Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/44eab036-1e27-432b-88e4-7853ea21e1a6.roa
File: 44eab036-1e27-432b-88e4-7853ea21e1a6.roa (raw, json)
Hash identifier: PweRwtxAYy4J8s/kL4dkNKdqNV1fQL1VWIS96dG6Lcs=
Subject key identifier: 0B:0D:DB:5D:53:74:64:62:20:37:6E:10:CE:0C:63:03:DE:6F:37:0A
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 13ABA3A7398B508847CC62CC7F0044818222188F
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/44eab036-1e27-432b-88e4-7853ea21e1a6.roa
Signing time: Tue 15 Jul 2025 00:21:22 +0000
ROA not before: Tue 15 Jul 2025 00:21:22 +0000
ROA not after: Tue 19 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc7:7800::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
13:ab:a3:a7:39:8b:50:88:47:cc:62:cc:7f:00:44:81:82:22:18:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Jul 15 00:21:22 2025 GMT
Not After : Aug 19 23:59:59 2025 GMT
Subject: serialNumber=863de74648a08a952cbb6a019ab55a0a3a109e7a984d686ac0fdecada1239a4e, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:8b:05:4c:78:30:1b:4a:a7:99:4b:82:8e:02:
16:e3:68:c3:c8:ea:b2:be:f7:bf:65:20:da:92:d5:
9f:3b:61:78:9d:d2:61:1a:53:0c:f8:c5:f4:50:ec:
be:50:10:7f:29:f5:ea:e2:2b:9a:ff:9b:f3:70:b0:
b1:87:2f:35:dc:a7:46:f1:76:22:8e:33:a4:02:c0:
4e:dc:2c:bd:70:6d:c9:31:83:71:82:96:2e:a7:08:
6d:34:8b:09:f4:11:34:79:89:e6:22:67:10:fe:bc:
14:75:1c:06:78:25:bf:3e:e3:09:58:5b:0c:78:1e:
ab:78:71:38:59:54:9d:a7:61:a1:da:c0:8c:8a:f0:
07:ee:a8:8d:7c:25:1d:a2:4b:0b:e8:1f:5a:0a:d4:
3e:45:c3:01:99:2f:31:d3:ba:02:52:ea:0e:81:00:
20:0d:ca:b6:5b:c0:eb:ed:6f:3d:2c:3e:4a:f4:b3:
61:68:c3:88:b3:32:01:87:27:f6:6b:01:ba:6c:5e:
2d:a5:6b:e8:51:6c:c5:c9:9b:c6:c1:ba:e2:b3:e8:
2b:89:48:8d:41:5c:f4:bc:2e:09:3b:02:e3:2f:85:
cc:9d:7d:a1:a0:31:b9:43:38:bf:ab:88:d5:4a:10:
db:75:82:78:2a:f1:6f:42:87:8d:71:1d:ed:cb:d8:
8c:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:0D:DB:5D:53:74:64:62:20:37:6E:10:CE:0C:63:03:DE:6F:37:0A
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/44eab036-1e27-432b-88e4-7853ea21e1a6.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc7:7800::/40
Signature Algorithm: sha256WithRSAEncryption
6d:de:d1:4a:7e:2a:b6:ae:de:2a:af:e7:77:31:b9:e9:aa:d5:
60:14:0b:3c:f2:0b:e7:4a:19:ab:86:e9:62:ca:66:49:03:ef:
31:71:4b:35:3c:7b:86:73:42:ea:4e:5c:24:9c:b7:a9:83:30:
3c:d7:4a:e0:ec:4f:27:c0:09:f1:fa:f1:1f:15:ad:7a:bd:33:
c5:df:b3:e1:56:b9:36:ef:d7:b2:2f:ec:49:c1:26:f0:85:81:
51:c3:7e:fb:e9:76:c5:8a:b1:54:0b:e5:76:3c:a7:7b:04:73:
68:f5:40:09:8a:7e:37:dd:e8:39:3d:93:f1:fb:b4:7c:5b:97:
36:f4:e8:82:16:5a:a5:19:63:8c:62:4b:4c:86:cd:08:e9:1e:
7f:41:0e:6a:32:c4:ba:97:95:86:b7:9c:c9:cd:2e:59:40:99:
a9:19:c1:97:52:10:d0:2f:89:14:5d:17:a1:a3:c3:43:90:f0:
b9:24:7f:76:a6:b5:ad:43:15:7b:aa:72:aa:fd:60:4a:ae:8c:
6b:64:67:b3:12:a3:c2:2a:f5:b8:bf:79:3d:0d:39:06:60:c5:
0f:43:ce:09:19:28:a3:08:9b:8f:8a:29:93:53:54:01:18:17:
5c:7f:43:ca:68:79:1e:69:e7:ff:50:fd:33:11:ad:fe:cc:aa:
97:7a:8b:49
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUE6ujpzmLUIhHzGLMfwBEgYIiGI8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA3MTUwMDIxMjJaFw0yNTA4MTkyMzU5NTlaMHoxSTBHBgNV
BAUTQDg2M2RlNzQ2NDhhMDhhOTUyY2JiNmEwMTlhYjU1YTBhM2ExMDllN2E5ODRk
Njg2YWMwZmRlY2FkYTEyMzlhNGUxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANKLBUx4MBtKp5lLgo4CFuNow8jqsr73v2Ug2pLVnztheJ3SYRpTDPjF9FDs
vlAQfyn16uIrmv+b83CwsYcvNdynRvF2Io4zpALATtwsvXBtyTGDcYKWLqcIbTSL
CfQRNHmJ5iJnEP68FHUcBnglvz7jCVhbDHgeq3hxOFlUnadhodrAjIrwB+6ojXwl
HaJLC+gfWgrUPkXDAZkvMdO6AlLqDoEAIA3KtlvA6+1vPSw+SvSzYWjDiLMyAYcn
9msBumxeLaVr6FFsxcmbxsG64rPoK4lIjUFc9LwuCTsC4y+FzJ19oaAxuUM4v6uI
1UoQ23WCeCrxb0KHjXEd7cvYjDkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQLDdtd
U3RkYiA3bhDODGMD3m83CjAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
NDRlYWIwMzYtMWUyNy00MzJiLTg4ZTQtNzg1M2VhMjFlMWE2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACABP8d4
MA0GCSqGSIb3DQEBCwUAA4IBAQBt3tFKfiq2rt4qr+d3MbnpqtVgFAs88gvnShmr
huliymZJA+8xcUs1PHuGc0LqTlwknLepgzA810rg7E8nwAnx+vEfFa16vTPF37Ph
Vrk279eyL+xJwSbwhYFRw3776XbFirFUC+V2PKd7BHNo9UAJin433eg5PZPx+7R8
W5c29OiCFlqlGWOMYktMhs0I6R5/QQ5qMsS6l5WGt5zJzS5ZQJmpGcGXUhDQL4kU
XReho8NDkPC5JH92prWtQxV7qnKq/WBKroxrZGezEqPCKvW4v3k9DTkGYMUPQ84J
GSijCJuPiimTU1QBGBdcf0PKaHkeaef/UP0zEa3+zKqXeotJ
-----END CERTIFICATE-----
Generated at Tue Jul 22 19:29:37 2025 by rpki-client