Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/5f56f4ae-d187-4a43-b0c2-afd02c09dd64.roa
File: 5f56f4ae-d187-4a43-b0c2-afd02c09dd64.roa (raw, json)
Hash identifier: aU9ZHdF2nZFA2ILjLGRA8SrLaLP5osNIBcYTUlaOv7A=
Subject key identifier: 6B:36:93:AD:70:99:6C:D5:3B:BA:F2:94:02:CE:4D:33:66:54:5A:94
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 6AB7F29ED30C806B9E260B13A9B2DF02FBFFCFC9
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/5f56f4ae-d187-4a43-b0c2-afd02c09dd64.roa
Signing time: Mon 07 Jul 2025 18:30:07 +0000
ROA not before: Mon 07 Jul 2025 18:30:07 +0000
ROA not after: Mon 11 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc6:100::/44 maxlen: 44
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6a:b7:f2:9e:d3:0c:80:6b:9e:26:0b:13:a9:b2:df:02:fb:ff:cf:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Jul 7 18:30:07 2025 GMT
Not After : Aug 11 23:59:59 2025 GMT
Subject: serialNumber=7c1f3a5004a3d6d9f9172b4843b1531511245d313cab0ff73996e6e692b16565, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:41:bf:22:13:d8:2c:71:f5:44:bb:c2:de:79:
a1:7c:1c:e7:07:77:a3:0d:93:c9:e2:0c:56:13:4f:
2d:dc:c3:55:23:6c:c7:12:31:ed:f9:25:37:a3:14:
b3:f6:42:7a:80:56:84:13:ed:9c:f7:c4:4a:21:b0:
be:53:32:93:4a:28:37:2c:88:a7:7f:69:95:25:fb:
86:18:86:07:03:9c:89:c5:f0:05:8b:12:31:88:ea:
b8:2d:1a:6e:66:b4:05:41:40:2b:a4:f1:9c:ed:5e:
ca:e1:01:94:94:b5:ac:4e:c6:8f:e5:32:dc:7b:49:
a2:2a:41:43:13:2b:00:94:72:73:df:8b:86:30:f5:
fe:f0:ef:2e:09:81:9d:40:f6:35:c0:ff:85:4d:40:
ef:95:02:80:9b:8c:98:2e:c7:41:0b:35:d3:9a:b7:
0f:cd:5a:ce:23:b1:92:1f:ea:f6:7a:eb:e1:23:00:
fc:18:49:26:ec:26:91:d7:03:46:6f:fd:61:31:69:
12:09:25:fe:41:b9:fa:c1:d0:35:c3:32:8f:5a:52:
16:cf:9b:95:4f:09:b5:9c:de:1b:81:e9:63:e4:e5:
85:49:18:c2:46:78:10:b5:a0:92:19:65:b2:9d:7f:
65:ce:b7:cc:7b:87:2d:de:a1:67:69:29:b4:7d:4d:
39:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:36:93:AD:70:99:6C:D5:3B:BA:F2:94:02:CE:4D:33:66:54:5A:94
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/5f56f4ae-d187-4a43-b0c2-afd02c09dd64.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc6:100::/44
Signature Algorithm: sha256WithRSAEncryption
18:4e:74:9b:bf:31:65:fe:86:89:c2:1d:45:d0:39:e0:79:81:
40:af:70:98:be:d1:37:20:b8:be:0b:1a:da:ab:89:d7:15:59:
3b:2f:2d:d7:a0:43:f6:44:82:f8:f3:93:e1:b2:03:af:61:e3:
fe:d8:9e:36:81:b9:ec:81:44:21:bc:16:46:9e:02:2e:c4:f3:
2e:45:d5:40:b9:6c:e3:97:e1:e9:cb:e6:86:05:30:10:58:db:
bb:15:a5:39:73:c9:66:8c:af:5a:bb:42:43:fa:e9:68:38:30:
80:eb:6a:06:aa:51:7f:35:18:65:fa:79:be:90:33:ed:be:5f:
9e:39:e6:e3:bf:9f:0e:d7:a3:06:7d:6b:e0:28:69:ef:0f:65:
78:3b:91:86:6a:e3:8e:f7:3c:2d:2a:66:27:3f:45:54:56:04:
12:41:08:5a:6b:e3:c3:ff:7e:bf:31:03:09:7b:42:5b:46:dc:
92:11:95:a2:d3:ec:e4:5f:13:c2:1d:a5:a9:e3:8c:3f:d1:b5:
3a:40:19:3c:6e:10:40:24:40:29:38:6b:de:cf:25:2c:b0:b4:
8a:9d:8e:62:74:1a:43:03:e7:c5:ae:3f:5f:f4:55:f0:13:4d:
97:98:46:4b:d5:56:ab:34:1d:3a:ab:e5:3e:46:58:3a:87:49:
f3:6e:a9:e8
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUarfyntMMgGueJgsTqbLfAvv/z8kwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA3MDcxODMwMDdaFw0yNTA4MTEyMzU5NTlaMHoxSTBHBgNV
BAUTQDdjMWYzYTUwMDRhM2Q2ZDlmOTE3MmI0ODQzYjE1MzE1MTEyNDVkMzEzY2Fi
MGZmNzM5OTZlNmU2OTJiMTY1NjUxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALNBvyIT2Cxx9US7wt55oXwc5wd3ow2TyeIMVhNPLdzDVSNsxxIx7fklN6MU
s/ZCeoBWhBPtnPfESiGwvlMyk0ooNyyIp39plSX7hhiGBwOcicXwBYsSMYjquC0a
bma0BUFAK6TxnO1eyuEBlJS1rE7Gj+Uy3HtJoipBQxMrAJRyc9+LhjD1/vDvLgmB
nUD2NcD/hU1A75UCgJuMmC7HQQs105q3D81aziOxkh/q9nrr4SMA/BhJJuwmkdcD
Rm/9YTFpEgkl/kG5+sHQNcMyj1pSFs+blU8JtZzeG4HpY+TlhUkYwkZ4ELWgkhll
sp1/Zc63zHuHLd6hZ2kptH1NORcCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRrNpOt
cJls1Tu68pQCzk0zZlRalDAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
NWY1NmY0YWUtZDE4Ny00YTQzLWIwYzItYWZkMDJjMDlkZDY0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHBCABP8YB
ADANBgkqhkiG9w0BAQsFAAOCAQEAGE50m78xZf6GicIdRdA54HmBQK9wmL7RNyC4
vgsa2quJ1xVZOy8t16BD9kSC+POT4bIDr2Hj/tieNoG57IFEIbwWRp4CLsTzLkXV
QLls45fh6cvmhgUwEFjbuxWlOXPJZoyvWrtCQ/rpaDgwgOtqBqpRfzUYZfp5vpAz
7b5fnjnm47+fDtejBn1r4Chp7w9leDuRhmrjjvc8LSpmJz9FVFYEEkEIWmvjw/9+
vzEDCXtCW0bckhGVotPs5F8Twh2lqeOMP9G1OkAZPG4QQCRAKThr3s8lLLC0ip2O
YnQaQwPnxa4/X/RV8BNNl5hGS9VWqzQdOqvlPkZYOodJ826p6A==
-----END CERTIFICATE-----
Generated at Tue Jul 22 19:30:30 2025 by rpki-client