Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/1ae9d8b2-218c-4376-936d-185032ce890b.roa
File: 1ae9d8b2-218c-4376-936d-185032ce890b.roa (raw, json)
Hash identifier: mmvD6uW8+So6I9VPN4Cd0K6cyOLENq+8OMP3nh8snYY=
Subject key identifier: 12:A4:C4:90:41:ED:9D:EC:09:0A:20:D7:AB:50:EF:01:43:7C:17:4E
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 2BE25394AC0C4D49B35B8F5B3297A34B990AA63A
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/1ae9d8b2-218c-4376-936d-185032ce890b.roa
Signing time: Wed 30 Apr 2025 00:10:43 +0000
ROA not before: Wed 30 Apr 2025 00:10:43 +0000
ROA not after: Wed 04 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc7:f840::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 06 May 2025 10:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2b:e2:53:94:ac:0c:4d:49:b3:5b:8f:5b:32:97:a3:4b:99:0a:a6:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Apr 30 00:10:43 2025 GMT
Not After : Jun 4 23:59:59 2025 GMT
Subject: serialNumber=5095d57a47a8809837b18cb8b60e1b3937e060821104ae5a6df2f9512a8e3a7c, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:01:2f:b0:61:de:f8:b6:3f:aa:12:2a:71:75:
27:cc:ae:78:57:7f:7a:1c:a5:62:db:f6:7f:9c:da:
af:18:65:2c:be:93:c7:66:3d:63:f2:54:eb:03:45:
da:21:ef:8f:4a:9c:40:7f:86:4c:f7:39:57:57:db:
6f:95:5d:bb:04:f9:fc:73:7b:24:07:fe:60:57:35:
ec:7a:dd:be:28:9f:81:5d:55:33:c9:87:d3:6a:3e:
eb:74:23:e4:54:ca:06:d8:88:83:e7:6c:a1:1d:6c:
99:1f:d3:a4:0a:9f:26:51:8a:f7:c1:54:9a:08:6c:
67:65:f6:1a:d3:5c:8e:96:bb:1e:04:07:30:40:d2:
4e:12:b7:55:3c:41:b8:f3:20:6c:87:2f:18:20:aa:
67:4c:d2:46:e2:63:41:3e:b9:ec:4a:eb:be:1e:ed:
c2:85:cd:1f:cc:72:d5:46:ab:0b:42:a4:2c:ab:c5:
ed:65:68:0c:fb:6f:50:53:b5:b0:c0:bc:32:a7:6d:
9f:41:b9:70:9d:15:e2:3f:7e:ae:24:d6:9e:e7:a9:
73:7f:c9:5e:d8:61:25:a2:2f:c2:b2:84:09:2a:43:
30:9a:22:c8:6d:2e:60:e5:34:78:8b:0a:8c:ed:2a:
6b:23:23:58:69:3f:66:b3:78:08:1f:d3:20:64:41:
49:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:A4:C4:90:41:ED:9D:EC:09:0A:20:D7:AB:50:EF:01:43:7C:17:4E
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/1ae9d8b2-218c-4376-936d-185032ce890b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc7:f840::/48
Signature Algorithm: sha256WithRSAEncryption
66:0a:fb:53:52:52:90:13:67:65:49:21:dc:19:22:d9:c3:63:
5a:52:0d:86:7f:81:86:c8:45:5d:2e:09:87:f9:48:06:4f:90:
4d:ee:04:a0:f2:9f:c5:14:e3:e5:07:47:8a:91:d9:3f:9a:e4:
79:e7:f0:c9:23:23:8d:cf:cd:d0:5e:23:01:41:53:bd:d7:80:
d3:f1:25:6d:46:69:a6:ed:a4:0f:cf:37:91:f3:92:53:2a:8f:
5d:24:c0:af:f2:bd:9b:ef:bc:ab:16:d3:ce:ef:4c:a8:a3:82:
26:b4:7f:a8:66:6a:1f:bd:7c:8a:a5:bf:00:13:e7:84:c0:07:
13:35:ca:93:bc:83:d8:8f:20:89:e4:fc:f7:69:ba:06:df:60:
32:72:52:b5:99:44:ce:9c:96:3d:8f:7c:b6:3b:87:52:3e:32:
ee:7e:5f:45:f1:f4:4d:98:ea:c3:5b:bc:03:48:e3:18:9c:ea:
31:42:23:89:38:6c:63:da:25:0a:31:08:6d:82:25:36:ec:29:
ae:71:96:f1:85:ef:68:6c:4e:05:0a:8d:d3:84:a5:dd:98:17:
f9:bb:cf:39:cb:43:83:aa:21:c8:43:5c:22:66:6e:b4:05:4b:
45:56:b5:74:1d:4b:3e:d0:10:6e:ba:e1:9f:ca:d1:da:66:c2:
18:c1:c3:e3
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUK+JTlKwMTUmzW49bMpejS5kKpjowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA0MzAwMDEwNDNaFw0yNTA2MDQyMzU5NTlaMHoxSTBHBgNV
BAUTQDUwOTVkNTdhNDdhODgwOTgzN2IxOGNiOGI2MGUxYjM5MzdlMDYwODIxMTA0
YWU1YTZkZjJmOTUxMmE4ZTNhN2MxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJYBL7Bh3vi2P6oSKnF1J8yueFd/ehylYtv2f5zarxhlLL6Tx2Y9Y/JU6wNF
2iHvj0qcQH+GTPc5V1fbb5VduwT5/HN7JAf+YFc17HrdviifgV1VM8mH02o+63Qj
5FTKBtiIg+dsoR1smR/TpAqfJlGK98FUmghsZ2X2GtNcjpa7HgQHMEDSThK3VTxB
uPMgbIcvGCCqZ0zSRuJjQT657Errvh7twoXNH8xy1UarC0KkLKvF7WVoDPtvUFO1
sMC8Mqdtn0G5cJ0V4j9+riTWnuepc3/JXthhJaIvwrKECSpDMJoiyG0uYOU0eIsK
jO0qayMjWGk/ZrN4CB/TIGRBSfMCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQSpMSQ
Qe2d7AkKINerUO8BQ3wXTjAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
MWFlOWQ4YjItMjE4Yy00Mzc2LTkzNmQtMTg1MDMyY2U4OTBiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACABP8f4
QDANBgkqhkiG9w0BAQsFAAOCAQEAZgr7U1JSkBNnZUkh3Bki2cNjWlINhn+BhshF
XS4Jh/lIBk+QTe4EoPKfxRTj5QdHipHZP5rkeefwySMjjc/N0F4jAUFTvdeA0/El
bUZppu2kD883kfOSUyqPXSTAr/K9m++8qxbTzu9MqKOCJrR/qGZqH718iqW/ABPn
hMAHEzXKk7yD2I8gieT892m6Bt9gMnJStZlEzpyWPY98tjuHUj4y7n5fRfH0TZjq
w1u8A0jjGJzqMUIjiThsY9olCjEIbYIlNuwprnGW8YXvaGxOBQqN04Sl3ZgX+bvP
OctDg6ohyENcImZutAVLRVa1dB1LPtAQbrrhn8rR2mbCGMHD4w==
-----END CERTIFICATE-----
Generated at Mon May 5 13:34:08 2025 by rpki-client