Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/de498a1d-80b4-453c-aa67-020204ad5b6b.roa
File: de498a1d-80b4-453c-aa67-020204ad5b6b.roa (raw, json)
Hash identifier: KTkvNl3bIwj7vmSYXKlbRmHaFzgCrZbYv9MvS6HrShQ=
Subject key identifier: 04:22:B7:55:54:EB:C5:AF:41:F5:B0:92:96:1C:C8:8A:07:DE:71:54
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 16D326D6BD20181AF9DB48859B7DA36AEB5A6771
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/de498a1d-80b4-453c-aa67-020204ad5b6b.roa
Signing time: Tue 17 Jun 2025 00:50:07 +0000
ROA not before: Tue 17 Jun 2025 00:50:07 +0000
ROA not after: Tue 22 Jul 2025 23:59:59 +0000
asID: 7224
IP address blocks: 2001:3fc7:d000::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Jun 2025 04:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
16:d3:26:d6:bd:20:18:1a:f9:db:48:85:9b:7d:a3:6a:eb:5a:67:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Jun 17 00:50:07 2025 GMT
Not After : Jul 22 23:59:59 2025 GMT
Subject: serialNumber=82c9f85ffd180a2a45092f59d9b79c5ec2ad19e8f836d755ecc28d50d1804760, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:29:87:ad:75:8c:aa:46:3f:0b:06:1b:3d:c4:
bc:16:a3:fb:8e:33:ba:66:ec:99:c4:ff:98:b4:2d:
00:fb:94:2f:82:bf:ff:e6:a9:f1:d8:e1:75:8f:4d:
ee:0a:70:69:2c:0c:aa:1c:1f:e1:49:14:6a:8f:3a:
2b:5f:2c:00:8f:9f:53:08:cd:6f:bf:a5:7a:a2:33:
09:b8:8e:58:fe:e8:4a:03:c1:39:c5:66:31:6a:d9:
fd:f9:0b:61:5a:7b:90:41:cf:72:32:1c:04:ec:a2:
dc:1c:8b:b7:52:4b:1d:94:88:9f:5d:01:04:0c:68:
81:29:27:39:6f:05:5b:9e:50:c0:5c:96:59:73:9f:
5e:52:22:22:41:b2:a1:7d:de:71:f6:7e:8a:21:20:
70:c6:85:8d:82:a8:5c:11:01:77:18:1b:a4:aa:50:
13:ba:76:97:81:32:53:b5:b1:ea:a2:b2:62:80:2a:
49:73:90:ff:4c:69:8f:9d:93:52:15:90:bd:84:db:
a8:eb:49:64:ed:83:14:1a:34:f2:81:17:40:09:c6:
b8:d9:93:04:1b:e0:d3:d3:e0:71:ee:1c:e4:ae:a9:
81:70:a2:42:33:7f:02:3c:75:7c:60:98:d6:33:53:
d4:b7:c1:5b:af:7c:4f:36:84:d7:ba:0b:d4:db:67:
66:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:22:B7:55:54:EB:C5:AF:41:F5:B0:92:96:1C:C8:8A:07:DE:71:54
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/de498a1d-80b4-453c-aa67-020204ad5b6b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc7:d000::/36
Signature Algorithm: sha256WithRSAEncryption
05:21:18:3a:27:b6:57:97:9a:44:01:2f:34:12:36:7b:ef:07:
dc:b0:c1:1a:5e:1c:26:6b:d7:58:49:f1:82:cb:ce:a7:ee:8e:
d1:26:e2:41:b5:db:6e:29:f6:c1:2c:00:4b:f4:fd:26:86:67:
5d:6f:e6:f5:48:f2:ef:17:11:f9:e2:06:5c:e7:45:d8:2c:9a:
01:21:25:f5:69:dd:c1:52:77:06:33:a4:47:e5:be:ab:93:8d:
d5:1c:69:d5:b6:c4:e4:97:5c:14:87:b0:6c:be:54:e4:1c:b9:
17:92:d4:98:68:67:93:5c:4d:9a:e9:79:78:72:1a:4d:c9:84:
17:d2:8e:4a:d0:6f:13:9d:f8:30:18:72:3f:5d:08:7d:9a:f1:
1b:01:31:54:8c:24:b2:97:e2:43:5e:a1:6a:59:16:69:5a:09:
76:fb:96:49:e2:64:05:b9:aa:40:39:60:e7:f8:d7:22:60:a1:
77:ac:91:ed:38:f4:3f:c0:d9:2a:71:de:b8:f1:b2:a3:b7:f0:
57:cb:b1:27:ed:73:67:87:9d:a6:b9:3a:85:82:b2:04:19:f1:
60:e9:8b:3d:04:85:5e:a9:75:95:f8:38:a0:69:65:73:1d:2a:
98:a9:b5:53:c0:58:2b:62:88:8a:3a:c6:29:37:a9:fd:81:b6:
49:2d:cd:65
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUFtMm1r0gGBr520iFm32jautaZ3EwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA2MTcwMDUwMDdaFw0yNTA3MjIyMzU5NTlaMHoxSTBHBgNV
BAUTQDgyYzlmODVmZmQxODBhMmE0NTA5MmY1OWQ5Yjc5YzVlYzJhZDE5ZThmODM2
ZDc1NWVjYzI4ZDUwZDE4MDQ3NjAxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALYph611jKpGPwsGGz3EvBaj+44zumbsmcT/mLQtAPuUL4K//+ap8djhdY9N
7gpwaSwMqhwf4UkUao86K18sAI+fUwjNb7+leqIzCbiOWP7oSgPBOcVmMWrZ/fkL
YVp7kEHPcjIcBOyi3ByLt1JLHZSIn10BBAxogSknOW8FW55QwFyWWXOfXlIiIkGy
oX3ecfZ+iiEgcMaFjYKoXBEBdxgbpKpQE7p2l4EyU7Wx6qKyYoAqSXOQ/0xpj52T
UhWQvYTbqOtJZO2DFBo08oEXQAnGuNmTBBvg09Pgce4c5K6pgXCiQjN/Ajx1fGCY
1jNT1LfBW698TzaE17oL1NtnZhkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQEIrdV
VOvFr0H1sJKWHMiKB95xVDAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
ZGU0OThhMWQtODBiNC00NTNjLWFhNjctMDIwMjA0YWQ1YjZiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCABP8fQ
MA0GCSqGSIb3DQEBCwUAA4IBAQAFIRg6J7ZXl5pEAS80EjZ77wfcsMEaXhwma9dY
SfGCy86n7o7RJuJBtdtuKfbBLABL9P0mhmddb+b1SPLvFxH54gZc50XYLJoBISX1
ad3BUncGM6RH5b6rk43VHGnVtsTkl1wUh7BsvlTkHLkXktSYaGeTXE2a6Xl4chpN
yYQX0o5K0G8TnfgwGHI/XQh9mvEbATFUjCSyl+JDXqFqWRZpWgl2+5ZJ4mQFuapA
OWDn+NciYKF3rJHtOPQ/wNkqcd648bKjt/BXy7En7XNnh52muTqFgrIEGfFg6Ys9
BIVeqXWV+DigaWVzHSqYqbVTwFgrYoiKOsYpN6n9gbZJLc1l
-----END CERTIFICATE-----
Generated at Sun Jun 29 12:09:37 2025 by rpki-client