Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/34fb5c7e-e397-4649-893b-332ddda14bd0.roa
File: 34fb5c7e-e397-4649-893b-332ddda14bd0.roa (raw, json)
Hash identifier: pui/TnYdRRZOdDGiYPa+0WPdq09PgJQvTOnon200KwI=
Subject key identifier: FB:09:39:A4:1E:4A:6C:5A:60:96:B5:8F:E3:49:B2:70:1E:AE:CD:D7
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 119CA4CD7EDB1A99B262F49A60EB0BABB2CA7F59
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/34fb5c7e-e397-4649-893b-332ddda14bd0.roa
Signing time: Tue 10 Jun 2025 17:30:06 +0000
ROA not before: Tue 10 Jun 2025 17:30:06 +0000
ROA not after: Tue 15 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc6:100::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
11:9c:a4:cd:7e:db:1a:99:b2:62:f4:9a:60:eb:0b:ab:b2:ca:7f:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Jun 10 17:30:06 2025 GMT
Not After : Jul 15 23:59:59 2025 GMT
Subject: serialNumber=e84814ad1c00183f421b40d14b109e8358989596b66dec4cd4599c2192dfbb25, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:f3:72:37:f7:e7:48:f9:6a:f0:31:9d:48:b2:
01:8d:90:3b:40:e4:a8:8f:c2:ac:59:ff:88:90:43:
81:c3:62:cb:34:d9:78:40:73:12:a3:95:6b:17:9b:
6a:b3:1a:f4:17:ba:3c:74:cc:fa:af:75:64:4c:77:
02:6e:8d:9f:91:04:11:1a:0d:cb:dd:81:d3:32:88:
9f:9d:ba:91:d5:05:33:f0:64:33:fc:63:4c:19:31:
c1:09:5a:ff:a5:16:b7:a4:9a:69:ec:64:be:50:a6:
51:08:06:a8:1e:af:d3:39:b0:50:63:0e:f4:e3:e1:
41:7d:5a:c0:a3:c0:0d:58:f4:8e:b2:73:64:6a:8a:
5d:9a:a0:cd:cc:04:67:dc:fd:35:b5:43:a7:26:bf:
f8:18:76:e2:cd:b6:e5:a2:80:68:59:15:0f:e0:14:
04:d4:d7:9e:3b:b1:bf:9e:e1:57:19:bf:6c:1d:a6:
a9:f6:cf:0d:aa:5c:90:ad:f7:e9:c1:d3:ad:ac:17:
bc:99:a4:ac:36:85:84:8c:45:f0:04:6e:15:fe:af:
6d:b9:4a:31:f9:c0:e5:de:0f:ca:6a:87:51:2f:e1:
93:23:a6:03:00:a4:25:db:fe:cc:71:30:91:d1:ad:
96:42:1f:ce:d1:c2:23:db:48:2c:5c:7c:5d:f2:4a:
2b:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:09:39:A4:1E:4A:6C:5A:60:96:B5:8F:E3:49:B2:70:1E:AE:CD:D7
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/34fb5c7e-e397-4649-893b-332ddda14bd0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc6:100::/48
Signature Algorithm: sha256WithRSAEncryption
9f:96:cf:0b:9e:86:8f:a7:ea:51:a1:24:26:ba:bf:f2:64:2b:
22:fa:f1:4f:98:46:5b:cc:b2:d5:01:0c:b2:6e:cd:cc:95:aa:
45:74:f1:8c:15:bd:15:e3:c7:1d:74:72:4f:f7:31:eb:38:af:
90:74:48:e4:6c:8f:b5:24:cb:61:53:3e:54:32:86:c2:d8:62:
dc:bd:de:ff:ea:22:3e:54:58:4d:93:60:e1:24:87:2a:1f:ab:
ef:5a:f1:9c:cf:fb:dc:1e:7f:61:c6:76:90:0f:cb:8f:21:f0:
e9:73:c9:cd:08:5c:5a:de:7e:59:09:72:c7:b6:4b:5f:11:ea:
85:9f:99:ad:c9:6f:03:58:15:b7:6f:c8:93:63:ab:92:c0:ba:
c6:5d:98:bb:57:20:56:ad:4c:52:9d:83:14:06:03:4f:66:e4:
49:1c:cf:22:58:6d:70:0f:f2:ef:63:2c:fc:6c:ed:88:c1:80:
45:c7:e4:ff:49:77:4e:3b:f6:38:8d:bf:5b:ac:7f:ae:bc:a0:
a7:26:4b:9b:67:1d:2e:9a:0a:1c:9d:ca:af:40:a5:9e:97:6c:
89:e7:ae:94:90:3a:51:1f:ad:8a:1c:bc:d1:fb:77:64:88:2e:
ab:cb:77:1b:3a:e9:1b:70:bc:a1:29:ea:da:c1:88:d0:fa:de:
07:e6:ea:e5
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUEZykzX7bGpmyYvSaYOsLq7LKf1kwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA2MTAxNzMwMDZaFw0yNTA3MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQGU4NDgxNGFkMWMwMDE4M2Y0MjFiNDBkMTRiMTA5ZTgzNTg5ODk1OTZiNjZk
ZWM0Y2Q0NTk5YzIxOTJkZmJiMjUxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIrzcjf350j5avAxnUiyAY2QO0DkqI/CrFn/iJBDgcNiyzTZeEBzEqOVaxeb
arMa9Be6PHTM+q91ZEx3Am6Nn5EEERoNy92B0zKIn526kdUFM/BkM/xjTBkxwQla
/6UWt6SaaexkvlCmUQgGqB6v0zmwUGMO9OPhQX1awKPADVj0jrJzZGqKXZqgzcwE
Z9z9NbVDpya/+Bh24s225aKAaFkVD+AUBNTXnjuxv57hVxm/bB2mqfbPDapckK33
6cHTrawXvJmkrDaFhIxF8ARuFf6vbblKMfnA5d4PymqHUS/hkyOmAwCkJdv+zHEw
kdGtlkIfztHCI9tILFx8XfJKK6sCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBT7CTmk
HkpsWmCWtY/jSbJwHq7N1zAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
MzRmYjVjN2UtZTM5Ny00NjQ5LTg5M2ItMzMyZGRkYTE0YmQwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACABP8YB
ADANBgkqhkiG9w0BAQsFAAOCAQEAn5bPC56Gj6fqUaEkJrq/8mQrIvrxT5hGW8yy
1QEMsm7NzJWqRXTxjBW9FePHHXRyT/cx6zivkHRI5GyPtSTLYVM+VDKGwthi3L3e
/+oiPlRYTZNg4SSHKh+r71rxnM/73B5/YcZ2kA/LjyHw6XPJzQhcWt5+WQlyx7ZL
XxHqhZ+ZrclvA1gVt2/Ik2OrksC6xl2Yu1cgVq1MUp2DFAYDT2bkSRzPIlhtcA/y
72Ms/GztiMGARcfk/0l3Tjv2OI2/W6x/rrygpyZLm2cdLpoKHJ3Kr0Clnpdsieeu
lJA6UR+tihy80ft3ZIguq8t3GzrpG3C8oSnq2sGI0PreB+bq5Q==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:59:08 2025 by rpki-client