Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/215a2c9b-4dc1-48db-846e-de75149ba3ec.roa
File: 215a2c9b-4dc1-48db-846e-de75149ba3ec.roa (raw, json)
Hash identifier: iyLVJGAk2oeVK5jWgQ+k5CmsyYjHEX6ZcizB5axYYko=
Subject key identifier: 77:75:26:19:F4:54:71:B2:73:39:11:08:EC:A0:CB:F3:B0:86:2D:FA
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 63ABCA32F1B56D90E8EFAC1ABE70762C45C516E6
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/215a2c9b-4dc1-48db-846e-de75149ba3ec.roa
Signing time: Mon 26 May 2025 15:21:19 +0000
ROA not before: Mon 26 May 2025 15:21:19 +0000
ROA not after: Mon 30 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc2::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
63:ab:ca:32:f1:b5:6d:90:e8:ef:ac:1a:be:70:76:2c:45:c5:16:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: May 26 15:21:19 2025 GMT
Not After : Jun 30 23:59:59 2025 GMT
Subject: serialNumber=690b90e447a2c0bdc19163c91bfd69711f46e8c5641bfc3f4387c96289324376, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:20:55:b2:da:41:86:62:c9:37:5c:ab:7a:5b:
5d:3c:16:39:d9:33:51:42:c0:cc:4b:26:a0:a1:6b:
85:23:ff:b5:55:c5:55:91:53:72:76:08:dc:ec:e6:
7a:e6:e3:98:9b:64:ad:a6:4f:ba:c9:d4:18:76:15:
b9:ea:1b:ce:20:5b:c2:20:39:20:da:fa:59:52:35:
31:bc:ce:66:45:88:1d:7f:3d:3b:5c:89:a3:fe:c4:
bf:8f:54:7d:c1:c2:b5:c1:d0:18:7a:1b:3c:50:67:
38:39:bf:08:aa:98:c2:97:67:f2:0c:76:3e:de:f8:
a4:5c:d7:5a:0a:bf:d9:af:a3:0a:cd:78:0c:96:62:
d8:07:24:17:ac:47:1d:b5:d6:87:26:04:73:a7:57:
85:78:e2:e0:11:a7:9f:4a:01:00:28:61:5f:c5:c7:
53:f5:bc:68:e1:d9:9a:95:4e:e9:77:78:77:89:73:
15:62:00:4b:75:91:04:8b:1d:8e:01:db:d6:88:d2:
9e:8a:35:51:17:2d:7f:43:5d:68:8f:b0:a9:ec:46:
1a:74:1f:ae:f5:7a:cd:0b:51:0e:cd:82:49:72:e7:
06:5d:be:cf:c9:64:47:d0:7a:e6:83:87:ae:a0:67:
da:2f:6e:5c:c8:4f:2b:ed:14:84:9e:e9:14:f3:f9:
ea:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:75:26:19:F4:54:71:B2:73:39:11:08:EC:A0:CB:F3:B0:86:2D:FA
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/215a2c9b-4dc1-48db-846e-de75149ba3ec.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc2::/32
Signature Algorithm: sha256WithRSAEncryption
11:3b:ca:48:4f:ee:da:2c:05:b2:47:9e:0e:61:5f:47:8c:a8:
e5:85:0c:ee:d9:37:f0:87:ea:b6:63:de:af:c2:e4:4c:f4:4b:
01:68:56:86:41:3e:18:19:68:64:f5:6f:82:15:90:26:74:1c:
ee:6f:b0:c9:9d:13:07:ff:3f:34:12:d3:a5:b9:6d:a8:92:f0:
cd:77:fd:fc:aa:50:3a:41:80:1a:b5:7a:02:1d:2c:93:65:3d:
1e:b1:7b:5a:a9:5a:71:7b:fc:37:32:c2:91:c5:4e:95:57:46:
ca:a0:fc:2e:a7:a1:2c:ec:87:cd:de:86:26:6e:9c:1b:97:09:
c2:28:a1:b1:46:20:3d:21:8d:5d:81:14:df:c9:ce:1e:0b:a7:
99:14:07:cd:25:79:73:a5:d6:51:72:d5:fa:df:4e:f9:63:a0:
ab:43:ab:d5:c2:0b:e8:4c:a3:3d:e0:30:52:18:95:2c:92:b5:
d7:ef:34:8d:1b:47:a7:5e:ef:6e:43:97:85:1b:37:48:d3:7d:
82:82:b8:43:42:68:b6:49:ba:2d:90:1d:85:97:2c:5b:af:65:
7f:c7:75:d1:6d:e1:69:7a:d7:8e:95:b1:05:17:3a:44:5e:2f:
87:02:60:16:05:04:a0:d1:cf:2b:b7:0f:d3:35:b8:6d:2a:ac:
90:1d:f5:0d
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgIUY6vKMvG1bZDo76wavnB2LEXFFuYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA1MjYxNTIxMTlaFw0yNTA2MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDY5MGI5MGU0NDdhMmMwYmRjMTkxNjNjOTFiZmQ2OTcxMWY0NmU4YzU2NDFi
ZmMzZjQzODdjOTYyODkzMjQzNzYxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJogVbLaQYZiyTdcq3pbXTwWOdkzUULAzEsmoKFrhSP/tVXFVZFTcnYI3Ozm
eubjmJtkraZPusnUGHYVueobziBbwiA5INr6WVI1MbzOZkWIHX89O1yJo/7Ev49U
fcHCtcHQGHobPFBnODm/CKqYwpdn8gx2Pt74pFzXWgq/2a+jCs14DJZi2AckF6xH
HbXWhyYEc6dXhXji4BGnn0oBAChhX8XHU/W8aOHZmpVO6Xd4d4lzFWIAS3WRBIsd
jgHb1ojSnoo1URctf0NdaI+wqexGGnQfrvV6zQtRDs2CSXLnBl2+z8lkR9B65oOH
rqBn2i9uXMhPK+0UhJ7pFPP56jECAwEAAaOCAiIwggIeMB0GA1UdDgQWBBR3dSYZ
9FRxsnM5EQjsoMvzsIYt+jAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
MjE1YTJjOWItNGRjMS00OGRiLTg0NmUtZGU3NTE0OWJhM2VjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACABP8Iw
DQYJKoZIhvcNAQELBQADggEBABE7ykhP7tosBbJHng5hX0eMqOWFDO7ZN/CH6rZj
3q/C5Ez0SwFoVoZBPhgZaGT1b4IVkCZ0HO5vsMmdEwf/PzQS06W5baiS8M13/fyq
UDpBgBq1egIdLJNlPR6xe1qpWnF7/DcywpHFTpVXRsqg/C6noSzsh83ehiZunBuX
CcIoobFGID0hjV2BFN/Jzh4Lp5kUB80leXOl1lFy1frfTvljoKtDq9XCC+hMoz3g
MFIYlSyStdfvNI0bR6de725Dl4UbN0jTfYKCuENCaLZJui2QHYWXLFuvZX/HddFt
4Wl6146VsQUXOkReL4cCYBYFBKDRzyu3D9M1uG0qrJAd9Q0=
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:40:16 2025 by rpki-client