Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/e8f1c1f7-8389-4faf-87c9-f4a180e7bcdc.roa
File: e8f1c1f7-8389-4faf-87c9-f4a180e7bcdc.roa (raw, json)
Hash identifier: s7KE4njsb3CHfZnPuDnYhyXWGmptKOjN5voFXX1nK+A=
Subject key identifier: 68:E5:DF:85:EC:28:A5:14:72:EA:A6:0F:C1:FB:7C:77:5C:2A:DC:84
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 5841AD146C484C56CCE8D107014A150CBBD7EBDA
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/e8f1c1f7-8389-4faf-87c9-f4a180e7bcdc.roa
Signing time: Fri 20 Jun 2025 00:11:31 +0000
ROA not before: Fri 20 Jun 2025 00:11:31 +0000
ROA not after: Fri 25 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc5:8000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
58:41:ad:14:6c:48:4c:56:cc:e8:d1:07:01:4a:15:0c:bb:d7:eb:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Jun 20 00:11:31 2025 GMT
Not After : Jul 25 23:59:59 2025 GMT
Subject: serialNumber=d106a20beb70077cefae24ec4c1487c9f3c728b30be263910faa8780044e7517, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:1d:c9:2f:4c:f7:2b:7d:a1:71:57:98:f8:4b:
54:bd:73:9a:46:21:52:80:d9:13:5d:11:47:0e:32:
eb:31:57:b9:88:49:a4:5e:c2:81:fb:f9:f8:e8:1c:
15:40:46:ed:ae:fc:63:2e:cf:a1:d6:1a:ed:a1:1a:
83:7a:8b:9a:eb:03:19:c9:3d:5c:d2:5d:ce:ab:8d:
22:a7:2d:4b:0b:9d:11:8a:6e:3f:00:ec:2b:e8:91:
06:eb:10:7e:4d:fc:b6:21:fa:9c:e0:f6:8c:2b:5c:
d3:2b:d2:39:42:ce:c4:9b:04:db:41:5d:d9:8a:ed:
11:44:5b:a0:e9:88:96:a3:db:42:91:40:b7:35:70:
74:d9:bc:c2:33:99:eb:40:e9:44:4a:e5:31:f9:37:
fe:a5:68:08:44:1a:5f:1d:19:a2:1f:ed:87:6d:26:
9e:e9:a5:01:f0:e3:66:d0:25:01:12:77:93:17:89:
34:bf:15:54:fe:35:03:e3:32:10:dc:8a:e8:87:aa:
9c:72:c6:e6:54:db:1d:96:fd:d0:a9:51:de:71:ce:
66:6e:73:6d:fc:75:e8:ae:fc:2e:1d:23:07:db:61:
48:66:54:35:5c:0c:2b:c6:ed:02:35:8e:41:e6:32:
ae:cd:5c:e6:0d:92:a3:59:b3:9e:86:ff:14:1d:8a:
6c:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:E5:DF:85:EC:28:A5:14:72:EA:A6:0F:C1:FB:7C:77:5C:2A:DC:84
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/e8f1c1f7-8389-4faf-87c9-f4a180e7bcdc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc5:8000::/36
Signature Algorithm: sha256WithRSAEncryption
02:5e:aa:22:27:36:aa:ac:12:1e:9c:54:09:b1:0b:46:05:9e:
87:f0:49:87:cb:08:10:b9:cd:8d:f5:f5:27:24:f1:24:db:d2:
23:e4:af:8e:e4:a0:ba:73:de:9c:b3:2a:ef:09:68:7b:a3:d7:
49:fb:95:7c:99:06:1c:b5:4c:ac:31:b2:1e:fc:0b:25:b3:94:
44:02:22:90:88:78:0b:fe:9b:62:f4:31:04:b0:59:b2:e6:59:
7e:10:f1:0d:b6:3c:8b:a4:c1:2c:36:e8:87:99:f7:19:1a:8b:
48:51:89:a3:43:0d:17:d9:fe:c4:b8:44:b0:a3:c4:b0:4d:da:
cb:be:03:77:85:16:b0:17:b4:89:61:fc:8d:27:f3:10:48:cc:
6f:d7:92:dd:78:c2:cf:77:95:42:ef:c3:f8:03:be:44:d4:0c:
e7:a9:f9:c5:f4:d1:a0:58:f2:ff:93:7a:3f:50:6d:a2:e8:76:
a1:f7:09:f8:ef:b3:2c:ca:54:c1:11:ac:61:6e:bf:22:14:2c:
98:f8:0e:17:9d:b9:cf:4f:0d:a4:4f:07:bc:8c:98:1a:05:72:
d4:fb:db:2e:d1:7f:bf:97:79:44:3e:f5:cf:94:47:f9:f8:37:
77:55:2d:14:5f:d6:75:93:06:6d:99:e7:06:1f:25:71:93:80:
bf:37:b5:1c
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUWEGtFGxITFbM6NEHAUoVDLvX69owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA2MjAwMDExMzFaFw0yNTA3MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQGQxMDZhMjBiZWI3MDA3N2NlZmFlMjRlYzRjMTQ4N2M5ZjNjNzI4YjMwYmUy
NjM5MTBmYWE4NzgwMDQ0ZTc1MTcxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ0dyS9M9yt9oXFXmPhLVL1zmkYhUoDZE10RRw4y6zFXuYhJpF7Cgfv5+Ogc
FUBG7a78Yy7PodYa7aEag3qLmusDGck9XNJdzquNIqctSwudEYpuPwDsK+iRBusQ
fk38tiH6nOD2jCtc0yvSOULOxJsE20Fd2YrtEURboOmIlqPbQpFAtzVwdNm8wjOZ
60DpRErlMfk3/qVoCEQaXx0Zoh/th20mnumlAfDjZtAlARJ3kxeJNL8VVP41A+My
ENyK6IeqnHLG5lTbHZb90KlR3nHOZm5zbfx16K78Lh0jB9thSGZUNVwMK8btAjWO
QeYyrs1c5g2So1mznob/FB2KbIkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRo5d+F
7CilFHLqpg/B+3x3XCrchDAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
ZThmMWMxZjctODM4OS00ZmFmLTg3YzktZjRhMTgwZTdiY2RjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCABP8WA
MA0GCSqGSIb3DQEBCwUAA4IBAQACXqoiJzaqrBIenFQJsQtGBZ6H8EmHywgQuc2N
9fUnJPEk29Ij5K+O5KC6c96csyrvCWh7o9dJ+5V8mQYctUysMbIe/Asls5REAiKQ
iHgL/pti9DEEsFmy5ll+EPENtjyLpMEsNuiHmfcZGotIUYmjQw0X2f7EuESwo8Sw
TdrLvgN3hRawF7SJYfyNJ/MQSMxv15LdeMLPd5VC78P4A75E1AznqfnF9NGgWPL/
k3o/UG2i6Hah9wn477MsylTBEaxhbr8iFCyY+A4XnbnPTw2kTwe8jJgaBXLU+9su
0X+/l3lEPvXPlEf5+Dd3VS0UX9Z1kwZtmecGHyVxk4C/N7Uc
-----END CERTIFICATE-----
Generated at Sun Jun 29 02:57:39 2025 by rpki-client