Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/d0c16247-cad2-4748-8340-6fe2e6d8ce6f.roa
File: d0c16247-cad2-4748-8340-6fe2e6d8ce6f.roa (raw, json)
Hash identifier: CIFXXNUyp1LiNCWs2aAPj05cFJSK1YaJKw4zQHW21XM=
Subject key identifier: CB:8F:DC:0E:A4:79:0E:D3:4F:02:B0:4B:25:E9:2E:FC:1C:71:1E:CD
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 2E359E77D3FEF555B0BAAC5D659D891A74BA3344
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/d0c16247-cad2-4748-8340-6fe2e6d8ce6f.roa
Signing time: Fri 20 Jun 2025 00:20:20 +0000
ROA not before: Fri 20 Jun 2025 00:20:20 +0000
ROA not after: Fri 25 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc3:800::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2e:35:9e:77:d3:fe:f5:55:b0:ba:ac:5d:65:9d:89:1a:74:ba:33:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Jun 20 00:20:20 2025 GMT
Not After : Jul 25 23:59:59 2025 GMT
Subject: serialNumber=12806959408d62200048f69bfcf79432fdb98575571b0e6b21f5461d54ecf0f5, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:77:7b:19:2a:f8:a1:ee:bd:d8:86:7b:4d:d5:
7b:d4:ec:b2:f1:e2:52:99:d6:0e:92:9e:de:fd:06:
ad:ac:60:91:8f:b9:62:02:e1:03:7a:ee:f7:4b:73:
9a:99:66:ff:7b:23:e5:88:ee:62:1c:ee:46:72:8b:
e7:0a:6d:1e:0f:f6:ca:0a:58:25:5b:26:3f:e8:cf:
bf:04:bb:af:98:79:c1:1b:82:5c:82:52:67:b6:8d:
a9:ca:63:ef:f2:11:75:df:67:4e:32:59:0d:aa:9b:
c7:20:32:b2:e3:f4:30:cc:a2:07:c1:82:04:a8:8d:
7b:fd:80:3f:de:0b:8e:d9:c6:07:e5:a5:ef:f4:76:
47:a1:17:91:fa:b8:d6:b3:51:00:01:a2:f1:2a:56:
16:c7:90:41:39:7d:68:70:15:1c:f5:b8:79:a8:63:
34:07:cd:08:cb:be:f1:4a:90:a8:35:13:5a:c8:3b:
5c:80:08:7f:35:b4:19:a7:46:d3:af:6a:dd:34:90:
f7:af:6c:a9:45:bb:e8:05:8d:57:da:8e:f7:89:89:
0e:7c:cf:7d:d7:5b:2d:94:0b:3e:37:4d:70:77:3c:
95:18:8d:47:08:30:08:10:8a:49:4a:03:36:e8:74:
92:a1:49:91:93:f8:07:ef:62:32:2d:41:57:66:00:
ef:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:8F:DC:0E:A4:79:0E:D3:4F:02:B0:4B:25:E9:2E:FC:1C:71:1E:CD
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/d0c16247-cad2-4748-8340-6fe2e6d8ce6f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc3:800::/40
Signature Algorithm: sha256WithRSAEncryption
16:e8:5d:1d:d4:fd:f3:ab:15:1c:7c:57:3b:10:4a:49:a6:f0:
fe:0c:80:4e:e2:a7:69:7f:ec:48:83:03:d8:c3:64:98:61:88:
b0:d5:7d:1c:68:cc:c9:76:b8:8b:0b:8b:7d:f2:03:26:58:9f:
76:63:28:a9:26:94:f5:cc:68:65:9b:03:72:c6:67:bd:11:7c:
77:66:77:d9:92:0f:de:83:12:ee:6d:2d:cd:3a:59:9e:88:fa:
6b:16:52:a1:7e:98:3a:9a:b3:5b:27:3d:5c:ff:90:c1:33:e6:
2d:24:c2:e2:f6:bb:16:22:39:07:78:fc:5e:d7:3b:51:ff:a2:
11:da:cc:df:50:42:3d:c5:e2:2f:1d:7f:7f:2f:ee:fc:89:fe:
12:79:e4:75:82:b6:4a:7d:d0:26:e5:a7:30:81:6e:db:43:ac:
bc:15:df:f0:16:35:59:8a:dc:51:5a:f6:a4:d1:b5:b8:91:2c:
f8:0f:f4:87:1e:be:0d:66:ff:ca:fc:bf:70:16:5d:62:3a:cc:
9b:51:fd:d5:43:d9:4a:a0:81:2b:b3:de:0b:69:64:1d:d9:c3:
02:9c:79:67:a2:06:50:e1:84:4c:50:0c:13:62:ee:bd:1c:e9:
d4:d1:10:c7:6a:e5:2f:b7:27:42:1e:46:ad:9d:cf:ae:bc:33:
b7:6a:3e:3b
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIULjWed9P+9VWwuqxdZZ2JGnS6M0QwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA2MjAwMDIwMjBaFw0yNTA3MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDEyODA2OTU5NDA4ZDYyMjAwMDQ4ZjY5YmZjZjc5NDMyZmRiOTg1NzU1NzFi
MGU2YjIxZjU0NjFkNTRlY2YwZjUxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKR3exkq+KHuvdiGe03Ve9TssvHiUpnWDpKe3v0GraxgkY+5YgLhA3ru90tz
mplm/3sj5YjuYhzuRnKL5wptHg/2ygpYJVsmP+jPvwS7r5h5wRuCXIJSZ7aNqcpj
7/IRdd9nTjJZDaqbxyAysuP0MMyiB8GCBKiNe/2AP94LjtnGB+Wl7/R2R6EXkfq4
1rNRAAGi8SpWFseQQTl9aHAVHPW4eahjNAfNCMu+8UqQqDUTWsg7XIAIfzW0GadG
069q3TSQ969sqUW76AWNV9qO94mJDnzPfddbLZQLPjdNcHc8lRiNRwgwCBCKSUoD
Nuh0kqFJkZP4B+9iMi1BV2YA718CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTLj9wO
pHkO008CsEsl6S78HHEezTAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
ZDBjMTYyNDctY2FkMi00NzQ4LTgzNDAtNmZlMmU2ZDhjZTZmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACABP8MI
MA0GCSqGSIb3DQEBCwUAA4IBAQAW6F0d1P3zqxUcfFc7EEpJpvD+DIBO4qdpf+xI
gwPYw2SYYYiw1X0caMzJdriLC4t98gMmWJ92YyipJpT1zGhlmwNyxme9EXx3ZnfZ
kg/egxLubS3NOlmeiPprFlKhfpg6mrNbJz1c/5DBM+YtJMLi9rsWIjkHePxe1ztR
/6IR2szfUEI9xeIvHX9/L+78if4SeeR1grZKfdAm5acwgW7bQ6y8Fd/wFjVZitxR
Wvak0bW4kSz4D/SHHr4NZv/K/L9wFl1iOsybUf3VQ9lKoIErs94LaWQd2cMCnHln
ogZQ4YRMUAwTYu69HOnU0RDHauUvtydCHkatnc+uvDO3aj47
-----END CERTIFICATE-----
Generated at Sun Jun 29 02:52:27 2025 by rpki-client