Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/34fb5c7e-e397-4649-893b-332ddda14bd0.roa
File: 34fb5c7e-e397-4649-893b-332ddda14bd0.roa (raw, json)
Hash identifier: MCBBjgdHqnXnGAdCBVEZFbBa+iqskmcZhzvmQJXLF2g=
Subject key identifier: 93:FE:CA:84:EC:54:F4:B3:D6:15:05:0F:40:24:9E:62:78:E9:3D:A3
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 47AAEF6FF4FE34A6810F8383ACEFE56FE8F2F641
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/34fb5c7e-e397-4649-893b-332ddda14bd0.roa
Signing time: Mon 07 Jul 2025 18:30:05 +0000
ROA not before: Mon 07 Jul 2025 18:30:05 +0000
ROA not after: Mon 11 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc6:100::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 25 Jul 2025 08:00:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
47:aa:ef:6f:f4:fe:34:a6:81:0f:83:83:ac:ef:e5:6f:e8:f2:f6:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Jul 7 18:30:05 2025 GMT
Not After : Aug 11 23:59:59 2025 GMT
Subject: serialNumber=8d894ded048c3c842419db1c91b97e89f41e32b150519872cf13ef488c92275c, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:5c:2f:26:77:e1:cb:7c:67:2b:7e:26:ef:75:
d9:58:31:e7:c3:1b:ae:92:89:79:86:1d:7e:76:f4:
e7:5e:43:b2:90:3f:c2:2b:5c:18:13:4b:11:7f:cd:
1c:73:cd:71:4a:32:fb:df:6f:59:a7:97:48:81:03:
c2:b4:13:c6:3e:9a:1f:8e:a8:9a:8b:bf:07:af:a9:
ec:4c:03:4a:14:2b:c2:15:af:ed:26:4a:a8:5e:37:
75:3f:28:6b:8c:b4:10:98:4a:14:85:4b:8e:0e:77:
b7:33:29:50:17:04:1e:cb:37:17:a6:e5:0d:3b:e3:
cb:41:81:8d:cf:ea:15:5d:1b:b7:a8:93:92:b4:88:
8b:79:24:2f:b0:6a:56:a3:f4:d2:6f:f4:c8:98:f2:
fb:9e:d6:41:a8:60:52:41:12:cb:19:ca:02:cf:50:
ca:02:49:94:3a:5b:6e:ed:0e:0b:ec:b7:68:32:ce:
ac:dc:66:51:0a:c0:cf:52:8c:c1:c4:9c:fd:e2:40:
6e:07:9a:e8:da:45:ad:4c:10:d6:37:1c:81:e3:68:
d5:1f:dd:8e:08:09:4a:e1:88:73:13:07:8c:ea:f9:
31:d9:69:e9:34:b7:2b:2f:8e:ae:24:e6:57:ac:80:
51:23:bc:d9:46:92:7d:05:0d:ff:5d:f8:14:91:de:
54:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:FE:CA:84:EC:54:F4:B3:D6:15:05:0F:40:24:9E:62:78:E9:3D:A3
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/34fb5c7e-e397-4649-893b-332ddda14bd0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc6:100::/48
Signature Algorithm: sha256WithRSAEncryption
41:47:23:49:fc:dc:ae:be:44:7b:cd:53:10:bc:d1:f7:41:4b:
3b:35:1b:6b:af:61:32:b8:20:b6:fc:5a:3a:e3:aa:36:68:84:
62:49:76:39:57:af:83:21:01:e5:dc:03:bf:7e:98:47:ca:6f:
ac:62:9e:aa:32:ee:b5:ae:a4:af:f7:59:03:39:a5:e0:eb:0d:
34:d2:42:ed:a7:36:ea:7b:63:d1:a2:10:3d:cc:9f:2d:af:ea:
ff:e5:67:f6:f9:e1:32:a1:d6:00:31:30:2e:0a:64:3a:75:f3:
7f:7b:48:43:9a:23:ec:d6:79:94:77:4c:a6:24:f8:45:00:97:
c5:de:4f:63:c3:b0:4d:bf:d8:ce:15:6d:26:36:98:0e:5a:f0:
8f:52:ac:22:fe:3b:6c:01:37:e8:f9:23:65:25:20:55:9c:27:
12:61:86:93:09:0d:09:d4:14:2d:76:54:0e:59:8a:f3:1c:af:
2f:5e:39:1b:68:6a:e6:e2:e2:92:62:5d:b1:5a:ba:11:bc:71:
50:c4:c5:6c:47:ba:90:cd:88:59:06:cd:77:54:88:c7:db:52:
be:ff:3f:52:a2:06:f8:74:31:d6:d5:d1:25:c7:64:c0:21:2a:
62:3c:0e:f1:93:d4:7b:e0:e1:41:67:1c:22:c7:4c:a8:a7:ae:
26:4c:1d:cf
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUR6rvb/T+NKaBD4ODrO/lb+jy9kEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA3MDcxODMwMDVaFw0yNTA4MTEyMzU5NTlaMHoxSTBHBgNV
BAUTQDhkODk0ZGVkMDQ4YzNjODQyNDE5ZGIxYzkxYjk3ZTg5ZjQxZTMyYjE1MDUx
OTg3MmNmMTNlZjQ4OGM5MjI3NWMxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAI1cLyZ34ct8Zyt+Ju912Vgx58MbrpKJeYYdfnb0515DspA/witcGBNLEX/N
HHPNcUoy+99vWaeXSIEDwrQTxj6aH46omou/B6+p7EwDShQrwhWv7SZKqF43dT8o
a4y0EJhKFIVLjg53tzMpUBcEHss3F6blDTvjy0GBjc/qFV0bt6iTkrSIi3kkL7Bq
VqP00m/0yJjy+57WQahgUkESyxnKAs9QygJJlDpbbu0OC+y3aDLOrNxmUQrAz1KM
wcSc/eJAbgea6NpFrUwQ1jccgeNo1R/djggJSuGIcxMHjOr5Mdlp6TS3Ky+OriTm
V6yAUSO82UaSfQUN/134FJHeVL8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBST/sqE
7FT0s9YVBQ9AJJ5ieOk9ozAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
MzRmYjVjN2UtZTM5Ny00NjQ5LTg5M2ItMzMyZGRkYTE0YmQwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACABP8YB
ADANBgkqhkiG9w0BAQsFAAOCAQEAQUcjSfzcrr5Ee81TELzR90FLOzUba69hMrgg
tvxaOuOqNmiEYkl2OVevgyEB5dwDv36YR8pvrGKeqjLuta6kr/dZAzml4OsNNNJC
7ac26ntj0aIQPcyfLa/q/+Vn9vnhMqHWADEwLgpkOnXzf3tIQ5oj7NZ5lHdMpiT4
RQCXxd5PY8OwTb/YzhVtJjaYDlrwj1KsIv47bAE36PkjZSUgVZwnEmGGkwkNCdQU
LXZUDlmK8xyvL145G2hq5uLikmJdsVq6EbxxUMTFbEe6kM2IWQbNd1SIx9tSvv8/
UqIG+HQx1tXRJcdkwCEqYjwO8ZPUe+DhQWccIsdMqKeuJkwdzw==
-----END CERTIFICATE-----
Generated at Thu Jul 24 11:49:15 2025 by rpki-client