Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/9195a704-de86-4692-95c9-30d458a106d5.roa
File: 9195a704-de86-4692-95c9-30d458a106d5.roa (raw, json)
Hash identifier: DPWq0nFgfw4AZEJkBYHIaY/ClgheKcHcjpI5ofOIKlY=
Subject key identifier: C6:7D:9E:9E:C6:B6:DF:F1:E1:7B:33:06:2E:AE:9E:F6:28:EB:56:F3
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 0929EBC59DE55A0F61F3B85449E30FF47DDD7880
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/9195a704-de86-4692-95c9-30d458a106d5.roa
Signing time: Mon 26 May 2025 15:21:09 +0000
ROA not before: Mon 26 May 2025 15:21:09 +0000
ROA not after: Mon 30 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc1:8000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
09:29:eb:c5:9d:e5:5a:0f:61:f3:b8:54:49:e3:0f:f4:7d:dd:78:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: May 26 15:21:09 2025 GMT
Not After : Jun 30 23:59:59 2025 GMT
Subject: serialNumber=188f8374d31c889a8923b7427b7ee2dd16b34b8ef05b5d7e90aa5286167b9f10, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:bc:76:08:c0:fa:b9:74:86:49:41:8d:49:dd:
92:1c:48:7c:2d:9f:02:7d:2d:78:b0:a4:34:2d:9a:
d6:03:7c:cd:1d:6d:16:28:fb:17:ab:b4:6e:be:a1:
e6:07:f6:65:b0:ca:84:1e:ff:0d:51:94:38:ae:c2:
56:c2:75:65:63:d4:d0:3e:b1:0e:55:f0:13:aa:54:
49:be:2f:77:25:4b:f6:b2:e0:00:e3:94:94:6f:b6:
61:76:f7:b7:ce:f3:83:fb:49:09:68:39:1f:99:a5:
f8:94:c8:72:71:78:bb:9c:6a:67:18:f2:22:3a:68:
b8:e5:bd:3a:fe:f9:50:c8:5c:e6:69:95:c5:6e:17:
c3:f8:eb:7f:54:99:90:44:dc:6b:f7:e9:fd:bf:57:
82:be:60:55:43:e9:3c:06:9f:97:d9:7f:b4:cd:e9:
c2:53:93:4e:74:13:c7:0d:96:7e:91:a1:67:83:03:
bd:b6:51:a0:af:2e:67:87:ee:dd:51:e9:ac:0c:ff:
4a:48:c3:de:bd:82:7d:af:d4:09:16:b5:ac:51:fe:
35:e0:70:62:5f:29:86:1f:94:a1:d0:1d:78:1a:b4:
dc:7e:dd:48:fa:c2:98:08:bf:e8:d5:85:90:7b:98:
16:97:9a:8a:9e:64:e3:f5:04:22:6a:e2:44:86:40:
01:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:7D:9E:9E:C6:B6:DF:F1:E1:7B:33:06:2E:AE:9E:F6:28:EB:56:F3
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/9195a704-de86-4692-95c9-30d458a106d5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc1:8000::/36
Signature Algorithm: sha256WithRSAEncryption
7e:98:f1:a7:3c:f5:70:ec:9c:69:30:5b:ad:73:a9:50:52:6b:
53:f0:68:b7:e3:23:75:d1:8e:bb:5c:69:8e:1b:28:27:15:8a:
d7:f0:5a:04:05:34:6f:af:9a:91:79:c3:b8:91:a2:52:95:5d:
c3:7d:4e:47:79:ee:79:66:e0:89:e1:c2:0d:fa:b0:78:45:d5:
dd:28:ef:ff:1c:ea:db:c3:ee:85:6b:7a:ae:af:68:8a:68:92:
3a:a4:94:17:ea:c3:dd:d6:39:7c:99:00:ed:cd:52:ac:fd:bf:
4e:d5:3c:88:f6:3a:61:7c:0b:3c:63:25:3b:3b:15:84:05:f4:
f4:69:ac:ed:61:17:65:24:91:8b:85:d9:da:2e:ca:f1:5e:0d:
1c:87:87:41:37:26:31:61:49:b4:50:2c:40:7f:8e:be:c4:83:
e8:37:f7:1d:2a:85:40:64:c6:eb:65:65:7d:7e:83:ca:93:70:
7f:4b:e1:d9:b9:28:3f:37:03:4e:db:4b:38:77:27:c4:4c:ce:
b0:47:40:37:9f:87:68:61:78:9e:72:28:84:bf:df:61:38:02:
f6:ef:a8:23:9a:56:74:ba:e0:83:c2:11:09:c0:24:c1:02:da:
90:a2:1e:c7:fc:0a:2c:64:b6:78:6d:42:46:11:5a:6a:e3:34:
fb:84:08:15
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUCSnrxZ3lWg9h87hUSeMP9H3deIAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA1MjYxNTIxMDlaFw0yNTA2MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDE4OGY4Mzc0ZDMxYzg4OWE4OTIzYjc0MjdiN2VlMmRkMTZiMzRiOGVmMDVi
NWQ3ZTkwYWE1Mjg2MTY3YjlmMTAxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOG8dgjA+rl0hklBjUndkhxIfC2fAn0teLCkNC2a1gN8zR1tFij7F6u0br6h
5gf2ZbDKhB7/DVGUOK7CVsJ1ZWPU0D6xDlXwE6pUSb4vdyVL9rLgAOOUlG+2YXb3
t87zg/tJCWg5H5ml+JTIcnF4u5xqZxjyIjpouOW9Ov75UMhc5mmVxW4Xw/jrf1SZ
kETca/fp/b9Xgr5gVUPpPAafl9l/tM3pwlOTTnQTxw2WfpGhZ4MDvbZRoK8uZ4fu
3VHprAz/SkjD3r2Cfa/UCRa1rFH+NeBwYl8phh+UodAdeBq03H7dSPrCmAi/6NWF
kHuYFpeaip5k4/UEImriRIZAAbUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTGfZ6e
xrbf8eF7MwYurp72KOtW8zAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
OTE5NWE3MDQtZGU4Ni00NjkyLTk1YzktMzBkNDU4YTEwNmQ1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCABP8GA
MA0GCSqGSIb3DQEBCwUAA4IBAQB+mPGnPPVw7JxpMFutc6lQUmtT8Gi34yN10Y67
XGmOGygnFYrX8FoEBTRvr5qRecO4kaJSlV3DfU5Hee55ZuCJ4cIN+rB4RdXdKO//
HOrbw+6Fa3qur2iKaJI6pJQX6sPd1jl8mQDtzVKs/b9O1TyI9jphfAs8YyU7OxWE
BfT0aaztYRdlJJGLhdnaLsrxXg0ch4dBNyYxYUm0UCxAf46+xIPoN/cdKoVAZMbr
ZWV9foPKk3B/S+HZuSg/NwNO20s4dyfETM6wR0A3n4doYXieciiEv99hOAL276gj
mlZ0uuCDwhEJwCTBAtqQoh7H/AosZLZ4bUJGEVpq4zT7hAgV
-----END CERTIFICATE-----
Generated at Sat Jun 14 06:29:19 2025 by rpki-client