Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/640762f4-b911-441a-995b-675a2c1eb24d.roa
File: 640762f4-b911-441a-995b-675a2c1eb24d.roa (raw, json)
Hash identifier: bN5O1FLFVmqEawAdhHJ0PeCi8UzSO8/APkvOt0qIaSs=
Subject key identifier: CD:84:85:DA:EE:C9:0D:31:4F:DF:EB:5C:E2:19:B3:A6:5C:F6:5D:D9
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 79AFD2E47E60D49558408A419E77BA264A4CA49E
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/640762f4-b911-441a-995b-675a2c1eb24d.roa
Signing time: Mon 26 May 2025 15:10:53 +0000
ROA not before: Mon 26 May 2025 15:10:53 +0000
ROA not after: Mon 30 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc7:2000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 06 Jun 2025 20:42:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
79:af:d2:e4:7e:60:d4:95:58:40:8a:41:9e:77:ba:26:4a:4c:a4:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: May 26 15:10:53 2025 GMT
Not After : Jun 30 23:59:59 2025 GMT
Subject: serialNumber=8559bfb7d8e00e068666e0dfa1bf1220b60f1886cc0c419470d7593627cea239, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:b0:33:f7:05:54:8f:95:5f:ca:c7:04:6d:84:
e1:65:75:a0:53:10:5f:33:d2:7d:f6:1e:ec:fd:02:
82:9d:6a:b5:b8:e7:95:e3:1c:d7:3b:4c:b4:6b:24:
03:89:9d:6b:54:1f:29:41:2b:19:50:61:ec:d9:07:
71:9a:e1:fb:07:0e:c8:5b:a8:e3:b0:00:07:c1:b9:
9d:c7:8d:57:be:5d:1c:aa:d7:a8:89:9e:c0:82:d2:
e0:03:e9:c5:54:46:0e:d2:01:36:bb:3c:b9:9d:b8:
66:bc:ac:cd:1f:b0:2f:0a:78:bf:74:f4:07:e4:b9:
87:65:d0:fd:2a:90:d1:9f:92:cd:54:3f:8c:38:a8:
68:09:5b:f8:44:a9:6f:5d:74:9d:82:13:1d:33:0c:
78:d2:89:8f:c1:e3:a9:3e:5f:63:4b:6e:70:17:20:
4c:ee:85:55:d1:11:b9:a8:fc:44:10:e1:83:3a:c7:
61:79:6b:cc:72:87:3b:a6:3e:5d:fc:cc:8a:e7:54:
40:71:e7:ab:b6:67:80:77:2c:e7:71:03:8a:38:ce:
2a:49:7f:e1:c8:54:35:7c:47:08:ef:4f:2a:a8:0f:
33:64:df:10:c5:8e:22:6c:d5:dd:bb:95:7c:ad:52:
84:61:9b:53:ca:4c:20:99:30:1b:ca:b6:37:d2:3e:
5d:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:84:85:DA:EE:C9:0D:31:4F:DF:EB:5C:E2:19:B3:A6:5C:F6:5D:D9
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/640762f4-b911-441a-995b-675a2c1eb24d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc7:2000::/36
Signature Algorithm: sha256WithRSAEncryption
67:50:73:e8:6c:e2:37:ac:30:9a:4f:d5:2d:50:a6:ad:b1:ff:
86:8a:c7:0b:65:01:32:30:cd:95:7b:0e:f7:c2:98:a0:ce:11:
fa:3f:ca:8d:9a:cb:67:8a:53:27:b0:03:09:d6:75:cb:39:6b:
d6:b8:1d:a4:64:ea:7a:1a:8f:74:76:a0:f3:ce:8a:1f:86:06:
c0:b1:19:e7:9d:27:f1:46:78:44:b7:6e:59:15:16:16:f2:bb:
b1:6e:59:fc:3b:93:12:cb:98:65:19:47:b3:8c:da:ad:b9:94:
b8:23:a6:78:e6:8d:8d:2a:cf:1f:28:74:fb:b0:03:6d:2d:2e:
d4:fb:e6:d3:e1:e4:ed:73:dc:11:20:6e:2c:90:a4:5d:17:56:
29:06:ba:57:5b:0a:d6:25:6b:00:00:cc:47:0f:dc:27:39:5d:
72:02:ba:55:66:de:15:a9:b2:6c:b9:95:ce:2f:d5:88:0b:13:
d2:ce:b9:ed:d2:d8:fb:39:5f:fa:81:3b:e6:68:5b:b1:2a:4b:
de:e2:7c:ac:d3:6a:26:a3:3f:13:5c:b2:e6:c9:1c:92:df:54:
6a:c0:e3:b5:dd:21:a8:10:20:e8:fa:9d:0f:3f:27:79:d6:e4:
76:f2:f9:00:17:f0:ae:8f:e2:1e:35:0b:f0:b2:04:f3:48:22:
01:da:f6:68
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUea/S5H5g1JVYQIpBnne6JkpMpJ4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA1MjYxNTEwNTNaFw0yNTA2MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDg1NTliZmI3ZDhlMDBlMDY4NjY2ZTBkZmExYmYxMjIwYjYwZjE4ODZjYzBj
NDE5NDcwZDc1OTM2MjdjZWEyMzkxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALGwM/cFVI+VX8rHBG2E4WV1oFMQXzPSffYe7P0Cgp1qtbjnleMc1ztMtGsk
A4mda1QfKUErGVBh7NkHcZrh+wcOyFuo47AAB8G5nceNV75dHKrXqImewILS4APp
xVRGDtIBNrs8uZ24ZryszR+wLwp4v3T0B+S5h2XQ/SqQ0Z+SzVQ/jDioaAlb+ESp
b110nYITHTMMeNKJj8HjqT5fY0tucBcgTO6FVdERuaj8RBDhgzrHYXlrzHKHO6Y+
XfzMiudUQHHnq7ZngHcs53EDijjOKkl/4chUNXxHCO9PKqgPM2TfEMWOImzV3buV
fK1ShGGbU8pMIJkwG8q2N9I+XbMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTNhIXa
7skNMU/f61ziGbOmXPZd2TAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
NjQwNzYyZjQtYjkxMS00NDFhLTk5NWItNjc1YTJjMWViMjRkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCABP8cg
MA0GCSqGSIb3DQEBCwUAA4IBAQBnUHPobOI3rDCaT9UtUKatsf+GiscLZQEyMM2V
ew73wpigzhH6P8qNmstnilMnsAMJ1nXLOWvWuB2kZOp6Go90dqDzzoofhgbAsRnn
nSfxRnhEt25ZFRYW8ruxbln8O5MSy5hlGUezjNqtuZS4I6Z45o2NKs8fKHT7sANt
LS7U++bT4eTtc9wRIG4skKRdF1YpBrpXWwrWJWsAAMxHD9wnOV1yArpVZt4VqbJs
uZXOL9WICxPSzrnt0tj7OV/6gTvmaFuxKkve4nys02omoz8TXLLmyRyS31RqwOO1
3SGoECDo+p0PPyd51uR28vkAF/Cuj+IeNQvwsgTzSCIB2vZo
-----END CERTIFICATE-----
Generated at Fri Jun 6 03:53:36 2025 by rpki-client