Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/7da13080-67e7-4ae7-b0bb-d85b087719b7.roa
File: 7da13080-67e7-4ae7-b0bb-d85b087719b7.roa (raw, json)
Hash identifier: er6aqU8HQ7p1KAE35rRJQNzdxGY4uZRIIgMkPXeBseA=
Subject key identifier: A2:E4:10:E3:D8:D2:B7:E1:0D:C1:02:0B:17:53:0E:AB:33:7A:51:54
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 0A02470E51E65139DF8AFF95DBA8D6BEC8273E60
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/7da13080-67e7-4ae7-b0bb-d85b087719b7.roa
Signing time: Tue 15 Jul 2025 00:21:22 +0000
ROA not before: Tue 15 Jul 2025 00:21:22 +0000
ROA not after: Tue 19 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc7:7000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0a:02:47:0e:51:e6:51:39:df:8a:ff:95:db:a8:d6:be:c8:27:3e:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Jul 15 00:21:22 2025 GMT
Not After : Aug 19 23:59:59 2025 GMT
Subject: serialNumber=755bf1b76d95f9f84eaf417964f0768ab2ed06a427f7b0c26c5dea88fcf46032, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:70:0d:41:89:d8:ca:32:8e:cf:44:8b:02:be:
59:2c:8b:3f:29:e7:68:c1:bc:dc:ad:8a:38:00:77:
b2:1f:d7:81:83:a2:4c:96:b5:37:60:6d:92:17:74:
dd:2f:9a:db:a2:e5:d9:65:a7:85:e9:49:91:8d:1d:
e5:55:f1:44:ec:cd:c8:f8:65:3f:1d:2c:ea:00:4d:
e8:3d:48:a5:13:d2:9d:f0:de:d1:60:8a:e7:2c:13:
ab:fc:de:c2:94:ca:19:33:37:56:6b:5f:04:68:bc:
17:97:23:8a:de:15:70:44:62:38:98:e4:8a:c0:2f:
77:0d:94:5d:f2:a6:e5:32:e9:ad:79:b1:2a:ed:d3:
07:2a:59:e1:b2:e5:52:26:5c:1e:38:82:c4:7b:f9:
7d:18:b3:54:90:f1:be:7c:24:54:90:1e:0f:26:77:
05:c5:28:08:e5:d4:2c:f5:70:8c:ff:57:81:af:27:
8e:9d:f5:6a:93:12:fd:ea:7a:46:d7:3f:c6:88:86:
6a:80:33:cb:15:55:0d:55:a6:f2:45:6a:10:bb:aa:
96:77:dc:56:1c:8a:bf:81:1e:a4:6f:fb:d8:57:2d:
8c:c9:aa:f9:42:35:ba:bf:72:3f:24:51:f0:d2:06:
80:a0:63:96:48:ab:3b:1d:7a:72:73:05:ce:f7:22:
2d:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:E4:10:E3:D8:D2:B7:E1:0D:C1:02:0B:17:53:0E:AB:33:7A:51:54
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/7da13080-67e7-4ae7-b0bb-d85b087719b7.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc7:7000::/36
Signature Algorithm: sha256WithRSAEncryption
91:2a:ea:bb:02:5e:75:70:c4:99:0c:ac:80:99:91:70:41:8c:
08:86:e9:0c:a3:23:4f:90:d6:c9:e6:f0:ba:39:5a:9a:58:97:
e3:e7:4e:42:8c:48:b4:29:f0:70:16:bd:d5:1a:49:f1:9e:44:
a7:74:e4:b2:7a:82:b9:5e:a6:34:20:ac:23:14:71:d8:74:4a:
38:9a:5d:79:c6:a6:50:3c:61:0f:51:10:1b:0a:71:05:f2:76:
f0:a1:34:bb:c4:25:9e:83:dd:33:be:11:da:98:a7:d1:37:2a:
04:19:0d:f9:f6:7a:01:fd:48:a4:9f:de:c3:46:56:62:d6:5e:
df:cc:ae:f9:95:aa:05:10:df:6a:28:2f:91:29:d5:5c:3f:be:
96:79:2d:9b:ed:e2:29:f0:fd:1f:66:ab:24:4c:c0:bf:a7:f3:
87:e5:6e:21:7d:12:1d:be:d9:39:a6:9f:1c:ee:4a:fb:56:17:
d9:0b:9e:e3:ab:6a:44:9d:fe:9c:63:75:b7:d3:f2:1e:b8:f1:
c3:9b:2c:fe:fb:48:95:80:ab:d4:91:69:c0:fb:8e:b4:73:84:
8f:41:70:a0:64:f0:96:8c:9a:29:76:cf:a2:38:61:3b:69:0f:
bd:52:1c:45:7a:d7:93:6c:ce:04:af:4b:16:8b:bf:85:ef:58:
ec:6a:97:ba
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUCgJHDlHmUTnfiv+V26jWvsgnPmAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA3MTUwMDIxMjJaFw0yNTA4MTkyMzU5NTlaMHoxSTBHBgNV
BAUTQDc1NWJmMWI3NmQ5NWY5Zjg0ZWFmNDE3OTY0ZjA3NjhhYjJlZDA2YTQyN2Y3
YjBjMjZjNWRlYTg4ZmNmNDYwMzIxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALlwDUGJ2Moyjs9EiwK+WSyLPynnaMG83K2KOAB3sh/XgYOiTJa1N2Btkhd0
3S+a26Ll2WWnhelJkY0d5VXxROzNyPhlPx0s6gBN6D1IpRPSnfDe0WCK5ywTq/ze
wpTKGTM3VmtfBGi8F5cjit4VcERiOJjkisAvdw2UXfKm5TLprXmxKu3TBypZ4bLl
UiZcHjiCxHv5fRizVJDxvnwkVJAeDyZ3BcUoCOXULPVwjP9Xga8njp31apMS/ep6
Rtc/xoiGaoAzyxVVDVWm8kVqELuqlnfcVhyKv4EepG/72FctjMmq+UI1ur9yPyRR
8NIGgKBjlkirOx16cnMFzvciLR0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSi5BDj
2NK34Q3BAgsXUw6rM3pRVDAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
N2RhMTMwODAtNjdlNy00YWU3LWIwYmItZDg1YjA4NzcxOWI3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCABP8dw
MA0GCSqGSIb3DQEBCwUAA4IBAQCRKuq7Al51cMSZDKyAmZFwQYwIhukMoyNPkNbJ
5vC6OVqaWJfj505CjEi0KfBwFr3VGknxnkSndOSyeoK5XqY0IKwjFHHYdEo4ml15
xqZQPGEPURAbCnEF8nbwoTS7xCWeg90zvhHamKfRNyoEGQ359noB/Uikn97DRlZi
1l7fzK75laoFEN9qKC+RKdVcP76WeS2b7eIp8P0fZqskTMC/p/OH5W4hfRIdvtk5
pp8c7kr7VhfZC57jq2pEnf6cY3W30/IeuPHDmyz++0iVgKvUkWnA+460c4SPQXCg
ZPCWjJopds+iOGE7aQ+9UhxFeteTbM4Er0sWi7+F71jsape6
-----END CERTIFICATE-----
Generated at Tue Jul 22 19:30:26 2025 by rpki-client