
Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/aee0ced2-04c3-4c6b-ab68-04adfb518909.roa
File: aee0ced2-04c3-4c6b-ab68-04adfb518909.roa (raw, json)
Hash identifier: szY4+7fPP05W1GphOYPyHDtOFrwMT7tSzuSHGDJLljo=
Subject key identifier: F2:52:34:55:37:F9:8C:E1:52:98:95:C3:6B:02:A6:3C:FA:02:5B:03
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 7A4C0361C81EA26E139906B6D13B4492A9AFAF91
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/aee0ced2-04c3-4c6b-ab68-04adfb518909.roa
Signing time: Wed 30 Jul 2025 17:36:59 +0000
ROA not before: Wed 30 Jul 2025 17:36:59 +0000
ROA not after: Wed 03 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc7:7000::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 12:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7a:4c:03:61:c8:1e:a2:6e:13:99:06:b6:d1:3b:44:92:a9:af:af:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Jul 30 17:36:59 2025 GMT
Not After : Sep 3 23:59:59 2025 GMT
Subject: serialNumber=682bf643445a2a9a3d4c50e8a07c57b4578c5d813e6251e6b6f21387bc412eec, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:85:98:73:78:dd:d8:ad:3e:6a:a5:58:b0:bb:
4e:eb:91:0c:d2:16:fd:5d:a1:a1:76:d2:c5:ae:06:
f2:2e:29:7c:f8:f2:8d:8e:44:39:f7:7e:76:25:8c:
3f:86:ea:4a:2f:2a:bf:10:93:55:16:c9:21:57:e2:
0d:65:57:e9:6a:f3:dc:7b:98:a8:31:7a:de:bd:a9:
e8:eb:d5:51:7f:dd:12:01:c4:1b:cf:48:ae:94:8e:
2b:29:4f:3f:7c:50:05:d3:39:bd:93:c8:db:de:cb:
6a:26:40:61:6a:9f:26:9d:45:6c:81:1d:ca:f0:c3:
d4:05:56:98:2e:66:69:c9:bc:73:5e:a2:84:37:a7:
ee:86:57:aa:a9:dc:ed:d4:9f:3d:db:2c:fe:bd:48:
3f:1d:89:14:be:69:cc:bb:7e:47:c7:11:51:b2:55:
72:63:15:0d:37:a8:b3:00:bc:38:5b:97:75:d5:98:
cf:70:03:59:c5:70:c7:87:89:7d:31:3f:16:cb:98:
2c:f4:20:4a:07:6f:ed:5c:8d:fe:6b:6d:67:8b:95:
98:52:ea:8f:ad:ad:d7:3d:d3:fb:bf:82:fe:7c:b9:
ec:06:3e:89:f0:4c:b8:b6:09:ca:05:5b:0c:e6:33:
66:cf:50:e3:1e:96:bf:a9:8c:3d:d8:8b:95:41:be:
d5:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:52:34:55:37:F9:8C:E1:52:98:95:C3:6B:02:A6:3C:FA:02:5B:03
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/aee0ced2-04c3-4c6b-ab68-04adfb518909.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc7:7000::/36
Signature Algorithm: sha256WithRSAEncryption
53:e4:34:b5:2a:fb:69:6f:3e:6f:a4:6c:79:53:85:5a:85:83:
16:d4:6e:9f:87:79:10:5d:7a:34:4f:b7:92:29:26:78:a6:0f:
0c:54:00:46:18:f3:b3:ae:6e:34:43:08:73:c1:b8:70:66:20:
51:f4:71:71:61:f7:99:43:99:9b:a4:4b:09:ae:e6:e4:7b:92:
94:a1:4a:98:25:7a:f8:cc:ac:e9:aa:99:90:4e:67:d6:26:35:
db:98:1f:71:61:39:c7:8c:29:03:68:c1:5f:00:27:ed:15:14:
4e:9a:d9:26:66:61:ba:ab:cd:ee:b2:a6:11:bc:24:dc:78:35:
d1:2f:d2:fe:c8:53:39:0a:80:7e:aa:4e:56:96:e6:77:1f:56:
da:7f:dc:d6:41:8b:04:09:df:89:3c:9a:e6:84:a6:29:25:ef:
1a:eb:62:24:6e:be:d9:d9:eb:d9:a7:65:c1:d2:c4:ff:9a:d0:
d9:dd:b2:23:2e:07:aa:a7:74:45:01:4b:90:22:73:a2:cb:35:
80:a0:c4:a7:bc:0a:50:3f:30:09:02:fe:12:0e:ac:ed:db:c0:
f4:3a:e8:26:7c:f9:fb:b0:d9:06:54:37:26:3e:6b:d9:9d:1c:
19:4f:0b:a7:dd:69:b5:ad:26:54:e7:a7:41:b2:48:ea:aa:73:
e2:a1:50:e3
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUekwDYcgeom4TmQa20TtEkqmvr5EwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA3MzAxNzM2NTlaFw0yNTA5MDMyMzU5NTlaMHoxSTBHBgNV
BAUTQDY4MmJmNjQzNDQ1YTJhOWEzZDRjNTBlOGEwN2M1N2I0NTc4YzVkODEzZTYy
NTFlNmI2ZjIxMzg3YmM0MTJlZWMxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALCFmHN43ditPmqlWLC7TuuRDNIW/V2hoXbSxa4G8i4pfPjyjY5EOfd+diWM
P4bqSi8qvxCTVRbJIVfiDWVX6Wrz3HuYqDF63r2p6OvVUX/dEgHEG89IrpSOKylP
P3xQBdM5vZPI297LaiZAYWqfJp1FbIEdyvDD1AVWmC5macm8c16ihDen7oZXqqnc
7dSfPdss/r1IPx2JFL5pzLt+R8cRUbJVcmMVDTeoswC8OFuXddWYz3ADWcVwx4eJ
fTE/FsuYLPQgSgdv7VyN/mttZ4uVmFLqj62t1z3T+7+C/ny57AY+ifBMuLYJygVb
DOYzZs9Q4x6Wv6mMPdiLlUG+1cUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTyUjRV
N/mM4VKYlcNrAqY8+gJbAzAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
YWVlMGNlZDItMDRjMy00YzZiLWFiNjgtMDRhZGZiNTE4OTA5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCABP8dw
MA0GCSqGSIb3DQEBCwUAA4IBAQBT5DS1Kvtpbz5vpGx5U4VahYMW1G6fh3kQXXo0
T7eSKSZ4pg8MVABGGPOzrm40QwhzwbhwZiBR9HFxYfeZQ5mbpEsJrubke5KUoUqY
JXr4zKzpqpmQTmfWJjXbmB9xYTnHjCkDaMFfACftFRROmtkmZmG6q83usqYRvCTc
eDXRL9L+yFM5CoB+qk5WluZ3H1baf9zWQYsECd+JPJrmhKYpJe8a62Ikbr7Z2evZ
p2XB0sT/mtDZ3bIjLgeqp3RFAUuQInOiyzWAoMSnvApQPzAJAv4SDqzt28D0Ougm
fPn7sNkGVDcmPmvZnRwZTwun3Wm1rSZU56dBskjqqnPioVDj
-----END CERTIFICATE-----
Generated at Mon Aug 4 21:38:09 2025 by rpki-client