Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/2a0347bc-2355-45ba-953f-4658b951cf4b.roa
File: 2a0347bc-2355-45ba-953f-4658b951cf4b.roa (raw, json)
Hash identifier: P86kJLKdxH2SPEAiDzOQhi9/gereG/myvPRKYV2oGOY=
Subject key identifier: 98:A7:29:BD:60:CF:09:79:06:C1:16:96:C0:0C:9B:31:A3:83:AD:61
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 361D7DBEA619AEE288FD378AF99D73D10E58125F
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/2a0347bc-2355-45ba-953f-4658b951cf4b.roa
Signing time: Tue 15 Jul 2025 00:20:28 +0000
ROA not before: Tue 15 Jul 2025 00:20:28 +0000
ROA not after: Tue 19 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc7:78c0::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 08:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
36:1d:7d:be:a6:19:ae:e2:88:fd:37:8a:f9:9d:73:d1:0e:58:12:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Jul 15 00:20:28 2025 GMT
Not After : Aug 19 23:59:59 2025 GMT
Subject: serialNumber=ccc776c2580e85e5e06fc504d60d84a3212384346a27e456d320647bf0cef145, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:f5:d2:66:3c:62:c9:6f:13:2a:4e:c8:0a:ab:
af:1b:9f:4c:43:57:12:05:37:f9:ce:87:46:44:24:
27:30:1e:bf:26:4d:e2:34:7f:ee:c8:f0:19:4e:30:
f6:8a:8e:13:68:52:36:50:df:2b:df:d6:90:2d:fc:
17:c0:a9:16:d1:b1:c7:b1:d3:f1:f7:4e:14:8b:59:
d8:1e:a7:52:34:d3:ef:54:56:d2:da:b3:97:7f:10:
7b:be:d0:e5:a6:6f:f8:16:37:29:f9:73:67:9a:ea:
3d:2f:82:4c:b1:ec:d8:db:be:89:d3:2c:07:0c:0f:
98:e1:c8:e2:5c:25:50:01:e9:c6:bd:2c:28:b9:b0:
48:72:26:ff:82:7f:88:23:27:77:8b:b5:a3:12:d8:
c7:13:0b:4d:ba:41:b9:08:39:f7:3d:78:f9:f0:e4:
e4:05:c2:c3:8d:74:39:86:d8:48:9f:64:7d:a0:b5:
69:a6:d2:da:84:45:2a:95:a1:d1:7c:37:71:56:0b:
8a:5e:e7:bf:98:05:c0:e1:1c:3e:98:f0:44:3d:5d:
eb:80:cc:50:8b:e2:b8:3b:e4:39:e5:72:92:92:58:
fc:8c:98:96:89:d1:67:65:6d:95:5a:0b:7d:95:89:
c1:06:53:90:e2:ac:39:47:a4:85:27:ae:b3:e1:d1:
a0:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:A7:29:BD:60:CF:09:79:06:C1:16:96:C0:0C:9B:31:A3:83:AD:61
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/2a0347bc-2355-45ba-953f-4658b951cf4b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc7:78c0::/46
Signature Algorithm: sha256WithRSAEncryption
a1:b0:9a:90:75:51:85:18:46:5b:0f:42:89:ec:0b:f8:6b:b6:
7d:0c:f8:07:96:5e:e6:8d:2b:5b:33:97:9f:f7:d1:d3:a4:08:
ff:30:1c:83:91:e3:76:b1:30:73:f8:b2:cc:a8:57:77:3e:f1:
29:d8:fb:cb:47:88:d6:66:12:2a:31:27:2d:dc:77:2b:11:57:
ef:6b:a3:02:47:8e:6a:04:3d:e0:51:b9:c6:d2:10:ec:8e:08:
2b:cf:b1:aa:af:e2:8f:70:b1:36:4a:cc:0b:9e:28:40:3b:24:
e1:2f:2f:e1:c6:73:39:cb:b2:e8:60:1f:91:fa:29:7e:84:b7:
be:c9:e3:00:36:69:54:c1:cd:a1:a4:17:e0:eb:94:a6:eb:77:
b5:8b:e4:ac:e5:5a:86:62:25:7f:01:31:8d:e1:84:3c:16:52:
7a:ad:1a:fb:0d:fa:18:d6:57:eb:fc:bd:e3:fc:b8:2f:4d:3a:
33:5a:3b:6f:36:e5:70:1e:cf:32:1f:d9:0a:f1:5b:d2:e0:e1:
57:d0:6c:d0:f1:55:f1:ac:67:9d:e1:b7:71:42:5f:10:d2:c7:
0a:25:62:2b:5f:3f:aa:c8:a4:07:66:98:56:54:7a:3a:b6:0a:
f2:1f:f0:d7:d3:ff:ec:21:96:de:4c:53:de:e8:71:d3:d5:4e:
1c:2f:53:03
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUNh19vqYZruKI/TeK+Z1z0Q5YEl8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA3MTUwMDIwMjhaFw0yNTA4MTkyMzU5NTlaMHoxSTBHBgNV
BAUTQGNjYzc3NmMyNTgwZTg1ZTVlMDZmYzUwNGQ2MGQ4NGEzMjEyMzg0MzQ2YTI3
ZTQ1NmQzMjA2NDdiZjBjZWYxNDUxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANP10mY8YslvEypOyAqrrxufTENXEgU3+c6HRkQkJzAevyZN4jR/7sjwGU4w
9oqOE2hSNlDfK9/WkC38F8CpFtGxx7HT8fdOFItZ2B6nUjTT71RW0tqzl38Qe77Q
5aZv+BY3KflzZ5rqPS+CTLHs2Nu+idMsBwwPmOHI4lwlUAHpxr0sKLmwSHIm/4J/
iCMnd4u1oxLYxxMLTbpBuQg59z14+fDk5AXCw410OYbYSJ9kfaC1aabS2oRFKpWh
0Xw3cVYLil7nv5gFwOEcPpjwRD1d64DMUIviuDvkOeVykpJY/IyYlonRZ2VtlVoL
fZWJwQZTkOKsOUekhSeus+HRoHMCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSYpym9
YM8JeQbBFpbADJsxo4OtYTAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
MmEwMzQ3YmMtMjM1NS00NWJhLTk1M2YtNDY1OGI5NTFjZjRiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAiABP8d4
wDANBgkqhkiG9w0BAQsFAAOCAQEAobCakHVRhRhGWw9CiewL+Gu2fQz4B5Ze5o0r
WzOXn/fR06QI/zAcg5HjdrEwc/iyzKhXdz7xKdj7y0eI1mYSKjEnLdx3KxFX72uj
AkeOagQ94FG5xtIQ7I4IK8+xqq/ij3CxNkrMC54oQDsk4S8v4cZzOcuy6GAfkfop
foS3vsnjADZpVMHNoaQX4OuUput3tYvkrOVahmIlfwExjeGEPBZSeq0a+w36GNZX
6/y94/y4L006M1o7bzblcB7PMh/ZCvFb0uDhV9Bs0PFV8axnneG3cUJfENLHCiVi
K18/qsikB2aYVlR6OrYK8h/w19P/7CGW3kxT3uhx09VOHC9TAw==
-----END CERTIFICATE-----
Generated at Tue Jul 22 11:45:51 2025 by rpki-client