Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/df7033c9-3736-411c-b289-a6013faa6935.roa
File: df7033c9-3736-411c-b289-a6013faa6935.roa (raw, json)
Hash identifier: NzD4H7Jirvnab+W5MSRS4RlDOqbgkZ3K8VTh8YYTHVs=
Subject key identifier: C9:44:2A:60:93:01:E1:9D:F4:24:5F:42:7B:DC:9A:5E:99:39:A1:D8
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 64F4284D8000A1B947987379AD796531FF6B7DDA
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/df7033c9-3736-411c-b289-a6013faa6935.roa
Signing time: Mon 26 May 2025 15:10:59 +0000
ROA not before: Mon 26 May 2025 15:10:59 +0000
ROA not after: Mon 30 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc7:2880::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
64:f4:28:4d:80:00:a1:b9:47:98:73:79:ad:79:65:31:ff:6b:7d:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: May 26 15:10:59 2025 GMT
Not After : Jun 30 23:59:59 2025 GMT
Subject: serialNumber=dd81f590fe1e7597c1e96d722fbbacd92126fd3172368a401a94175563d58345, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:cb:c5:ae:d7:c1:5a:a7:2c:7b:4a:62:74:52:
a3:ad:ce:a4:bb:6b:65:21:29:fc:75:1c:f8:85:91:
10:ab:cb:53:93:cd:8b:06:4b:49:e4:06:0f:7a:2e:
9b:80:89:97:cb:e3:be:7b:52:22:35:88:fc:d9:4b:
af:a1:87:81:94:be:e7:82:2f:b1:12:39:f2:99:eb:
c2:28:26:3d:6e:93:aa:83:43:02:85:cf:09:6d:3d:
1a:a2:24:47:4e:13:ff:95:a2:9c:ce:79:46:ab:a3:
f1:f4:9c:a4:f8:05:16:0b:58:26:1c:b7:98:a0:53:
11:5d:3d:78:47:76:ec:fb:1d:09:79:60:48:e6:12:
b7:90:fe:f3:3e:0b:6e:da:1d:aa:44:2e:40:aa:26:
15:7a:14:45:16:ec:fe:39:60:1d:ee:15:13:8a:03:
65:60:ac:bd:89:81:9c:33:9f:6a:ac:8e:6b:38:58:
47:ea:ae:00:d3:66:06:e9:57:c5:02:47:e9:78:25:
64:53:28:72:20:67:a2:81:47:f6:ea:dd:93:03:c9:
fe:d3:a5:58:7d:85:01:eb:1d:33:50:39:5f:b8:36:
fc:ed:9c:86:0d:be:ac:ce:2c:21:5c:03:d9:07:20:
bf:c1:9b:7d:e5:a4:3b:5f:86:21:83:6a:b0:df:2c:
5b:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:44:2A:60:93:01:E1:9D:F4:24:5F:42:7B:DC:9A:5E:99:39:A1:D8
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/df7033c9-3736-411c-b289-a6013faa6935.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc7:2880::/48
Signature Algorithm: sha256WithRSAEncryption
95:50:2f:7f:8d:56:99:13:d3:24:a0:12:87:21:6c:4c:3d:4b:
f7:b1:ac:54:46:6d:43:16:42:fd:98:0e:f4:71:31:26:4d:86:
3c:2b:ea:f1:15:e4:8c:e8:f9:aa:d1:f8:8c:de:aa:65:7b:d3:
79:76:06:f7:9c:e3:0a:68:36:98:3a:74:34:3e:46:5e:2c:78:
0e:51:45:23:15:7f:c0:20:63:6d:46:23:08:b7:d0:fc:80:9f:
73:e4:fb:aa:72:00:ad:e8:60:55:83:20:70:94:b5:28:e6:f5:
06:6a:31:78:a4:95:15:5c:1a:88:67:25:e3:76:94:70:3b:a8:
34:54:c3:dd:d1:04:43:51:f3:cb:d5:d5:ea:61:b1:e8:d8:0d:
ab:b0:ea:44:29:ca:6c:a4:d2:e8:05:7f:3b:45:3e:70:0f:0f:
88:b9:6d:d4:cd:5b:eb:bd:42:81:03:88:94:90:8e:fe:7f:0d:
c3:f3:3e:4b:3a:a0:bd:3a:41:87:6a:3d:40:35:e8:b0:ae:8b:
02:28:65:64:6e:10:ee:e4:ad:13:2b:7d:61:c3:66:29:4b:65:
fe:5c:d2:1f:5d:7c:8d:0d:90:75:6d:16:61:dd:d8:a4:27:0b:
95:47:76:c6:1b:34:79:64:ae:f5:4d:3b:b0:ea:9e:a7:9f:c4:
b4:27:5c:fd
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUZPQoTYAAoblHmHN5rXllMf9rfdowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA1MjYxNTEwNTlaFw0yNTA2MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQGRkODFmNTkwZmUxZTc1OTdjMWU5NmQ3MjJmYmJhY2Q5MjEyNmZkMzE3MjM2
OGE0MDFhOTQxNzU1NjNkNTgzNDUxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMLLxa7XwVqnLHtKYnRSo63OpLtrZSEp/HUc+IWREKvLU5PNiwZLSeQGD3ou
m4CJl8vjvntSIjWI/NlLr6GHgZS+54IvsRI58pnrwigmPW6TqoNDAoXPCW09GqIk
R04T/5WinM55Rquj8fScpPgFFgtYJhy3mKBTEV09eEd27PsdCXlgSOYSt5D+8z4L
btodqkQuQKomFXoURRbs/jlgHe4VE4oDZWCsvYmBnDOfaqyOazhYR+quANNmBulX
xQJH6XglZFMociBnooFH9urdkwPJ/tOlWH2FAesdM1A5X7g2/O2chg2+rM4sIVwD
2Qcgv8GbfeWkO1+GIYNqsN8sW5ECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTJRCpg
kwHhnfQkX0J73JpemTmh2DAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
ZGY3MDMzYzktMzczNi00MTFjLWIyODktYTYwMTNmYWE2OTM1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACABP8co
gDANBgkqhkiG9w0BAQsFAAOCAQEAlVAvf41WmRPTJKAShyFsTD1L97GsVEZtQxZC
/ZgO9HExJk2GPCvq8RXkjOj5qtH4jN6qZXvTeXYG95zjCmg2mDp0ND5GXix4DlFF
IxV/wCBjbUYjCLfQ/ICfc+T7qnIArehgVYMgcJS1KOb1BmoxeKSVFVwaiGcl43aU
cDuoNFTD3dEEQ1Hzy9XV6mGx6NgNq7DqRCnKbKTS6AV/O0U+cA8PiLlt1M1b671C
gQOIlJCO/n8Nw/M+SzqgvTpBh2o9QDXosK6LAihlZG4Q7uStEyt9YcNmKUtl/lzS
H118jQ2QdW0WYd3YpCcLlUd2xhs0eWSu9U07sOqep5/EtCdc/Q==
-----END CERTIFICATE-----
Generated at Sat Jun 14 06:04:16 2025 by rpki-client