Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/a027acd6-b75f-42ce-9bfb-ac426d92b141.roa
File: a027acd6-b75f-42ce-9bfb-ac426d92b141.roa (raw, json)
Hash identifier: 3zNsFWXYrQ64hSTK7KepmLK8enVPaTZb9q+NlJFdeOQ=
Subject key identifier: 44:79:70:4A:1C:FF:81:26:BC:6A:12:5F:21:24:7C:37:47:6F:DF:7B
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 6131DB9761427FC579D59C1898667F601F53A545
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/a027acd6-b75f-42ce-9bfb-ac426d92b141.roa
Signing time: Tue 15 Jul 2025 00:30:39 +0000
ROA not before: Tue 15 Jul 2025 00:30:39 +0000
ROA not after: Tue 19 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc3:4000::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
61:31:db:97:61:42:7f:c5:79:d5:9c:18:98:66:7f:60:1f:53:a5:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Jul 15 00:30:39 2025 GMT
Not After : Aug 19 23:59:59 2025 GMT
Subject: serialNumber=605a35802cec0851c365c1ebf86a9d7ee5170eba371da52aa8b4531722ace672, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:71:a0:ef:69:d0:6f:79:b1:55:62:30:c6:8c:
7e:68:40:aa:ee:7e:fb:17:3f:42:9b:10:df:5a:b7:
06:4c:d6:21:cf:f5:c4:83:e7:bb:a8:9c:c1:11:2d:
81:52:e2:69:05:36:bd:83:9d:da:0f:9d:17:b9:3f:
8a:2d:61:b5:83:38:4d:30:89:93:f2:34:64:7d:25:
93:77:2a:17:e4:17:bf:c1:5c:c6:f1:b4:7b:7c:f9:
fa:29:55:ec:a1:8e:54:57:95:53:c6:8e:b7:d6:dc:
d6:d1:52:b9:b9:37:09:6b:53:e0:c8:d4:b3:f7:09:
fd:15:f5:81:31:25:b6:13:d0:80:9f:ac:cd:d7:26:
ee:ac:17:e1:ee:59:26:e8:94:1c:ec:dd:92:26:f6:
67:ed:c9:e1:2e:6d:9f:3d:42:ba:37:a9:5b:55:c8:
4b:f4:71:3c:14:9a:c2:0c:b6:7d:07:8c:89:84:52:
68:85:8c:2e:44:e3:32:ce:99:4e:e5:01:0a:fd:36:
4e:25:13:a9:3d:57:b7:a7:6d:ca:56:06:56:24:13:
7e:b7:48:0c:e0:91:63:d8:77:f4:f8:7a:b1:f1:46:
8d:7b:5f:23:38:2b:ce:1b:3a:5d:2c:e5:ec:ca:d1:
57:a9:7e:c0:76:40:ce:6f:92:ed:6c:66:a7:67:14:
e5:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:79:70:4A:1C:FF:81:26:BC:6A:12:5F:21:24:7C:37:47:6F:DF:7B
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/a027acd6-b75f-42ce-9bfb-ac426d92b141.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc3:4000::/36
Signature Algorithm: sha256WithRSAEncryption
42:35:1f:70:e4:a1:00:12:12:0e:55:a0:f9:42:36:25:af:ca:
f6:ac:ff:f9:e2:a6:02:bc:27:49:cc:c4:88:81:f5:33:a0:27:
5f:18:13:6e:67:93:89:a7:09:b0:03:1e:b8:59:c8:72:ad:27:
21:9d:40:24:20:4a:d4:22:33:dd:6e:e9:07:0d:f1:e0:06:b1:
ff:ef:d0:c1:04:7f:bd:6a:1b:df:03:94:d6:57:66:47:13:57:
a8:b4:75:7e:aa:0a:92:75:ad:51:4f:e8:7a:1d:fa:ba:e8:ae:
e0:6f:7a:b1:73:4f:ce:1f:b8:df:0c:62:58:3e:f2:fe:78:90:
9b:2a:fe:5c:25:af:ff:dc:57:bf:10:a7:b5:7d:3f:aa:ff:7e:
c4:34:1a:ee:4a:ee:84:b0:da:d9:36:ce:6e:4d:bf:7b:51:90:
ed:6f:b1:41:79:58:47:46:c5:63:15:ac:2e:42:ce:3f:e9:e0:
c1:89:02:2e:e6:ed:54:84:fb:66:27:a1:44:61:98:2a:c3:85:
c3:7c:46:54:cf:76:65:6c:e3:b2:08:54:f6:ad:86:76:c1:6d:
a7:dd:14:f0:96:35:9e:d0:8b:63:79:90:8d:ad:81:c5:ff:11:
12:9c:0b:ce:12:d0:4a:02:d2:77:22:38:54:a1:88:d5:20:79:
93:eb:8e:c5
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUYTHbl2FCf8V51ZwYmGZ/YB9TpUUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA3MTUwMDMwMzlaFw0yNTA4MTkyMzU5NTlaMHoxSTBHBgNV
BAUTQDYwNWEzNTgwMmNlYzA4NTFjMzY1YzFlYmY4NmE5ZDdlZTUxNzBlYmEzNzFk
YTUyYWE4YjQ1MzE3MjJhY2U2NzIxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOlxoO9p0G95sVViMMaMfmhAqu5++xc/QpsQ31q3BkzWIc/1xIPnu6icwREt
gVLiaQU2vYOd2g+dF7k/ii1htYM4TTCJk/I0ZH0lk3cqF+QXv8FcxvG0e3z5+ilV
7KGOVFeVU8aOt9bc1tFSubk3CWtT4MjUs/cJ/RX1gTElthPQgJ+szdcm7qwX4e5Z
JuiUHOzdkib2Z+3J4S5tnz1CujepW1XIS/RxPBSawgy2fQeMiYRSaIWMLkTjMs6Z
TuUBCv02TiUTqT1Xt6dtylYGViQTfrdIDOCRY9h39Ph6sfFGjXtfIzgrzhs6XSzl
7MrRV6l+wHZAzm+S7Wxmp2cU5ZsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBREeXBK
HP+BJrxqEl8hJHw3R2/fezAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
YTAyN2FjZDYtYjc1Zi00MmNlLTliZmItYWM0MjZkOTJiMTQxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCABP8NA
MA0GCSqGSIb3DQEBCwUAA4IBAQBCNR9w5KEAEhIOVaD5QjYlr8r2rP/54qYCvCdJ
zMSIgfUzoCdfGBNuZ5OJpwmwAx64WchyrSchnUAkIErUIjPdbukHDfHgBrH/79DB
BH+9ahvfA5TWV2ZHE1eotHV+qgqSda1RT+h6Hfq66K7gb3qxc0/OH7jfDGJYPvL+
eJCbKv5cJa//3Fe/EKe1fT+q/37ENBruSu6EsNrZNs5uTb97UZDtb7FBeVhHRsVj
FawuQs4/6eDBiQIu5u1UhPtmJ6FEYZgqw4XDfEZUz3ZlbOOyCFT2rYZ2wW2n3RTw
ljWe0ItjeZCNrYHF/xESnAvOEtBKAtJ3IjhUoYjVIHmT647F
-----END CERTIFICATE-----
Generated at Tue Jul 22 19:30:32 2025 by rpki-client