Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/ea65bcc4-9fce-4b6f-a493-4a17ef1306cf.roa
File: ea65bcc4-9fce-4b6f-a493-4a17ef1306cf.roa (raw, json)
Hash identifier: 5Pz3UoX/3VfhlAiXi6LH20HbElrsSU03d1gyCq3M8vQ=
Subject key identifier: 28:2F:C7:94:7F:6B:2B:7E:16:FE:B4:1E:12:6E:6D:03:9F:D0:88:B6
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 17D6284AE5E4E9C0000CE88E82C7BF9E16587F13
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/ea65bcc4-9fce-4b6f-a493-4a17ef1306cf.roa
Signing time: Fri 20 Jun 2025 00:20:57 +0000
ROA not before: Fri 20 Jun 2025 00:20:57 +0000
ROA not after: Fri 25 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc7:1000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
17:d6:28:4a:e5:e4:e9:c0:00:0c:e8:8e:82:c7:bf:9e:16:58:7f:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Jun 20 00:20:57 2025 GMT
Not After : Jul 25 23:59:59 2025 GMT
Subject: serialNumber=72fab7ff9326693141c9d11fab7a19fec30756392a881c31610e7468590d71a9, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:29:bb:f6:43:0d:66:5b:8a:3f:d9:b4:ab:ec:
00:51:8e:07:83:47:0e:4b:20:79:64:e7:5b:b6:66:
b0:70:a7:08:be:ef:dd:5d:52:a3:81:cf:df:49:01:
7d:fd:f2:3f:21:0f:59:32:d1:92:6f:da:d2:a0:d6:
ab:db:91:68:4d:e2:c0:63:81:4e:12:dd:8b:a2:70:
a2:89:bc:ac:af:03:a4:19:1c:49:98:f1:63:6e:f1:
5e:6a:6b:8a:b6:ef:03:f6:cb:b6:d1:47:3c:33:42:
76:40:60:73:4b:dc:56:4f:12:bd:0b:6d:7c:33:a3:
7d:e0:0d:9f:19:99:4d:ae:51:a8:9b:1b:09:13:7c:
3f:0b:21:eb:ce:bd:bf:33:89:da:df:d6:27:2b:ad:
96:8d:88:22:c1:5e:71:ca:3b:c2:76:13:82:aa:e7:
27:3e:0e:fd:62:7d:45:42:a5:6c:25:b2:54:4f:fb:
14:a9:b4:b0:33:1c:51:37:25:4c:60:b4:e2:7d:e3:
b2:0d:46:33:3f:31:0b:03:76:f2:ae:c0:66:8d:02:
51:3d:95:f5:8e:b2:00:3e:5a:57:5f:d9:ac:73:d4:
f5:5d:d1:51:d1:18:0d:b7:77:e3:7a:66:91:21:45:
e2:c7:fc:00:4f:7f:5c:31:d9:20:65:78:1e:69:db:
89:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:2F:C7:94:7F:6B:2B:7E:16:FE:B4:1E:12:6E:6D:03:9F:D0:88:B6
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/ea65bcc4-9fce-4b6f-a493-4a17ef1306cf.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc7:1000::/36
Signature Algorithm: sha256WithRSAEncryption
64:9e:cb:ba:4f:69:59:73:d0:28:5e:ec:bf:72:a7:b9:c5:4a:
72:ba:68:53:f9:ed:97:d4:c0:83:b4:fc:86:0a:1b:83:25:ee:
ea:73:81:bc:40:ea:a1:1f:29:53:c9:22:1f:4f:80:1b:c6:ab:
82:34:68:85:db:cb:e1:dd:13:bb:0e:3e:67:a6:06:dd:b8:0c:
6f:7d:f8:68:2c:bf:ec:40:89:ca:da:d7:09:65:93:77:07:a3:
d4:5b:b1:86:7d:40:8e:f5:2b:a9:7a:6d:ac:e6:fe:b1:c9:3e:
85:02:dc:64:70:5a:ab:3b:43:d7:47:67:fc:25:74:57:dd:7a:
c9:b7:33:a4:f3:7c:87:5c:df:36:68:f0:f8:31:be:85:30:dd:
3b:e6:9c:bf:f0:3e:41:0d:4e:a1:b4:b7:93:c8:0c:a0:5d:97:
e1:33:c2:f0:fb:45:3c:36:9d:c1:5d:4a:54:77:12:0e:81:9e:
08:c0:1f:11:52:36:2f:b0:38:3a:c2:a8:ad:36:0f:15:00:3e:
c8:e2:e9:9a:95:df:7e:b0:37:28:86:ca:ea:c8:e3:89:63:c0:
89:aa:64:15:e6:99:21:42:b5:b9:9f:87:68:de:40:62:d4:8e:
82:17:08:d4:57:82:7e:93:f2:2e:97:80:20:5d:98:15:bb:98:
bd:59:24:34
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUF9YoSuXk6cAADOiOgse/nhZYfxMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA2MjAwMDIwNTdaFw0yNTA3MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDcyZmFiN2ZmOTMyNjY5MzE0MWM5ZDExZmFiN2ExOWZlYzMwNzU2MzkyYTg4
MWMzMTYxMGU3NDY4NTkwZDcxYTkxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALUpu/ZDDWZbij/ZtKvsAFGOB4NHDksgeWTnW7ZmsHCnCL7v3V1So4HP30kB
ff3yPyEPWTLRkm/a0qDWq9uRaE3iwGOBThLdi6Jwoom8rK8DpBkcSZjxY27xXmpr
irbvA/bLttFHPDNCdkBgc0vcVk8SvQttfDOjfeANnxmZTa5RqJsbCRN8Pwsh6869
vzOJ2t/WJyutlo2IIsFecco7wnYTgqrnJz4O/WJ9RUKlbCWyVE/7FKm0sDMcUTcl
TGC04n3jsg1GMz8xCwN28q7AZo0CUT2V9Y6yAD5aV1/ZrHPU9V3RUdEYDbd343pm
kSFF4sf8AE9/XDHZIGV4HmnbiWcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQoL8eU
f2srfhb+tB4Sbm0Dn9CItjAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
ZWE2NWJjYzQtOWZjZS00YjZmLWE0OTMtNGExN2VmMTMwNmNmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCABP8cQ
MA0GCSqGSIb3DQEBCwUAA4IBAQBknsu6T2lZc9AoXuy/cqe5xUpyumhT+e2X1MCD
tPyGChuDJe7qc4G8QOqhHylTySIfT4AbxquCNGiF28vh3RO7Dj5npgbduAxvffho
LL/sQInK2tcJZZN3B6PUW7GGfUCO9Supem2s5v6xyT6FAtxkcFqrO0PXR2f8JXRX
3XrJtzOk83yHXN82aPD4Mb6FMN075py/8D5BDU6htLeTyAygXZfhM8Lw+0U8Np3B
XUpUdxIOgZ4IwB8RUjYvsDg6wqitNg8VAD7I4umald9+sDcohsrqyOOJY8CJqmQV
5pkhQrW5n4do3kBi1I6CFwjUV4J+k/Iul4AgXZgVu5i9WSQ0
-----END CERTIFICATE-----
Generated at Sun Jun 29 02:43:07 2025 by rpki-client