Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/3b361956-44bc-47e7-9213-cd7854c555f8.roa
File: 3b361956-44bc-47e7-9213-cd7854c555f8.roa (raw, json)
Hash identifier: QUJjh6+t8+TAZ2Kb3RThVwY4au71OLYjmgz4uo5joto=
Subject key identifier: 3B:CB:00:17:7C:35:7D:37:BA:A9:3D:04:90:14:27:77:46:91:10:21
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 76061BD9192C067B97DBC5C16E2D8D3B9E019C4F
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/3b361956-44bc-47e7-9213-cd7854c555f8.roa
Signing time: Mon 26 May 2025 15:20:55 +0000
ROA not before: Mon 26 May 2025 15:20:55 +0000
ROA not after: Mon 30 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc7:4000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
76:06:1b:d9:19:2c:06:7b:97:db:c5:c1:6e:2d:8d:3b:9e:01:9c:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: May 26 15:20:55 2025 GMT
Not After : Jun 30 23:59:59 2025 GMT
Subject: serialNumber=03f5624ae0a1ea160e14967d35e321b7e234f5fe9f9373fdf8e2ad4d899ba402, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:0b:b7:81:4b:39:b3:7c:d3:23:6d:91:d8:06:
90:a0:a9:61:89:44:d7:4f:56:a6:99:14:20:68:a1:
8a:87:01:30:91:b5:da:0a:39:f0:ce:59:cd:a1:d9:
2f:39:b8:b0:33:60:b8:ec:61:ad:8b:09:e1:3b:29:
9e:9c:18:99:61:49:ab:26:00:03:d6:cc:e0:68:bb:
3f:22:ff:4a:d9:f4:b6:d8:cc:dc:35:26:a6:a4:71:
00:a0:f4:76:12:0f:f5:93:91:d9:a3:74:6d:17:84:
2f:85:6c:9a:58:56:c0:ea:c5:68:2d:c8:24:ac:79:
2f:9e:03:93:00:06:0d:bb:1d:5e:58:bf:96:f6:22:
4e:cb:6b:d5:87:bf:75:c5:b4:dc:b7:9f:1a:09:f7:
b9:e3:42:37:01:c4:94:e9:1b:5e:d8:a8:33:61:61:
db:95:42:3c:89:f4:d1:6f:5d:ba:a6:3b:0a:88:72:
36:9e:5b:50:a0:e1:a3:f5:5c:eb:fa:65:ec:37:42:
f9:f8:70:80:c5:fe:6b:26:5b:a8:4b:8e:2b:7c:80:
ec:b3:b3:06:da:cb:ba:48:84:38:41:94:c5:e3:74:
52:04:b2:b2:ae:5f:b9:aa:e4:b9:98:b3:0a:81:fc:
60:aa:53:6b:11:66:20:5f:9c:5d:1b:c4:21:d9:1c:
db:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:CB:00:17:7C:35:7D:37:BA:A9:3D:04:90:14:27:77:46:91:10:21
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/3b361956-44bc-47e7-9213-cd7854c555f8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc7:4000::/36
Signature Algorithm: sha256WithRSAEncryption
93:19:d5:78:da:c2:61:b5:9c:fd:6e:a1:61:34:da:5f:bd:23:
be:73:8b:d6:d7:f1:56:a9:57:a4:c4:ad:65:99:44:fc:77:4f:
8d:cc:69:2f:26:e2:0d:c9:94:bb:93:30:0d:f7:6c:58:3c:ab:
11:3e:23:5c:aa:8c:37:54:4d:e4:6a:47:61:28:96:7c:f6:65:
2e:0c:31:17:1c:1b:3c:17:82:fb:d8:e1:72:3b:90:90:84:39:
39:9a:21:9b:3d:b0:d3:07:a5:b3:66:2a:ff:4e:79:3b:c4:ac:
2c:b3:ff:73:e5:b7:1c:a2:ed:27:7a:0a:11:cc:93:c0:86:a1:
29:ec:be:e8:30:0f:c4:cd:8a:0a:81:26:5e:ab:0b:84:0e:4f:
7b:d9:15:66:19:43:71:2a:2b:91:50:11:d0:51:e0:77:17:5a:
10:1f:56:d4:60:ab:e3:d5:11:a3:f0:6c:0d:48:b2:ba:5e:26:
29:f5:2c:01:90:59:ff:e0:ab:27:d7:a0:f5:e0:c5:fd:f5:94:
d6:f2:3f:66:27:02:ad:80:4b:0a:b0:ab:31:5b:f7:6f:48:37:
61:e7:b3:de:53:7f:38:55:e4:ee:76:42:9f:c4:a3:ad:a7:10:
26:f9:b9:31:b4:1b:ff:12:c2:c9:e5:e3:94:0d:c1:e8:fc:47:
2b:cc:cb:a5
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUdgYb2RksBnuX28XBbi2NO54BnE8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA1MjYxNTIwNTVaFw0yNTA2MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDAzZjU2MjRhZTBhMWVhMTYwZTE0OTY3ZDM1ZTMyMWI3ZTIzNGY1ZmU5Zjkz
NzNmZGY4ZTJhZDRkODk5YmE0MDIxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJYLt4FLObN80yNtkdgGkKCpYYlE109WppkUIGihiocBMJG12go58M5ZzaHZ
Lzm4sDNguOxhrYsJ4TspnpwYmWFJqyYAA9bM4Gi7PyL/Stn0ttjM3DUmpqRxAKD0
dhIP9ZOR2aN0bReEL4VsmlhWwOrFaC3IJKx5L54DkwAGDbsdXli/lvYiTstr1Ye/
dcW03LefGgn3ueNCNwHElOkbXtioM2Fh25VCPIn00W9duqY7CohyNp5bUKDho/Vc
6/pl7DdC+fhwgMX+ayZbqEuOK3yA7LOzBtrLukiEOEGUxeN0UgSysq5fuarkuZiz
CoH8YKpTaxFmIF+cXRvEIdkc220CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQ7ywAX
fDV9N7qpPQSQFCd3RpEQITAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
M2IzNjE5NTYtNDRiYy00N2U3LTkyMTMtY2Q3ODU0YzU1NWY4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCABP8dA
MA0GCSqGSIb3DQEBCwUAA4IBAQCTGdV42sJhtZz9bqFhNNpfvSO+c4vW1/FWqVek
xK1lmUT8d0+NzGkvJuINyZS7kzAN92xYPKsRPiNcqow3VE3kakdhKJZ89mUuDDEX
HBs8F4L72OFyO5CQhDk5miGbPbDTB6WzZir/Tnk7xKwss/9z5bccou0negoRzJPA
hqEp7L7oMA/EzYoKgSZeqwuEDk972RVmGUNxKiuRUBHQUeB3F1oQH1bUYKvj1RGj
8GwNSLK6XiYp9SwBkFn/4Ksn16D14MX99ZTW8j9mJwKtgEsKsKsxW/dvSDdh57Pe
U384VeTudkKfxKOtpxAm+bkxtBv/EsLJ5eOUDcHo/EcrzMul
-----END CERTIFICATE-----
Generated at Sat Jun 14 06:00:00 2025 by rpki-client