Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/d0cd9905-72c5-4ff9-98df-6b0d1c12a4c1.roa
File: d0cd9905-72c5-4ff9-98df-6b0d1c12a4c1.roa (raw, json)
Hash identifier: hHZ0KWTt3xNSfObhLy7LIdVyBX4jBpAWhakdWnXPBCI=
Subject key identifier: 0C:05:57:5A:46:74:8E:DC:7C:C8:C6:C8:5E:36:81:33:52:EA:7B:CC
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 1B7C7B8614D850B45F3F3A996647ECF52BBF317C
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/d0cd9905-72c5-4ff9-98df-6b0d1c12a4c1.roa
Signing time: Fri 20 Jun 2025 00:20:58 +0000
ROA not before: Fri 20 Jun 2025 00:20:58 +0000
ROA not after: Fri 25 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc4::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1b:7c:7b:86:14:d8:50:b4:5f:3f:3a:99:66:47:ec:f5:2b:bf:31:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Jun 20 00:20:58 2025 GMT
Not After : Jul 25 23:59:59 2025 GMT
Subject: serialNumber=a3dd7d082db0d1e2dcf4c851704de10de7ca3f41406d430d7b264733d853fc25, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:e6:72:9c:f3:37:19:28:93:77:be:de:db:bc:
92:f8:2e:ac:07:ae:03:14:41:64:df:5f:4b:1c:a6:
09:d9:14:9c:61:86:9c:5c:68:85:7b:fd:1f:f7:a7:
12:de:50:4f:4c:5d:68:25:b8:16:f2:b4:07:8b:48:
c8:de:64:3a:29:f5:b6:af:b9:72:64:a5:aa:49:74:
e3:5e:3a:69:74:fd:a8:dc:aa:da:1d:58:d0:84:ca:
b4:07:31:11:4d:7a:e5:e7:53:5e:b0:0c:99:f1:9a:
1a:96:71:bc:dc:97:1b:d5:98:f0:34:a8:e5:5e:3d:
d2:97:a4:f4:10:ac:37:08:95:a1:b0:b5:b2:dc:10:
70:1b:e0:a4:f8:aa:7d:ae:18:e9:27:ac:45:ba:d7:
5d:ff:8c:af:91:ab:97:3f:11:22:a2:2f:86:bf:e8:
18:24:d0:c5:c7:dd:28:0a:ea:8b:c7:6e:aa:27:ae:
ca:f4:12:1c:15:3a:e3:cf:a5:db:4e:e8:ee:33:fc:
c4:43:13:67:15:5f:ae:e1:ef:74:73:7d:ef:19:ea:
84:8f:01:4c:e4:b2:ed:66:4e:db:1a:5f:c9:c7:c3:
43:56:52:2c:f5:b8:96:88:2b:ea:6b:98:f6:63:e8:
8b:55:0e:df:40:d5:61:31:0d:da:c9:98:60:a8:d3:
b5:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:05:57:5A:46:74:8E:DC:7C:C8:C6:C8:5E:36:81:33:52:EA:7B:CC
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/d0cd9905-72c5-4ff9-98df-6b0d1c12a4c1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc4::/36
Signature Algorithm: sha256WithRSAEncryption
a5:53:80:a3:69:32:ee:14:0a:58:c1:61:d1:01:45:95:4d:96:
04:61:d1:47:21:b4:68:c8:33:ac:1c:98:09:f7:10:23:2a:b6:
a2:d8:84:b0:10:c7:d3:a3:6c:e9:a0:36:f6:50:52:30:4c:81:
81:b7:ce:2d:b7:89:6d:86:81:b1:c0:30:cb:7f:98:1a:d5:d4:
36:a0:62:82:94:e4:59:16:82:dc:7b:2d:fe:92:63:cb:f8:ae:
c5:a5:fc:a8:ad:21:f7:1c:60:c4:18:c1:8b:47:b1:70:90:f3:
97:7d:7b:60:a6:8d:19:a5:4d:41:a8:28:25:d2:60:e1:d2:b5:
a9:23:55:95:e1:4d:4e:77:50:d0:38:16:e5:ac:ca:13:a1:1a:
86:5a:81:1c:27:e9:2d:70:73:c5:4c:1d:9a:b8:29:03:87:96:
15:d5:d3:94:33:31:88:d0:b1:23:55:1b:44:9a:ba:67:e2:d9:
da:ec:d9:e8:73:76:f9:42:f7:d6:d3:01:71:8e:1a:3f:d4:79:
5b:c9:2b:dc:70:8b:04:01:fe:fe:2b:09:be:8a:e0:5a:e3:13:
db:8d:4b:cc:fd:b9:7b:3e:5f:55:9c:50:1f:a5:eb:28:1f:6b:
79:f9:ec:8b:27:69:ea:e5:41:f9:4c:30:44:24:a4:dc:25:5b:
5e:b2:ce:9a
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUG3x7hhTYULRfPzqZZkfs9Su/MXwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA2MjAwMDIwNThaFw0yNTA3MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQGEzZGQ3ZDA4MmRiMGQxZTJkY2Y0Yzg1MTcwNGRlMTBkZTdjYTNmNDE0MDZk
NDMwZDdiMjY0NzMzZDg1M2ZjMjUxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAI7mcpzzNxkok3e+3tu8kvgurAeuAxRBZN9fSxymCdkUnGGGnFxohXv9H/en
Et5QT0xdaCW4FvK0B4tIyN5kOin1tq+5cmSlqkl04146aXT9qNyq2h1Y0ITKtAcx
EU165edTXrAMmfGaGpZxvNyXG9WY8DSo5V490pek9BCsNwiVobC1stwQcBvgpPiq
fa4Y6SesRbrXXf+Mr5Grlz8RIqIvhr/oGCTQxcfdKArqi8duqieuyvQSHBU648+l
207o7jP8xEMTZxVfruHvdHN97xnqhI8BTOSy7WZO2xpfycfDQ1ZSLPW4logr6muY
9mPoi1UO30DVYTEN2smYYKjTtUMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQMBVda
RnSO3HzIxsheNoEzUup7zDAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
ZDBjZDk5MDUtNzJjNS00ZmY5LTk4ZGYtNmIwZDFjMTJhNGMxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCABP8QA
MA0GCSqGSIb3DQEBCwUAA4IBAQClU4CjaTLuFApYwWHRAUWVTZYEYdFHIbRoyDOs
HJgJ9xAjKrai2ISwEMfTo2zpoDb2UFIwTIGBt84tt4lthoGxwDDLf5ga1dQ2oGKC
lORZFoLcey3+kmPL+K7FpfyorSH3HGDEGMGLR7FwkPOXfXtgpo0ZpU1BqCgl0mDh
0rWpI1WV4U1Od1DQOBblrMoToRqGWoEcJ+ktcHPFTB2auCkDh5YV1dOUMzGI0LEj
VRtEmrpn4tna7Nnoc3b5QvfW0wFxjho/1HlbySvccIsEAf7+Kwm+iuBa4xPbjUvM
/bl7Pl9VnFAfpesoH2t5+eyLJ2nq5UH5TDBEJKTcJVtess6a
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:58:07 2025 by rpki-client