Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/07aa2549-9eea-428d-a23d-c0e66b59cdb0.roa
File: 07aa2549-9eea-428d-a23d-c0e66b59cdb0.roa (raw, json)
Hash identifier: ccieHwmJ7rzkk6WRIOXsnQmHExxB3HEdOV2aaozkjqs=
Subject key identifier: 8B:9E:CA:6D:3E:76:83:05:82:02:1A:AE:B8:B5:6C:C0:60:41:66:1A
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 48E21E5EF541449C6F775534EC407D3F4EF99517
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/07aa2549-9eea-428d-a23d-c0e66b59cdb0.roa
Signing time: Wed 30 Apr 2025 00:21:02 +0000
ROA not before: Wed 30 Apr 2025 00:21:02 +0000
ROA not after: Wed 04 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc1:8000::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 06 May 2025 18:19:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
48:e2:1e:5e:f5:41:44:9c:6f:77:55:34:ec:40:7d:3f:4e:f9:95:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Apr 30 00:21:02 2025 GMT
Not After : Jun 4 23:59:59 2025 GMT
Subject: serialNumber=381874761d1becb42182d1ba3043f8283a472636b7b3b392ddfc9f5789ebda75, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fb:8d:bf:4f:ba:4d:6f:e7:42:68:64:42:ad:3e:
dc:ea:93:e2:2d:90:00:53:0e:87:71:03:33:09:b7:
20:39:28:2a:e2:50:49:e5:79:a2:78:c5:df:49:3c:
44:84:ae:d7:8b:27:40:b6:00:be:b5:87:a1:4e:f4:
01:c0:f4:4c:68:ec:99:c5:56:22:cc:6b:74:c0:d2:
3b:96:07:68:79:b5:b0:65:6d:9b:47:3a:b1:15:fe:
72:c5:35:22:bc:80:52:5a:07:a1:ec:b0:c8:f2:dd:
fa:1f:dc:78:40:5e:27:3e:90:56:59:59:22:81:c5:
29:e1:31:5a:0b:6d:61:fe:6e:9e:c7:47:85:d6:2b:
6a:e9:7b:77:a9:a3:75:75:36:22:87:02:54:0e:c2:
a8:af:4f:11:03:96:ec:84:fc:9c:a7:e1:65:49:85:
96:de:c3:d3:b0:f9:e5:6e:09:6a:4a:2e:65:36:78:
2d:07:0a:27:d8:ec:cd:30:64:30:a4:4e:32:c2:30:
ae:80:79:1f:7f:e2:45:c3:d8:44:7a:35:6e:ab:71:
47:99:2f:43:0e:07:5e:9c:3f:9d:0b:13:c3:82:e0:
e0:61:11:1b:13:46:3b:d4:4a:eb:6a:d1:cf:f6:b9:
c1:f6:2c:87:0e:3b:84:28:d8:4d:d6:b2:6c:6f:63:
c7:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:9E:CA:6D:3E:76:83:05:82:02:1A:AE:B8:B5:6C:C0:60:41:66:1A
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/07aa2549-9eea-428d-a23d-c0e66b59cdb0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc1:8000::/38
Signature Algorithm: sha256WithRSAEncryption
6c:9c:42:fa:1b:b8:88:1e:f8:14:51:4e:63:18:6a:5b:9b:ed:
06:31:30:66:cc:07:b0:09:f8:82:15:2a:99:05:00:64:f9:f1:
42:4e:6d:1a:c8:b3:5b:c2:fb:d1:78:f9:31:97:6a:c9:ad:fe:
21:1e:11:37:6f:c7:28:62:c1:86:ed:27:26:97:98:40:6f:02:
43:3f:95:35:15:42:92:45:64:60:38:52:93:a0:76:77:f7:0e:
84:a0:e2:02:7a:b8:c8:7d:87:57:bf:0e:f2:cd:16:d9:3a:8c:
3d:23:df:63:aa:47:4a:af:b7:42:6d:ca:48:66:ba:82:d6:28:
79:93:04:9e:66:32:5d:ef:c7:ee:02:68:67:09:3c:72:b7:d1:
66:df:a0:7c:22:5f:30:42:ec:28:b1:0f:a3:2b:32:34:cb:9a:
00:f7:1a:c7:5c:44:b5:45:b9:c1:5c:76:c7:60:55:df:e9:81:
aa:d9:2c:2e:23:80:47:6d:a5:af:4e:cb:b7:93:86:be:65:f9:
55:75:f8:a0:5a:08:53:41:c0:23:03:1d:27:25:0f:73:4f:5d:
d5:9e:d2:79:64:b4:63:c3:42:23:44:19:ea:c6:a0:30:94:30:
da:52:62:cf:4e:f1:5f:c9:7e:cd:d0:2e:a3:09:5c:c5:61:47:
1f:7c:c9:c9
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUSOIeXvVBRJxvd1U07EB9P075lRcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA0MzAwMDIxMDJaFw0yNTA2MDQyMzU5NTlaMHoxSTBHBgNV
BAUTQDM4MTg3NDc2MWQxYmVjYjQyMTgyZDFiYTMwNDNmODI4M2E0NzI2MzZiN2Iz
YjM5MmRkZmM5ZjU3ODllYmRhNzUxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPuNv0+6TW/nQmhkQq0+3OqT4i2QAFMOh3EDMwm3IDkoKuJQSeV5onjF30k8
RISu14snQLYAvrWHoU70AcD0TGjsmcVWIsxrdMDSO5YHaHm1sGVtm0c6sRX+csU1
IryAUloHoeywyPLd+h/ceEBeJz6QVllZIoHFKeExWgttYf5unsdHhdYraul7d6mj
dXU2IocCVA7CqK9PEQOW7IT8nKfhZUmFlt7D07D55W4JakouZTZ4LQcKJ9jszTBk
MKROMsIwroB5H3/iRcPYRHo1bqtxR5kvQw4HXpw/nQsTw4Lg4GERGxNGO9RK62rR
z/a5wfYshw47hCjYTdaybG9jx8cCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSLnspt
PnaDBYICGq64tWzAYEFmGjAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
MDdhYTI1NDktOWVlYS00MjhkLWEyM2QtYzBlNjZiNTljZGIwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAiABP8GA
MA0GCSqGSIb3DQEBCwUAA4IBAQBsnEL6G7iIHvgUUU5jGGpbm+0GMTBmzAewCfiC
FSqZBQBk+fFCTm0ayLNbwvvRePkxl2rJrf4hHhE3b8coYsGG7Scml5hAbwJDP5U1
FUKSRWRgOFKToHZ39w6EoOICerjIfYdXvw7yzRbZOow9I99jqkdKr7dCbcpIZrqC
1ih5kwSeZjJd78fuAmhnCTxyt9Fm36B8Il8wQuwosQ+jKzI0y5oA9xrHXES1RbnB
XHbHYFXf6YGq2SwuI4BHbaWvTsu3k4a+ZflVdfigWghTQcAjAx0nJQ9zT13VntJ5
ZLRjw0IjRBnqxqAwlDDaUmLPTvFfyX7N0C6jCVzFYUcffMnJ
-----END CERTIFICATE-----
Generated at Tue May 6 01:47:00 2025 by rpki-client