Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/00d32677-2dbe-47e3-a4b3-be1e601729bd.roa
File: 00d32677-2dbe-47e3-a4b3-be1e601729bd.roa (raw, json)
Hash identifier: pFT2KgeWSx7LD4bJUj+Ext9QZfOjSGXLVZyJ2YU33VE=
Subject key identifier: EB:6B:C8:05:A9:6A:9A:86:09:5E:A3:A5:F1:EF:3E:A1:46:B3:15:70
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 7BF760A41AF91829ACEE2232F0C9BEE64CBD6C21
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/00d32677-2dbe-47e3-a4b3-be1e601729bd.roa
Signing time: Tue 15 Jul 2025 00:30:16 +0000
ROA not before: Tue 15 Jul 2025 00:30:16 +0000
ROA not after: Tue 19 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc5:9000::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7b:f7:60:a4:1a:f9:18:29:ac:ee:22:32:f0:c9:be:e6:4c:bd:6c:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Jul 15 00:30:16 2025 GMT
Not After : Aug 19 23:59:59 2025 GMT
Subject: serialNumber=ce31f03f2ce31ee8d606fff249bfa9f96598237a06a15cd36c3b87fea280e476, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:58:be:6b:df:01:e3:91:c0:64:11:ce:0b:1d:
83:0c:70:1e:78:93:86:81:5b:da:97:d8:16:40:ce:
a7:dc:02:bc:73:59:58:20:5e:a0:89:3f:8f:3a:a2:
c7:c3:01:4c:cb:dd:d6:c2:1a:b2:5b:9b:6e:e4:2c:
c4:be:48:c5:dd:04:43:44:a4:0c:2d:d8:7f:85:e9:
1d:66:61:4e:55:0e:d3:5a:e5:06:6b:97:05:3f:b5:
b1:e3:47:53:78:b5:2d:96:7b:53:56:77:8c:bd:32:
5e:52:d3:d4:7b:0f:67:00:4d:09:07:57:94:46:16:
f9:08:2b:c9:6f:d5:38:e2:35:ae:d0:0e:85:2e:22:
c4:1f:30:24:ba:10:57:41:b0:18:72:2a:07:00:f9:
55:1f:60:0e:94:17:7f:80:fb:24:95:2f:52:be:c4:
a9:f6:ba:d6:47:7e:a9:cb:51:b2:3a:76:b0:44:ec:
1d:63:4a:c6:38:b3:e9:cf:be:2d:71:12:70:7e:8e:
be:dc:36:a9:4a:2d:45:48:e1:ae:93:d7:c5:82:37:
05:71:01:f9:aa:ae:57:ce:47:1c:db:dc:86:64:cc:
c6:af:9a:ed:fb:92:bc:d0:67:96:aa:78:da:7b:0a:
8a:dd:1c:c3:e3:90:bb:28:58:6f:83:40:0a:56:37:
04:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:6B:C8:05:A9:6A:9A:86:09:5E:A3:A5:F1:EF:3E:A1:46:B3:15:70
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/00d32677-2dbe-47e3-a4b3-be1e601729bd.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc5:9000::/36
Signature Algorithm: sha256WithRSAEncryption
53:5b:e8:4c:de:2f:05:b1:54:16:48:99:a2:f3:d4:9d:51:11:
0a:fb:96:07:1a:7a:b3:b7:f0:39:72:b0:6f:71:15:dd:c7:35:
10:7e:e2:85:ae:e3:c6:51:13:f5:97:d2:75:66:67:b2:f3:e7:
34:7c:e9:52:e6:af:31:9a:94:e9:e7:74:dc:44:63:04:4e:25:
24:42:bf:ee:2c:2f:47:27:98:6f:2c:2b:53:b8:08:65:3c:a9:
5d:29:55:9e:9c:be:30:07:a0:3b:35:a9:e4:ec:2f:da:7d:94:
98:77:86:f4:c2:ff:3e:b3:cd:01:ad:6c:09:c3:ae:7b:b7:b8:
d8:98:8c:49:15:c6:8b:f7:ba:a1:5f:90:c4:03:ad:2e:cf:f9:
22:35:d3:a7:57:69:cd:60:fd:c0:a2:ab:e6:aa:4d:6f:0b:13:
b8:6a:71:19:c4:40:8b:8f:74:34:d3:7c:a6:14:f0:08:49:39:
f2:11:43:37:96:8e:ea:b9:cb:59:75:fe:6f:06:a2:aa:a1:94:
a3:23:9f:f1:ee:38:d3:77:51:5f:b1:e8:c2:bf:b6:07:1d:3f:
a3:cf:62:9f:f3:f9:eb:bb:b6:87:c4:ce:dc:a2:94:2c:8e:b6:
03:a9:79:f8:86:d2:ad:00:84:8b:c4:b5:14:00:f2:16:70:54:
86:12:e9:b8
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUe/dgpBr5GCms7iIy8Mm+5ky9bCEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA3MTUwMDMwMTZaFw0yNTA4MTkyMzU5NTlaMHoxSTBHBgNV
BAUTQGNlMzFmMDNmMmNlMzFlZThkNjA2ZmZmMjQ5YmZhOWY5NjU5ODIzN2EwNmEx
NWNkMzZjM2I4N2ZlYTI4MGU0NzYxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANFYvmvfAeORwGQRzgsdgwxwHniThoFb2pfYFkDOp9wCvHNZWCBeoIk/jzqi
x8MBTMvd1sIaslubbuQsxL5Ixd0EQ0SkDC3Yf4XpHWZhTlUO01rlBmuXBT+1seNH
U3i1LZZ7U1Z3jL0yXlLT1HsPZwBNCQdXlEYW+QgryW/VOOI1rtAOhS4ixB8wJLoQ
V0GwGHIqBwD5VR9gDpQXf4D7JJUvUr7Eqfa61kd+qctRsjp2sETsHWNKxjiz6c++
LXEScH6Ovtw2qUotRUjhrpPXxYI3BXEB+aquV85HHNvchmTMxq+a7fuSvNBnlqp4
2nsKit0cw+OQuyhYb4NAClY3BGcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTra8gF
qWqahgleo6Xx7z6hRrMVcDAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
MDBkMzI2NzctMmRiZS00N2UzLWE0YjMtYmUxZTYwMTcyOWJkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCABP8WQ
MA0GCSqGSIb3DQEBCwUAA4IBAQBTW+hM3i8FsVQWSJmi89SdUREK+5YHGnqzt/A5
crBvcRXdxzUQfuKFruPGURP1l9J1Zmey8+c0fOlS5q8xmpTp53TcRGMETiUkQr/u
LC9HJ5hvLCtTuAhlPKldKVWenL4wB6A7Nank7C/afZSYd4b0wv8+s80BrWwJw657
t7jYmIxJFcaL97qhX5DEA60uz/kiNdOnV2nNYP3Aoqvmqk1vCxO4anEZxECLj3Q0
03ymFPAISTnyEUM3lo7quctZdf5vBqKqoZSjI5/x7jjTd1FfsejCv7YHHT+jz2Kf
8/nru7aHxM7copQsjrYDqXn4htKtAISLxLUUAPIWcFSGEum4
-----END CERTIFICATE-----
Generated at Tue Jul 22 19:29:23 2025 by rpki-client