Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/6ab0b120-4886-40dd-bd1e-286dca434f7f.roa
File: 6ab0b120-4886-40dd-bd1e-286dca434f7f.roa (raw, json)
Hash identifier: y3/4Il1qk2wN8BtXsmCXdC/HuiTtArpQm3TURKuyhe0=
Subject key identifier: D2:32:C1:6A:11:8F:BE:5C:D3:C9:F6:90:14:B4:B2:C7:03:D9:4B:72
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 126DEAEB964A9EC83B2E681CF6195D49A7ABE95A
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/6ab0b120-4886-40dd-bd1e-286dca434f7f.roa
Signing time: Tue 15 Jul 2025 00:30:14 +0000
ROA not before: Tue 15 Jul 2025 00:30:14 +0000
ROA not after: Tue 19 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc1:8800::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
12:6d:ea:eb:96:4a:9e:c8:3b:2e:68:1c:f6:19:5d:49:a7:ab:e9:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Jul 15 00:30:14 2025 GMT
Not After : Aug 19 23:59:59 2025 GMT
Subject: serialNumber=6fb349f95c42b93a70b765a1fc8761e040ff95b4d74b7213aa1ea18692f89d54, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:bd:21:6a:28:4c:3f:09:79:c9:e3:ef:1c:fc:
ca:15:18:78:ce:e9:a0:d9:2a:d5:e4:88:ce:54:4e:
da:0d:d0:15:a6:72:1d:53:23:c1:03:04:3e:5f:4a:
a6:e7:07:bc:f1:75:c1:2c:5b:3d:c0:99:68:ef:99:
09:23:4d:bb:b7:17:5f:42:23:fe:53:61:09:b7:4c:
ab:d0:af:0b:a7:39:16:3a:ac:24:1f:10:bb:06:11:
dc:b0:f7:2d:67:1a:fb:ae:90:99:19:b8:f2:0b:39:
6c:bc:91:f2:81:7b:a7:fa:3b:d3:36:c8:25:ee:20:
82:48:6a:65:3c:cd:d9:f0:3e:b7:6e:b3:61:64:35:
61:ac:14:c1:4d:91:e6:94:9a:a7:28:d3:6c:35:7a:
ce:67:34:db:d4:70:b2:c4:22:c9:93:79:4a:9d:f9:
fa:1c:6d:14:85:2a:d1:1b:d3:73:87:e2:18:66:c3:
26:03:04:e0:14:f0:53:49:f7:c1:3f:89:03:0e:4e:
d5:36:46:3f:f4:d9:e9:04:7c:c8:dd:38:b9:92:46:
b1:35:9d:d0:0e:6d:51:b5:10:e7:c4:74:dd:64:ab:
13:5c:7a:c4:e6:fc:9b:fb:38:0c:5f:ee:67:8c:64:
23:06:60:0e:3c:e0:d2:6f:43:e1:f9:58:66:c3:80:
95:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:32:C1:6A:11:8F:BE:5C:D3:C9:F6:90:14:B4:B2:C7:03:D9:4B:72
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/6ab0b120-4886-40dd-bd1e-286dca434f7f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc1:8800::/38
Signature Algorithm: sha256WithRSAEncryption
99:d5:5a:3a:f6:a5:14:00:a1:fa:35:6b:fc:61:58:94:71:6e:
98:9d:da:88:17:ae:6a:23:9c:59:03:ba:e0:1a:13:97:17:4b:
28:d7:f9:9f:04:ee:78:90:9b:67:26:0f:c8:70:20:3a:a6:02:
d1:8e:2a:e7:76:87:8f:bb:ae:67:13:21:22:be:45:2d:9d:0b:
27:ee:18:8c:2d:61:23:7a:45:92:f8:1c:66:e1:a4:e6:89:bc:
a1:a1:1d:14:a1:48:58:92:f9:9e:5c:fb:8d:5d:e5:24:e4:43:
b7:d4:1b:87:d9:40:cb:cc:08:2e:fe:90:bd:e4:1f:55:03:d5:
5f:95:8f:b2:eb:e4:66:ba:39:50:63:b9:c6:61:0b:61:83:d6:
a4:2a:1f:91:3c:8e:ee:ec:c5:3d:3c:d1:7c:cc:53:a2:c9:d8:
5d:a8:88:77:e4:9c:e6:1e:c3:6d:b6:92:02:b9:0d:be:22:58:
22:cd:a5:5c:08:ba:d3:05:09:5e:e0:b7:d2:7d:a5:75:5b:ab:
6d:72:ba:3b:b7:a8:f1:a8:55:75:94:e1:71:f0:e2:d1:28:a1:
06:e0:03:13:79:7a:ed:15:43:04:cd:b6:cb:e1:c1:8d:66:bf:
6d:68:81:b5:fb:e2:2b:bd:c5:b9:0f:60:30:a7:18:39:a8:b0:
19:dd:e8:9b
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUEm3q65ZKnsg7Lmgc9hldSaer6VowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA3MTUwMDMwMTRaFw0yNTA4MTkyMzU5NTlaMHoxSTBHBgNV
BAUTQDZmYjM0OWY5NWM0MmI5M2E3MGI3NjVhMWZjODc2MWUwNDBmZjk1YjRkNzRi
NzIxM2FhMWVhMTg2OTJmODlkNTQxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANe9IWooTD8Jecnj7xz8yhUYeM7poNkq1eSIzlRO2g3QFaZyHVMjwQMEPl9K
pucHvPF1wSxbPcCZaO+ZCSNNu7cXX0Ij/lNhCbdMq9CvC6c5FjqsJB8QuwYR3LD3
LWca+66QmRm48gs5bLyR8oF7p/o70zbIJe4ggkhqZTzN2fA+t26zYWQ1YawUwU2R
5pSapyjTbDV6zmc029RwssQiyZN5Sp35+hxtFIUq0RvTc4fiGGbDJgME4BTwU0n3
wT+JAw5O1TZGP/TZ6QR8yN04uZJGsTWd0A5tUbUQ58R03WSrE1x6xOb8m/s4DF/u
Z4xkIwZgDjzg0m9D4flYZsOAlUUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTSMsFq
EY++XNPJ9pAUtLLHA9lLcjAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
NmFiMGIxMjAtNDg4Ni00MGRkLWJkMWUtMjg2ZGNhNDM0ZjdmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAiABP8GI
MA0GCSqGSIb3DQEBCwUAA4IBAQCZ1Vo69qUUAKH6NWv8YViUcW6YndqIF65qI5xZ
A7rgGhOXF0so1/mfBO54kJtnJg/IcCA6pgLRjirndoePu65nEyEivkUtnQsn7hiM
LWEjekWS+Bxm4aTmibyhoR0UoUhYkvmeXPuNXeUk5EO31BuH2UDLzAgu/pC95B9V
A9VflY+y6+RmujlQY7nGYQthg9akKh+RPI7u7MU9PNF8zFOiydhdqIh35JzmHsNt
tpICuQ2+IlgizaVcCLrTBQle4LfSfaV1W6ttcro7t6jxqFV1lOFx8OLRKKEG4AMT
eXrtFUMEzbbL4cGNZr9taIG1++IrvcW5D2Awpxg5qLAZ3eib
-----END CERTIFICATE-----
Generated at Tue Jul 22 19:30:27 2025 by rpki-client