Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/654f1481-ba50-463b-9997-0d385dd9b0a3.roa
File: 654f1481-ba50-463b-9997-0d385dd9b0a3.roa (raw, json)
Hash identifier: dvPmjg6GHtAI5CxGRvaEK3swA5WZ2AgOHPWq8UWjF4o=
Subject key identifier: B0:46:37:8A:2F:4A:BA:7F:50:A0:B7:52:DB:ED:01:AE:36:3D:1C:3B
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 2EBDF4D3A1D6FC9604724E1793B7396F9888E842
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/654f1481-ba50-463b-9997-0d385dd9b0a3.roa
Signing time: Tue 15 Jul 2025 00:21:02 +0000
ROA not before: Tue 15 Jul 2025 00:21:02 +0000
ROA not after: Tue 19 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc0:800::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 08:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2e:bd:f4:d3:a1:d6:fc:96:04:72:4e:17:93:b7:39:6f:98:88:e8:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Jul 15 00:21:02 2025 GMT
Not After : Aug 19 23:59:59 2025 GMT
Subject: serialNumber=852eb3b95f9962243877e358bffdecd5a6387347311da634d053297af6f15648, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:c8:20:47:ec:c0:60:5a:25:dc:f5:e7:8e:9f:
4a:d9:32:3f:ad:9f:7c:5f:d8:a8:a9:f6:e9:29:32:
0c:0f:db:1c:ef:bf:2c:3d:d8:67:03:db:79:33:b9:
05:ba:89:4d:62:4b:63:a2:56:8f:c1:7d:ee:03:a7:
ba:b3:5f:c5:6a:a3:d3:54:e2:1e:f0:51:47:30:72:
73:2e:a8:98:3c:94:2c:b3:a0:7b:70:a0:53:cd:52:
cd:45:57:52:6b:2a:41:f2:c9:a0:02:e9:5b:d0:9f:
ce:33:70:b8:b3:78:bf:4f:b7:61:83:ef:e8:73:58:
b8:76:0c:93:ce:65:a4:9d:88:fe:37:45:9d:ab:ff:
0b:23:08:e8:71:c2:3b:f5:64:92:e2:7d:12:be:78:
d8:8c:32:15:5f:5d:61:50:4b:3c:26:a7:0d:36:06:
26:ec:a5:8d:37:d3:aa:30:6f:21:fc:e1:7d:51:64:
3b:9b:66:70:a1:89:86:28:ef:a3:58:3c:70:ba:be:
c9:4e:0e:2b:d0:46:bf:28:04:d0:fb:4b:94:b0:9b:
cb:2d:67:c1:cd:57:c3:af:3b:79:e9:78:60:a6:db:
34:1e:ac:60:67:0d:c9:83:3a:d3:5e:87:ae:dd:b2:
21:bc:37:85:72:02:4a:b7:ff:41:4a:af:d9:60:48:
cf:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:46:37:8A:2F:4A:BA:7F:50:A0:B7:52:DB:ED:01:AE:36:3D:1C:3B
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/654f1481-ba50-463b-9997-0d385dd9b0a3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc0:800::/40
Signature Algorithm: sha256WithRSAEncryption
09:16:3c:b2:fa:06:62:01:d7:db:a6:fd:43:c1:1e:b5:ec:d9:
3a:f1:74:ce:02:4d:66:1f:25:ea:05:12:8e:26:be:96:9c:21:
7d:df:4a:95:84:51:68:9f:62:44:85:b3:1a:d7:30:ac:0e:9e:
3d:1a:09:2f:d3:c1:ef:38:c4:fc:2b:0b:93:62:79:a5:2b:50:
9a:08:ee:0b:b3:bb:c0:a4:ad:b2:f8:4a:49:88:a1:fc:81:cc:
aa:b1:a8:e5:f9:16:73:d5:9e:f0:c1:be:9e:e9:8e:6e:35:bc:
92:13:6b:37:01:02:89:63:0f:40:22:55:66:41:6f:08:4d:c4:
4d:91:ab:60:6c:e0:29:6c:ed:12:d8:09:60:c1:16:2b:3e:3e:
fc:bf:d4:88:9d:a2:6f:80:3c:83:02:0c:e2:22:9f:b6:b9:57:
51:3a:4f:b0:b6:fe:d3:d9:7d:13:04:46:43:b1:30:c2:a9:b4:
9e:da:4e:16:f1:9d:c8:57:25:3e:4a:97:c7:59:9d:29:ac:40:
e3:67:3d:e5:98:7c:53:27:c9:86:c1:dc:4e:c3:da:f7:fb:8b:
40:84:52:34:24:42:bc:25:9c:fa:ce:fd:da:62:a0:ab:96:d1:
bd:56:08:ac:9a:65:fd:aa:69:e9:b4:d9:aa:c0:a3:7a:6d:36:
00:cd:d6:2c
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIULr3006HW/JYEck4Xk7c5b5iI6EIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA3MTUwMDIxMDJaFw0yNTA4MTkyMzU5NTlaMHoxSTBHBgNV
BAUTQDg1MmViM2I5NWY5OTYyMjQzODc3ZTM1OGJmZmRlY2Q1YTYzODczNDczMTFk
YTYzNGQwNTMyOTdhZjZmMTU2NDgxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJbIIEfswGBaJdz1546fStkyP62ffF/YqKn26SkyDA/bHO+/LD3YZwPbeTO5
BbqJTWJLY6JWj8F97gOnurNfxWqj01TiHvBRRzBycy6omDyULLOge3CgU81SzUVX
UmsqQfLJoALpW9CfzjNwuLN4v0+3YYPv6HNYuHYMk85lpJ2I/jdFnav/CyMI6HHC
O/VkkuJ9Er542IwyFV9dYVBLPCanDTYGJuyljTfTqjBvIfzhfVFkO5tmcKGJhijv
o1g8cLq+yU4OK9BGvygE0PtLlLCbyy1nwc1Xw687eel4YKbbNB6sYGcNyYM6016H
rt2yIbw3hXICSrf/QUqv2WBIz7ECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSwRjeK
L0q6f1Cgt1Lb7QGuNj0cOzAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
NjU0ZjE0ODEtYmE1MC00NjNiLTk5OTctMGQzODVkZDliMGEzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACABP8AI
MA0GCSqGSIb3DQEBCwUAA4IBAQAJFjyy+gZiAdfbpv1DwR617Nk68XTOAk1mHyXq
BRKOJr6WnCF930qVhFFon2JEhbMa1zCsDp49Ggkv08HvOMT8KwuTYnmlK1CaCO4L
s7vApK2y+EpJiKH8gcyqsajl+RZz1Z7wwb6e6Y5uNbySE2s3AQKJYw9AIlVmQW8I
TcRNkatgbOApbO0S2AlgwRYrPj78v9SInaJvgDyDAgziIp+2uVdROk+wtv7T2X0T
BEZDsTDCqbSe2k4W8Z3IVyU+SpfHWZ0prEDjZz3lmHxTJ8mGwdxOw9r3+4tAhFI0
JEK8JZz6zv3aYqCrltG9VgismmX9qmnptNmqwKN6bTYAzdYs
-----END CERTIFICATE-----
Generated at Tue Jul 22 11:46:01 2025 by rpki-client