Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/0869fd21-e07d-44bc-b068-73be998c5028.roa
File: 0869fd21-e07d-44bc-b068-73be998c5028.roa (raw, json)
Hash identifier: tVFRF3o07yLYx4JRfmaVLUHJz+qzqO2Ybtf09GbTroI=
Subject key identifier: CE:6A:F9:E1:6B:41:48:11:8A:4C:EA:3B:9B:D6:96:5E:DA:FF:81:A7
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 6B6B1D768CB51B4365D2D74D35CEBA150DB6FE3F
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/0869fd21-e07d-44bc-b068-73be998c5028.roa
Signing time: Mon 26 May 2025 15:10:56 +0000
ROA not before: Mon 26 May 2025 15:10:56 +0000
ROA not after: Mon 30 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc7:f800::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6b:6b:1d:76:8c:b5:1b:43:65:d2:d7:4d:35:ce:ba:15:0d:b6:fe:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: May 26 15:10:56 2025 GMT
Not After : Jun 30 23:59:59 2025 GMT
Subject: serialNumber=fd6a8831bc44cd4e04e28569d12b709805f5440f2b9da9890f52ceab3ef850a0, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:08:34:ed:14:72:cb:c7:b5:8c:d0:59:56:76:
be:39:c0:a5:8a:b1:54:2f:72:a6:20:30:b5:ef:72:
29:0e:2c:c3:d2:ae:5c:b7:c3:c2:53:5b:05:54:7d:
c6:20:f9:10:71:3b:66:43:55:db:4c:98:9a:3c:3b:
e7:f6:e1:06:c0:10:68:eb:28:04:30:4c:d2:73:62:
34:16:65:c5:a2:da:ea:d5:99:49:a9:f2:7b:d4:a4:
99:7b:d0:4d:ff:f3:e2:c9:e3:ed:5b:f9:75:1a:c8:
97:66:12:92:ea:aa:95:72:17:8c:06:c5:13:fa:01:
dd:65:02:23:7f:5a:40:30:81:8d:11:a5:51:b9:67:
cc:e8:6d:12:0c:33:fd:de:c1:45:45:38:74:8e:47:
8c:34:19:f6:e1:79:16:88:70:7e:24:04:d8:4e:9e:
5a:ee:c7:60:13:93:69:a8:bd:86:8a:27:af:b0:f4:
5b:4f:77:50:ec:72:2e:d1:ca:70:97:a2:2e:4c:9a:
8a:4f:65:ff:30:5a:28:e8:a3:f4:bb:62:4b:e4:a1:
16:50:43:cf:9d:33:7a:95:56:5c:96:f4:2a:14:bb:
e9:2f:fb:42:d9:9d:5d:2e:8c:db:93:3c:2f:ba:dc:
3e:5f:0a:2a:bd:02:f1:76:eb:a9:25:60:9c:fd:c7:
b5:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:6A:F9:E1:6B:41:48:11:8A:4C:EA:3B:9B:D6:96:5E:DA:FF:81:A7
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/0869fd21-e07d-44bc-b068-73be998c5028.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc7:f800::/40
Signature Algorithm: sha256WithRSAEncryption
5b:66:fa:ab:b7:a9:2b:57:1e:ac:df:84:3b:20:46:5f:d4:13:
e7:fa:f6:fa:0e:a7:f5:2b:28:cf:d6:08:50:0f:52:73:fd:de:
02:80:60:96:61:43:6b:80:12:5c:a4:85:f7:8e:13:17:1c:fa:
d4:53:62:34:66:9b:03:30:07:f1:85:5c:ff:23:23:16:bf:9e:
32:44:88:ba:54:0b:99:00:2f:f5:98:a2:32:e1:56:53:47:0e:
51:f8:18:b2:ec:e6:f8:ff:00:76:79:6b:84:db:23:63:96:2b:
f4:ce:22:b4:ac:7f:c5:f6:77:ad:41:63:7a:7c:74:eb:56:4c:
e3:7f:c3:79:12:9b:be:9d:7b:01:25:b3:b5:1c:72:8f:40:b9:
44:50:99:e7:82:96:5c:19:54:64:27:b2:42:0a:0a:29:1c:8a:
5f:0b:ba:cc:a5:bc:89:08:4a:d4:d1:4d:17:9d:85:b5:61:b7:
05:83:a8:9a:50:b0:a5:47:41:da:da:86:32:b6:a7:e9:0a:4b:
de:3f:df:6b:89:e9:00:91:52:11:90:11:12:20:f1:d8:9f:5d:
ee:33:a3:d5:ab:fe:73:cb:43:ef:20:a6:a8:75:c8:b5:e5:2b:
45:89:a3:9f:77:a9:6c:cd:d8:a3:aa:de:5b:d1:84:fd:5d:35:
9b:2a:d6:17
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUa2sddoy1G0Nl0tdNNc66FQ22/j8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA1MjYxNTEwNTZaFw0yNTA2MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQGZkNmE4ODMxYmM0NGNkNGUwNGUyODU2OWQxMmI3MDk4MDVmNTQ0MGYyYjlk
YTk4OTBmNTJjZWFiM2VmODUwYTAxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKoINO0UcsvHtYzQWVZ2vjnApYqxVC9ypiAwte9yKQ4sw9KuXLfDwlNbBVR9
xiD5EHE7ZkNV20yYmjw75/bhBsAQaOsoBDBM0nNiNBZlxaLa6tWZSanye9SkmXvQ
Tf/z4snj7Vv5dRrIl2YSkuqqlXIXjAbFE/oB3WUCI39aQDCBjRGlUblnzOhtEgwz
/d7BRUU4dI5HjDQZ9uF5FohwfiQE2E6eWu7HYBOTaai9hoonr7D0W093UOxyLtHK
cJeiLkyaik9l/zBaKOij9LtiS+ShFlBDz50zepVWXJb0KhS76S/7QtmdXS6M25M8
L7rcPl8KKr0C8XbrqSVgnP3HtS8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTOavnh
a0FIEYpM6jub1pZe2v+BpzAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
MDg2OWZkMjEtZTA3ZC00NGJjLWIwNjgtNzNiZTk5OGM1MDI4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACABP8f4
MA0GCSqGSIb3DQEBCwUAA4IBAQBbZvqrt6krVx6s34Q7IEZf1BPn+vb6Dqf1KyjP
1ghQD1Jz/d4CgGCWYUNrgBJcpIX3jhMXHPrUU2I0ZpsDMAfxhVz/IyMWv54yRIi6
VAuZAC/1mKIy4VZTRw5R+Biy7Ob4/wB2eWuE2yNjliv0ziK0rH/F9netQWN6fHTr
Vkzjf8N5Epu+nXsBJbO1HHKPQLlEUJnngpZcGVRkJ7JCCgopHIpfC7rMpbyJCErU
0U0XnYW1YbcFg6iaULClR0Ha2oYytqfpCkveP99riekAkVIRkBESIPHYn13uM6PV
q/5zy0PvIKaodci15StFiaOfd6lszdijqt5b0YT9XTWbKtYX
-----END CERTIFICATE-----
Generated at Sat Jun 14 06:01:04 2025 by rpki-client