Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/06f5324f-fb2d-4212-b1f7-6ca0b172bf22.roa
File: 06f5324f-fb2d-4212-b1f7-6ca0b172bf22.roa (raw, json)
Hash identifier: eDWyKIrDbVMokjcK/4iF9N8haPk3ROr3c2z29arOq+o=
Subject key identifier: 85:92:76:14:ED:F2:5D:9E:03:FF:1E:1E:6A:FF:A8:4C:F0:C0:E2:4B
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 13548D0EFEC2982F81A9A28174ABB1EE3C567279
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/06f5324f-fb2d-4212-b1f7-6ca0b172bf22.roa
Signing time: Mon 26 May 2025 15:20:54 +0000
ROA not before: Mon 26 May 2025 15:20:54 +0000
ROA not after: Mon 30 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc3:8000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
13:54:8d:0e:fe:c2:98:2f:81:a9:a2:81:74:ab:b1:ee:3c:56:72:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: May 26 15:20:54 2025 GMT
Not After : Jun 30 23:59:59 2025 GMT
Subject: serialNumber=86bf084a7eb5eeb05c8e957584bc17ca47ab2bb4f13401aceb1756ad9252a7d4, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:fc:c4:3e:86:d7:b1:17:3a:51:14:2e:de:6b:
25:e3:e4:8d:29:13:28:1f:59:84:b8:07:07:99:f2:
51:4d:ed:e7:ce:d4:12:35:00:f7:04:9e:8b:24:58:
0b:c2:78:e9:0b:1d:5f:fc:e2:7f:f3:bd:94:52:7b:
d8:87:d9:a7:1a:1c:dc:6a:ca:f2:41:22:bb:18:af:
13:2a:03:33:5b:45:5d:df:43:1c:66:96:ce:1c:a5:
7c:6f:0c:34:9e:d2:14:62:86:d5:f8:e5:14:85:f8:
54:8b:dd:02:0d:ae:02:28:ac:92:3b:2e:bf:64:ab:
9c:65:a3:88:ed:3f:79:86:20:63:d2:44:e0:b4:19:
ae:df:19:d9:36:b1:71:bf:9e:2a:17:80:bc:25:ed:
07:47:1e:54:2a:5c:c0:20:9b:9d:1a:7e:db:12:79:
d9:c2:29:40:b6:7c:2a:ff:e1:f6:b8:82:de:37:41:
f5:1a:60:f1:5f:44:c1:3d:1e:8d:f2:ed:8b:7e:fd:
65:9f:12:29:8c:a5:da:72:1d:11:c3:1b:c4:d9:f5:
c9:2d:26:0d:f1:24:b0:aa:b9:47:ba:1e:53:5d:f0:
da:2d:85:c6:73:47:05:fc:bb:07:06:26:38:77:11:
aa:21:d2:d5:33:d7:df:27:1b:5e:8f:1f:22:55:fd:
df:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:92:76:14:ED:F2:5D:9E:03:FF:1E:1E:6A:FF:A8:4C:F0:C0:E2:4B
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/06f5324f-fb2d-4212-b1f7-6ca0b172bf22.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc3:8000::/36
Signature Algorithm: sha256WithRSAEncryption
5f:ca:46:96:5e:dd:93:1f:0f:1a:ae:03:8c:ea:ec:c3:6c:c7:
b6:0b:8e:fa:af:32:f5:2b:33:86:ac:dd:67:dc:6d:ce:90:61:
59:9d:95:28:05:e0:92:81:c0:3d:c2:db:e7:d4:39:45:1e:aa:
a7:0b:7c:c6:0c:69:ae:98:10:ba:87:5d:df:bc:4f:6b:84:33:
06:6e:22:84:bf:d0:9b:41:af:a0:16:98:92:a0:08:91:b0:e4:
01:e1:45:26:a7:bf:9a:dd:69:36:88:91:6a:1b:0b:a8:61:48:
21:9e:55:2f:d7:1b:19:f6:96:b8:e7:ac:11:82:dc:fc:82:5b:
8c:b9:e2:fd:f8:bf:7f:97:75:3a:83:e6:f0:47:b3:79:86:a2:
bf:22:35:3b:e2:6e:89:47:43:45:14:58:a7:35:27:6c:13:b1:
ab:26:cd:ba:a6:5f:3f:56:5d:aa:11:ca:51:8e:77:aa:e0:0c:
f2:c3:53:fa:73:83:40:0a:0b:27:7e:8b:b1:7a:d4:68:32:9a:
65:af:77:e7:03:65:27:b3:ef:85:5f:3b:0f:7f:86:25:d3:bf:
b9:bd:64:24:47:2e:3d:4d:11:2b:4c:c2:22:98:d0:a5:8f:c2:
8c:99:34:75:f7:8f:27:10:23:e7:d6:8a:e3:45:a1:09:7b:86:
76:75:de:81
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUE1SNDv7CmC+BqaKBdKux7jxWcnkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA1MjYxNTIwNTRaFw0yNTA2MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDg2YmYwODRhN2ViNWVlYjA1YzhlOTU3NTg0YmMxN2NhNDdhYjJiYjRmMTM0
MDFhY2ViMTc1NmFkOTI1MmE3ZDQxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJL8xD6G17EXOlEULt5rJePkjSkTKB9ZhLgHB5nyUU3t587UEjUA9wSeiyRY
C8J46QsdX/zif/O9lFJ72IfZpxoc3GrK8kEiuxivEyoDM1tFXd9DHGaWzhylfG8M
NJ7SFGKG1fjlFIX4VIvdAg2uAiiskjsuv2SrnGWjiO0/eYYgY9JE4LQZrt8Z2Tax
cb+eKheAvCXtB0ceVCpcwCCbnRp+2xJ52cIpQLZ8Kv/h9riC3jdB9Rpg8V9EwT0e
jfLti379ZZ8SKYyl2nIdEcMbxNn1yS0mDfEksKq5R7oeU13w2i2FxnNHBfy7BwYm
OHcRqiHS1TPX3ycbXo8fIlX930ECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSFknYU
7fJdngP/Hh5q/6hM8MDiSzAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
MDZmNTMyNGYtZmIyZC00MjEyLWIxZjctNmNhMGIxNzJiZjIyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCABP8OA
MA0GCSqGSIb3DQEBCwUAA4IBAQBfykaWXt2THw8argOM6uzDbMe2C476rzL1KzOG
rN1n3G3OkGFZnZUoBeCSgcA9wtvn1DlFHqqnC3zGDGmumBC6h13fvE9rhDMGbiKE
v9CbQa+gFpiSoAiRsOQB4UUmp7+a3Wk2iJFqGwuoYUghnlUv1xsZ9pa456wRgtz8
gluMueL9+L9/l3U6g+bwR7N5hqK/IjU74m6JR0NFFFinNSdsE7GrJs26pl8/Vl2q
EcpRjneq4Azyw1P6c4NACgsnfouxetRoMpplr3fnA2Uns++FXzsPf4Yl07+5vWQk
Ry49TRErTMIimNClj8KMmTR1948nECPn1orjRaEJe4Z2dd6B
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:48:27 2025 by rpki-client