Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/0b1379a0-a965-4871-ba33-de2086e8028e.roa
File: 0b1379a0-a965-4871-ba33-de2086e8028e.roa (raw, json)
Hash identifier: /RtLAU8g8B0aVfCj9x5nj1/P9+Egj0WPfZAgfFrXpYU=
Subject key identifier: EE:DF:6A:B4:E2:9E:99:47:FD:52:45:32:09:0D:3B:B8:5C:8F:4B:5B
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 5BFBDF7D6B21D977158332499161A799A895969D
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/0b1379a0-a965-4871-ba33-de2086e8028e.roa
Signing time: Mon 26 May 2025 15:10:55 +0000
ROA not before: Mon 26 May 2025 15:10:55 +0000
ROA not after: Mon 30 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc7:f000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5b:fb:df:7d:6b:21:d9:77:15:83:32:49:91:61:a7:99:a8:95:96:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: May 26 15:10:55 2025 GMT
Not After : Jun 30 23:59:59 2025 GMT
Subject: serialNumber=d50e6b4891687448cb1cf4ad55235eec4b496b21f58ba4385afdf8bae2fcfb4f, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:1e:1a:39:84:69:0e:18:fe:83:d8:fc:bb:5d:
4b:2b:e2:a6:14:fc:02:83:6e:a9:2e:3b:02:f9:cc:
53:1b:86:57:a4:cf:ac:ec:9d:b6:cf:a5:0e:98:16:
d6:de:a3:81:59:af:4a:b2:7f:86:e8:f3:92:ab:c9:
88:29:ad:63:af:08:a1:e5:99:cd:35:b1:a0:81:99:
c0:90:c3:9d:1c:93:e3:87:2b:1e:1a:a4:44:8c:e0:
d7:c9:c7:99:5e:d1:fc:cd:c9:98:8c:db:7f:0b:63:
8b:9e:b0:e9:63:84:ed:ee:0e:b0:f5:81:02:ea:26:
3a:3b:c3:22:82:67:78:40:14:2b:db:f1:d7:29:a8:
4f:26:49:66:a2:55:a9:ae:73:89:51:a5:d5:31:fe:
72:bf:81:b3:1d:ac:a6:9b:2d:7d:23:ee:4f:2c:4f:
42:62:f0:5b:5f:b9:20:34:87:13:0c:83:48:28:9d:
dd:59:b2:e1:35:5f:32:83:29:d1:56:3b:61:48:60:
d3:87:be:8f:38:30:ba:f3:9c:c1:fe:16:cd:02:6c:
a1:9f:e0:30:4f:e8:90:68:06:a2:d4:44:65:e9:cf:
41:61:c1:3e:4e:e6:41:28:fb:e6:28:ba:16:b2:c2:
79:eb:61:00:2f:87:03:28:c9:f0:66:57:17:2f:b8:
48:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:DF:6A:B4:E2:9E:99:47:FD:52:45:32:09:0D:3B:B8:5C:8F:4B:5B
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/0b1379a0-a965-4871-ba33-de2086e8028e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc7:f000::/36
Signature Algorithm: sha256WithRSAEncryption
95:42:bb:f0:5e:ec:ba:07:7f:45:cf:b0:0f:87:06:b6:5e:b8:
6f:be:a1:15:3d:51:1d:9f:15:fe:4c:fa:f1:e4:c4:fc:4b:fc:
d7:d7:5a:ff:70:85:a6:27:a2:a6:85:cc:f0:d6:64:11:1f:9b:
e0:4b:22:09:68:45:92:c4:bd:d4:df:0c:a9:11:b8:22:8e:1d:
fa:ca:b2:e7:4c:66:1a:76:dd:0b:dc:77:8a:e1:65:af:d8:84:
23:a1:35:27:ac:5b:9c:2d:15:f9:93:c7:4e:6b:b5:b3:4a:54:
79:60:cb:c9:50:2a:40:c6:a1:d9:3c:7f:42:5c:06:44:63:b3:
e1:ee:42:d8:ee:a9:00:18:4f:85:90:bd:22:0d:9d:fe:47:6e:
65:f8:36:54:6e:ce:2e:ac:59:98:26:f0:b5:a6:bc:61:b0:df:
51:22:89:87:2a:0a:dd:cf:62:14:26:0c:ec:aa:3c:6e:86:ee:
dd:15:5a:ff:b1:7a:ef:f9:38:37:79:83:8e:43:3c:b0:da:e0:
06:b3:6a:bb:e9:d1:d2:d9:cf:0d:e8:b8:a7:5a:31:88:37:6b:
a9:c9:e9:02:b3:e1:f2:bc:00:72:06:f8:e6:bb:68:fd:59:a9:
a1:ab:d9:37:13:31:63:72:87:b7:79:a1:79:13:ca:64:56:47:
5b:36:11:d7
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUW/vffWsh2XcVgzJJkWGnmaiVlp0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA1MjYxNTEwNTVaFw0yNTA2MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQGQ1MGU2YjQ4OTE2ODc0NDhjYjFjZjRhZDU1MjM1ZWVjNGI0OTZiMjFmNThi
YTQzODVhZmRmOGJhZTJmY2ZiNGYxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKkeGjmEaQ4Y/oPY/LtdSyviphT8AoNuqS47AvnMUxuGV6TPrOydts+lDpgW
1t6jgVmvSrJ/hujzkqvJiCmtY68IoeWZzTWxoIGZwJDDnRyT44crHhqkRIzg18nH
mV7R/M3JmIzbfwtji56w6WOE7e4OsPWBAuomOjvDIoJneEAUK9vx1ymoTyZJZqJV
qa5ziVGl1TH+cr+Bsx2sppstfSPuTyxPQmLwW1+5IDSHEwyDSCid3Vmy4TVfMoMp
0VY7YUhg04e+jzgwuvOcwf4WzQJsoZ/gME/okGgGotREZenPQWHBPk7mQSj75ii6
FrLCeethAC+HAyjJ8GZXFy+4SOcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTu32q0
4p6ZR/1SRTIJDTu4XI9LWzAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
MGIxMzc5YTAtYTk2NS00ODcxLWJhMzMtZGUyMDg2ZTgwMjhlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCABP8fw
MA0GCSqGSIb3DQEBCwUAA4IBAQCVQrvwXuy6B39Fz7APhwa2XrhvvqEVPVEdnxX+
TPrx5MT8S/zX11r/cIWmJ6Kmhczw1mQRH5vgSyIJaEWSxL3U3wypEbgijh36yrLn
TGYadt0L3HeK4WWv2IQjoTUnrFucLRX5k8dOa7WzSlR5YMvJUCpAxqHZPH9CXAZE
Y7Ph7kLY7qkAGE+FkL0iDZ3+R25l+DZUbs4urFmYJvC1prxhsN9RIomHKgrdz2IU
Jgzsqjxuhu7dFVr/sXrv+Tg3eYOOQzyw2uAGs2q76dHS2c8N6LinWjGIN2upyekC
s+HyvAByBvjmu2j9Wamhq9k3EzFjcoe3eaF5E8pkVkdbNhHX
-----END CERTIFICATE-----
Generated at Sat Jun 14 06:08:47 2025 by rpki-client