Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/e1d00d70-da0c-4922-8124-95401dba4efc.roa
File: e1d00d70-da0c-4922-8124-95401dba4efc.roa (raw, json)
Hash identifier: qfUc6Nr4xAoMTCf5cKzsQR6q5mAqIvHF4R87ZVrAdK8=
Subject key identifier: 8C:4E:BC:5A:A6:E1:31:E3:FF:A6:80:0D:C3:21:2F:42:C5:ED:B0:22
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 5F21EF591E518644B7492D10C46AFC9AE60CF15E
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/e1d00d70-da0c-4922-8124-95401dba4efc.roa
Signing time: Fri 20 Jun 2025 00:10:43 +0000
ROA not before: Fri 20 Jun 2025 00:10:43 +0000
ROA not after: Fri 25 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc7:f8c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5f:21:ef:59:1e:51:86:44:b7:49:2d:10:c4:6a:fc:9a:e6:0c:f1:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Jun 20 00:10:43 2025 GMT
Not After : Jul 25 23:59:59 2025 GMT
Subject: serialNumber=6a3ae97db4165d7c8bd4d98f24f9c1cd8b3136d1900dd1101556eb28afc87a36, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:ab:9a:7e:af:f4:b0:96:f2:b1:e8:c8:94:fe:
ea:a4:c5:ab:b4:dd:0b:e0:64:51:44:5f:fa:fa:07:
67:bb:f6:51:d1:2a:f9:4a:2b:9e:bb:d0:1a:0d:24:
fe:fa:9d:13:ac:4d:bb:11:5f:81:55:6a:da:af:ba:
97:d4:47:8c:74:a2:15:25:78:22:42:01:12:da:09:
d6:84:d3:f1:85:4e:88:c0:82:1b:d6:4e:3d:41:8d:
f5:6d:e2:75:c8:88:9f:b0:19:99:6b:f8:34:11:3c:
ab:9e:51:65:83:a2:bc:38:e7:57:e5:3c:89:ed:ee:
a2:05:1c:c1:a6:3e:9c:9c:c7:90:32:11:3b:71:57:
0b:5c:9b:b9:f9:09:1c:c1:1a:d9:1b:18:64:7e:19:
27:31:d1:71:fb:2b:95:86:79:6c:5c:61:16:f9:4f:
76:ff:c6:97:58:31:df:d6:bb:5b:88:80:f8:dc:5c:
1b:b1:d1:6c:31:61:f8:dd:23:74:17:a3:1e:2a:d8:
8d:a7:36:61:73:e7:0d:9c:74:bc:a5:87:07:89:ba:
8f:74:f5:91:43:15:2b:70:90:37:b0:ef:f2:c5:34:
4b:0c:b0:ff:40:4e:c9:d1:cd:2d:4f:37:90:31:bd:
a1:ee:37:2d:fb:8c:0c:3d:df:29:08:af:68:fe:be:
97:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:4E:BC:5A:A6:E1:31:E3:FF:A6:80:0D:C3:21:2F:42:C5:ED:B0:22
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/e1d00d70-da0c-4922-8124-95401dba4efc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc7:f8c0::/48
Signature Algorithm: sha256WithRSAEncryption
1b:15:6a:cc:22:fe:9a:b8:30:63:cc:f9:64:7b:6e:87:fe:fa:
dc:25:4f:a5:65:ac:20:e5:01:85:95:d6:12:a2:25:05:0b:cb:
21:36:5f:89:61:6a:e1:b6:41:1b:87:7e:1b:2e:63:a6:3c:7e:
6e:fc:ae:57:ed:ea:fe:e2:60:5c:c7:a5:da:26:0b:c4:85:c6:
75:d7:3a:a3:27:6d:c3:bf:d2:39:1a:8c:5a:79:b9:68:bf:ad:
31:3c:59:11:3f:83:0e:a1:6b:d0:66:7c:f4:7a:54:80:b0:0b:
6a:b0:f5:58:e6:a5:1b:d2:76:83:af:0a:6c:2e:ea:98:8a:e4:
c7:fa:d3:5c:f4:f1:0b:9e:ea:6a:85:e6:f3:2e:e6:e5:86:9a:
90:d0:19:ed:18:97:38:aa:c6:8c:f4:63:3d:c1:61:03:06:ee:
ce:2c:fe:46:95:9e:78:50:28:43:28:69:95:15:c7:50:cc:a2:
5c:dd:ca:7d:35:7f:cf:8b:94:ea:73:1f:80:64:ab:86:9d:3e:
d7:31:1a:e8:55:da:9f:5e:24:00:7a:6b:f8:19:23:27:c1:65:
88:0c:5f:3d:dc:2e:c4:a3:7b:54:26:db:c2:af:e9:d9:d3:16:
0e:f2:72:92:22:26:9f:85:d4:2a:f8:e1:83:6c:25:14:0c:fa:
d1:e5:4e:85
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUXyHvWR5RhkS3SS0QxGr8muYM8V4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA2MjAwMDEwNDNaFw0yNTA3MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDZhM2FlOTdkYjQxNjVkN2M4YmQ0ZDk4ZjI0ZjljMWNkOGIzMTM2ZDE5MDBk
ZDExMDE1NTZlYjI4YWZjODdhMzYxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOyrmn6v9LCW8rHoyJT+6qTFq7TdC+BkUURf+voHZ7v2UdEq+UornrvQGg0k
/vqdE6xNuxFfgVVq2q+6l9RHjHSiFSV4IkIBEtoJ1oTT8YVOiMCCG9ZOPUGN9W3i
dciIn7AZmWv4NBE8q55RZYOivDjnV+U8ie3uogUcwaY+nJzHkDIRO3FXC1ybufkJ
HMEa2RsYZH4ZJzHRcfsrlYZ5bFxhFvlPdv/Gl1gx39a7W4iA+NxcG7HRbDFh+N0j
dBejHirYjac2YXPnDZx0vKWHB4m6j3T1kUMVK3CQN7Dv8sU0Swyw/0BOydHNLU83
kDG9oe43LfuMDD3fKQivaP6+l6sCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSMTrxa
puEx4/+mgA3DIS9Cxe2wIjAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
ZTFkMDBkNzAtZGEwYy00OTIyLTgxMjQtOTU0MDFkYmE0ZWZjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACABP8f4
wDANBgkqhkiG9w0BAQsFAAOCAQEAGxVqzCL+mrgwY8z5ZHtuh/763CVPpWWsIOUB
hZXWEqIlBQvLITZfiWFq4bZBG4d+Gy5jpjx+bvyuV+3q/uJgXMel2iYLxIXGddc6
oydtw7/SORqMWnm5aL+tMTxZET+DDqFr0GZ89HpUgLALarD1WOalG9J2g68KbC7q
mIrkx/rTXPTxC57qaoXm8y7m5YaakNAZ7RiXOKrGjPRjPcFhAwbuziz+RpWeeFAo
QyhplRXHUMyiXN3KfTV/z4uU6nMfgGSrhp0+1zEa6FXan14kAHpr+BkjJ8FliAxf
PdwuxKN7VCbbwq/p2dMWDvJykiImn4XUKvjhg2wlFAz60eVOhQ==
-----END CERTIFICATE-----
Generated at Sun Jun 29 05:10:50 2025 by rpki-client