Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/ccefeaa3-50fd-4fb5-a0d6-682ea894c5e1.roa
File: ccefeaa3-50fd-4fb5-a0d6-682ea894c5e1.roa (raw, json)
Hash identifier: ubbhztjs7BIsAGPH4O1N21lNyRF7Y6tA/6Jwc2ctpjU=
Subject key identifier: 9E:E5:CA:EA:67:91:7A:F2:30:28:26:60:F1:C0:91:12:21:E7:A3:1E
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 086CC2CDD1AD543848B9960B4B3218BD2365154F
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/ccefeaa3-50fd-4fb5-a0d6-682ea894c5e1.roa
Signing time: Fri 20 Jun 2025 00:11:27 +0000
ROA not before: Fri 20 Jun 2025 00:11:27 +0000
ROA not after: Fri 25 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc7:5800::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
08:6c:c2:cd:d1:ad:54:38:48:b9:96:0b:4b:32:18:bd:23:65:15:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Jun 20 00:11:27 2025 GMT
Not After : Jul 25 23:59:59 2025 GMT
Subject: serialNumber=714fc35cd1d510747033fc4a570a981dba7136cfd53a6990e9697c263f7e699c, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:4d:27:bf:7f:ee:55:07:c0:06:d7:06:f6:4b:
9d:ac:32:8a:4f:3e:84:2b:db:a9:ec:52:b1:77:4e:
62:31:f4:26:4e:c8:3c:d3:48:15:c8:71:48:c2:39:
f5:68:4a:71:62:be:a3:3a:7f:14:b0:15:ea:4e:53:
e6:81:be:cd:99:ed:8d:5b:a0:46:0c:14:45:67:3f:
ad:a3:e5:13:22:02:22:c0:0a:fd:02:43:5d:03:9c:
ae:2a:c8:32:d4:38:fe:ac:91:97:86:e3:2c:4d:e1:
05:e4:e0:03:3f:06:26:70:6f:17:41:18:5f:30:28:
05:99:72:97:f5:e8:57:18:81:e4:66:21:06:38:e4:
ea:ca:b4:4f:b9:9c:e8:3b:84:b7:a0:f9:fc:c3:30:
47:bc:ed:f9:07:a8:cf:9e:65:43:bc:64:35:1e:70:
75:dc:88:c0:54:f2:94:fc:b9:47:0e:6b:ab:5b:f1:
3a:7d:9f:ae:bd:12:89:cc:53:d1:1f:23:f9:1e:b6:
27:8f:f4:d7:5b:9e:3f:94:59:76:48:f3:7b:f4:33:
4a:a9:fa:57:87:cf:8b:85:b8:95:4c:5d:e6:57:3c:
74:54:90:e8:bb:cf:f4:f9:54:1c:41:8c:c4:17:3c:
b1:fb:f6:c7:85:16:19:ac:d5:32:02:21:b5:dc:ef:
24:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:E5:CA:EA:67:91:7A:F2:30:28:26:60:F1:C0:91:12:21:E7:A3:1E
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/ccefeaa3-50fd-4fb5-a0d6-682ea894c5e1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc7:5800::/40
Signature Algorithm: sha256WithRSAEncryption
7e:53:1c:50:bf:e4:b9:8e:d0:16:d5:7a:34:b9:12:27:83:6f:
ca:76:a8:eb:6b:25:b5:cb:0f:a6:0f:0a:c7:fe:2d:a3:1d:ec:
60:35:f6:35:2e:32:7a:17:6c:d4:0d:91:c7:43:7d:b7:63:bd:
ab:dc:1e:3b:81:37:9d:9e:39:4b:7a:b3:45:35:94:7f:7a:9c:
0f:21:33:75:4a:e4:66:f2:ab:e8:54:86:53:66:11:c5:a3:08:
fd:9a:7c:79:ff:ab:99:c6:0f:18:44:d7:17:f4:92:ed:d2:fc:
46:a0:03:9e:13:15:1f:a9:0e:c0:8d:15:3b:52:51:dd:5e:df:
42:8c:66:a7:d9:63:2a:a5:88:59:16:51:b6:ca:b8:f1:db:fe:
0b:ad:2d:50:90:35:72:e3:a9:a7:e8:7d:0e:bd:b2:38:e7:f1:
64:d3:f2:a4:a4:67:71:4b:a0:97:f4:19:52:28:74:35:8a:08:
97:8f:6c:e3:94:17:cb:a5:d4:05:fc:2b:0c:88:c8:7b:69:99:
a2:bd:80:fc:f6:00:20:41:2c:3b:87:72:0e:82:5b:66:4a:f5:
ca:70:3f:b8:36:3b:95:6d:96:75:39:5c:65:fd:0d:91:ec:c7:
aa:65:81:d4:19:84:d7:db:7f:52:7d:68:1c:93:79:6b:72:fb:
64:f7:8f:45
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUCGzCzdGtVDhIuZYLSzIYvSNlFU8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA2MjAwMDExMjdaFw0yNTA3MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDcxNGZjMzVjZDFkNTEwNzQ3MDMzZmM0YTU3MGE5ODFkYmE3MTM2Y2ZkNTNh
Njk5MGU5Njk3YzI2M2Y3ZTY5OWMxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMxNJ79/7lUHwAbXBvZLnawyik8+hCvbqexSsXdOYjH0Jk7IPNNIFchxSMI5
9WhKcWK+ozp/FLAV6k5T5oG+zZntjVugRgwURWc/raPlEyICIsAK/QJDXQOcrirI
MtQ4/qyRl4bjLE3hBeTgAz8GJnBvF0EYXzAoBZlyl/XoVxiB5GYhBjjk6sq0T7mc
6DuEt6D5/MMwR7zt+Qeoz55lQ7xkNR5wddyIwFTylPy5Rw5rq1vxOn2frr0SicxT
0R8j+R62J4/011ueP5RZdkjze/QzSqn6V4fPi4W4lUxd5lc8dFSQ6LvP9PlUHEGM
xBc8sfv2x4UWGazVMgIhtdzvJJ0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSe5crq
Z5F68jAoJmDxwJESIeejHjAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
Y2NlZmVhYTMtNTBmZC00ZmI1LWEwZDYtNjgyZWE4OTRjNWUxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACABP8dY
MA0GCSqGSIb3DQEBCwUAA4IBAQB+UxxQv+S5jtAW1Xo0uRIng2/KdqjrayW1yw+m
DwrH/i2jHexgNfY1LjJ6F2zUDZHHQ323Y72r3B47gTednjlLerNFNZR/epwPITN1
SuRm8qvoVIZTZhHFowj9mnx5/6uZxg8YRNcX9JLt0vxGoAOeExUfqQ7AjRU7UlHd
Xt9CjGan2WMqpYhZFlG2yrjx2/4LrS1QkDVy46mn6H0OvbI45/Fk0/KkpGdxS6CX
9BlSKHQ1igiXj2zjlBfLpdQF/CsMiMh7aZmivYD89gAgQSw7h3IOgltmSvXKcD+4
NjuVbZZ1OVxl/Q2R7MeqZYHUGYTX239SfWgck3lrcvtk949F
-----END CERTIFICATE-----
Generated at Sun Jun 29 05:01:07 2025 by rpki-client