Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/de498a1d-80b4-453c-aa67-020204ad5b6b.roa
File: de498a1d-80b4-453c-aa67-020204ad5b6b.roa (raw, json)
Hash identifier: YO99qmXgPou9G1rMP24HhOuDAXVy11ksRJM8f7b1TWw=
Subject key identifier: EA:02:A4:BD:3F:63:0B:F5:CC:B1:A7:58:EA:D7:80:6D:6E:38:59:B7
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 17CB2E90C43F735FF9B2BE0D4C2D0DC6EA077EC6
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/de498a1d-80b4-453c-aa67-020204ad5b6b.roa
Signing time: Fri 08 Aug 2025 00:40:13 +0000
ROA not before: Fri 08 Aug 2025 00:40:13 +0000
ROA not after: Fri 12 Sep 2025 23:59:59 +0000
asID: 7224
IP address blocks: 2001:3fc7:d000::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
17:cb:2e:90:c4:3f:73:5f:f9:b2:be:0d:4c:2d:0d:c6:ea:07:7e:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Aug 8 00:40:13 2025 GMT
Not After : Sep 12 23:59:59 2025 GMT
Subject: serialNumber=9cdb66d1c75b69df7967569e1d40612b9e7b5cf31e37b2d8e7cbfe2cb61ea2b5, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:7d:11:33:0a:d0:03:b0:d5:ad:95:eb:eb:2e:
e3:a7:04:53:92:3d:5b:83:4e:4f:a6:fd:e3:f3:24:
01:0b:a5:f8:75:f6:98:4c:11:d2:eb:82:8d:76:62:
f0:ed:09:f5:23:e8:c2:c6:57:79:f3:1d:81:32:3d:
d6:01:2e:cf:88:de:83:76:cf:a4:a9:43:12:7a:39:
09:77:3c:64:1b:09:ac:c0:db:85:62:3c:a2:16:48:
9a:4a:6c:66:b0:32:bd:96:e2:25:50:37:42:57:a1:
f1:d5:62:5c:56:b7:f2:5b:d9:c1:e1:f6:71:07:f3:
94:c1:8a:6b:8c:92:c6:65:30:2d:c9:26:e8:e5:c1:
a3:94:ea:73:4e:e7:3f:b7:07:54:67:ff:fa:7e:05:
26:39:e9:58:13:90:7b:6b:aa:bd:73:5c:e4:19:83:
c1:67:75:14:b4:f6:fd:c4:ca:5c:bd:00:a5:e3:e2:
8c:9b:5e:4f:84:ca:fc:57:44:3d:d2:9b:c6:7a:57:
e1:95:2f:14:69:02:28:11:df:98:a9:57:04:e1:aa:
08:a5:c0:1c:f7:56:73:be:95:b7:95:dd:46:27:ba:
73:2e:9b:e0:f2:f9:e9:de:d4:61:d4:a7:ed:c6:b6:
0b:02:be:a4:37:a9:25:f3:92:b1:27:66:34:29:4e:
05:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:02:A4:BD:3F:63:0B:F5:CC:B1:A7:58:EA:D7:80:6D:6E:38:59:B7
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/de498a1d-80b4-453c-aa67-020204ad5b6b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc7:d000::/36
Signature Algorithm: sha256WithRSAEncryption
1a:d8:56:61:97:19:06:ce:4d:e6:96:ca:51:c5:c5:a2:ec:f5:
93:4f:2f:7d:c7:0f:59:f9:5a:3e:ba:81:13:14:d6:9a:ac:d8:
7d:66:fe:bb:d6:bd:c8:c4:e3:cb:46:7b:91:0f:cc:e4:f3:3c:
1c:6b:02:56:95:34:56:9d:c4:3f:ae:3d:ae:ea:68:76:8f:78:
ce:1e:53:09:7c:b4:32:05:8b:c1:9c:45:da:56:79:59:8b:85:
c3:7e:a3:7e:48:de:09:2c:06:24:6f:37:21:d6:77:cc:fd:58:
9c:cb:66:74:9f:54:44:ef:da:64:1f:de:5d:8b:e2:e3:c0:13:
2b:b5:75:38:9e:45:b1:aa:88:8f:b4:58:77:42:64:9f:47:56:
01:89:39:52:bf:04:ed:2f:0d:aa:52:c5:90:7f:2e:18:75:aa:
35:7c:f2:fc:9b:aa:67:47:38:96:e2:69:ad:1a:db:b4:43:17:
03:1c:4a:f4:fd:51:9c:29:cd:63:0e:fb:98:57:b1:a5:1c:8c:
94:29:f3:c8:98:3a:37:b8:22:a6:03:f9:e1:9f:57:db:76:07:
63:97:c4:7b:8c:1b:61:1b:a1:23:95:a5:6e:d5:84:23:fa:b3:
eb:69:2b:62:b0:f3:63:7e:5c:d0:c4:8b:38:93:17:a4:99:b9:
6c:6e:98:51
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUF8sukMQ/c1/5sr4NTC0NxuoHfsYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA4MDgwMDQwMTNaFw0yNTA5MTIyMzU5NTlaMHoxSTBHBgNV
BAUTQDljZGI2NmQxYzc1YjY5ZGY3OTY3NTY5ZTFkNDA2MTJiOWU3YjVjZjMxZTM3
YjJkOGU3Y2JmZTJjYjYxZWEyYjUxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKF9ETMK0AOw1a2V6+su46cEU5I9W4NOT6b94/MkAQul+HX2mEwR0uuCjXZi
8O0J9SPowsZXefMdgTI91gEuz4jeg3bPpKlDEno5CXc8ZBsJrMDbhWI8ohZImkps
ZrAyvZbiJVA3Qleh8dViXFa38lvZweH2cQfzlMGKa4ySxmUwLckm6OXBo5Tqc07n
P7cHVGf/+n4FJjnpWBOQe2uqvXNc5BmDwWd1FLT2/cTKXL0ApePijJteT4TK/FdE
PdKbxnpX4ZUvFGkCKBHfmKlXBOGqCKXAHPdWc76Vt5XdRie6cy6b4PL56d7UYdSn
7ca2CwK+pDepJfOSsSdmNClOBV0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTqAqS9
P2ML9cyxp1jq14BtbjhZtzAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
ZGU0OThhMWQtODBiNC00NTNjLWFhNjctMDIwMjA0YWQ1YjZiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCABP8fQ
MA0GCSqGSIb3DQEBCwUAA4IBAQAa2FZhlxkGzk3mlspRxcWi7PWTTy99xw9Z+Vo+
uoETFNaarNh9Zv671r3IxOPLRnuRD8zk8zwcawJWlTRWncQ/rj2u6mh2j3jOHlMJ
fLQyBYvBnEXaVnlZi4XDfqN+SN4JLAYkbzch1nfM/Vicy2Z0n1RE79pkH95di+Lj
wBMrtXU4nkWxqoiPtFh3QmSfR1YBiTlSvwTtLw2qUsWQfy4Ydao1fPL8m6pnRziW
4mmtGtu0QxcDHEr0/VGcKc1jDvuYV7GlHIyUKfPImDo3uCKmA/nhn1fbdgdjl8R7
jBthG6EjlaVu1YQj+rPraStisPNjflzQxIs4kxekmblsbphR
-----END CERTIFICATE-----
Generated at Sat Aug 23 14:37:34 2025 by rpki-client