Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/0b1379a0-a965-4871-ba33-de2086e8028e.roa
File: 0b1379a0-a965-4871-ba33-de2086e8028e.roa (raw, json)
Hash identifier: 2VGxHdEYL4L+l3K3ftDIO0hf3yCFdgn1J6XyIIBzvlw=
Subject key identifier: 96:D2:8B:D1:F9:9D:81:D8:A6:7A:8E:06:41:28:F7:48:12:26:D8:88
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 3C3E70D61AFCA1D4004296D956813956621BEA5C
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/0b1379a0-a965-4871-ba33-de2086e8028e.roa
Signing time: Tue 15 Jul 2025 00:21:08 +0000
ROA not before: Tue 15 Jul 2025 00:21:08 +0000
ROA not after: Tue 19 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc7:f000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 08:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3c:3e:70:d6:1a:fc:a1:d4:00:42:96:d9:56:81:39:56:62:1b:ea:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Jul 15 00:21:08 2025 GMT
Not After : Aug 19 23:59:59 2025 GMT
Subject: serialNumber=4a24776ddbbdbf849367597859821da1763ac8196b7192a7b145cdd31df8d757, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:33:ae:ca:1c:87:bf:55:2b:15:44:c3:42:ec:
81:a9:9e:7b:75:08:c7:11:85:65:c0:fb:6b:ff:a2:
85:50:bd:91:d3:b0:77:5a:ce:0e:b5:dd:b3:08:d5:
d6:b7:14:ea:98:bf:cf:e3:5f:eb:b9:89:25:22:80:
68:32:ac:a9:99:73:8a:dc:0a:4e:dd:36:e3:72:65:
e1:92:a4:ce:03:ce:99:2f:7e:0d:64:4d:55:31:53:
e0:00:a8:fb:55:67:02:1a:d4:06:aa:8e:b8:40:ee:
50:c3:49:30:b1:3e:f6:60:9e:f4:c3:41:0f:09:e5:
1d:65:19:db:50:ea:6d:d0:5b:03:3d:16:f6:a6:b3:
cf:e1:21:19:8a:8d:22:23:aa:bb:5f:6d:c1:cc:8e:
c8:3c:c0:a6:49:b6:82:d2:e6:48:a8:f3:46:38:25:
a7:38:dc:0c:5e:36:0d:5d:07:16:61:1f:e3:ad:b2:
b7:4c:ce:33:6a:e1:31:12:10:ff:8e:a9:aa:c1:3c:
09:9a:04:39:be:6e:3a:35:a0:ad:c9:75:39:99:b8:
25:df:52:dc:a6:e2:1f:a2:19:1f:a6:eb:4b:a2:1e:
3e:23:0c:9e:25:c1:9b:3b:9e:ff:9d:d2:ae:9d:71:
a6:33:e6:e8:3f:48:dd:8e:fe:7e:8d:30:f8:5a:c8:
66:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:D2:8B:D1:F9:9D:81:D8:A6:7A:8E:06:41:28:F7:48:12:26:D8:88
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/0b1379a0-a965-4871-ba33-de2086e8028e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc7:f000::/36
Signature Algorithm: sha256WithRSAEncryption
92:08:28:a8:6c:fb:61:0b:18:ec:59:1b:aa:b6:6b:0a:97:95:
0e:99:0b:6a:82:a8:03:1c:f6:24:0d:54:b2:f9:ac:88:8d:47:
a3:63:15:3f:93:63:01:cf:25:8f:88:3f:e6:e4:77:d9:85:ea:
06:90:30:e2:ec:ce:db:a5:79:90:0c:78:0c:ce:23:37:cc:4c:
90:19:65:43:bf:6e:3f:1e:08:e5:a8:f2:08:ea:59:dc:7b:74:
b5:95:55:43:00:9c:43:65:9e:2c:68:48:4c:cb:df:39:4b:b9:
ed:05:ca:4b:8f:72:98:c5:2d:74:e0:3c:ab:47:13:0b:6f:56:
a1:53:40:89:e8:60:e5:29:bb:d2:1e:d5:ef:0c:2c:ca:27:d4:
24:68:e8:11:a4:37:43:bd:db:4a:03:c8:6f:4c:a7:30:59:a9:
a7:c6:f2:a4:7e:f6:fd:57:41:5a:80:1f:2d:a6:c3:9c:11:bb:
e8:f7:4b:26:32:14:f7:9b:a8:ef:aa:76:60:6b:c4:88:a6:a8:
67:8e:47:16:47:13:eb:1f:2d:7a:a4:f1:6a:6c:21:4b:f5:e9:
f0:aa:94:ae:35:f1:80:1f:c7:6c:d6:97:3b:4b:49:c7:1b:c9:
4e:9f:e1:29:7e:27:a7:5d:2e:a1:49:84:b2:22:db:91:5d:99:
cc:6b:d4:a2
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUPD5w1hr8odQAQpbZVoE5VmIb6lwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA3MTUwMDIxMDhaFw0yNTA4MTkyMzU5NTlaMHoxSTBHBgNV
BAUTQDRhMjQ3NzZkZGJiZGJmODQ5MzY3NTk3ODU5ODIxZGExNzYzYWM4MTk2Yjcx
OTJhN2IxNDVjZGQzMWRmOGQ3NTcxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALwzrsoch79VKxVEw0Lsgamee3UIxxGFZcD7a/+ihVC9kdOwd1rODrXdswjV
1rcU6pi/z+Nf67mJJSKAaDKsqZlzitwKTt0243Jl4ZKkzgPOmS9+DWRNVTFT4ACo
+1VnAhrUBqqOuEDuUMNJMLE+9mCe9MNBDwnlHWUZ21DqbdBbAz0W9qazz+EhGYqN
IiOqu19twcyOyDzApkm2gtLmSKjzRjglpzjcDF42DV0HFmEf462yt0zOM2rhMRIQ
/46pqsE8CZoEOb5uOjWgrcl1OZm4Jd9S3KbiH6IZH6brS6IePiMMniXBmzue/53S
rp1xpjPm6D9I3Y7+fo0w+FrIZk8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSW0ovR
+Z2B2KZ6jgZBKPdIEibYiDAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
MGIxMzc5YTAtYTk2NS00ODcxLWJhMzMtZGUyMDg2ZTgwMjhlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCABP8fw
MA0GCSqGSIb3DQEBCwUAA4IBAQCSCCiobPthCxjsWRuqtmsKl5UOmQtqgqgDHPYk
DVSy+ayIjUejYxU/k2MBzyWPiD/m5HfZheoGkDDi7M7bpXmQDHgMziM3zEyQGWVD
v24/HgjlqPII6lnce3S1lVVDAJxDZZ4saEhMy985S7ntBcpLj3KYxS104DyrRxML
b1ahU0CJ6GDlKbvSHtXvDCzKJ9QkaOgRpDdDvdtKA8hvTKcwWamnxvKkfvb9V0Fa
gB8tpsOcEbvo90smMhT3m6jvqnZga8SIpqhnjkcWRxPrHy16pPFqbCFL9enwqpSu
NfGAH8ds1pc7S0nHG8lOn+EpfienXS6hSYSyItuRXZnMa9Si
-----END CERTIFICATE-----
Generated at Tue Jul 22 11:46:05 2025 by rpki-client