Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/c70179f2-6d6a-4082-9c0e-863ea2322937.roa
File: c70179f2-6d6a-4082-9c0e-863ea2322937.roa (raw, json)
Hash identifier: kQHwFOeCvUebGIrT37Ln+XvCSUH+hJYVp2M2pf7dUaM=
Subject key identifier: 2F:86:77:67:4B:3F:A9:E6:AA:D9:86:31:43:39:50:25:B5:1D:44:14
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 156B95FBA600A9E45C779CDD6A5F7F4C750C6AB5
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/c70179f2-6d6a-4082-9c0e-863ea2322937.roa
Signing time: Tue 02 Sep 2025 00:40:09 +0000
ROA not before: Tue 02 Sep 2025 00:40:09 +0000
ROA not after: Tue 07 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc7:4000::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 08 Sep 2025 05:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
15:6b:95:fb:a6:00:a9:e4:5c:77:9c:dd:6a:5f:7f:4c:75:0c:6a:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Sep 2 00:40:09 2025 GMT
Not After : Oct 7 23:59:59 2025 GMT
Subject: serialNumber=a407881ebb0bad6e19e420f9cd389684e41dcfa08df50dd10f0492587dff98fb, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:2a:0b:c3:61:bb:d2:25:ee:bc:f2:ae:32:f1:
ab:f9:3e:b1:cf:70:6b:48:b2:c0:91:1c:8f:2b:b8:
d3:48:83:09:ae:50:53:2a:97:7f:3e:54:5b:28:db:
71:48:e7:05:8e:29:49:71:c7:d4:fa:91:24:c3:c4:
dd:47:6f:d5:1e:9d:6e:50:7d:43:72:08:32:8d:c0:
20:16:6f:e5:f1:f8:60:58:db:32:a4:f6:2a:48:14:
f5:42:ac:5c:2b:f9:ba:75:6a:59:70:3d:2b:20:39:
80:22:2d:3d:10:44:62:fa:88:dc:a4:ad:f3:4c:0c:
06:a6:c0:3a:2a:28:0a:5d:97:a9:4a:3c:13:2d:49:
b5:73:75:30:f0:83:d3:15:48:1f:61:34:8a:f5:84:
a5:eb:71:62:fc:46:b5:64:22:ff:88:50:d6:d7:a6:
89:80:3c:bf:2f:e9:ed:ec:c3:80:5b:97:aa:a5:0d:
f6:b7:7d:77:3c:c3:4c:11:d9:a9:a9:d9:2c:a3:ef:
00:02:19:e1:c7:fd:72:d7:28:d7:f4:9a:37:7e:6d:
d3:dd:3e:89:bb:88:1f:77:25:c5:bb:3f:a0:c8:dd:
cc:86:a5:8e:95:68:20:dd:dd:26:3c:4e:b8:3f:25:
c4:a1:a4:7e:6c:d6:1a:b7:80:58:6b:2a:80:25:5e:
5c:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:86:77:67:4B:3F:A9:E6:AA:D9:86:31:43:39:50:25:B5:1D:44:14
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/c70179f2-6d6a-4082-9c0e-863ea2322937.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc7:4000::/36
Signature Algorithm: sha256WithRSAEncryption
74:8a:e9:80:38:80:f6:17:f9:04:64:13:9b:6f:a4:99:7f:a7:
ac:9c:4d:91:51:c0:95:7b:79:82:2e:92:e8:cd:8e:05:48:db:
ff:93:bf:b8:28:35:f7:b0:9a:59:68:4c:f9:80:4d:78:e5:0a:
7d:93:f8:a5:18:c9:bd:a5:f0:48:e1:ab:c3:be:dd:4a:6d:99:
c0:c5:83:9a:ba:41:24:a2:2e:d4:58:c7:ff:2e:a5:cb:4c:9d:
00:36:34:ba:24:56:70:da:db:51:3c:ec:95:05:87:80:bb:74:
ab:a7:c8:28:5b:20:b1:e5:5d:6b:f9:24:d1:4a:a9:d8:e4:9a:
78:75:67:e8:c7:10:a1:1a:e7:76:41:f1:82:39:b7:32:13:05:
18:91:32:01:4e:86:74:ed:03:b8:fc:fe:e4:c7:83:28:b6:f1:
1a:59:a7:71:a1:7e:00:45:9f:a2:02:39:d1:a6:d8:7c:8d:f6:
55:de:7a:8c:6a:58:9c:3c:ef:44:b4:2b:d7:0c:ae:ff:c1:63:
14:69:fc:c4:f5:4d:f1:2a:31:ac:a9:fc:f6:40:3c:75:95:4c:
52:60:73:65:76:92:3b:df:9b:b3:b2:d9:6a:70:3b:9f:3d:8d:
9c:aa:f5:d8:af:a0:0a:1e:3e:db:18:bb:a2:b2:06:0b:75:60:
d1:07:59:76
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUFWuV+6YAqeRcd5zdal9/THUMarUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA5MDIwMDQwMDlaFw0yNTEwMDcyMzU5NTlaMHoxSTBHBgNV
BAUTQGE0MDc4ODFlYmIwYmFkNmUxOWU0MjBmOWNkMzg5Njg0ZTQxZGNmYTA4ZGY1
MGRkMTBmMDQ5MjU4N2RmZjk4ZmIxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALAqC8Nhu9Il7rzyrjLxq/k+sc9wa0iywJEcjyu400iDCa5QUyqXfz5UWyjb
cUjnBY4pSXHH1PqRJMPE3Udv1R6dblB9Q3IIMo3AIBZv5fH4YFjbMqT2KkgU9UKs
XCv5unVqWXA9KyA5gCItPRBEYvqI3KSt80wMBqbAOiooCl2XqUo8Ey1JtXN1MPCD
0xVIH2E0ivWEpetxYvxGtWQi/4hQ1temiYA8vy/p7ezDgFuXqqUN9rd9dzzDTBHZ
qanZLKPvAAIZ4cf9ctco1/SaN35t090+ibuIH3clxbs/oMjdzIaljpVoIN3dJjxO
uD8lxKGkfmzWGreAWGsqgCVeXHsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQvhndn
Sz+p5qrZhjFDOVAltR1EFDAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
YzcwMTc5ZjItNmQ2YS00MDgyLTljMGUtODYzZWEyMzIyOTM3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCABP8dA
MA0GCSqGSIb3DQEBCwUAA4IBAQB0iumAOID2F/kEZBObb6SZf6esnE2RUcCVe3mC
LpLozY4FSNv/k7+4KDX3sJpZaEz5gE145Qp9k/ilGMm9pfBI4avDvt1KbZnAxYOa
ukEkoi7UWMf/LqXLTJ0ANjS6JFZw2ttRPOyVBYeAu3Srp8goWyCx5V1r+STRSqnY
5Jp4dWfoxxChGud2QfGCObcyEwUYkTIBToZ07QO4/P7kx4MotvEaWadxoX4ARZ+i
AjnRpth8jfZV3nqMalicPO9EtCvXDK7/wWMUafzE9U3xKjGsqfz2QDx1lUxSYHNl
dpI735uzstlqcDufPY2cqvXYr6AKHj7bGLuisgYLdWDRB1l2
-----END CERTIFICATE-----
Generated at Sun Sep 7 12:33:46 2025 by rpki-client