Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/5980baf0-35fe-4ca7-b869-04bb2e738b8d.roa
File: 5980baf0-35fe-4ca7-b869-04bb2e738b8d.roa (raw, json)
Hash identifier: YiiMab/9oIYEwHhLvRAUWjniOne2shsh44E/aDI2aCM=
Subject key identifier: F9:5E:DB:E6:DE:5C:F0:87:3E:AE:4B:8E:B7:38:16:C7:D2:45:0F:E3
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 1C15A867920F009742C6B469FE7D044666784B4E
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/5980baf0-35fe-4ca7-b869-04bb2e738b8d.roa
Signing time: Tue 15 Jul 2025 00:21:14 +0000
ROA not before: Tue 15 Jul 2025 00:21:14 +0000
ROA not after: Tue 19 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc0:8c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1c:15:a8:67:92:0f:00:97:42:c6:b4:69:fe:7d:04:46:66:78:4b:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Jul 15 00:21:14 2025 GMT
Not After : Aug 19 23:59:59 2025 GMT
Subject: serialNumber=714cc24564685cf8f9c37a5153ce7c03604e5c87b98948b4d51378ded1240a0f, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:52:6c:49:7d:52:c1:b8:74:fa:be:09:42:22:
42:a4:7e:1d:c4:74:36:bf:ba:03:6d:b9:94:7e:12:
53:ea:8b:c2:f2:74:96:73:19:54:99:4e:10:81:04:
d6:b8:46:c4:80:28:90:1a:4e:34:1e:83:59:b2:43:
9c:1c:0c:5d:b3:49:39:0d:2c:66:d3:33:67:b8:3e:
c0:70:50:4a:06:38:95:b7:2d:f7:b0:99:74:07:7c:
42:44:69:e6:89:dc:04:4e:3d:d4:fe:97:9f:1f:d3:
a7:b6:66:13:70:20:8d:3c:8c:11:68:4b:d8:cb:66:
76:cb:41:51:a0:06:40:fa:49:ad:65:31:3b:0d:49:
2e:c5:d8:4b:f0:d5:48:d8:5d:5a:4a:35:af:f3:7b:
6a:fb:28:07:15:c2:14:b1:06:fb:c1:13:cb:cb:0c:
94:37:61:e7:f4:79:27:32:a1:10:99:b5:df:ca:6d:
4f:f3:2d:8b:ab:70:0b:e6:2b:65:6f:c2:26:2b:e4:
70:fd:3f:10:df:97:49:f3:50:3d:64:71:48:8e:67:
eb:05:7d:0a:f8:88:c3:4b:7f:7b:4f:d0:fa:c8:ce:
e4:e5:6b:08:02:34:c5:46:9f:3f:fa:13:73:4e:5a:
a3:e8:8a:a2:37:f7:a2:60:f9:87:be:81:46:81:00:
72:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:5E:DB:E6:DE:5C:F0:87:3E:AE:4B:8E:B7:38:16:C7:D2:45:0F:E3
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/5980baf0-35fe-4ca7-b869-04bb2e738b8d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc0:8c0::/48
Signature Algorithm: sha256WithRSAEncryption
2a:5e:ae:fd:1c:94:57:92:f8:e1:54:b6:a6:70:58:ca:1b:dc:
5f:d6:a0:14:fc:5f:df:0d:e3:b9:79:0e:eb:06:69:7f:61:f8:
9e:bb:4c:d7:b7:21:2c:64:62:8b:b6:39:e7:f5:17:80:86:55:
31:41:94:a5:1a:06:5e:65:94:84:f4:02:3c:e4:a2:07:6b:df:
f2:b7:32:b2:61:fe:56:4f:d7:86:e0:92:e0:7e:4e:b4:7e:1f:
aa:fe:8a:3a:b2:7e:ac:1d:71:43:88:c3:ac:12:85:3b:0f:68:
8f:ac:04:4d:ee:80:1c:95:79:6d:d9:41:d4:0c:77:f3:cc:a9:
6f:42:8c:c1:d7:e9:e6:bf:24:82:c9:a4:11:7d:b6:b4:9a:22:
76:d8:b7:8d:1c:9d:c6:d2:66:8a:9d:e3:4c:c7:34:1f:51:95:
1d:da:75:62:68:84:78:1e:66:20:bd:25:ff:08:f4:0f:5b:d5:
27:dd:5e:4c:2c:37:af:9f:9a:0d:3f:ca:ba:dd:88:66:26:f8:
9c:4b:c1:21:bb:e1:cc:5b:c3:8a:4a:90:fb:2c:d0:bd:89:7e:
1f:2e:d1:c3:7e:25:9c:e6:e7:ab:8c:05:16:cc:c0:98:85:ae:
9e:f8:7e:8d:c2:93:20:d7:ed:c6:f7:7b:59:db:e2:1d:0c:d8:
c9:57:a0:b1
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUHBWoZ5IPAJdCxrRp/n0ERmZ4S04wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA3MTUwMDIxMTRaFw0yNTA4MTkyMzU5NTlaMHoxSTBHBgNV
BAUTQDcxNGNjMjQ1NjQ2ODVjZjhmOWMzN2E1MTUzY2U3YzAzNjA0ZTVjODdiOTg5
NDhiNGQ1MTM3OGRlZDEyNDBhMGYxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKVSbEl9UsG4dPq+CUIiQqR+HcR0Nr+6A225lH4SU+qLwvJ0lnMZVJlOEIEE
1rhGxIAokBpONB6DWbJDnBwMXbNJOQ0sZtMzZ7g+wHBQSgY4lbct97CZdAd8QkRp
5oncBE491P6Xnx/Tp7ZmE3AgjTyMEWhL2MtmdstBUaAGQPpJrWUxOw1JLsXYS/DV
SNhdWko1r/N7avsoBxXCFLEG+8ETy8sMlDdh5/R5JzKhEJm138ptT/Mti6twC+Yr
ZW/CJivkcP0/EN+XSfNQPWRxSI5n6wV9CviIw0t/e0/Q+sjO5OVrCAI0xUafP/oT
c05ao+iKojf3omD5h76BRoEAcjECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBT5Xtvm
3lzwhz6uS463OBbH0kUP4zAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
NTk4MGJhZjAtMzVmZS00Y2E3LWI4NjktMDRiYjJlNzM4YjhkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACABP8AI
wDANBgkqhkiG9w0BAQsFAAOCAQEAKl6u/RyUV5L44VS2pnBYyhvcX9agFPxf3w3j
uXkO6wZpf2H4nrtM17chLGRii7Y55/UXgIZVMUGUpRoGXmWUhPQCPOSiB2vf8rcy
smH+Vk/XhuCS4H5OtH4fqv6KOrJ+rB1xQ4jDrBKFOw9oj6wETe6AHJV5bdlB1Ax3
88ypb0KMwdfp5r8kgsmkEX22tJoidti3jRydxtJmip3jTMc0H1GVHdp1YmiEeB5m
IL0l/wj0D1vVJ91eTCw3r5+aDT/Kut2IZib4nEvBIbvhzFvDikqQ+yzQvYl+Hy7R
w34lnObnq4wFFszAmIWunvh+jcKTINftxvd7WdviHQzYyVegsQ==
-----END CERTIFICATE-----
Generated at Tue Jul 22 19:29:25 2025 by rpki-client