64:15:cf:d1:
4f:3e:2f:4e:30:97:7b:48:5e:09:bb:63:3b:c2:31:
7b:4a:c5:e9:82:3e:32:16:86:5c:f2:67:34:3b:91:
7d:3e:c2:a6:da:39:83:c5:9b:00:b4:a5:b2:d9:c7:
94:3d:1b:4e:bf:c6:21:62:db:78:83:a5:7b:8e:56:
6f:ca:d1:90:bd:2d:27:57:ef:9e:3d:8f:e5:00:fb:
98:bd:c4:08:66:dc:4c:a1:a4:12:8f:ae:74:aa:4e:
ac:64:d0:93:d3:68:cc:2e:97:82:56:6d:33:c0:4b:
50:84:d1:90:b9:49:7d:07:d6:b3:1c:4e:ec:50:8e:
7d:9c:b6:40:18:eb:96:43:2d:34:3b:63:61:a8:95:
e2:9b:7c:0f:60:12:ae:d3:c5:35:89:56:05:b9:84:
84:32:d5:c6:02:4c:18:4c:ef:82:3d:31:ee:7b:3a:
9e:1b:71:41:71:5c:81:e8:ad:57:06:7b:e3:5c:95:
40:f4:89:6e:a4:04:aa:a0:ce:8a:0d:fa:e2:af:63:
99:3d:5c:83:ac:b9:3d:50:88:48:0f:f6:4b:02:5a:
8c:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:61:56:0F:7A:44:EC:2C:EF:09:17:5D:B5:84:25:08:BF:21:5A:A6
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/cb8e2b63-db40-4825-9c5a-943662c198a5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc7:7840::/46
Signature Algorithm: sha256WithRSAEncryption
27:37:f4:77:34:7d:9f:c5:17:0a:c4:4e:e9:f3:7c:dd:9a:03:
00:01:9e:70:9c:31:22:05:db:3e:42:87:dc:e5:6b:5d:49:38:
a5:09:a6:fa:39:92:fa:dc:2a:88:b4:29:71:8c:4d:43:94:15:
25:cc:db:8d:45:33:f4:b4:13:d0:a1:65:fb:a5:63:03:7a:e7:
31:1e:d3:b1:cb:a7:f4:b6:1d:6c:10:db:b9:19:bd:e5:d1:43:
6e:f0:ef:57:dd:76:88:af:ad:7b:ea:c4:28:6d:2e:31:f7:62:
74:0e:ff:46:47:5a:df:9c:bb:fa:64:82:cb:07:77:37:ec:99:
24:92:82:07:87:a0:62:c0:43:f7:01:54:66:c0:16:7a:c7:6c:
6b:b7:12:25:56:8a:1f:73:f5:9b:12:e8:be:d5:4f:0e:69:31:
66:f0:82:68:bf:3b:1e:10:c4:fa:ea:92:fb:1e:c5:c1:de:ef:
e4:c7:d1:3b:09:f6:74:21:1e:31:f1:44:7a:96:17:2b:c6:fa:
a0:3c:6e:63:b9:7e:34:79:b4:4a:8e:28:40:d6:8d:ff:9c:1b:
41:6d:b1:36:63:b2:43:29:a9:ef:72:b7:0c:47:90:ed:46:bd:
d0:e1:a8:b5:c6:24:c2:e0:d8:f4:ac:04:4e:ed:7a:6f:2a:60:
0a:bb:48:91
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUfEg9CFNgK9j/2Upht1axww3RiTYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA2MjAwMDExMjRaFw0yNTA3MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQGMyMTc3ODYxZGE5NjQzZGQ3MzkxMDgzMjk3NWY2OGVkYTU0NWJlMWFkNTkw
OTYyZWY4YTgxNzkwMmZkMjU1YzIxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALflwVmtMjqm/0kY09veuRsj76OqtiW5v4eDt1ojK7tMA610w/R5V3BkFc/R
Tz4vTjCXe0heCbtjO8Ixe0rF6YI+MhaGXPJnNDuRfT7Cpto5g8WbALSlstnHlD0b
Tr/GIWLbeIOle45Wb8rRkL0tJ1fvnj2P5QD7mL3ECGbcTKGkEo+udKpOrGTQk9No
zC6XglZtM8BLUITRkLlJfQfWsxxO7FCOfZy2QBjrlkMtNDtjYaiV4pt8D2ASrtPF
NYlWBbmEhDLVxgJMGEzvgj0x7ns6nhtxQXFcgeitVwZ741yVQPSJbqQEqqDOig36
4q9jmT1cg6y5PVCISA/2SwJajPcCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSPYVYP
ekTsLO8JF121hCUIvyFapjAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
Y2I4ZTJiNjMtZGI0MC00ODI1LTljNWEtOTQzNjYyYzE5OGE1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAiABP8d4
QDANBgkqhkiG9w0BAQsFAAOCAQEAJzf0dzR9n8UXCsRO6fN83ZoDAAGecJwxIgXb
PkKH3OVrXUk4pQmm+jmS+twqiLQpcYxNQ5QVJczbjUUz9LQT0KFl+6VjA3rnMR7T
scun9LYdbBDbuRm95dFDbvDvV912iK+te+rEKG0uMfdidA7/Rkda35y7+mSCywd3
N+yZJJKCB4egYsBD9wFUZsAWesdsa7cSJVaKH3P1mxLovtVPDmkxZvCCaL87HhDE
+uqS+x7Fwd7v5MfROwn2dCEeMfFEepYXK8b6oDxuY7l+NHm0So4oQNaN/5wbQW2x
NmOyQymp73K3DEeQ7Ua90OGotcYkwuDY9KwETu16bypgCrtIkQ==
-----END CERTIFICATE-----
Generated at Sun Jun 29 02:52:28 2025 by rpki-client