Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/afb29442-cb58-4fe7-9319-202c1646019f.roa
File: afb29442-cb58-4fe7-9319-202c1646019f.roa (raw, json)
Hash identifier: LH2HXeTaly3BqrwAgL8h36Fl/s6yZDdPej9OS1VCzt8=
Subject key identifier: 2E:6E:34:69:E0:8D:62:C2:BC:90:8C:56:66:22:A5:10:AF:64:96:BA
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 2658BC5D55EB47E0683EEB5FE497344D33760352
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/afb29442-cb58-4fe7-9319-202c1646019f.roa
Signing time: Mon 26 May 2025 15:20:25 +0000
ROA not before: Mon 26 May 2025 15:20:25 +0000
ROA not after: Mon 30 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc6::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
26:58:bc:5d:55:eb:47:e0:68:3e:eb:5f:e4:97:34:4d:33:76:03:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: May 26 15:20:25 2025 GMT
Not After : Jun 30 23:59:59 2025 GMT
Subject: serialNumber=137075e628f5279f40e193deb05c0a21b8474a198825c5ed25d23de9956dfa75, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:02:1b:ca:dc:ff:7d:53:b1:b1:16:14:46:82:
cf:fd:55:d5:2e:96:ae:02:e5:1e:e9:78:89:5a:1f:
52:47:9f:01:b1:0c:9e:3a:1e:86:32:30:40:65:8d:
a4:9a:13:92:21:ba:d0:77:d1:45:4f:5b:ac:7f:23:
fa:6e:7d:3c:58:09:23:a6:bf:b8:3d:f8:bb:a8:ef:
56:3d:c5:48:03:2f:83:d4:56:62:fb:d7:82:01:31:
c0:14:4a:30:a4:24:e8:d5:c5:26:cc:cc:0e:12:6a:
4f:84:94:0d:03:00:83:14:e0:b9:c7:08:5b:8c:4e:
40:34:a4:ab:18:dd:32:7f:a7:cf:75:a5:89:84:8f:
d5:1e:fb:11:3d:e1:33:61:cd:a0:4f:68:36:86:27:
c0:92:10:23:fb:54:76:d0:4a:37:d6:71:ec:d1:d6:
fb:6d:dc:76:71:f8:18:bf:d6:13:f5:33:6b:a6:f8:
ca:b4:71:91:51:4c:b7:de:6f:8f:d9:e0:bf:a3:87:
4a:ef:44:da:28:76:bf:df:07:79:65:0b:35:c9:9d:
1b:9f:e3:7f:f0:6a:40:e2:01:1f:3f:c5:1c:09:a2:
a1:64:79:9c:a0:c6:7f:fa:cb:f0:09:30:8f:8d:d6:
3a:d5:0f:f2:f2:6b:24:3c:32:f8:1a:37:54:9c:2c:
1c:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:6E:34:69:E0:8D:62:C2:BC:90:8C:56:66:22:A5:10:AF:64:96:BA
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/afb29442-cb58-4fe7-9319-202c1646019f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc6::/40
Signature Algorithm: sha256WithRSAEncryption
87:f0:e7:7f:2d:c0:64:69:ac:35:3d:3b:d7:e4:d2:74:87:9b:
b1:ef:a4:42:2f:5b:30:44:0f:c9:29:e7:9c:33:cc:6f:4e:f5:
9e:09:fb:7a:1f:9c:9f:72:4c:93:22:df:9a:34:1b:0f:ee:42:
23:e7:e4:8a:d2:5c:2f:49:ef:fa:aa:b1:d9:2f:e4:ad:ec:76:
47:02:b9:d5:22:1c:5f:6e:e9:f9:d3:a0:69:4f:ae:f1:e0:15:
71:18:a0:d3:13:2f:5e:9d:6e:18:ec:3c:9d:1e:8e:c2:de:82:
bc:3a:38:83:64:c4:f0:b2:1f:b3:f8:07:f2:bf:8d:c8:6c:d2:
ca:13:19:1c:a5:8a:38:80:40:92:6a:00:2f:59:ea:6a:c3:74:
99:d4:d6:63:82:91:84:a7:d9:63:6d:70:cc:29:4a:88:7c:87:
b9:48:44:bd:19:49:87:10:03:7d:75:a3:f2:85:be:83:5d:c9:
27:ee:26:90:5b:e8:76:4e:a1:93:87:d9:c2:9e:87:e9:b0:33:
35:5d:62:10:db:58:11:61:2d:c5:fe:e9:e6:02:39:87:64:ea:
90:33:f3:95:9e:38:a3:79:f3:67:4f:df:a7:8e:29:cb:ad:b5:
e5:c5:dd:16:6f:66:bd:88:33:b9:75:a9:25:5f:39:72:5d:14:
0d:2d:ab:fc
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUJli8XVXrR+BoPutf5Jc0TTN2A1IwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA1MjYxNTIwMjVaFw0yNTA2MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDEzNzA3NWU2MjhmNTI3OWY0MGUxOTNkZWIwNWMwYTIxYjg0NzRhMTk4ODI1
YzVlZDI1ZDIzZGU5OTU2ZGZhNzUxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALoCG8rc/31TsbEWFEaCz/1V1S6WrgLlHul4iVofUkefAbEMnjoehjIwQGWN
pJoTkiG60HfRRU9brH8j+m59PFgJI6a/uD34u6jvVj3FSAMvg9RWYvvXggExwBRK
MKQk6NXFJszMDhJqT4SUDQMAgxTguccIW4xOQDSkqxjdMn+nz3WliYSP1R77ET3h
M2HNoE9oNoYnwJIQI/tUdtBKN9Zx7NHW+23cdnH4GL/WE/Uza6b4yrRxkVFMt95v
j9ngv6OHSu9E2ih2v98HeWULNcmdG5/jf/BqQOIBHz/FHAmioWR5nKDGf/rL8Akw
j43WOtUP8vJrJDwy+Bo3VJwsHBsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQubjRp
4I1iwryQjFZmIqUQr2SWujAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
YWZiMjk0NDItY2I1OC00ZmU3LTkzMTktMjAyYzE2NDYwMTlmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACABP8YA
MA0GCSqGSIb3DQEBCwUAA4IBAQCH8Od/LcBkaaw1PTvX5NJ0h5ux76RCL1swRA/J
KeecM8xvTvWeCft6H5yfckyTIt+aNBsP7kIj5+SK0lwvSe/6qrHZL+St7HZHArnV
Ihxfbun506BpT67x4BVxGKDTEy9enW4Y7DydHo7C3oK8OjiDZMTwsh+z+Afyv43I
bNLKExkcpYo4gECSagAvWepqw3SZ1NZjgpGEp9ljbXDMKUqIfIe5SES9GUmHEAN9
daPyhb6DXckn7iaQW+h2TqGTh9nCnofpsDM1XWIQ21gRYS3F/unmAjmHZOqQM/OV
njijefNnT9+njinLrbXlxd0Wb2a9iDO5daklXzlyXRQNLav8
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:57:59 2025 by rpki-client