Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/06f5324f-fb2d-4212-b1f7-6ca0b172bf22.roa
File: 06f5324f-fb2d-4212-b1f7-6ca0b172bf22.roa (raw, json)
Hash identifier: u9mQfhCYQ43moV+FDJd8CFffTGM0jRtEdsVkM9pIboA=
Subject key identifier: CD:F3:CC:A0:4E:76:12:3B:81:79:7C:F7:81:1E:DE:37:FD:A6:E2:65
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 106259881960F6D8E37CF41F52B20E4831BED1E4
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/06f5324f-fb2d-4212-b1f7-6ca0b172bf22.roa
Signing time: Tue 15 Jul 2025 00:20:14 +0000
ROA not before: Tue 15 Jul 2025 00:20:14 +0000
ROA not after: Tue 19 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc3:8000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 08:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
10:62:59:88:19:60:f6:d8:e3:7c:f4:1f:52:b2:0e:48:31:be:d1:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Jul 15 00:20:14 2025 GMT
Not After : Aug 19 23:59:59 2025 GMT
Subject: serialNumber=25c59717ed7fa3bb45aa1533796d12771124f0c43eb48c613c29e4568e2a4535, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:c5:2a:99:1d:71:c3:41:ce:1e:0e:a2:a4:79:
00:8f:5b:5b:99:bb:68:1c:d8:12:26:b9:4f:3c:cd:
ff:24:e6:c6:09:52:e3:04:bc:11:3c:a0:a9:19:59:
28:7f:69:2c:ed:bc:95:f2:cd:8b:06:30:15:57:74:
67:07:13:0c:f5:45:6a:07:35:d9:f8:14:58:e0:bf:
7d:e5:5f:99:78:2e:b4:10:6b:79:f2:de:78:0b:c9:
08:78:6a:74:76:97:54:e2:16:66:08:72:e7:bc:4f:
6d:aa:52:64:c9:37:90:b7:4a:8c:4a:6e:4b:84:21:
a6:d3:02:d8:b1:8d:eb:97:a8:e5:23:7a:f7:0a:ec:
91:e1:ee:c5:e2:83:a7:f7:61:38:2e:6b:2e:74:b0:
b8:01:77:02:e0:2e:f1:2b:09:8a:1d:c0:01:9f:e2:
44:4a:0f:81:c9:5e:36:7b:98:83:b8:8f:82:09:25:
79:a4:dd:60:26:e4:a7:67:d1:25:29:76:60:6f:93:
b9:0a:01:c2:62:62:84:a2:8d:2a:df:74:c4:b4:eb:
3b:7f:26:c8:04:a8:8b:73:67:1d:f4:0f:f5:f0:64:
28:cc:49:08:1b:ee:97:2b:96:46:70:3e:92:5c:2a:
25:f1:01:ba:2f:be:1d:44:1d:ab:c2:af:42:38:6b:
87:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:F3:CC:A0:4E:76:12:3B:81:79:7C:F7:81:1E:DE:37:FD:A6:E2:65
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/06f5324f-fb2d-4212-b1f7-6ca0b172bf22.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc3:8000::/36
Signature Algorithm: sha256WithRSAEncryption
88:fd:71:ea:d4:b0:28:5b:89:ad:89:73:8d:2e:d6:da:05:83:
31:00:6e:b9:3f:50:81:37:bf:9b:13:8c:50:7b:ba:89:f0:d3:
02:8e:07:ea:ed:0c:f5:03:fa:a2:53:92:87:f0:fa:2d:56:50:
e9:78:50:5d:9f:ed:06:9a:f2:bc:e0:32:91:0d:83:54:f6:f1:
9b:6f:06:8f:8d:93:80:a9:4c:cd:d1:2a:bb:9f:bb:95:06:87:
8f:63:af:3f:6c:d2:79:ce:8c:42:1a:0a:7e:16:f1:21:27:8c:
5c:31:7d:9b:55:2f:71:5a:6b:d0:a8:a9:24:39:63:8b:fe:4c:
88:cb:3a:60:e1:59:45:7b:0b:4a:20:af:2a:07:26:d9:96:64:
8b:e2:4f:42:31:fe:bc:b3:35:c0:86:7d:7e:43:05:d0:bd:83:
d8:7b:db:aa:c6:cf:5b:94:fa:f1:d3:5b:c5:7f:9d:aa:70:df:
65:4b:ad:d6:c1:d8:3d:e8:db:13:a7:02:fe:5b:63:49:52:8e:
37:c3:5c:d2:64:70:bb:40:8a:0a:99:4a:0f:d3:8a:00:09:7d:
ea:e5:8b:36:66:79:5e:de:14:01:de:ae:15:4e:04:be:c5:71:
f4:72:d4:1d:62:46:67:48:26:42:a0:f8:6d:0b:c9:25:86:13:
e2:ce:77:b6
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUEGJZiBlg9tjjfPQfUrIOSDG+0eQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA3MTUwMDIwMTRaFw0yNTA4MTkyMzU5NTlaMHoxSTBHBgNV
BAUTQDI1YzU5NzE3ZWQ3ZmEzYmI0NWFhMTUzMzc5NmQxMjc3MTEyNGYwYzQzZWI0
OGM2MTNjMjllNDU2OGUyYTQ1MzUxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOzFKpkdccNBzh4OoqR5AI9bW5m7aBzYEia5TzzN/yTmxglS4wS8ETygqRlZ
KH9pLO28lfLNiwYwFVd0ZwcTDPVFagc12fgUWOC/feVfmXgutBBrefLeeAvJCHhq
dHaXVOIWZghy57xPbapSZMk3kLdKjEpuS4QhptMC2LGN65eo5SN69wrskeHuxeKD
p/dhOC5rLnSwuAF3AuAu8SsJih3AAZ/iREoPgcleNnuYg7iPggkleaTdYCbkp2fR
JSl2YG+TuQoBwmJihKKNKt90xLTrO38myASoi3NnHfQP9fBkKMxJCBvulyuWRnA+
klwqJfEBui++HUQdq8KvQjhrh5cCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTN88yg
TnYSO4F5fPeBHt43/abiZTAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
MDZmNTMyNGYtZmIyZC00MjEyLWIxZjctNmNhMGIxNzJiZjIyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCABP8OA
MA0GCSqGSIb3DQEBCwUAA4IBAQCI/XHq1LAoW4mtiXONLtbaBYMxAG65P1CBN7+b
E4xQe7qJ8NMCjgfq7Qz1A/qiU5KH8PotVlDpeFBdn+0GmvK84DKRDYNU9vGbbwaP
jZOAqUzN0Sq7n7uVBoePY68/bNJ5zoxCGgp+FvEhJ4xcMX2bVS9xWmvQqKkkOWOL
/kyIyzpg4VlFewtKIK8qBybZlmSL4k9CMf68szXAhn1+QwXQvYPYe9uqxs9blPrx
01vFf52qcN9lS63Wwdg96NsTpwL+W2NJUo43w1zSZHC7QIoKmUoP04oACX3q5Ys2
Znle3hQB3q4VTgS+xXH0ctQdYkZnSCZCoPhtC8klhhPizne2
-----END CERTIFICATE-----
Generated at Tue Jul 22 11:45:11 2025 by rpki-client