Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/07aa2549-9eea-428d-a23d-c0e66b59cdb0.roa
File: 07aa2549-9eea-428d-a23d-c0e66b59cdb0.roa (raw, json)
Hash identifier: mtFPqzL1MvFlS65vu9ws6IVtVFNigbS0qg+AAcsyQFk=
Subject key identifier: BF:E5:C4:52:35:BB:76:DC:F7:5B:47:34:9A:22:CF:01:7D:21:27:FD
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 7F4DF59CB9B79965DC15072EF50DF41B629E72FE
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/07aa2549-9eea-428d-a23d-c0e66b59cdb0.roa
Signing time: Tue 15 Jul 2025 00:30:14 +0000
ROA not before: Tue 15 Jul 2025 00:30:14 +0000
ROA not after: Tue 19 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc1:8000::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7f:4d:f5:9c:b9:b7:99:65:dc:15:07:2e:f5:0d:f4:1b:62:9e:72:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Jul 15 00:30:14 2025 GMT
Not After : Aug 19 23:59:59 2025 GMT
Subject: serialNumber=a44f7c06d9a305a81f45e2ad40148cea9734cb589afe536d0ba4e98072df931f, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:1e:b6:f5:17:4a:62:61:24:6f:5a:33:44:d3:
1a:e6:92:b3:3c:b7:4f:1d:17:aa:f5:d1:a0:99:d6:
97:fe:2e:75:64:01:57:7f:12:ad:5c:65:cd:40:6e:
95:73:be:27:97:63:a8:f8:1d:60:82:1a:79:5a:3e:
56:e2:51:41:4c:2a:e6:05:22:ff:4c:4e:36:ea:47:
15:1c:49:58:1b:ab:6b:2c:5b:00:f1:9a:20:fd:0d:
f9:b0:e1:13:0b:46:79:9a:fd:ac:ec:9c:90:77:d6:
0b:8e:a4:fe:c4:69:2d:e6:ad:87:65:2f:83:4c:b8:
54:67:ad:8f:08:ee:52:93:f1:73:05:13:38:ed:b9:
6a:bb:5c:cc:96:56:42:7d:f6:d6:a2:48:26:41:46:
cd:36:4e:3d:d0:67:fc:cf:2a:ec:48:7f:ba:d0:94:
46:70:3c:4c:7d:78:fa:6e:23:b2:41:be:93:b2:b8:
0c:fd:61:65:a0:23:75:d9:87:90:a2:87:3b:da:a1:
0d:b2:af:5e:a7:81:08:a3:68:68:31:c4:73:09:2c:
0b:0e:b2:c2:53:30:59:22:06:bc:61:77:df:1c:be:
14:91:1e:dc:ab:3d:04:fb:b9:46:7e:83:31:cd:66:
1e:26:1e:b1:f7:ee:be:1e:c2:63:a3:e0:69:3e:8b:
90:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:E5:C4:52:35:BB:76:DC:F7:5B:47:34:9A:22:CF:01:7D:21:27:FD
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/07aa2549-9eea-428d-a23d-c0e66b59cdb0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc1:8000::/38
Signature Algorithm: sha256WithRSAEncryption
23:27:2f:29:4e:d0:36:a2:5e:24:7c:8d:02:85:dc:28:7b:55:
6b:c9:28:bc:26:d0:5d:4c:9e:56:3c:75:2f:45:de:d4:d6:e6:
31:0b:57:d2:50:0e:22:0f:81:d7:af:25:d9:eb:d2:c1:3c:80:
78:50:8c:ef:40:0b:09:e6:10:6f:af:57:03:a2:bd:0e:e4:ce:
dd:51:e0:bf:5a:9d:79:f5:97:ee:23:fc:26:63:60:cf:5e:95:
22:72:33:c2:02:b5:fe:26:b2:f5:25:08:a6:1f:b8:09:94:97:
7a:fb:37:3c:e1:aa:c8:36:21:64:a3:75:fb:a7:1b:03:83:8a:
03:17:48:12:8d:49:49:0c:20:a1:b7:59:36:cf:e7:23:51:fa:
81:cd:ae:13:6a:cd:5b:03:03:ae:30:6e:c2:92:dd:27:f7:9b:
d6:1f:b8:50:25:22:c3:f7:14:0d:f5:e3:b7:97:c3:3d:50:ef:
f9:2a:0f:e1:b7:d7:8c:5a:74:85:42:1a:48:e1:95:49:83:cb:
b5:77:6e:92:28:d4:5b:3d:76:f1:bd:97:02:bb:5d:10:4e:ea:
68:0e:8f:34:40:7a:e6:ef:e4:eb:ca:d6:2c:82:a1:34:99:fa:
02:03:09:30:83:c7:be:3f:47:a7:c9:5f:eb:e6:5a:06:75:be:
65:d2:d7:f9
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUf031nLm3mWXcFQcu9Q30G2Kecv4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA3MTUwMDMwMTRaFw0yNTA4MTkyMzU5NTlaMHoxSTBHBgNV
BAUTQGE0NGY3YzA2ZDlhMzA1YTgxZjQ1ZTJhZDQwMTQ4Y2VhOTczNGNiNTg5YWZl
NTM2ZDBiYTRlOTgwNzJkZjkzMWYxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMketvUXSmJhJG9aM0TTGuaSszy3Tx0XqvXRoJnWl/4udWQBV38SrVxlzUBu
lXO+J5djqPgdYIIaeVo+VuJRQUwq5gUi/0xONupHFRxJWBurayxbAPGaIP0N+bDh
EwtGeZr9rOyckHfWC46k/sRpLeath2Uvg0y4VGetjwjuUpPxcwUTOO25artczJZW
Qn321qJIJkFGzTZOPdBn/M8q7Eh/utCURnA8TH14+m4jskG+k7K4DP1hZaAjddmH
kKKHO9qhDbKvXqeBCKNoaDHEcwksCw6ywlMwWSIGvGF33xy+FJEe3Ks9BPu5Rn6D
Mc1mHiYesffuvh7CY6PgaT6LkPsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBS/5cRS
Nbt23PdbRzSaIs8BfSEn/TAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
MDdhYTI1NDktOWVlYS00MjhkLWEyM2QtYzBlNjZiNTljZGIwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAiABP8GA
MA0GCSqGSIb3DQEBCwUAA4IBAQAjJy8pTtA2ol4kfI0Chdwoe1VrySi8JtBdTJ5W
PHUvRd7U1uYxC1fSUA4iD4HXryXZ69LBPIB4UIzvQAsJ5hBvr1cDor0O5M7dUeC/
Wp159ZfuI/wmY2DPXpUicjPCArX+JrL1JQimH7gJlJd6+zc84arINiFko3X7pxsD
g4oDF0gSjUlJDCCht1k2z+cjUfqBza4Tas1bAwOuMG7Ckt0n95vWH7hQJSLD9xQN
9eO3l8M9UO/5Kg/ht9eMWnSFQhpI4ZVJg8u1d26SKNRbPXbxvZcCu10QTupoDo80
QHrm7+TrytYsgqE0mfoCAwkwg8e+P0enyV/r5loGdb5l0tf5
-----END CERTIFICATE-----
Generated at Tue Jul 22 19:29:36 2025 by rpki-client