Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/13e0b0a3-49b4-4990-a108-1beddb3a18bc.roa
File: 13e0b0a3-49b4-4990-a108-1beddb3a18bc.roa (raw, json)
Hash identifier: VveaBriDkGTuHw1AydgPvfZ+MIx8FZWdb9VjzNNYu3M=
Subject key identifier: 7F:91:A2:7B:26:78:AD:B4:00:E9:6F:74:4F:E9:D8:87:8D:5A:42:FA
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 336B6F6682F630EAA6246E120EEF21037663AA37
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/13e0b0a3-49b4-4990-a108-1beddb3a18bc.roa
Signing time: Tue 15 Jul 2025 00:21:04 +0000
ROA not before: Tue 15 Jul 2025 00:21:04 +0000
ROA not after: Tue 19 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc7:28c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
33:6b:6f:66:82:f6:30:ea:a6:24:6e:12:0e:ef:21:03:76:63:aa:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Jul 15 00:21:04 2025 GMT
Not After : Aug 19 23:59:59 2025 GMT
Subject: serialNumber=b46066114d24c6a071d66e9e3de595e15bf908faefd6ea9d19dd7e6dbb6a4ee6, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:a4:f8:99:c8:07:3a:28:1b:58:08:b7:19:3f:
d8:d5:24:3f:70:e5:11:4b:3a:54:65:66:df:db:b6:
c8:b7:9b:a7:38:80:a8:d2:28:46:ad:b2:d1:f8:f6:
e2:a3:7c:82:bb:d6:ff:11:ed:d6:44:46:44:e5:9d:
6b:37:b4:f3:d4:db:d3:26:22:82:79:58:65:22:82:
5a:d6:36:53:bd:8d:db:c8:93:9a:20:b5:30:5b:93:
31:9f:72:a5:ae:8e:94:ac:1e:65:1b:2d:65:f8:b3:
d5:34:5b:e2:2f:d1:f6:1b:ae:b3:1c:c9:56:0c:a8:
c3:0c:3c:87:25:7f:bb:77:74:55:66:8b:a2:c2:cf:
6b:9f:38:cd:9b:a9:07:c4:dc:81:0a:36:93:94:ec:
82:19:2b:cb:6a:20:8e:47:12:cf:ee:c0:2f:e5:17:
57:dd:c9:36:11:06:10:17:74:ff:52:4e:93:63:db:
a4:6b:6b:f2:50:26:7a:02:20:ef:2a:fd:94:ad:64:
f9:80:02:6a:14:8a:24:e2:62:38:f1:97:46:e8:0e:
18:56:65:f0:9a:73:a2:28:49:39:c4:20:9d:5d:d7:
71:a5:5c:c3:9e:a7:3b:a9:6e:2e:cc:15:98:58:6f:
dd:ce:b9:b4:0a:1d:da:65:ed:f0:5e:c2:0a:92:91:
1d:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:91:A2:7B:26:78:AD:B4:00:E9:6F:74:4F:E9:D8:87:8D:5A:42:FA
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/13e0b0a3-49b4-4990-a108-1beddb3a18bc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc7:28c0::/48
Signature Algorithm: sha256WithRSAEncryption
83:fd:f4:50:52:53:8c:23:1d:c4:10:58:46:fa:f3:13:ad:3b:
9e:59:a7:7e:ef:c8:cc:73:21:cd:e1:72:1e:d1:26:dd:7a:ed:
2f:83:86:24:95:8e:97:ca:e5:fe:5d:63:73:47:11:f4:0e:80:
f5:05:dc:8c:a9:8d:30:c7:02:c7:8b:a0:d0:b4:5c:ee:56:4e:
20:09:77:53:7f:86:fe:e1:f7:de:36:25:33:22:a2:c9:3f:2b:
f4:ed:b6:b0:28:ad:18:5a:ec:9a:f5:f9:4c:6e:c3:87:4c:0f:
22:94:bb:80:30:63:9a:96:80:93:ce:f9:da:ad:f8:6b:8a:82:
9c:c0:7e:ab:b7:c9:5b:74:d3:92:e8:39:ca:10:6a:5b:67:a8:
6c:1c:89:eb:84:32:a7:4c:97:ec:47:dd:01:88:97:10:64:06:
96:49:37:f6:ac:dc:f5:4c:44:8b:78:c5:c9:fc:e0:0f:19:63:
b1:55:b8:8c:1a:50:2a:b0:49:b0:ef:fd:b1:ba:ee:4d:3a:14:
42:f7:9b:d0:2b:f4:56:e4:75:16:a8:bc:03:99:05:58:76:00:
42:07:d0:fc:4c:8c:30:25:cb:50:84:b3:18:e2:19:bf:30:d1:
be:be:05:b4:37:31:dc:3e:f4:61:80:82:85:2e:2d:fe:59:2e:
42:28:b3:24
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUM2tvZoL2MOqmJG4SDu8hA3ZjqjcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA3MTUwMDIxMDRaFw0yNTA4MTkyMzU5NTlaMHoxSTBHBgNV
BAUTQGI0NjA2NjExNGQyNGM2YTA3MWQ2NmU5ZTNkZTU5NWUxNWJmOTA4ZmFlZmQ2
ZWE5ZDE5ZGQ3ZTZkYmI2YTRlZTYxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKSk+JnIBzooG1gItxk/2NUkP3DlEUs6VGVm39u2yLebpziAqNIoRq2y0fj2
4qN8grvW/xHt1kRGROWdaze089Tb0yYignlYZSKCWtY2U72N28iTmiC1MFuTMZ9y
pa6OlKweZRstZfiz1TRb4i/R9huusxzJVgyowww8hyV/u3d0VWaLosLPa584zZup
B8TcgQo2k5Tsghkry2ogjkcSz+7AL+UXV93JNhEGEBd0/1JOk2PbpGtr8lAmegIg
7yr9lK1k+YACahSKJOJiOPGXRugOGFZl8JpzoihJOcQgnV3XcaVcw56nO6luLswV
mFhv3c65tAod2mXt8F7CCpKRHQECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBR/kaJ7
JnittADpb3RP6diHjVpC+jAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
MTNlMGIwYTMtNDliNC00OTkwLWExMDgtMWJlZGRiM2ExOGJjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACABP8co
wDANBgkqhkiG9w0BAQsFAAOCAQEAg/30UFJTjCMdxBBYRvrzE607nlmnfu/IzHMh
zeFyHtEm3XrtL4OGJJWOl8rl/l1jc0cR9A6A9QXcjKmNMMcCx4ug0LRc7lZOIAl3
U3+G/uH33jYlMyKiyT8r9O22sCitGFrsmvX5TG7Dh0wPIpS7gDBjmpaAk8752q34
a4qCnMB+q7fJW3TTkug5yhBqW2eobByJ64Qyp0yX7EfdAYiXEGQGlkk39qzc9UxE
i3jFyfzgDxljsVW4jBpQKrBJsO/9sbruTToUQveb0Cv0VuR1Fqi8A5kFWHYAQgfQ
/EyMMCXLUISzGOIZvzDRvr4FtDcx3D70YYCChS4t/lkuQiizJA==
-----END CERTIFICATE-----
Generated at Tue Jul 22 19:30:33 2025 by rpki-client