Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/de9aec2a-9314-43f8-bb3e-64216efeb7b4.roa
File: de9aec2a-9314-43f8-bb3e-64216efeb7b4.roa (raw, json)
Hash identifier: YrYqKRRqZPLuBlb+a+7nkMVETMjCA3gEAEbdIIyOpso=
Subject key identifier: 93:97:30:2A:22:F8:92:AB:38:E5:10:2E:77:9B:4B:7C:8A:97:75:DC
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 50F03A454948B2052C4531C8486A258AB2684DD6
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/de9aec2a-9314-43f8-bb3e-64216efeb7b4.roa
Signing time: Mon 14 Jul 2025 16:37:08 +0000
ROA not before: Mon 14 Jul 2025 16:37:08 +0000
ROA not after: Mon 18 Aug 2025 23:59:59 +0000
asID: 14618
IP address blocks: 2001:3fc7:4800::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 25 Jul 2025 08:00:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
50:f0:3a:45:49:48:b2:05:2c:45:31:c8:48:6a:25:8a:b2:68:4d:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Jul 14 16:37:08 2025 GMT
Not After : Aug 18 23:59:59 2025 GMT
Subject: serialNumber=f23d7d915385ef5f50928a108aec39a264fc2fb9ddeee4509c454bf80616b6b3, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:01:a1:fa:6e:bd:3e:a3:ad:fd:38:15:40:a0:
98:5c:9e:ec:c2:c2:08:30:a4:3c:1c:80:da:c3:b6:
2a:c5:53:5d:41:3d:af:d1:bc:23:07:1b:39:db:b8:
65:4a:e5:c3:b2:c8:31:4e:92:44:d4:8c:49:16:af:
fb:52:84:8b:26:17:40:bc:b6:45:8d:5c:29:91:d9:
06:fd:5d:94:21:f5:2f:b6:c0:30:d5:82:15:29:d5:
ee:af:b0:b3:82:e7:9a:ed:79:25:a8:c2:73:5f:f5:
74:61:ca:be:3d:29:f5:77:3d:bb:31:bd:52:11:24:
6a:7a:01:a5:f6:17:28:1e:2e:fa:ea:59:13:ba:25:
5c:89:4f:18:a2:97:20:da:6a:bc:7a:47:08:c4:c2:
23:ff:55:1e:58:35:43:27:7d:8e:82:0c:a4:1e:66:
59:7a:b5:f3:82:f4:a3:42:ec:7c:7f:bd:cd:89:90:
bb:e9:a5:ad:a9:e6:24:90:68:a9:48:f9:45:f0:e6:
98:08:1a:ac:08:1e:e9:e0:74:d2:bb:a1:08:94:77:
36:92:05:34:5f:91:57:c0:65:f0:de:5d:3f:c7:b4:
49:6f:61:ed:af:68:5c:6b:12:f1:af:c8:ee:79:12:
c9:81:96:76:88:1d:3e:45:33:d2:e0:3d:14:b3:66:
b8:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:97:30:2A:22:F8:92:AB:38:E5:10:2E:77:9B:4B:7C:8A:97:75:DC
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/de9aec2a-9314-43f8-bb3e-64216efeb7b4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc7:4800::/40
Signature Algorithm: sha256WithRSAEncryption
96:d0:87:e4:58:de:c8:b5:e9:bd:31:fc:28:0a:af:21:cf:d3:
2a:a6:05:d1:8f:43:ff:b3:54:f8:f0:eb:46:dc:0a:d2:8f:27:
95:39:b4:c8:c5:9f:8f:01:db:72:59:0e:88:c5:7b:a2:5b:e3:
41:83:a0:aa:a2:2f:02:89:79:09:39:d1:ed:d1:d1:3f:c4:76:
7f:82:ca:62:11:3b:2d:4a:21:d5:ff:7d:a6:26:1e:47:fe:8e:
55:21:f4:45:8b:c6:05:ea:81:f3:52:98:0c:b3:4a:6e:56:5d:
f0:09:56:1f:dc:af:b3:23:3b:84:57:8a:07:41:dd:a2:5c:4a:
8b:70:fa:98:72:64:73:6a:e1:b2:57:ee:a9:60:c4:47:93:8d:
50:7a:08:93:de:71:1d:f0:d4:49:65:ea:d8:4b:fa:71:b7:78:
a3:69:b6:b5:20:1e:3e:da:e0:4e:18:b3:f3:7c:11:c7:e1:0c:
c8:ff:c3:42:a8:7c:80:a0:50:e0:40:78:ec:d9:4d:84:c2:0a:
c2:8f:58:c3:0a:b5:9e:c7:46:b2:b0:f6:80:c1:b2:c3:6c:2c:
cf:77:f0:56:ce:9b:4a:4c:d7:fb:d1:eb:b7:47:d5:58:8f:67:
c3:89:24:b5:51:38:97:14:c2:32:13:10:00:3b:6f:60:97:6f:
67:67:15:53
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUUPA6RUlIsgUsRTHISGolirJoTdYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA3MTQxNjM3MDhaFw0yNTA4MTgyMzU5NTlaMHoxSTBHBgNV
BAUTQGYyM2Q3ZDkxNTM4NWVmNWY1MDkyOGExMDhhZWMzOWEyNjRmYzJmYjlkZGVl
ZTQ1MDljNDU0YmY4MDYxNmI2YjMxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANwBofpuvT6jrf04FUCgmFye7MLCCDCkPByA2sO2KsVTXUE9r9G8IwcbOdu4
ZUrlw7LIMU6SRNSMSRav+1KEiyYXQLy2RY1cKZHZBv1dlCH1L7bAMNWCFSnV7q+w
s4Lnmu15JajCc1/1dGHKvj0p9Xc9uzG9UhEkanoBpfYXKB4u+upZE7olXIlPGKKX
INpqvHpHCMTCI/9VHlg1Qyd9joIMpB5mWXq184L0o0LsfH+9zYmQu+mlranmJJBo
qUj5RfDmmAgarAge6eB00ruhCJR3NpIFNF+RV8Bl8N5dP8e0SW9h7a9oXGsS8a/I
7nkSyYGWdogdPkUz0uA9FLNmuBkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSTlzAq
IviSqzjlEC53m0t8ipd13DAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
ZGU5YWVjMmEtOTMxNC00M2Y4LWJiM2UtNjQyMTZlZmViN2I0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACABP8dI
MA0GCSqGSIb3DQEBCwUAA4IBAQCW0IfkWN7Item9MfwoCq8hz9MqpgXRj0P/s1T4
8OtG3ArSjyeVObTIxZ+PAdtyWQ6IxXuiW+NBg6Cqoi8CiXkJOdHt0dE/xHZ/gspi
ETstSiHV/32mJh5H/o5VIfRFi8YF6oHzUpgMs0puVl3wCVYf3K+zIzuEV4oHQd2i
XEqLcPqYcmRzauGyV+6pYMRHk41QegiT3nEd8NRJZerYS/pxt3ijaba1IB4+2uBO
GLPzfBHH4QzI/8NCqHyAoFDgQHjs2U2EwgrCj1jDCrWex0aysPaAwbLDbCzPd/BW
zptKTNf70eu3R9VYj2fDiSS1UTiXFMIyExAAO29gl29nZxVT
-----END CERTIFICATE-----
Generated at Thu Jul 24 11:49:08 2025 by rpki-client