Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/c956296d-d626-42b2-a9ef-bb988f4c3cc9.roa
File: c956296d-d626-42b2-a9ef-bb988f4c3cc9.roa (raw, json)
Hash identifier: zF9ywHkveAWPkpE9Ixzn6KLu25N4sen33OxKRHxufDI=
Subject key identifier: 66:88:65:EB:C6:D3:00:AF:AF:29:E6:1D:C5:C4:88:F3:BB:EC:A5:8B
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 23C4BBE5C392A0B96AF2B04D784648A1BE48390E
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/c956296d-d626-42b2-a9ef-bb988f4c3cc9.roa
Signing time: Tue 15 Jul 2025 00:20:42 +0000
ROA not before: Tue 15 Jul 2025 00:20:42 +0000
ROA not after: Tue 19 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc3:58c0::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 08:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
23:c4:bb:e5:c3:92:a0:b9:6a:f2:b0:4d:78:46:48:a1:be:48:39:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Jul 15 00:20:42 2025 GMT
Not After : Aug 19 23:59:59 2025 GMT
Subject: serialNumber=ea06b2ac840ff5a768b30ba62ac3cb8d9a8779cae29467d6f7670c9084d513a8, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:3a:7c:f8:57:2c:01:bb:85:21:41:9d:54:d3:
58:fe:d5:56:64:e0:4f:0f:d2:eb:50:7d:19:87:19:
83:80:d6:50:85:69:99:1b:75:21:b4:2a:06:6c:29:
1b:9a:42:49:54:7d:d6:36:e8:2d:bb:f2:31:c5:a5:
1f:91:3e:c4:12:e6:6a:cf:54:12:23:0c:3c:d5:b8:
91:49:c7:b3:9e:51:b7:ed:72:a6:1b:3f:45:4e:e6:
2b:5a:e1:60:c2:07:b6:8a:49:e4:2b:95:3b:76:3c:
cd:e0:69:d5:09:5f:2e:22:6b:38:63:fe:4f:fc:45:
16:5f:23:fb:6f:c3:17:e2:d7:1a:69:b9:16:bf:ab:
e5:16:57:f9:12:b0:c1:df:87:7c:cc:f5:96:ad:40:
1d:83:a5:02:43:29:d2:a5:1b:9a:37:58:bf:c0:6f:
0c:96:d3:e5:dc:e6:79:bc:76:88:77:96:6e:2c:fe:
d8:1e:f4:f3:a1:39:7d:07:3b:bd:26:8e:17:2b:ee:
c3:0c:b9:7e:14:0c:ab:6d:4b:27:85:9a:72:a7:21:
68:66:e9:7a:ae:fd:1f:d3:d7:05:68:7d:f1:02:45:
22:ef:b7:1c:f1:6b:31:d7:d9:24:06:45:99:bd:77:
39:3b:a3:7f:4c:7a:b2:70:e5:4e:85:09:7f:67:96:
28:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:88:65:EB:C6:D3:00:AF:AF:29:E6:1D:C5:C4:88:F3:BB:EC:A5:8B
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/c956296d-d626-42b2-a9ef-bb988f4c3cc9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc3:58c0::/46
Signature Algorithm: sha256WithRSAEncryption
4c:32:17:20:c7:36:e2:f7:cd:2b:ea:f7:74:77:b2:9e:8a:46:
ba:6f:ec:ee:33:ec:fd:cd:29:c1:df:fc:24:9b:c4:46:83:24:
66:d0:4f:4b:aa:25:72:72:7b:60:d5:1f:93:ee:e9:8f:bb:91:
0a:f2:63:e1:0b:1e:93:db:46:b4:ac:5d:cd:fc:72:8f:32:34:
5d:aa:88:00:b3:15:e6:4b:31:c6:95:e1:1b:85:08:a3:7a:61:
84:81:c6:e5:fd:44:f6:6c:ed:f2:7b:7f:97:65:7d:22:78:1a:
dd:21:c5:24:71:9f:42:0c:d7:44:a3:7d:ec:eb:7a:67:fe:56:
28:0c:54:c5:dd:f8:6a:9d:e1:26:3d:6f:0d:a1:0d:13:dc:80:
8b:e1:ab:8e:50:1b:a6:96:f4:53:a7:19:98:fd:fc:ac:a5:3a:
fb:68:cd:5c:fa:83:fa:99:8c:63:39:ae:01:74:4d:08:bd:0c:
79:ac:5b:61:2d:55:c7:f8:41:08:02:e7:2b:58:9a:46:e3:e9:
d6:47:5e:30:4f:84:f2:42:85:cc:e1:e4:36:4c:02:c0:76:7a:
30:f2:63:7d:81:2e:3f:fe:65:b5:bd:b6:c2:25:3b:91:4e:3f:
f7:30:e3:88:75:bf:d4:e5:d6:7a:f4:78:7e:bd:fe:4b:47:24:
ac:e1:64:45
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUI8S75cOSoLlq8rBNeEZIob5IOQ4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA3MTUwMDIwNDJaFw0yNTA4MTkyMzU5NTlaMHoxSTBHBgNV
BAUTQGVhMDZiMmFjODQwZmY1YTc2OGIzMGJhNjJhYzNjYjhkOWE4Nzc5Y2FlMjk0
NjdkNmY3NjcwYzkwODRkNTEzYTgxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALs6fPhXLAG7hSFBnVTTWP7VVmTgTw/S61B9GYcZg4DWUIVpmRt1IbQqBmwp
G5pCSVR91jboLbvyMcWlH5E+xBLmas9UEiMMPNW4kUnHs55Rt+1yphs/RU7mK1rh
YMIHtopJ5CuVO3Y8zeBp1QlfLiJrOGP+T/xFFl8j+2/DF+LXGmm5Fr+r5RZX+RKw
wd+HfMz1lq1AHYOlAkMp0qUbmjdYv8BvDJbT5dzmebx2iHeWbiz+2B7086E5fQc7
vSaOFyvuwwy5fhQMq21LJ4WacqchaGbpeq79H9PXBWh98QJFIu+3HPFrMdfZJAZF
mb13OTujf0x6snDlToUJf2eWKOMCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRmiGXr
xtMAr68p5h3FxIjzu+ylizAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
Yzk1NjI5NmQtZDYyNi00MmIyLWE5ZWYtYmI5ODhmNGMzY2M5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAiABP8NY
wDANBgkqhkiG9w0BAQsFAAOCAQEATDIXIMc24vfNK+r3dHeynopGum/s7jPs/c0p
wd/8JJvERoMkZtBPS6olcnJ7YNUfk+7pj7uRCvJj4Qsek9tGtKxdzfxyjzI0XaqI
ALMV5ksxxpXhG4UIo3phhIHG5f1E9mzt8nt/l2V9Inga3SHFJHGfQgzXRKN97Ot6
Z/5WKAxUxd34ap3hJj1vDaENE9yAi+GrjlAbppb0U6cZmP38rKU6+2jNXPqD+pmM
YzmuAXRNCL0MeaxbYS1Vx/hBCALnK1iaRuPp1kdeME+E8kKFzOHkNkwCwHZ6MPJj
fYEuP/5ltb22wiU7kU4/9zDjiHW/1OXWevR4fr3+S0ckrOFkRQ==
-----END CERTIFICATE-----
Generated at Tue Jul 22 11:45:21 2025 by rpki-client