Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/d0c16247-cad2-4748-8340-6fe2e6d8ce6f.roa
File: d0c16247-cad2-4748-8340-6fe2e6d8ce6f.roa (raw, json)
Hash identifier: 8+Xba/4jQxYW2Hk3IEaZ6a+pL58p0MfXLnqQ5FTd7Mc=
Subject key identifier: 6F:36:FF:A8:0B:BF:8E:39:6B:10:88:05:A5:65:9D:2F:AF:9E:B7:C0
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 4B56D3F491EADEF0B3874D7609FEC3F73CE8DD67
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/d0c16247-cad2-4748-8340-6fe2e6d8ce6f.roa
Signing time: Tue 15 Jul 2025 00:20:02 +0000
ROA not before: Tue 15 Jul 2025 00:20:02 +0000
ROA not after: Tue 19 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc3:800::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 08:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4b:56:d3:f4:91:ea:de:f0:b3:87:4d:76:09:fe:c3:f7:3c:e8:dd:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Jul 15 00:20:02 2025 GMT
Not After : Aug 19 23:59:59 2025 GMT
Subject: serialNumber=b3b4a1fc1491705424eb4e497c27267648014474a689d4dab1088443dd649644, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:ed:8e:26:c4:70:ea:52:9b:a3:79:c8:3c:0c:
69:d0:75:55:51:6d:5a:a2:b1:29:a4:26:a8:93:0c:
7c:07:16:f8:90:b3:c1:f8:88:f6:38:71:63:35:9f:
0a:04:c5:43:da:b1:cf:07:05:99:fc:a1:b0:7c:85:
1a:48:8a:1b:ee:68:4c:58:ed:d0:6f:3f:72:f2:6b:
35:21:8c:1a:01:f4:2f:46:c6:7b:86:dc:42:6c:ea:
a3:c6:a0:7d:42:ed:f9:62:ec:95:ec:77:e2:e3:84:
0e:a4:f4:73:06:6a:73:c2:0b:47:26:b0:ac:cd:d5:
37:fe:d0:8e:6d:0b:bd:48:7d:e5:1c:72:8e:10:5c:
60:f4:15:45:5f:93:ba:b5:b5:a6:b0:c9:eb:0c:4d:
8b:f1:f2:34:fa:3a:20:05:89:07:0a:dd:96:4c:26:
41:83:22:57:63:14:06:82:31:13:78:ca:ec:99:6b:
fd:9c:04:3e:52:13:ba:99:36:20:59:03:c7:09:75:
8f:55:54:78:27:3d:67:96:2a:f6:be:8a:9f:32:8d:
10:e7:aa:86:3a:b3:65:59:90:a0:89:e9:aa:4f:ae:
ec:8e:d9:29:58:bf:b1:dd:8a:a1:aa:c1:47:a6:ba:
eb:e1:cd:3b:9b:d6:60:ae:34:fe:00:7a:f0:f3:c4:
e3:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:36:FF:A8:0B:BF:8E:39:6B:10:88:05:A5:65:9D:2F:AF:9E:B7:C0
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/d0c16247-cad2-4748-8340-6fe2e6d8ce6f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc3:800::/40
Signature Algorithm: sha256WithRSAEncryption
ac:6d:60:04:e0:3f:7b:36:56:81:2d:c9:b4:d1:31:38:80:41:
d3:1d:ce:97:da:b5:99:55:0b:61:82:71:df:0f:ab:33:fc:3b:
ea:2a:6c:18:2c:03:4d:91:56:d1:43:53:f4:4d:1d:52:1a:10:
9a:61:5a:8a:9b:3a:73:93:15:62:60:46:27:f7:28:e3:c5:a8:
4d:a4:13:2b:40:72:18:4d:90:9e:8b:ed:12:ad:4e:22:53:7b:
19:bb:7f:28:1e:c0:02:a4:3e:e2:f3:1b:97:c2:0c:5f:c9:ab:
6e:a3:bf:ec:80:d5:9a:c4:02:16:ed:3f:aa:e3:65:35:b1:5e:
ec:92:6d:d7:f0:57:89:d8:b3:08:9e:64:d1:8a:32:c2:ca:cb:
99:fa:2f:28:e5:3e:75:fd:06:d6:7e:6b:69:64:61:68:2d:3b:
f7:fa:84:a5:a0:c7:6b:b2:65:56:08:71:b1:d7:3c:13:ab:ee:
71:af:3c:33:6c:16:f5:25:c6:34:a0:80:b2:4f:c3:98:aa:a8:
1e:49:a0:66:be:28:4a:9b:35:bd:2e:4d:f8:d7:09:61:6f:be:
13:00:a1:16:95:85:d0:f3:cf:a7:f1:4d:e1:95:d9:b8:87:54:
38:43:01:e5:9f:ac:df:65:a3:56:df:24:60:5e:1c:09:d2:a5:
4b:88:ec:9c
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUS1bT9JHq3vCzh012Cf7D9zzo3WcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA3MTUwMDIwMDJaFw0yNTA4MTkyMzU5NTlaMHoxSTBHBgNV
BAUTQGIzYjRhMWZjMTQ5MTcwNTQyNGViNGU0OTdjMjcyNjc2NDgwMTQ0NzRhNjg5
ZDRkYWIxMDg4NDQzZGQ2NDk2NDQxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJbtjibEcOpSm6N5yDwMadB1VVFtWqKxKaQmqJMMfAcW+JCzwfiI9jhxYzWf
CgTFQ9qxzwcFmfyhsHyFGkiKG+5oTFjt0G8/cvJrNSGMGgH0L0bGe4bcQmzqo8ag
fULt+WLslex34uOEDqT0cwZqc8ILRyawrM3VN/7Qjm0LvUh95RxyjhBcYPQVRV+T
urW1prDJ6wxNi/HyNPo6IAWJBwrdlkwmQYMiV2MUBoIxE3jK7Jlr/ZwEPlITupk2
IFkDxwl1j1VUeCc9Z5Yq9r6KnzKNEOeqhjqzZVmQoInpqk+u7I7ZKVi/sd2KoarB
R6a66+HNO5vWYK40/gB68PPE48UCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRvNv+o
C7+OOWsQiAWlZZ0vr563wDAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
ZDBjMTYyNDctY2FkMi00NzQ4LTgzNDAtNmZlMmU2ZDhjZTZmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACABP8MI
MA0GCSqGSIb3DQEBCwUAA4IBAQCsbWAE4D97NlaBLcm00TE4gEHTHc6X2rWZVQth
gnHfD6sz/DvqKmwYLANNkVbRQ1P0TR1SGhCaYVqKmzpzkxViYEYn9yjjxahNpBMr
QHIYTZCei+0SrU4iU3sZu38oHsACpD7i8xuXwgxfyatuo7/sgNWaxAIW7T+q42U1
sV7skm3X8FeJ2LMInmTRijLCysuZ+i8o5T51/QbWfmtpZGFoLTv3+oSloMdrsmVW
CHGx1zwTq+5xrzwzbBb1JcY0oICyT8OYqqgeSaBmvihKmzW9Lk341wlhb74TAKEW
lYXQ88+n8U3hldm4h1Q4QwHln6zfZaNW3yRgXhwJ0qVLiOyc
-----END CERTIFICATE-----
Generated at Tue Jul 22 11:45:05 2025 by rpki-client