Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/336f8390-241d-4b6f-9822-91232dc553f3.roa
File: 336f8390-241d-4b6f-9822-91232dc553f3.roa (raw, json)
Hash identifier: 2cyK0XpN3pMha93kWG5/zMv4i3fg5kUPfmTvVfYwvVo=
Subject key identifier: F6:69:2E:2B:87:20:1B:21:42:8B:8C:53:6E:94:5A:68:16:07:99:A3
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 11C771907AEE5D882D15FD06D0E17CF24A992552
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/336f8390-241d-4b6f-9822-91232dc553f3.roa
Signing time: Tue 15 Jul 2025 00:20:05 +0000
ROA not before: Tue 15 Jul 2025 00:20:05 +0000
ROA not after: Tue 19 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc7:6800::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 08:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
11:c7:71:90:7a:ee:5d:88:2d:15:fd:06:d0:e1:7c:f2:4a:99:25:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Jul 15 00:20:05 2025 GMT
Not After : Aug 19 23:59:59 2025 GMT
Subject: serialNumber=a3237ca3cf82eeb8c708efb7debb270f02b5d6cbfe4a303db96120ef81956ef8, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:29:03:be:3a:60:bd:0c:15:e1:8d:7b:cf:09:
3b:97:60:f1:7e:d3:59:ab:32:40:2e:d1:4e:80:a5:
60:8b:d5:ef:3d:39:91:76:3b:77:0c:13:31:bd:8f:
f3:cc:31:39:12:c4:19:7c:3c:4c:ab:8a:d6:41:ab:
50:36:22:04:67:f4:dd:e7:ca:82:64:7c:2e:1c:1e:
67:85:7c:6a:ce:a8:ef:6c:1b:11:c3:6d:fe:2e:12:
ab:f9:2d:fb:ff:15:67:a3:ff:6f:8a:c7:9e:40:15:
bf:f9:a0:b8:dc:cd:91:d3:94:0f:ba:79:1f:af:6c:
19:49:27:2d:93:1f:59:f3:07:c4:57:d3:4b:e5:cb:
2c:91:af:97:17:af:00:31:44:ae:65:d0:08:e4:25:
91:2d:be:58:08:26:05:11:5f:02:8a:6e:61:89:93:
4c:a8:d7:2d:db:03:52:f8:bf:90:ec:7a:05:e6:59:
3c:eb:17:e2:bc:c4:78:69:5d:f7:47:8b:d2:e9:1b:
ff:c8:d1:d4:3e:86:03:0d:60:24:94:b2:81:a4:d0:
63:ef:09:25:de:e4:9e:b7:2f:e6:ea:82:52:32:81:
49:aa:1f:a8:b4:58:d1:92:96:61:06:04:c7:a2:ec:
15:f7:2d:02:71:a6:01:0f:53:3f:0c:c0:a9:dc:fd:
eb:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:69:2E:2B:87:20:1B:21:42:8B:8C:53:6E:94:5A:68:16:07:99:A3
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/336f8390-241d-4b6f-9822-91232dc553f3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc7:6800::/40
Signature Algorithm: sha256WithRSAEncryption
80:59:d7:1a:d0:8e:83:33:3f:21:d9:ba:cf:d6:6a:63:1d:a5:
e8:65:c0:78:0c:77:85:bc:65:c3:43:f5:4a:68:89:d5:52:00:
9a:42:3a:da:ba:c2:49:33:a8:ca:7e:2c:bc:e7:87:b1:40:15:
a0:6e:c7:8e:de:a7:58:66:31:bd:91:cd:36:9d:81:c6:da:c5:
27:b6:a7:43:d5:9f:58:bf:bc:2a:43:e6:5d:73:32:bc:15:7d:
44:76:47:b0:87:25:f4:28:8c:d2:2d:20:49:69:9a:e0:fd:67:
b9:f9:3b:57:af:bc:ca:6c:0c:6d:30:04:51:be:18:ee:9c:8d:
c8:c7:3f:18:19:ed:80:08:60:28:7c:f2:f3:36:95:7d:e4:03:
29:dd:6c:a3:85:d4:fe:b4:6b:76:03:98:07:e6:c8:60:28:b1:
9a:c7:33:f4:77:cf:9c:13:e8:6c:20:c9:67:b3:16:54:e3:c6:
de:0e:c7:23:cc:65:f4:55:9d:b3:09:4b:bb:cd:17:01:05:45:
3e:e8:13:43:8d:36:a8:ed:76:d0:f9:95:4f:38:94:09:04:66:
59:5d:b5:a8:29:ac:0e:c6:99:6a:17:72:85:4d:12:03:2f:95:
0f:fe:d1:66:3d:28:cd:91:9c:da:0a:ca:71:c2:11:3b:f1:e0:
ef:3d:63:4d
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUEcdxkHruXYgtFf0G0OF88kqZJVIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA3MTUwMDIwMDVaFw0yNTA4MTkyMzU5NTlaMHoxSTBHBgNV
BAUTQGEzMjM3Y2EzY2Y4MmVlYjhjNzA4ZWZiN2RlYmIyNzBmMDJiNWQ2Y2JmZTRh
MzAzZGI5NjEyMGVmODE5NTZlZjgxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKMpA746YL0MFeGNe88JO5dg8X7TWasyQC7RToClYIvV7z05kXY7dwwTMb2P
88wxORLEGXw8TKuK1kGrUDYiBGf03efKgmR8LhweZ4V8as6o72wbEcNt/i4Sq/kt
+/8VZ6P/b4rHnkAVv/mguNzNkdOUD7p5H69sGUknLZMfWfMHxFfTS+XLLJGvlxev
ADFErmXQCOQlkS2+WAgmBRFfAopuYYmTTKjXLdsDUvi/kOx6BeZZPOsX4rzEeGld
90eL0ukb/8jR1D6GAw1gJJSygaTQY+8JJd7knrcv5uqCUjKBSaofqLRY0ZKWYQYE
x6LsFfctAnGmAQ9TPwzAqdz965cCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBT2aS4r
hyAbIUKLjFNulFpoFgeZozAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
MzM2ZjgzOTAtMjQxZC00YjZmLTk4MjItOTEyMzJkYzU1M2YzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACABP8do
MA0GCSqGSIb3DQEBCwUAA4IBAQCAWdca0I6DMz8h2brP1mpjHaXoZcB4DHeFvGXD
Q/VKaInVUgCaQjrausJJM6jKfiy854exQBWgbseO3qdYZjG9kc02nYHG2sUntqdD
1Z9Yv7wqQ+ZdczK8FX1EdkewhyX0KIzSLSBJaZrg/We5+TtXr7zKbAxtMARRvhju
nI3Ixz8YGe2ACGAofPLzNpV95AMp3WyjhdT+tGt2A5gH5shgKLGaxzP0d8+cE+hs
IMlnsxZU48beDscjzGX0VZ2zCUu7zRcBBUU+6BNDjTao7XbQ+ZVPOJQJBGZZXbWo
KawOxplqF3KFTRIDL5UP/tFmPSjNkZzaCspxwhE78eDvPWNN
-----END CERTIFICATE-----
Generated at Tue Jul 22 11:46:07 2025 by rpki-client