Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/00e367f0-18fe-4be3-8ccd-885f75baf0a5.roa
File: 00e367f0-18fe-4be3-8ccd-885f75baf0a5.roa (raw, json)
Hash identifier: i6xcQ5tYM9V1YZQIRF+RD3OafPg6h8HznGBNG5PXobo=
Subject key identifier: D2:32:6B:40:DA:3F:5B:70:20:1A:85:FF:CA:A2:62:6E:F7:91:A2:37
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 3CB972795C283318203B08B81A33BC8DC3573093
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/00e367f0-18fe-4be3-8ccd-885f75baf0a5.roa
Signing time: Tue 15 Jul 2025 00:21:04 +0000
ROA not before: Tue 15 Jul 2025 00:21:04 +0000
ROA not after: Tue 19 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc0::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3c:b9:72:79:5c:28:33:18:20:3b:08:b8:1a:33:bc:8d:c3:57:30:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Jul 15 00:21:04 2025 GMT
Not After : Aug 19 23:59:59 2025 GMT
Subject: serialNumber=283fe35e26dac403d140e9b03a72170243e7d45e9e1324e865aa2a6797ce6ea0, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:56:b6:e5:d4:93:8d:8f:46:d2:0c:ab:da:39:
6d:82:41:50:d4:37:41:08:e4:98:4c:1c:63:16:b9:
8a:25:66:b6:be:fd:0b:c9:cb:6b:a1:02:5a:99:6c:
1a:27:97:db:dc:d6:45:4f:48:48:4f:25:70:2f:6c:
80:80:9e:5c:23:ed:95:5e:1d:2b:27:59:c9:21:ee:
6d:67:21:49:05:00:eb:80:9b:28:89:4e:ad:90:f9:
da:a5:16:ea:c7:6b:ef:60:23:55:5c:b8:73:61:05:
69:59:cf:fb:ac:3b:2d:32:d6:54:5f:97:7c:8c:6a:
d9:13:c3:37:c6:24:c2:fc:ff:c2:22:c3:da:bb:6f:
fc:b8:f8:da:40:7a:d8:87:13:5b:01:ae:cf:0b:ba:
00:04:59:15:00:64:8f:9f:8a:8a:b3:14:2f:33:97:
d4:ff:37:ab:fe:1d:fa:ea:ae:fe:aa:8e:a9:c7:c7:
81:72:94:56:79:02:0b:5e:eb:31:b6:31:94:2e:ad:
1e:ca:ff:ed:65:40:9c:3c:63:d0:5c:56:18:f4:55:
10:53:73:56:ff:62:a2:5a:1f:d0:5b:9d:6f:c3:b4:
6f:d5:ce:fc:ea:8f:76:18:3d:d0:44:40:4c:86:8d:
ac:00:83:07:97:46:5b:2a:b7:26:e3:bc:69:5b:1a:
c7:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:32:6B:40:DA:3F:5B:70:20:1A:85:FF:CA:A2:62:6E:F7:91:A2:37
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/00e367f0-18fe-4be3-8ccd-885f75baf0a5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc0::/36
Signature Algorithm: sha256WithRSAEncryption
3d:a0:aa:20:94:38:bf:de:95:53:04:59:0b:bd:c0:a9:ca:d1:
e9:4f:43:8c:5a:33:7c:55:27:1d:fd:fb:5c:e9:de:d1:70:a4:
dd:10:66:00:09:a4:76:67:57:e2:2d:1e:2b:37:e1:13:2f:da:
c8:4a:fd:a8:2d:1d:ea:29:e2:6f:1e:1b:7b:ec:d5:21:d3:17:
15:1c:d2:d4:0e:97:90:dc:0d:65:2c:39:0a:a8:9a:5f:69:6a:
7f:1b:0e:e9:17:a2:d6:33:d6:d0:ed:40:d3:18:05:de:94:22:
83:40:8f:ca:ec:cd:2e:10:f5:49:23:c4:a5:33:97:60:50:84:
af:51:fc:fe:ec:1a:ab:fb:08:c3:6d:db:05:b0:0e:d7:a7:1f:
aa:b7:5e:e5:7d:ee:61:b5:ed:12:87:cf:02:9f:b5:a0:7f:49:
30:7e:5c:74:ca:8e:1b:e5:54:73:03:5d:3b:5d:c7:2f:d6:a1:
09:f1:06:bd:a0:05:db:5a:a9:e1:95:c5:1e:f1:d5:b3:f1:a4:
66:57:59:9e:b2:ed:28:10:91:7f:dd:35:8f:d1:7e:3f:12:09:
54:c8:d2:50:b5:b5:0d:6d:ae:81:7b:e9:9e:49:2f:a8:90:05:
a2:be:d2:2a:a4:d1:74:66:89:95:94:dd:22:d8:90:b1:dc:27:
47:52:2b:6c
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUPLlyeVwoMxggOwi4GjO8jcNXMJMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA3MTUwMDIxMDRaFw0yNTA4MTkyMzU5NTlaMHoxSTBHBgNV
BAUTQDI4M2ZlMzVlMjZkYWM0MDNkMTQwZTliMDNhNzIxNzAyNDNlN2Q0NWU5ZTEz
MjRlODY1YWEyYTY3OTdjZTZlYTAxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMZWtuXUk42PRtIMq9o5bYJBUNQ3QQjkmEwcYxa5iiVmtr79C8nLa6ECWpls
GieX29zWRU9ISE8lcC9sgICeXCPtlV4dKydZySHubWchSQUA64CbKIlOrZD52qUW
6sdr72AjVVy4c2EFaVnP+6w7LTLWVF+XfIxq2RPDN8Ykwvz/wiLD2rtv/Lj42kB6
2IcTWwGuzwu6AARZFQBkj5+KirMULzOX1P83q/4d+uqu/qqOqcfHgXKUVnkCC17r
MbYxlC6tHsr/7WVAnDxj0FxWGPRVEFNzVv9iolof0Fudb8O0b9XO/OqPdhg90ERA
TIaNrACDB5dGWyq3JuO8aVsax7kCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTSMmtA
2j9bcCAahf/KomJu95GiNzAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
MDBlMzY3ZjAtMThmZS00YmUzLThjY2QtODg1Zjc1YmFmMGE1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCABP8AA
MA0GCSqGSIb3DQEBCwUAA4IBAQA9oKoglDi/3pVTBFkLvcCpytHpT0OMWjN8VScd
/ftc6d7RcKTdEGYACaR2Z1fiLR4rN+ETL9rISv2oLR3qKeJvHht77NUh0xcVHNLU
DpeQ3A1lLDkKqJpfaWp/Gw7pF6LWM9bQ7UDTGAXelCKDQI/K7M0uEPVJI8SlM5dg
UISvUfz+7Bqr+wjDbdsFsA7Xpx+qt17lfe5hte0Sh88Cn7Wgf0kwflx0yo4b5VRz
A107Xccv1qEJ8Qa9oAXbWqnhlcUe8dWz8aRmV1mesu0oEJF/3TWP0X4/EglUyNJQ
tbUNba6Be+meSS+okAWivtIqpNF0ZomVlN0i2JCx3CdHUits
-----END CERTIFICATE-----
Generated at Tue Jul 22 19:29:34 2025 by rpki-client