Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/df7033c9-3736-411c-b289-a6013faa6935.roa
File: df7033c9-3736-411c-b289-a6013faa6935.roa (raw, json)
Hash identifier: g9yV/GV3jvCr4Afiku6V/Jx0iDToCru04vFpoOuBxuo=
Subject key identifier: 4D:9A:88:B9:28:E1:10:A0:F2:1F:65:C4:5A:DC:D3:4C:B6:A8:E3:CD
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 223E2B1916B75F8C7C575DFD0CBFF8F0AB247D51
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/df7033c9-3736-411c-b289-a6013faa6935.roa
Signing time: Tue 15 Jul 2025 00:21:12 +0000
ROA not before: Tue 15 Jul 2025 00:21:12 +0000
ROA not after: Tue 19 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc7:2880::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
22:3e:2b:19:16:b7:5f:8c:7c:57:5d:fd:0c:bf:f8:f0:ab:24:7d:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Jul 15 00:21:12 2025 GMT
Not After : Aug 19 23:59:59 2025 GMT
Subject: serialNumber=1420968cd5648680db79d355746068ad2119f4a6530a589429dbb8295b82923b, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:00:22:06:5a:22:69:f4:29:7f:b8:a6:6c:c8:
4f:55:11:0e:79:1a:76:dd:aa:fc:cc:10:68:09:51:
b8:a9:99:98:2a:87:60:53:41:70:8e:15:8d:49:b4:
22:f1:f6:af:20:9a:55:93:ac:f8:9c:c5:94:6b:34:
40:c4:37:43:54:89:72:1e:59:e7:36:aa:e9:ab:4d:
a7:9b:f4:0e:cf:82:99:fd:bf:86:88:33:2a:23:0d:
f7:ee:09:56:ad:9f:8a:18:82:5f:05:36:1b:a7:e0:
87:bc:9f:e8:f2:d7:fe:a0:3a:1f:e5:60:18:72:b6:
54:06:55:3e:73:af:29:ce:cd:d5:f1:ab:a5:b5:2a:
8d:e0:6a:04:d4:e3:22:4c:39:05:75:7f:9b:16:29:
df:56:f8:78:91:7c:0d:2e:74:e3:4d:86:ce:c4:6a:
17:3e:96:b7:a1:cb:ae:06:84:29:36:40:40:69:de:
15:79:fd:a6:23:46:d9:e1:c7:19:2f:e0:af:7d:71:
31:ed:b4:81:93:bd:21:1a:9d:58:54:99:58:fd:b4:
81:c4:42:ed:6d:f6:ff:60:b3:90:87:c8:01:0f:a5:
b0:cf:e1:4c:7c:6d:12:61:68:e3:c1:1a:94:b4:c9:
f4:e8:6d:b8:15:b5:57:48:2c:b0:ff:fd:c7:f1:7b:
6a:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:9A:88:B9:28:E1:10:A0:F2:1F:65:C4:5A:DC:D3:4C:B6:A8:E3:CD
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/df7033c9-3736-411c-b289-a6013faa6935.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc7:2880::/48
Signature Algorithm: sha256WithRSAEncryption
82:1a:7c:c3:37:45:9b:90:22:0a:80:57:31:c6:b6:56:cf:7b:
3d:58:00:80:48:a7:0b:2c:db:ad:57:e7:38:c7:5d:ea:51:c8:
7e:47:3f:34:0c:5b:37:2f:41:ac:6a:12:f3:15:f5:5b:73:bd:
e8:80:4f:90:dc:a3:8f:f0:d0:67:77:b5:73:42:7e:8e:13:59:
5d:14:bc:00:b2:65:e2:0e:9e:21:86:b7:22:76:ef:cb:d5:c0:
bc:c5:c9:e5:ee:39:d3:7f:16:64:bc:23:bc:2e:c5:17:e8:bc:
b9:3d:90:08:25:5e:9c:92:fe:56:13:d3:33:61:63:05:82:f0:
2d:63:10:ae:56:8d:d7:9b:8e:bb:f6:04:c5:70:b4:23:e7:77:
75:f3:0b:84:0c:84:54:d6:e2:d7:47:e2:c1:fd:c0:a0:72:8d:
b5:48:1d:6e:ca:ed:ed:91:6f:a7:f1:0a:b8:68:fa:a7:7e:70:
63:7b:1d:c8:8c:bc:22:5a:86:af:d1:44:81:08:f1:be:f7:82:
d8:6d:3b:e8:d6:ff:64:66:48:24:a0:92:68:f8:b7:f3:01:10:
66:b4:6f:c9:b9:7c:46:86:b4:9f:98:43:5d:75:8e:f2:e1:56:
3f:cc:2e:cb:40:3d:35:4e:5d:65:df:f6:14:b2:10:07:df:33:
3e:c2:f3:f0
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUIj4rGRa3X4x8V139DL/48KskfVEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA3MTUwMDIxMTJaFw0yNTA4MTkyMzU5NTlaMHoxSTBHBgNV
BAUTQDE0MjA5NjhjZDU2NDg2ODBkYjc5ZDM1NTc0NjA2OGFkMjExOWY0YTY1MzBh
NTg5NDI5ZGJiODI5NWI4MjkyM2IxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALwAIgZaImn0KX+4pmzIT1URDnkadt2q/MwQaAlRuKmZmCqHYFNBcI4VjUm0
IvH2ryCaVZOs+JzFlGs0QMQ3Q1SJch5Z5zaq6atNp5v0Ds+Cmf2/hogzKiMN9+4J
Vq2fihiCXwU2G6fgh7yf6PLX/qA6H+VgGHK2VAZVPnOvKc7N1fGrpbUqjeBqBNTj
Ikw5BXV/mxYp31b4eJF8DS50402GzsRqFz6Wt6HLrgaEKTZAQGneFXn9piNG2eHH
GS/gr31xMe20gZO9IRqdWFSZWP20gcRC7W32/2CzkIfIAQ+lsM/hTHxtEmFo48Ea
lLTJ9OhtuBW1V0gssP/9x/F7ahcCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRNmoi5
KOEQoPIfZcRa3NNMtqjjzTAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
ZGY3MDMzYzktMzczNi00MTFjLWIyODktYTYwMTNmYWE2OTM1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACABP8co
gDANBgkqhkiG9w0BAQsFAAOCAQEAghp8wzdFm5AiCoBXMca2Vs97PVgAgEinCyzb
rVfnOMdd6lHIfkc/NAxbNy9BrGoS8xX1W3O96IBPkNyjj/DQZ3e1c0J+jhNZXRS8
ALJl4g6eIYa3Inbvy9XAvMXJ5e45038WZLwjvC7FF+i8uT2QCCVenJL+VhPTM2Fj
BYLwLWMQrlaN15uOu/YExXC0I+d3dfMLhAyEVNbi10fiwf3AoHKNtUgdbsrt7ZFv
p/EKuGj6p35wY3sdyIy8IlqGr9FEgQjxvveC2G076Nb/ZGZIJKCSaPi38wEQZrRv
ybl8Roa0n5hDXXWO8uFWP8wuy0A9NU5dZd/2FLIQB98zPsLz8A==
-----END CERTIFICATE-----
Generated at Tue Jul 22 19:31:38 2025 by rpki-client