Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/cd8f07c9-abc1-41dd-bad4-c7e5bf0bd4c5.roa
File: cd8f07c9-abc1-41dd-bad4-c7e5bf0bd4c5.roa (raw, json)
Hash identifier: BWJId8VhWPLSX4bYprl/FIM2migfMTeoHee35uqq+q0=
Subject key identifier: 1F:9C:8E:43:F6:B7:A3:01:46:EF:F0:24:49:8D:17:1E:DE:8A:B3:23
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 6F647B4472055634CF5E6138CC5EBADB7827A202
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/cd8f07c9-abc1-41dd-bad4-c7e5bf0bd4c5.roa
Signing time: Fri 20 Jun 2025 00:20:59 +0000
ROA not before: Fri 20 Jun 2025 00:20:59 +0000
ROA not after: Fri 25 Jul 2025 23:59:59 +0000
asID: 8987
IP address blocks: 2001:3fc4::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Jun 2025 04:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6f:64:7b:44:72:05:56:34:cf:5e:61:38:cc:5e:ba:db:78:27:a2:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Jun 20 00:20:59 2025 GMT
Not After : Jul 25 23:59:59 2025 GMT
Subject: serialNumber=447e4295198ef88c9ee033f3eff95dfbf23905bf5dee80e5b0bceef4a4dded1f, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:c7:79:dc:20:30:6d:d2:61:95:67:9b:d5:21:
1c:65:69:ab:d3:c5:d2:e8:f0:bc:17:02:49:cf:fa:
b2:18:ef:cf:06:fa:7d:5b:25:1f:4d:3c:49:88:87:
c4:ba:8f:59:5a:63:3b:79:0b:c9:9f:ab:22:7b:04:
2d:da:3e:2e:2f:26:e4:66:9b:f5:f2:c3:96:6a:60:
39:13:b1:e2:34:e9:a6:d9:2c:9d:22:dd:f1:67:2c:
06:1a:2d:67:53:87:c4:26:ed:1a:a1:98:f6:ea:c0:
b1:4c:61:3f:5e:e1:e3:d2:64:4c:67:20:51:ac:11:
10:67:e2:5d:da:2c:b1:ca:26:63:70:21:50:dd:4b:
f0:0d:98:63:95:26:9b:00:eb:0a:c6:4f:4b:0f:36:
2e:5b:38:de:df:6c:a5:b9:34:51:d3:27:60:4e:e6:
57:54:68:74:1e:e5:9a:15:1a:ad:96:01:4e:41:f9:
6f:e4:af:ec:da:cc:73:2d:87:e0:f4:f1:33:65:5a:
93:41:6d:04:ab:e2:17:dd:a0:60:fc:43:46:9c:08:
ea:b4:e3:76:dc:a0:13:22:43:66:a8:f0:1f:fa:bc:
2b:17:3e:99:82:ee:29:54:60:a7:68:a1:1d:21:c2:
0d:82:89:09:65:2a:d4:3c:78:9e:25:84:14:c0:f4:
31:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:9C:8E:43:F6:B7:A3:01:46:EF:F0:24:49:8D:17:1E:DE:8A:B3:23
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/cd8f07c9-abc1-41dd-bad4-c7e5bf0bd4c5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc4::/36
Signature Algorithm: sha256WithRSAEncryption
91:09:c1:c7:a6:12:da:7b:c2:97:53:dd:23:a5:cd:f0:ad:c5:
fa:df:07:32:2b:d9:9a:1e:2a:fb:af:d3:59:2d:74:07:c4:0a:
4b:90:1a:35:77:a9:aa:03:94:00:a8:e3:57:be:ce:16:83:72:
96:b3:90:f9:ec:6b:79:68:97:5c:2d:62:87:37:63:fa:d5:81:
9e:13:2c:cf:68:71:38:67:ea:77:91:0e:53:84:a4:79:e5:84:
cc:c9:20:10:8b:23:5e:4e:40:6e:30:0b:ac:5c:37:1a:84:82:
17:60:13:26:00:3f:de:77:62:e6:01:85:7f:40:88:67:c7:d1:
bb:73:cc:c4:8d:7b:f6:71:cd:de:93:45:af:a5:18:7d:5e:8d:
14:f1:a9:1f:c4:6f:98:14:17:95:b7:6b:ba:79:d2:b4:04:7b:
ba:0a:43:58:3c:f2:d3:38:82:2d:1f:a2:b1:df:5a:f7:d5:18:
c2:64:b7:53:b1:91:a4:e3:52:ec:4d:a7:5f:4d:66:0b:7b:0c:
8f:e4:d0:ed:e1:78:b5:c2:75:7c:3d:f3:fb:21:cd:ad:70:02:
1e:eb:46:f5:20:5d:e0:e3:c4:8b:ec:1f:2a:16:20:38:12:36:
c6:a7:d7:9e:c7:4b:4d:03:be:4c:a8:89:08:aa:e6:43:57:85:
93:6f:87:69
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUb2R7RHIFVjTPXmE4zF6623gnogIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA2MjAwMDIwNTlaFw0yNTA3MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDQ0N2U0Mjk1MTk4ZWY4OGM5ZWUwMzNmM2VmZjk1ZGZiZjIzOTA1YmY1ZGVl
ODBlNWIwYmNlZWY0YTRkZGVkMWYxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALPHedwgMG3SYZVnm9UhHGVpq9PF0ujwvBcCSc/6shjvzwb6fVslH008SYiH
xLqPWVpjO3kLyZ+rInsELdo+Li8m5Gab9fLDlmpgOROx4jTpptksnSLd8WcsBhot
Z1OHxCbtGqGY9urAsUxhP17h49JkTGcgUawREGfiXdosscomY3AhUN1L8A2YY5Um
mwDrCsZPSw82Lls43t9spbk0UdMnYE7mV1RodB7lmhUarZYBTkH5b+Sv7NrMcy2H
4PTxM2Vak0FtBKviF92gYPxDRpwI6rTjdtygEyJDZqjwH/q8Kxc+mYLuKVRgp2ih
HSHCDYKJCWUq1Dx4niWEFMD0MT0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQfnI5D
9rejAUbv8CRJjRce3oqzIzAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
Y2Q4ZjA3YzktYWJjMS00MWRkLWJhZDQtYzdlNWJmMGJkNGM1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCABP8QA
MA0GCSqGSIb3DQEBCwUAA4IBAQCRCcHHphLae8KXU90jpc3wrcX63wcyK9maHir7
r9NZLXQHxApLkBo1d6mqA5QAqONXvs4Wg3KWs5D57Gt5aJdcLWKHN2P61YGeEyzP
aHE4Z+p3kQ5ThKR55YTMySAQiyNeTkBuMAusXDcahIIXYBMmAD/ed2LmAYV/QIhn
x9G7c8zEjXv2cc3ek0WvpRh9Xo0U8akfxG+YFBeVt2u6edK0BHu6CkNYPPLTOIIt
H6Kx31r31RjCZLdTsZGk41LsTadfTWYLewyP5NDt4Xi1wnV8PfP7Ic2tcAIe60b1
IF3g48SL7B8qFiA4EjbGp9eex0tNA75MqIkIquZDV4WTb4dp
-----END CERTIFICATE-----
Generated at Sun Jun 29 14:52:12 2025 by rpki-client