Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/c70179f2-6d6a-4082-9c0e-863ea2322937.roa
File: c70179f2-6d6a-4082-9c0e-863ea2322937.roa (raw, json)
Hash identifier: g6s/aNuyew1jm4iFshK92NZeyXAAJo5TPXB1BO4Mp84=
Subject key identifier: C6:10:B6:CE:34:38:12:0B:78:9C:46:C7:86:4B:19:EB:00:6B:8C:0E
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 7B2C4039A907CD45A1FEF7D81BAACDBD8964EFF1
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/c70179f2-6d6a-4082-9c0e-863ea2322937.roa
Signing time: Mon 14 Jul 2025 16:37:06 +0000
ROA not before: Mon 14 Jul 2025 16:37:06 +0000
ROA not after: Mon 18 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc7:4000::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7b:2c:40:39:a9:07:cd:45:a1:fe:f7:d8:1b:aa:cd:bd:89:64:ef:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Jul 14 16:37:06 2025 GMT
Not After : Aug 18 23:59:59 2025 GMT
Subject: serialNumber=7abecf0bdfc359c35a20003503a63ec8f26e3c18de589ead9106b9c12a785539, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:7b:ae:d4:80:e6:59:6a:12:d9:1b:00:b1:41:
0e:9a:10:b7:a7:28:57:c3:0e:e6:4c:de:d1:0c:94:
45:16:17:cd:2d:af:14:ed:1c:8e:39:82:3b:b2:ff:
65:e8:ad:e5:18:f0:ef:d3:b6:6d:e3:db:51:6b:98:
bd:67:bd:04:4c:e0:29:8a:54:a4:ce:e2:ef:1b:e5:
c6:0a:f8:3e:33:5e:6c:8b:b7:11:bb:08:1f:2d:24:
3c:bd:cd:0e:cf:42:fb:45:11:c2:e4:64:4c:bb:33:
7f:84:9f:27:33:61:e2:32:1a:21:14:09:bb:a1:f3:
7d:4d:03:49:4e:f4:91:fe:6d:10:ac:20:5e:d6:fc:
e1:d0:b3:b4:20:54:dd:5f:23:a3:22:49:73:55:a5:
30:dd:24:8c:9f:52:09:c8:52:aa:a1:90:45:cd:74:
f3:5a:c7:69:b9:9a:cb:04:f2:81:11:53:fa:ab:5e:
9a:35:48:24:8f:4a:23:47:f9:ec:b9:1b:da:d5:f4:
27:f5:fb:4e:5c:15:cb:95:17:68:17:de:46:9b:64:
43:d8:fe:01:f3:89:87:0e:6f:78:9b:dd:73:c1:93:
4e:8e:df:37:9d:10:59:7e:b9:c7:ae:4d:67:95:dd:
ec:a9:52:be:2d:8f:7e:7e:8d:ae:12:75:49:36:b0:
17:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:10:B6:CE:34:38:12:0B:78:9C:46:C7:86:4B:19:EB:00:6B:8C:0E
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/c70179f2-6d6a-4082-9c0e-863ea2322937.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc7:4000::/36
Signature Algorithm: sha256WithRSAEncryption
5e:27:a4:85:19:dd:4a:91:d9:25:83:38:7b:8a:db:09:1c:f8:
ef:05:ec:e8:44:4f:10:82:6e:bb:75:ab:1c:5d:e0:96:13:6b:
95:0f:a0:98:b7:c7:26:87:ec:49:b1:3f:59:a1:7a:e6:72:6e:
20:0a:f6:14:00:91:e9:b4:8c:3c:9d:e3:41:41:d1:62:ff:0f:
89:8b:c5:34:11:02:3a:03:9d:83:48:33:2b:be:4a:13:dd:59:
87:7c:b4:db:fd:71:88:a0:2a:37:20:9e:90:0d:b3:05:c3:12:
82:9b:8c:44:9a:c2:26:a1:c9:e4:49:b8:73:00:db:fa:a8:6c:
b0:82:d3:49:99:85:cc:b4:48:8b:97:6d:e9:94:9b:ac:57:04:
d5:71:5d:f4:03:04:f0:cf:7c:77:d3:fb:5f:a5:1e:3d:f5:5c:
dc:02:37:e1:6d:5c:09:51:9d:d7:7c:90:a6:7a:78:5c:75:64:
c1:0a:b3:dd:72:72:66:ba:d8:08:f2:48:b7:6a:87:37:25:ba:
c9:4e:3c:91:67:70:85:e6:4a:20:1c:a6:a3:89:8b:11:03:68:
eb:11:aa:b8:69:4c:dd:5a:a7:20:de:dc:8d:39:ac:cf:50:18:
93:51:a4:4c:ff:5d:43:0a:95:4e:93:3b:a5:1f:7c:6a:db:e4:
ab:cb:8c:67
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUeyxAOakHzUWh/vfYG6rNvYlk7/EwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA3MTQxNjM3MDZaFw0yNTA4MTgyMzU5NTlaMHoxSTBHBgNV
BAUTQDdhYmVjZjBiZGZjMzU5YzM1YTIwMDAzNTAzYTYzZWM4ZjI2ZTNjMThkZTU4
OWVhZDkxMDZiOWMxMmE3ODU1MzkxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANh7rtSA5llqEtkbALFBDpoQt6coV8MO5kze0QyURRYXzS2vFO0cjjmCO7L/
Zeit5Rjw79O2bePbUWuYvWe9BEzgKYpUpM7i7xvlxgr4PjNebIu3EbsIHy0kPL3N
Ds9C+0URwuRkTLszf4SfJzNh4jIaIRQJu6HzfU0DSU70kf5tEKwgXtb84dCztCBU
3V8joyJJc1WlMN0kjJ9SCchSqqGQRc1081rHabmaywTygRFT+qtemjVIJI9KI0f5
7Lkb2tX0J/X7TlwVy5UXaBfeRptkQ9j+AfOJhw5veJvdc8GTTo7fN50QWX65x65N
Z5Xd7KlSvi2Pfn6NrhJ1STawF3UCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTGELbO
NDgSC3icRseGSxnrAGuMDjAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
YzcwMTc5ZjItNmQ2YS00MDgyLTljMGUtODYzZWEyMzIyOTM3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCABP8dA
MA0GCSqGSIb3DQEBCwUAA4IBAQBeJ6SFGd1Kkdklgzh7itsJHPjvBezoRE8Qgm67
dascXeCWE2uVD6CYt8cmh+xJsT9ZoXrmcm4gCvYUAJHptIw8neNBQdFi/w+Ji8U0
EQI6A52DSDMrvkoT3VmHfLTb/XGIoCo3IJ6QDbMFwxKCm4xEmsImocnkSbhzANv6
qGywgtNJmYXMtEiLl23plJusVwTVcV30AwTwz3x30/tfpR499VzcAjfhbVwJUZ3X
fJCmenhcdWTBCrPdcnJmutgI8ki3aoc3JbrJTjyRZ3CF5kogHKajiYsRA2jrEaq4
aUzdWqcg3tyNOazPUBiTUaRM/11DCpVOkzulH3xq2+Sry4xn
-----END CERTIFICATE-----
Generated at Tue Jul 22 19:30:28 2025 by rpki-client