Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/f4581009-959f-4805-904e-a85043ac559b.roa
File: f4581009-959f-4805-904e-a85043ac559b.roa (raw, json)
Hash identifier: FDjyZV9EIY/BwH7OXyft9YCrVJsfSXgIaonVv/tj2gM=
Subject key identifier: 48:4E:15:94:F9:BE:BE:C2:7A:80:24:0C:CB:35:8C:4A:AD:1C:AA:9B
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 117BC9224F5B7DF5756529CD1E79493F988231A9
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/f4581009-959f-4805-904e-a85043ac559b.roa
Signing time: Fri 20 Jun 2025 00:20:35 +0000
ROA not before: Fri 20 Jun 2025 00:20:35 +0000
ROA not after: Fri 25 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc3:a800::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
11:7b:c9:22:4f:5b:7d:f5:75:65:29:cd:1e:79:49:3f:98:82:31:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Jun 20 00:20:35 2025 GMT
Not After : Jul 25 23:59:59 2025 GMT
Subject: serialNumber=8741d45cef5c61c4d97af872cd2045ccbbcf8f4a5072a07985f999299e027ef6, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:73:38:b8:0e:d9:cd:24:2d:61:4f:13:07:40:
0a:78:47:33:9a:80:1d:52:df:48:b6:4a:91:83:c0:
00:53:aa:c6:fb:a9:34:ac:3b:1a:79:d8:9b:18:51:
6e:96:ea:e9:d9:76:5d:e2:0c:48:34:98:78:cc:62:
02:4b:34:76:b5:6a:ab:c6:4f:68:61:9c:ab:fb:8d:
97:d3:7f:42:27:94:38:1a:0d:2a:6c:08:fb:f7:14:
84:f7:f9:7c:3b:07:ab:08:26:c2:3e:78:59:c8:9a:
a5:b5:6e:fd:27:98:18:3c:1f:92:6d:b0:a5:00:b3:
ce:91:96:c3:52:b8:5d:52:dd:a4:68:55:fd:4a:98:
c4:a4:b7:f4:ad:3e:3f:77:2b:6f:68:49:11:e5:84:
03:d9:ee:7a:bb:05:36:3a:eb:cf:ac:81:2f:29:36:
e6:2b:5b:a9:23:2d:2e:61:d2:cc:5e:2e:14:c6:f9:
b0:50:7d:c1:bc:6a:b9:f9:45:98:99:65:36:d1:20:
dd:a6:2b:50:46:a6:56:e2:1f:96:45:d7:a6:62:9c:
e1:72:84:76:d2:48:5e:bc:f0:be:91:1b:a7:06:17:
63:b1:51:b2:07:2d:0b:d1:4f:83:84:81:41:c3:dc:
6a:3f:04:8d:6a:3d:b7:8c:9e:aa:52:bf:ea:44:24:
a3:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:4E:15:94:F9:BE:BE:C2:7A:80:24:0C:CB:35:8C:4A:AD:1C:AA:9B
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/f4581009-959f-4805-904e-a85043ac559b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc3:a800::/40
Signature Algorithm: sha256WithRSAEncryption
9b:67:ad:d3:ee:8d:35:dc:f9:d7:bf:0d:7e:54:9d:0d:83:98:
ca:fd:bb:4b:fa:ce:33:75:48:57:c8:d0:3b:0e:0a:03:ff:62:
69:6d:e3:e3:fb:50:c2:c2:5e:b6:84:b3:e3:d4:9d:c2:81:ed:
30:8f:b5:8e:79:ee:f9:ab:b4:8b:cd:ff:de:76:dc:8d:0a:06:
13:59:f3:90:ab:c8:60:61:c0:15:56:88:99:d6:3d:a6:e8:e2:
fb:46:fd:d0:c2:11:45:f7:b8:49:4e:d7:09:4a:28:ed:b9:5f:
1f:82:fa:0c:64:c8:e0:29:43:0e:6c:84:45:01:20:bf:52:ac:
dd:c5:7c:b8:6c:31:16:64:89:3e:18:1c:70:9d:ca:3f:39:49:
30:cf:a5:ec:08:38:fe:f5:89:7a:08:c9:a9:db:95:5c:be:8e:
8f:24:f4:2e:af:5c:d6:57:e4:a6:3d:26:b7:a9:d9:f7:fd:6b:
9a:5c:d6:08:e3:8c:82:8d:dc:a1:b8:d5:b1:48:ba:bc:a6:63:
3c:d3:76:ee:a4:15:c6:b7:41:ec:9a:1c:11:42:2f:d3:ed:d2:
7b:49:60:01:a7:20:65:b6:79:f7:eb:bd:54:b5:d2:66:b7:91:
5e:5b:44:cb:37:d7:e7:ac:c9:02:43:be:d6:f1:29:f4:49:c5:
9d:f6:ea:ec
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUEXvJIk9bffV1ZSnNHnlJP5iCMakwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA2MjAwMDIwMzVaFw0yNTA3MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDg3NDFkNDVjZWY1YzYxYzRkOTdhZjg3MmNkMjA0NWNjYmJjZjhmNGE1MDcy
YTA3OTg1Zjk5OTI5OWUwMjdlZjYxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANJzOLgO2c0kLWFPEwdACnhHM5qAHVLfSLZKkYPAAFOqxvupNKw7GnnYmxhR
bpbq6dl2XeIMSDSYeMxiAks0drVqq8ZPaGGcq/uNl9N/QieUOBoNKmwI+/cUhPf5
fDsHqwgmwj54WciapbVu/SeYGDwfkm2wpQCzzpGWw1K4XVLdpGhV/UqYxKS39K0+
P3crb2hJEeWEA9nuersFNjrrz6yBLyk25itbqSMtLmHSzF4uFMb5sFB9wbxquflF
mJllNtEg3aYrUEamVuIflkXXpmKc4XKEdtJIXrzwvpEbpwYXY7FRsgctC9FPg4SB
QcPcaj8EjWo9t4yeqlK/6kQko5sCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRIThWU
+b6+wnqAJAzLNYxKrRyqmzAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
ZjQ1ODEwMDktOTU5Zi00ODA1LTkwNGUtYTg1MDQzYWM1NTliLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACABP8Oo
MA0GCSqGSIb3DQEBCwUAA4IBAQCbZ63T7o013PnXvw1+VJ0Ng5jK/btL+s4zdUhX
yNA7DgoD/2JpbePj+1DCwl62hLPj1J3Cge0wj7WOee75q7SLzf/edtyNCgYTWfOQ
q8hgYcAVVoiZ1j2m6OL7Rv3QwhFF97hJTtcJSijtuV8fgvoMZMjgKUMObIRFASC/
UqzdxXy4bDEWZIk+GBxwnco/OUkwz6XsCDj+9Yl6CMmp25Vcvo6PJPQur1zWV+Sm
PSa3qdn3/WuaXNYI44yCjdyhuNWxSLq8pmM803bupBXGt0HsmhwRQi/T7dJ7SWAB
pyBltnn3671UtdJmt5FeW0TLN9fnrMkCQ77W8Sn0ScWd9urs
-----END CERTIFICATE-----
Generated at Sun Jun 29 03:58:12 2025 by rpki-client