Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/1e498054-99a2-4f2b-82cb-7448499c313c.roa
File: 1e498054-99a2-4f2b-82cb-7448499c313c.roa (raw, json)
Hash identifier: UE7BWdcx2QorJftAe/RVLU7WQ6zrAV002fkABK0U5Nw=
Subject key identifier: 46:F7:B1:D3:92:9C:90:D8:6B:DE:28:E2:4C:AC:F7:C1:D0:5E:5D:4A
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 0D20966B4BAD1D8A1729F0357E380B0D13DC76F6
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/1e498054-99a2-4f2b-82cb-7448499c313c.roa
Signing time: Tue 15 Jul 2025 00:30:33 +0000
ROA not before: Tue 15 Jul 2025 00:30:33 +0000
ROA not after: Tue 19 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 25 Jul 2025 08:00:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0d:20:96:6b:4b:ad:1d:8a:17:29:f0:35:7e:38:0b:0d:13:dc:76:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Jul 15 00:30:33 2025 GMT
Not After : Aug 19 23:59:59 2025 GMT
Subject: serialNumber=fb671f28d0552f91ed23aa20fce97f5f6d4d19ca5577657d613dde98f0102387, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:a2:53:1b:d1:d4:ea:73:6d:50:f9:2c:d7:29:
8f:c3:23:2f:20:5e:b7:e0:43:03:f8:70:b3:ac:e7:
73:fc:f9:7f:98:d3:dd:cc:23:d1:e9:96:99:67:3d:
08:ef:cb:fb:cc:4f:29:ef:a2:8c:3d:e4:60:0e:ae:
ad:3f:02:f9:45:de:e9:4a:ad:9e:d2:7a:4a:3f:f5:
1c:0b:53:2d:9d:d2:92:01:1f:a9:bd:eb:e7:df:77:
fb:5a:87:a7:1e:c2:bd:0b:20:46:14:92:29:8a:e1:
d2:3e:5a:c9:ae:ba:fd:10:58:ed:0c:49:72:4c:9c:
6e:48:48:66:c0:fb:aa:52:57:56:d3:ba:0e:de:0a:
e3:14:2e:3a:2a:73:61:d3:e8:81:41:ac:18:45:3a:
4a:54:17:74:4c:5d:20:59:56:5e:1d:02:43:d7:c5:
ee:fb:0c:ed:22:a8:39:67:e1:44:63:80:05:f0:ba:
18:f2:a5:ff:0e:0c:c7:be:bf:46:fe:04:b5:87:4d:
e4:66:62:9b:72:fa:86:14:87:a0:87:d9:44:fe:10:
be:bf:5a:c3:70:70:fb:4a:18:ef:3e:d3:f6:80:48:
63:50:c5:93:dc:59:09:35:e2:30:31:73:d6:b8:b5:
9a:4d:6a:0b:72:39:33:fc:59:59:de:61:d5:a5:8e:
20:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:F7:B1:D3:92:9C:90:D8:6B:DE:28:E2:4C:AC:F7:C1:D0:5E:5D:4A
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/1e498054-99a2-4f2b-82cb-7448499c313c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc0::/29
Signature Algorithm: sha256WithRSAEncryption
19:e5:79:21:60:c7:95:1d:18:db:2f:fd:c4:e9:b5:cb:59:de:
ef:28:f6:4d:be:13:d1:ec:18:bf:e3:3b:46:a7:8e:1d:3d:4e:
f0:b9:2a:6c:1d:96:95:12:ef:1c:84:52:88:ca:7e:84:5f:c1:
b5:bc:fc:dd:7d:c1:15:5c:f6:7e:cd:df:bd:e5:cf:02:9d:e4:
f0:71:87:11:6c:a1:d4:6b:13:95:57:eb:a5:47:95:b2:7c:9f:
25:12:d1:e3:d3:bb:a0:74:d7:45:e3:f3:52:eb:52:81:d8:9e:
cd:fa:e0:b1:6e:d0:aa:9b:4f:7c:a0:bb:1c:30:4e:cd:1e:48:
67:6b:df:68:0e:a8:72:7a:1f:2e:f1:de:56:44:29:50:03:2a:
63:06:89:1f:cb:5a:2e:56:c3:ae:8d:24:54:33:64:d7:37:b3:
8a:0d:f9:07:36:e8:26:2b:8c:94:0c:ff:a4:db:8e:12:fd:83:
f5:87:6f:3d:d3:c1:c4:57:01:dc:d0:77:96:e9:d2:69:ca:b5:
0d:a9:ad:fe:b4:08:a6:25:88:a4:86:84:06:39:37:93:9a:94:
67:d8:95:ee:3f:dc:dd:72:47:c5:b8:5a:93:9e:e1:bf:6a:aa:
bd:f2:c8:22:42:48:bf:ed:c2:87:62:92:b4:53:a8:0a:e2:3b:
f4:a6:16:97
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgIUDSCWa0utHYoXKfA1fjgLDRPcdvYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA3MTUwMDMwMzNaFw0yNTA4MTkyMzU5NTlaMHoxSTBHBgNV
BAUTQGZiNjcxZjI4ZDA1NTJmOTFlZDIzYWEyMGZjZTk3ZjVmNmQ0ZDE5Y2E1NTc3
NjU3ZDYxM2RkZTk4ZjAxMDIzODcxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK2iUxvR1OpzbVD5LNcpj8MjLyBet+BDA/hws6znc/z5f5jT3cwj0emWmWc9
CO/L+8xPKe+ijD3kYA6urT8C+UXe6UqtntJ6Sj/1HAtTLZ3SkgEfqb3r5993+1qH
px7CvQsgRhSSKYrh0j5aya66/RBY7QxJckycbkhIZsD7qlJXVtO6Dt4K4xQuOipz
YdPogUGsGEU6SlQXdExdIFlWXh0CQ9fF7vsM7SKoOWfhRGOABfC6GPKl/w4Mx76/
Rv4EtYdN5GZim3L6hhSHoIfZRP4Qvr9aw3Bw+0oY7z7T9oBIY1DFk9xZCTXiMDFz
1ri1mk1qC3I5M/xZWd5h1aWOICkCAwEAAaOCAiIwggIeMB0GA1UdDgQWBBRG97HT
kpyQ2GveKOJMrPfB0F5dSjAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
MWU0OTgwNTQtOTlhMi00ZjJiLTgyY2ItNzQ0ODQ5OWMzMTNjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFAyABP8Aw
DQYJKoZIhvcNAQELBQADggEBABnleSFgx5UdGNsv/cTptctZ3u8o9k2+E9HsGL/j
O0anjh09TvC5KmwdlpUS7xyEUojKfoRfwbW8/N19wRVc9n7N373lzwKd5PBxhxFs
odRrE5VX66VHlbJ8nyUS0ePTu6B010Xj81LrUoHYns364LFu0KqbT3yguxwwTs0e
SGdr32gOqHJ6Hy7x3lZEKVADKmMGiR/LWi5Ww66NJFQzZNc3s4oN+Qc26CYrjJQM
/6TbjhL9g/WHbz3TwcRXAdzQd5bp0mnKtQ2prf60CKYliKSGhAY5N5OalGfYle4/
3N1yR8W4WpOe4b9qqr3yyCJCSL/twodikrRTqAriO/SmFpc=
-----END CERTIFICATE-----
Generated at Thu Jul 24 11:49:11 2025 by rpki-client