Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/00d32677-2dbe-47e3-a4b3-be1e601729bd.roa
File: 00d32677-2dbe-47e3-a4b3-be1e601729bd.roa (raw, json)
Hash identifier: 1CAz0HRqG4pGa7RoKMMeYlnbbtzil4kYzjUVvFWrRUQ=
Subject key identifier: 06:37:02:FD:01:6F:06:43:0B:7B:0E:68:F2:58:B7:E1:75:6E:C5:6C
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 04569E9E2FC50D1BA5A7106583A69AB6277DF832
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/00d32677-2dbe-47e3-a4b3-be1e601729bd.roa
Signing time: Wed 30 Apr 2025 00:21:05 +0000
ROA not before: Wed 30 Apr 2025 00:21:05 +0000
ROA not after: Wed 04 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc5:9000::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 05 May 2025 22:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
04:56:9e:9e:2f:c5:0d:1b:a5:a7:10:65:83:a6:9a:b6:27:7d:f8:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Apr 30 00:21:05 2025 GMT
Not After : Jun 4 23:59:59 2025 GMT
Subject: serialNumber=e06695da9c711d3f0cb6d2fbde822af858948221d6e6c15f1361fa0f217e1f16, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:89:fd:63:16:cb:8b:82:d5:2e:c5:81:f0:e9:
d3:ee:a4:bf:a5:16:22:9d:d4:62:62:70:a0:a0:92:
d5:cd:fe:7a:db:60:8b:2a:f6:7d:52:da:a8:5b:c8:
9a:d5:4c:bd:01:24:e4:df:ef:56:09:cb:0b:8f:32:
65:a2:e6:f6:70:51:16:23:92:f3:81:22:75:50:de:
e7:59:f0:1c:82:ac:d4:ca:94:6f:f9:7f:35:67:4f:
54:8b:80:b5:8e:09:cf:e9:86:50:90:e4:bc:e8:04:
d9:db:6b:0d:43:4f:3a:92:62:cd:42:8a:66:ae:5e:
d4:99:1d:82:42:f8:7e:14:2f:ac:90:3c:8f:6b:8d:
6c:9e:7b:e9:51:54:79:8d:1e:b7:07:07:dc:ae:94:
74:d7:04:f0:ec:3b:bc:d4:69:8f:14:6e:c2:3f:8b:
72:ae:19:2e:76:29:4e:58:48:f3:93:81:e6:a0:72:
64:d4:e2:cd:63:32:b1:df:a2:75:7d:a0:b1:e5:f3:
fd:0c:6c:47:9d:a0:90:33:67:d2:c9:62:03:1d:8c:
44:6f:3f:55:26:0e:ca:2b:85:b4:29:a8:44:b8:24:
b8:87:4a:db:0c:14:cf:8e:17:0f:bf:6b:fa:0c:08:
1c:18:b9:7b:1b:70:09:3d:2a:61:05:07:d9:1c:ba:
a2:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:37:02:FD:01:6F:06:43:0B:7B:0E:68:F2:58:B7:E1:75:6E:C5:6C
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/00d32677-2dbe-47e3-a4b3-be1e601729bd.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc5:9000::/36
Signature Algorithm: sha256WithRSAEncryption
9e:95:5a:bd:22:c6:00:24:1b:5b:d8:10:07:29:5d:2d:fc:5d:
0c:fc:0d:ba:8b:64:16:bd:7b:9b:59:fc:b5:a6:35:37:28:46:
3a:33:97:ed:5b:9e:6a:bc:d0:fd:4a:ac:27:e6:f3:fa:4a:4e:
65:f5:c1:87:a8:81:b3:2c:4b:ca:ec:c7:30:37:cd:4e:0e:92:
fd:f4:43:d6:6b:7e:b4:b9:b7:9a:29:c6:43:b2:17:a9:12:6a:
d7:2f:7b:04:b8:84:62:ac:6f:4f:af:a1:7e:d8:bb:4d:0f:54:
a0:dd:92:b1:42:a6:88:f4:b6:5b:8e:73:93:6a:75:6a:fd:1f:
f3:68:a9:ce:32:1c:78:15:2d:62:c9:8c:f9:db:d4:a5:ab:73:
f7:77:e2:50:56:d5:e9:a2:a7:69:db:3d:59:27:b0:e2:b1:75:
a4:39:a7:71:b3:d8:28:39:f1:94:8d:19:5a:25:fb:12:a1:69:
9f:4d:88:bf:e2:ca:ad:16:60:87:d9:99:61:62:bf:9e:18:cb:
c4:14:a8:d1:2d:21:59:28:a0:4d:37:33:60:25:e1:e1:b4:10:
6a:b2:d9:14:a3:ec:02:16:d6:71:fd:34:bc:95:bc:72:ea:5c:
42:d4:5a:c6:38:33:4c:dd:e4:a2:af:c3:15:35:51:86:c1:7a:
4e:e4:46:68
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUBFaeni/FDRulpxBlg6aatid9+DIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA0MzAwMDIxMDVaFw0yNTA2MDQyMzU5NTlaMHoxSTBHBgNV
BAUTQGUwNjY5NWRhOWM3MTFkM2YwY2I2ZDJmYmRlODIyYWY4NTg5NDgyMjFkNmU2
YzE1ZjEzNjFmYTBmMjE3ZTFmMTYxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALKJ/WMWy4uC1S7FgfDp0+6kv6UWIp3UYmJwoKCS1c3+ettgiyr2fVLaqFvI
mtVMvQEk5N/vVgnLC48yZaLm9nBRFiOS84EidVDe51nwHIKs1MqUb/l/NWdPVIuA
tY4Jz+mGUJDkvOgE2dtrDUNPOpJizUKKZq5e1JkdgkL4fhQvrJA8j2uNbJ576VFU
eY0etwcH3K6UdNcE8Ow7vNRpjxRuwj+Lcq4ZLnYpTlhI85OB5qByZNTizWMysd+i
dX2gseXz/QxsR52gkDNn0sliAx2MRG8/VSYOyiuFtCmoRLgkuIdK2wwUz44XD79r
+gwIHBi5extwCT0qYQUH2Ry6ojECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQGNwL9
AW8GQwt7DmjyWLfhdW7FbDAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
MDBkMzI2NzctMmRiZS00N2UzLWE0YjMtYmUxZTYwMTcyOWJkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCABP8WQ
MA0GCSqGSIb3DQEBCwUAA4IBAQCelVq9IsYAJBtb2BAHKV0t/F0M/A26i2QWvXub
Wfy1pjU3KEY6M5ftW55qvND9Sqwn5vP6Sk5l9cGHqIGzLEvK7McwN81ODpL99EPW
a360ubeaKcZDshepEmrXL3sEuIRirG9Pr6F+2LtND1Sg3ZKxQqaI9LZbjnOTanVq
/R/zaKnOMhx4FS1iyYz529Slq3P3d+JQVtXpoqdp2z1ZJ7DisXWkOadxs9goOfGU
jRlaJfsSoWmfTYi/4sqtFmCH2ZlhYr+eGMvEFKjRLSFZKKBNNzNgJeHhtBBqstkU
o+wCFtZx/TS8lbxy6lxC1FrGODNM3eSir8MVNVGGwXpO5EZo
-----END CERTIFICATE-----
Generated at Mon May 5 05:56:06 2025 by rpki-client