Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/df7033c9-3736-411c-b289-a6013faa6935.roa
File: df7033c9-3736-411c-b289-a6013faa6935.roa (raw, json)
Hash identifier: NBbBCJ55kpO6dKC+LYU9r6Hl0/bnCSZUhowAsYqKE1Q=
Subject key identifier: 8F:63:00:77:E6:47:A1:F7:56:FF:80:59:8C:75:C9:6C:A3:84:B7:FD
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 35BEEBD5BC8F92F654E6DEE1FD06FBA8100C58EA
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/df7033c9-3736-411c-b289-a6013faa6935.roa
Signing time: Fri 20 Jun 2025 00:10:47 +0000
ROA not before: Fri 20 Jun 2025 00:10:47 +0000
ROA not after: Fri 25 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc7:2880::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Jun 2025 00:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
35:be:eb:d5:bc:8f:92:f6:54:e6:de:e1:fd:06:fb:a8:10:0c:58:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Jun 20 00:10:47 2025 GMT
Not After : Jul 25 23:59:59 2025 GMT
Subject: serialNumber=345e042bb3153b2f6796f67b57321a0f80668f4320e17ec606f1b832bbb725f7, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:5d:ac:2f:63:c5:fb:a1:4d:b4:1d:05:3f:85:
9e:81:5f:79:9d:eb:c7:09:98:cd:fc:8b:68:df:c4:
6f:96:2f:d1:13:5f:da:c1:5f:40:0e:37:7e:2d:28:
fc:c6:76:6e:a8:4f:08:36:65:ff:93:1d:4a:08:d1:
9a:27:f2:c9:d8:f6:18:61:df:7f:5c:ed:8c:93:bd:
f2:66:11:da:de:2e:09:74:7b:53:f2:2b:ae:ad:2b:
2b:7c:7c:5d:28:bf:4f:03:dc:e0:59:8c:50:13:90:
b8:b7:38:d3:4a:e0:34:dd:bb:b1:be:ae:cb:80:84:
e5:f1:0a:e3:cc:3d:e5:50:94:0b:35:66:a2:d8:49:
82:c8:51:80:66:1b:5e:60:ca:37:11:c7:a7:0c:0c:
38:41:de:c7:b0:5d:d5:d9:ab:3d:02:d4:c0:71:08:
a8:82:b3:47:9c:7f:fd:e3:32:6a:d3:63:59:d9:6e:
c2:6d:6c:5e:fb:38:00:a5:4a:6b:99:47:86:a7:a5:
7a:c9:ab:a3:8a:b7:d8:19:46:73:62:7a:0b:c5:35:
de:ec:d0:51:bb:2a:75:cd:52:a0:08:57:ef:9b:ba:
6e:34:c8:68:76:86:87:f2:50:19:9e:dd:c1:3d:58:
86:ee:20:fb:37:72:8c:a5:45:f2:f6:95:ab:a8:2b:
71:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:63:00:77:E6:47:A1:F7:56:FF:80:59:8C:75:C9:6C:A3:84:B7:FD
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/df7033c9-3736-411c-b289-a6013faa6935.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc7:2880::/48
Signature Algorithm: sha256WithRSAEncryption
2d:b2:b1:9c:d0:1a:e9:0b:bd:be:58:0e:fe:7a:ff:63:49:86:
2c:03:87:a8:fc:21:3f:90:39:8c:89:9a:e3:79:8c:e4:c7:c3:
6f:bf:d6:20:cf:cd:dd:53:59:7e:e5:1f:43:f1:52:55:fc:c0:
cc:c7:89:ae:0f:93:79:59:62:bc:65:35:40:58:08:6c:56:03:
a7:b7:a7:64:ea:9d:88:b2:67:48:44:60:85:61:48:c0:d4:91:
ab:a9:f9:4a:9d:d4:a8:05:cc:41:cb:66:71:7c:c2:72:7e:fb:
d5:66:84:8f:17:89:46:8e:2e:47:64:56:1b:e6:7c:b2:57:5e:
6e:0a:36:8c:6a:0c:f5:e7:3a:3a:5f:7a:3d:04:8f:cc:f7:0e:
31:0a:fe:2e:60:35:cf:0f:9d:73:3a:83:eb:b3:d8:a8:93:4f:
bc:2b:84:4d:5d:2a:bb:8e:1a:64:dd:7a:96:06:fe:12:6d:50:
44:de:20:37:6e:23:f3:be:8c:50:4b:52:f8:6c:63:bd:f1:a8:
ce:08:c8:2a:8c:94:35:66:62:b0:ed:f9:94:5e:16:a1:fb:55:
28:16:14:81:f3:27:28:5e:44:88:08:ad:90:ff:95:26:c2:e6:
e1:30:af:19:44:b6:99:ff:81:e5:51:bb:88:48:23:c4:01:32:
31:db:0b:d6
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUNb7r1byPkvZU5t7h/Qb7qBAMWOowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA2MjAwMDEwNDdaFw0yNTA3MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDM0NWUwNDJiYjMxNTNiMmY2Nzk2ZjY3YjU3MzIxYTBmODA2NjhmNDMyMGUx
N2VjNjA2ZjFiODMyYmJiNzI1ZjcxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKldrC9jxfuhTbQdBT+FnoFfeZ3rxwmYzfyLaN/Eb5Yv0RNf2sFfQA43fi0o
/MZ2bqhPCDZl/5MdSgjRmifyydj2GGHff1ztjJO98mYR2t4uCXR7U/Irrq0rK3x8
XSi/TwPc4FmMUBOQuLc400rgNN27sb6uy4CE5fEK48w95VCUCzVmothJgshRgGYb
XmDKNxHHpwwMOEHex7Bd1dmrPQLUwHEIqIKzR5x//eMyatNjWdluwm1sXvs4AKVK
a5lHhqelesmro4q32BlGc2J6C8U13uzQUbsqdc1SoAhX75u6bjTIaHaGh/JQGZ7d
wT1Yhu4g+zdyjKVF8vaVq6grcX8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSPYwB3
5keh91b/gFmMdclso4S3/TAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
ZGY3MDMzYzktMzczNi00MTFjLWIyODktYTYwMTNmYWE2OTM1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACABP8co
gDANBgkqhkiG9w0BAQsFAAOCAQEALbKxnNAa6Qu9vlgO/nr/Y0mGLAOHqPwhP5A5
jIma43mM5MfDb7/WIM/N3VNZfuUfQ/FSVfzAzMeJrg+TeVlivGU1QFgIbFYDp7en
ZOqdiLJnSERghWFIwNSRq6n5Sp3UqAXMQctmcXzCcn771WaEjxeJRo4uR2RWG+Z8
sldebgo2jGoM9ec6Ol96PQSPzPcOMQr+LmA1zw+dczqD67PYqJNPvCuETV0qu44a
ZN16lgb+Em1QRN4gN24j876MUEtS+GxjvfGozgjIKoyUNWZisO35lF4WoftVKBYU
gfMnKF5EiAitkP+VJsLm4TCvGUS2mf+B5VG7iEgjxAEyMdsL1g==
-----END CERTIFICATE-----
Generated at Sun Jun 29 07:27:30 2025 by rpki-client