Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/1e498054-99a2-4f2b-82cb-7448499c313c.roa
File: 1e498054-99a2-4f2b-82cb-7448499c313c.roa (raw, json)
Hash identifier: eZh/Oyw2sSbnMEW0uspxXM3sJEPwGWilpRWlyNJxnL0=
Subject key identifier: AA:7D:29:90:87:46:3A:3D:72:6F:7B:95:0D:82:DE:3D:D0:C4:FA:AF
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 075671649D5604091E48CBB744FDA026F2E76C27
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/1e498054-99a2-4f2b-82cb-7448499c313c.roa
Signing time: Tue 10 Jun 2025 17:30:07 +0000
ROA not before: Tue 10 Jun 2025 17:30:07 +0000
ROA not after: Tue 15 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
07:56:71:64:9d:56:04:09:1e:48:cb:b7:44:fd:a0:26:f2:e7:6c:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Jun 10 17:30:07 2025 GMT
Not After : Jul 15 23:59:59 2025 GMT
Subject: serialNumber=b557a7212dc16bcbf291eb7bc6f7591fd35826898eb460570fc49bdfebb4c2eb, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:01:bf:62:49:c1:01:76:dc:c1:35:b2:cc:6c:
02:d2:b6:47:6e:3a:9d:ee:04:a2:2a:0c:82:e4:f3:
b4:fe:91:e4:78:17:df:2a:33:09:bc:c3:d9:a2:21:
27:20:64:ae:f2:e7:12:ce:33:79:5e:f3:60:d0:04:
bc:cc:6e:8e:8e:5b:e6:08:fb:cf:48:cb:fd:e7:ed:
89:9a:ad:32:92:35:dc:bb:db:84:62:8d:92:e4:d5:
82:d3:b4:68:3a:69:dc:ad:e2:f0:d2:b0:95:e6:55:
67:95:fc:2d:63:26:a5:d1:12:e0:d0:ac:27:66:84:
b4:c2:8d:74:b7:b5:01:b1:52:08:68:3d:20:1d:82:
ac:09:01:83:2b:db:67:45:c4:b9:c1:bc:85:71:cd:
34:fe:6c:87:35:55:77:28:4e:b2:26:53:06:e0:a1:
71:25:cf:77:f4:07:95:df:68:0b:4f:e2:34:04:20:
44:d6:2c:c5:21:75:cb:a6:b3:c8:ca:de:ec:8f:bd:
5d:10:14:1c:ab:3b:26:5d:3f:20:5f:92:d8:c4:32:
52:f6:68:e8:93:d1:b8:99:c0:5e:9b:f7:91:62:9c:
12:70:6e:5e:c4:3b:c1:8c:1c:2f:fc:75:40:0d:4b:
61:b5:0f:c0:ef:1d:4c:97:56:eb:32:cf:b1:93:38:
31:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:7D:29:90:87:46:3A:3D:72:6F:7B:95:0D:82:DE:3D:D0:C4:FA:AF
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/1e498054-99a2-4f2b-82cb-7448499c313c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc0::/29
Signature Algorithm: sha256WithRSAEncryption
98:76:da:ea:f4:0e:fb:ca:0b:11:21:1b:36:80:c2:75:93:38:
c6:a0:9b:cf:0e:2b:1b:99:a7:21:f9:ab:e0:d4:7b:12:52:27:
86:0d:03:9a:2e:f8:b9:02:af:9c:06:89:64:a9:ce:44:8c:78:
f8:f7:1d:0d:a7:40:64:3a:8e:e3:81:7e:ee:e4:90:61:59:c0:
27:bb:69:35:36:f8:5d:d3:41:58:44:a7:bb:1b:1b:cb:72:1d:
b4:3d:83:cc:1e:91:2a:34:2e:54:b2:ea:ce:8b:d1:d8:12:34:
38:83:b0:5f:36:64:c0:de:1e:37:df:a5:cc:9c:b3:54:11:2a:
a7:4f:c5:87:d2:00:70:0e:48:10:34:a1:aa:84:c7:af:33:88:
8d:01:e4:31:ea:b4:2e:aa:4b:dc:a5:5c:74:e2:c2:35:db:df:
5f:23:3d:99:41:49:f4:ac:dd:81:96:5b:a8:f4:4e:d4:03:b8:
99:ec:fd:2a:78:4d:e6:50:b9:13:83:6c:f1:f0:60:8c:7f:a8:
e8:f7:95:49:7c:33:55:ce:1d:c5:66:f2:0f:e1:49:f5:63:42:
11:c2:4f:68:f1:28:3c:58:6e:f6:17:74:bb:2c:f9:a7:18:55:
78:0a:82:f3:3a:78:68:7f:93:4a:95:eb:6f:47:5b:66:78:c8:
d5:a9:cb:e5
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgIUB1ZxZJ1WBAkeSMu3RP2gJvLnbCcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA2MTAxNzMwMDdaFw0yNTA3MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQGI1NTdhNzIxMmRjMTZiY2JmMjkxZWI3YmM2Zjc1OTFmZDM1ODI2ODk4ZWI0
NjA1NzBmYzQ5YmRmZWJiNGMyZWIxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALkBv2JJwQF23ME1ssxsAtK2R246ne4EoioMguTztP6R5HgX3yozCbzD2aIh
JyBkrvLnEs4zeV7zYNAEvMxujo5b5gj7z0jL/eftiZqtMpI13LvbhGKNkuTVgtO0
aDpp3K3i8NKwleZVZ5X8LWMmpdES4NCsJ2aEtMKNdLe1AbFSCGg9IB2CrAkBgyvb
Z0XEucG8hXHNNP5shzVVdyhOsiZTBuChcSXPd/QHld9oC0/iNAQgRNYsxSF1y6az
yMre7I+9XRAUHKs7Jl0/IF+S2MQyUvZo6JPRuJnAXpv3kWKcEnBuXsQ7wYwcL/x1
QA1LYbUPwO8dTJdW6zLPsZM4MR8CAwEAAaOCAiIwggIeMB0GA1UdDgQWBBSqfSmQ
h0Y6PXJve5UNgt490MT6rzAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
MWU0OTgwNTQtOTlhMi00ZjJiLTgyY2ItNzQ0ODQ5OWMzMTNjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFAyABP8Aw
DQYJKoZIhvcNAQELBQADggEBAJh22ur0DvvKCxEhGzaAwnWTOMagm88OKxuZpyH5
q+DUexJSJ4YNA5ou+LkCr5wGiWSpzkSMePj3HQ2nQGQ6juOBfu7kkGFZwCe7aTU2
+F3TQVhEp7sbG8tyHbQ9g8wekSo0LlSy6s6L0dgSNDiDsF82ZMDeHjffpcycs1QR
KqdPxYfSAHAOSBA0oaqEx68ziI0B5DHqtC6qS9ylXHTiwjXb318jPZlBSfSs3YGW
W6j0TtQDuJns/Sp4TeZQuRODbPHwYIx/qOj3lUl8M1XOHcVm8g/hSfVjQhHCT2jx
KDxYbvYXdLss+acYVXgKgvM6eGh/k0qV629HW2Z4yNWpy+U=
-----END CERTIFICATE-----
Generated at Sat Jun 14 06:00:00 2025 by rpki-client