Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/3e9ca5f6-88cd-4fa7-8ab6-a2d678013349.roa
File: 3e9ca5f6-88cd-4fa7-8ab6-a2d678013349.roa (raw, json)
Hash identifier: J3gHKXH9MExRbpozdwpUI+SCXa5WPwoVko2gOcSztyk=
Subject key identifier: EB:D1:B6:49:AD:B6:AE:BF:6F:BB:D5:06:00:8A:C7:51:D4:57:63:AF
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 261C7FD339EAB63B6777AB295B1CFD2B83F1BAB9
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/3e9ca5f6-88cd-4fa7-8ab6-a2d678013349.roa
Signing time: Tue 15 Jul 2025 00:21:06 +0000
ROA not before: Tue 15 Jul 2025 00:21:06 +0000
ROA not after: Tue 19 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc7:2800::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
26:1c:7f:d3:39:ea:b6:3b:67:77:ab:29:5b:1c:fd:2b:83:f1:ba:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Jul 15 00:21:06 2025 GMT
Not After : Aug 19 23:59:59 2025 GMT
Subject: serialNumber=b7b48cacc2fe87671c033b4d9bd5cf693b1967c8d96fdf07ab51e6a23b49f813, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:cc:60:e4:a9:7d:d5:76:4c:41:36:e9:7a:60:
b3:eb:f7:18:d8:e9:08:0d:32:13:34:95:ae:b1:69:
a4:5b:44:fe:ee:bc:b8:9e:9b:8e:0c:10:21:ca:2e:
c2:91:63:ac:bd:2e:94:76:fc:e0:3b:dd:0c:a8:0a:
5e:b8:a3:73:9e:9c:07:a8:40:89:5c:63:1e:ee:f9:
c4:7b:68:f1:7c:83:da:62:03:35:8a:25:ee:62:ea:
63:a5:94:96:53:4e:92:ca:79:53:ae:90:a4:08:a0:
30:62:29:69:9f:8a:f8:4e:d0:6c:b6:68:42:db:77:
7b:48:e1:0f:50:36:c1:9f:5e:e8:6d:2f:71:44:3c:
a0:e1:2d:27:da:d9:f1:a0:63:46:b7:b2:f4:21:48:
7a:8a:d1:7c:2a:2d:43:d4:75:07:7c:d1:0a:04:b0:
ae:f4:5e:0f:3a:6a:c6:d7:67:f9:eb:c6:ea:bd:79:
db:37:48:50:8c:c1:a4:84:84:31:41:47:8d:f4:a4:
d4:5a:11:3f:7b:9c:1a:63:d7:62:71:62:f4:6a:e3:
7f:9b:25:0f:30:44:e6:dd:cf:9c:d1:f1:63:8d:82:
8c:38:c8:7b:d2:2f:e9:48:58:53:dc:76:e0:34:27:
14:94:d9:18:2f:00:64:bd:d2:55:71:f8:05:f9:a6:
37:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:D1:B6:49:AD:B6:AE:BF:6F:BB:D5:06:00:8A:C7:51:D4:57:63:AF
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/3e9ca5f6-88cd-4fa7-8ab6-a2d678013349.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc7:2800::/40
Signature Algorithm: sha256WithRSAEncryption
8a:1c:99:11:56:10:c9:e9:48:91:ce:86:f1:c2:88:d1:24:e6:
cd:1f:a0:db:f3:af:2a:26:67:ff:78:a3:38:77:63:b9:c1:5e:
2d:3e:8f:fe:57:9d:ae:26:ca:cd:1a:3f:ed:29:c4:cb:4d:02:
69:7a:70:36:45:97:bc:7b:34:0e:71:8e:d5:e3:99:5b:b3:c6:
d1:cc:26:e4:19:54:c7:43:75:b7:34:70:85:dc:2a:ab:10:79:
40:91:ad:32:21:49:82:ce:c1:cd:88:ba:1c:f3:21:ed:33:cc:
07:c3:e2:56:26:96:c2:69:f1:41:00:75:2e:d9:76:35:8e:e6:
1e:82:b6:bb:03:51:df:e4:99:0c:10:97:9b:0e:0f:a1:df:25:
fe:1f:aa:b1:b9:cc:6f:79:f1:47:9d:8f:25:58:ee:7f:58:e5:
83:a9:3e:9a:ec:b1:dd:17:1a:94:58:6e:5a:d3:38:c2:55:31:
64:46:30:d5:cd:bd:65:da:f2:e0:70:9f:bd:ff:6e:ef:57:a1:
58:67:0c:c7:77:01:15:98:a9:89:cd:13:11:bb:19:8b:f8:82:
ff:1c:ad:09:4a:ce:e9:cc:6e:3f:df:7a:a9:45:fe:c8:8f:c4:
ff:d9:2a:05:4d:76:36:0c:03:4f:17:b5:00:36:a6:7e:de:91:
b5:71:2a:a4
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUJhx/0znqtjtnd6spWxz9K4PxurkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA3MTUwMDIxMDZaFw0yNTA4MTkyMzU5NTlaMHoxSTBHBgNV
BAUTQGI3YjQ4Y2FjYzJmZTg3NjcxYzAzM2I0ZDliZDVjZjY5M2IxOTY3YzhkOTZm
ZGYwN2FiNTFlNmEyM2I0OWY4MTMxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJTMYOSpfdV2TEE26Xpgs+v3GNjpCA0yEzSVrrFppFtE/u68uJ6bjgwQIcou
wpFjrL0ulHb84DvdDKgKXrijc56cB6hAiVxjHu75xHto8XyD2mIDNYol7mLqY6WU
llNOksp5U66QpAigMGIpaZ+K+E7QbLZoQtt3e0jhD1A2wZ9e6G0vcUQ8oOEtJ9rZ
8aBjRrey9CFIeorRfCotQ9R1B3zRCgSwrvReDzpqxtdn+evG6r152zdIUIzBpISE
MUFHjfSk1FoRP3ucGmPXYnFi9Grjf5slDzBE5t3PnNHxY42CjDjIe9Iv6UhYU9x2
4DQnFJTZGC8AZL3SVXH4BfmmN88CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTr0bZJ
rbauv2+71QYAisdR1FdjrzAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
M2U5Y2E1ZjYtODhjZC00ZmE3LThhYjYtYTJkNjc4MDEzMzQ5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACABP8co
MA0GCSqGSIb3DQEBCwUAA4IBAQCKHJkRVhDJ6UiRzobxwojRJObNH6Db868qJmf/
eKM4d2O5wV4tPo/+V52uJsrNGj/tKcTLTQJpenA2RZe8ezQOcY7V45lbs8bRzCbk
GVTHQ3W3NHCF3CqrEHlAka0yIUmCzsHNiLoc8yHtM8wHw+JWJpbCafFBAHUu2XY1
juYegra7A1Hf5JkMEJebDg+h3yX+H6qxucxvefFHnY8lWO5/WOWDqT6a7LHdFxqU
WG5a0zjCVTFkRjDVzb1l2vLgcJ+9/27vV6FYZwzHdwEVmKmJzRMRuxmL+IL/HK0J
Ss7pzG4/33qpRf7Ij8T/2SoFTXY2DANPF7UANqZ+3pG1cSqk
-----END CERTIFICATE-----
Generated at Tue Jul 22 19:29:26 2025 by rpki-client