Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/13e0b0a3-49b4-4990-a108-1beddb3a18bc.roa
File: 13e0b0a3-49b4-4990-a108-1beddb3a18bc.roa (raw, json)
Hash identifier: ACRPn1BNTdnsdMzU8kxf/P/xAKyQb9oF0zlaLp9g17c=
Subject key identifier: 08:B3:4E:DE:36:85:54:6D:01:B5:50:B2:D4:18:D1:CC:61:7E:34:BD
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 282337BC24B51D72C6A6E1E253251DA487B4CD89
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/13e0b0a3-49b4-4990-a108-1beddb3a18bc.roa
Signing time: Wed 30 Apr 2025 00:10:34 +0000
ROA not before: Wed 30 Apr 2025 00:10:34 +0000
ROA not after: Wed 04 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc7:28c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 06 May 2025 01:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
28:23:37:bc:24:b5:1d:72:c6:a6:e1:e2:53:25:1d:a4:87:b4:cd:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Apr 30 00:10:34 2025 GMT
Not After : Jun 4 23:59:59 2025 GMT
Subject: serialNumber=5758f7617f1d1274e15f42444fc174c4bed6485eb7846f8af0f702fd0a53a296, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:cb:79:3c:d6:90:d0:c8:4b:73:32:42:18:12:
b2:b7:76:08:52:9d:64:c5:1f:90:8c:f6:44:71:6c:
2d:b5:33:28:7b:1b:9f:cb:b9:a3:25:96:cd:48:0c:
fb:0e:54:14:98:87:51:e1:5d:c3:e3:84:f0:f0:50:
e5:f9:db:88:f9:f3:3d:ff:8d:fe:3c:95:76:4f:20:
37:64:15:4b:10:50:83:a1:97:b5:88:73:b2:5a:85:
c1:53:cf:7c:3e:ce:24:c9:d5:af:60:48:aa:11:4e:
bb:62:c7:c3:ab:28:dd:f4:27:12:49:87:c4:b7:3b:
9d:30:6b:46:6c:f7:f1:c7:46:71:34:f5:ef:5b:e9:
01:8e:ad:d5:29:48:53:50:be:b0:83:9b:6e:06:2d:
a2:9c:55:9d:c3:0c:31:6a:2c:5e:3b:52:2c:a7:44:
4c:11:65:11:ec:0f:c4:02:4c:4e:1c:a3:37:96:fb:
48:78:29:63:9a:4a:a1:53:52:e5:57:c3:5e:1b:44:
22:ed:c1:1c:05:6b:a7:85:38:55:b7:6c:9f:5d:7a:
49:66:f0:6a:cf:3c:a6:7b:47:de:42:75:cd:45:cf:
bd:f7:8f:ea:ad:26:6f:d6:eb:0d:a3:bf:b0:71:af:
9a:fe:48:bf:be:93:7e:24:f6:73:3d:7c:9c:3e:a7:
db:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:B3:4E:DE:36:85:54:6D:01:B5:50:B2:D4:18:D1:CC:61:7E:34:BD
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/13e0b0a3-49b4-4990-a108-1beddb3a18bc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc7:28c0::/48
Signature Algorithm: sha256WithRSAEncryption
06:46:d2:4b:84:75:2b:26:a9:a5:d8:19:af:6e:b5:33:43:a7:
a7:0c:2c:ea:9e:58:8a:1f:fd:5c:10:78:8d:d2:1a:45:65:88:
bb:b0:54:47:48:a3:d2:05:b8:17:ec:6e:d8:86:a2:12:c1:55:
73:1d:95:19:a9:11:f2:d8:02:52:e4:b1:49:97:28:a5:b1:09:
e5:de:a3:12:f1:2a:e8:ec:5d:20:18:bf:6c:24:21:16:0f:85:
e7:b0:f0:75:f5:fd:71:30:24:40:fc:d1:c2:a5:a7:90:db:07:
c1:cd:1a:4f:f9:08:1f:4d:98:27:0b:4a:bb:de:26:6c:c2:84:
b6:5f:5e:4f:95:7f:12:41:9e:5c:ef:14:b3:f6:5c:8e:3f:40:
7c:c4:14:c3:12:93:1e:16:77:28:57:12:df:dc:7d:55:d2:7a:
1b:03:c7:f4:de:8d:0f:13:68:19:fb:e0:73:b0:0d:23:c5:2a:
0e:ee:e8:6e:2a:df:0d:79:4d:76:96:c4:a3:fa:d0:21:ab:3d:
fb:75:b5:44:fd:ac:3f:82:89:ac:25:45:59:c3:ba:80:71:48:
f6:b5:1a:3a:6b:11:e7:f0:f6:f4:bc:55:29:20:3e:e4:fa:05:
e9:cc:bf:df:02:31:71:9f:a3:86:95:4f:17:26:6a:38:ea:20:
80:af:b5:7a
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUKCM3vCS1HXLGpuHiUyUdpIe0zYkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA0MzAwMDEwMzRaFw0yNTA2MDQyMzU5NTlaMHoxSTBHBgNV
BAUTQDU3NThmNzYxN2YxZDEyNzRlMTVmNDI0NDRmYzE3NGM0YmVkNjQ4NWViNzg0
NmY4YWYwZjcwMmZkMGE1M2EyOTYxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMrLeTzWkNDIS3MyQhgSsrd2CFKdZMUfkIz2RHFsLbUzKHsbn8u5oyWWzUgM
+w5UFJiHUeFdw+OE8PBQ5fnbiPnzPf+N/jyVdk8gN2QVSxBQg6GXtYhzslqFwVPP
fD7OJMnVr2BIqhFOu2LHw6so3fQnEkmHxLc7nTBrRmz38cdGcTT171vpAY6t1SlI
U1C+sIObbgYtopxVncMMMWosXjtSLKdETBFlEewPxAJMThyjN5b7SHgpY5pKoVNS
5VfDXhtEIu3BHAVrp4U4Vbdsn116SWbwas88pntH3kJ1zUXPvfeP6q0mb9brDaO/
sHGvmv5Iv76TfiT2cz18nD6n2/8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQIs07e
NoVUbQG1ULLUGNHMYX40vTAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
MTNlMGIwYTMtNDliNC00OTkwLWExMDgtMWJlZGRiM2ExOGJjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACABP8co
wDANBgkqhkiG9w0BAQsFAAOCAQEABkbSS4R1KyappdgZr261M0Onpwws6p5Yih/9
XBB4jdIaRWWIu7BUR0ij0gW4F+xu2IaiEsFVcx2VGakR8tgCUuSxSZcopbEJ5d6j
EvEq6OxdIBi/bCQhFg+F57DwdfX9cTAkQPzRwqWnkNsHwc0aT/kIH02YJwtKu94m
bMKEtl9eT5V/EkGeXO8Us/Zcjj9AfMQUwxKTHhZ3KFcS39x9VdJ6GwPH9N6NDxNo
Gfvgc7ANI8UqDu7obirfDXlNdpbEo/rQIas9+3W1RP2sP4KJrCVFWcO6gHFI9rUa
OmsR5/D29LxVKSA+5PoF6cy/3wIxcZ+jhpVPFyZqOOoggK+1eg==
-----END CERTIFICATE-----
Generated at Mon May 5 10:50:33 2025 by rpki-client