Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/1d757286-8eda-42c2-aecf-19a8c013dc64.roa
File: 1d757286-8eda-42c2-aecf-19a8c013dc64.roa (raw, json)
Hash identifier: xtx+o8dDaL7p6BTSphdYzBEvGhq3IayV1vYfC7AUF/c=
Subject key identifier: 6D:25:9B:0A:BD:06:10:C9:E3:E0:71:57:46:C8:0C:53:A0:B5:20:CB
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 44CD3FFCDABBC0910370FFFD0AAE5BC7ABBBAB8E
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/1d757286-8eda-42c2-aecf-19a8c013dc64.roa
Signing time: Wed 30 Apr 2025 00:20:23 +0000
ROA not before: Wed 30 Apr 2025 00:20:23 +0000
ROA not after: Wed 04 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc1:8400::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 06 May 2025 10:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
44:cd:3f:fc:da:bb:c0:91:03:70:ff:fd:0a:ae:5b:c7:ab:bb:ab:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Apr 30 00:20:23 2025 GMT
Not After : Jun 4 23:59:59 2025 GMT
Subject: serialNumber=f01c9722f857364094e84045503bb69d69de8bcf9e6fed24745cc01e5f4329fc, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:74:a4:8f:72:a9:fe:15:f8:ff:69:cc:87:4d:
ea:fd:e9:b8:9a:b2:98:f4:b6:de:7b:3b:95:c3:50:
97:39:57:50:e2:65:ff:30:db:5c:7a:39:70:52:b0:
4f:f8:8b:e4:d8:ed:1d:cc:a2:f9:8c:fd:d3:95:b4:
58:83:45:24:cc:ff:71:77:87:2c:90:cc:e1:af:d6:
3b:1f:9b:ec:47:93:48:40:da:07:ba:74:1c:30:94:
de:94:19:54:c8:c8:b0:9c:59:72:ba:0d:1f:63:f2:
f8:cc:93:36:fa:94:39:a4:90:8b:4b:01:89:ed:98:
6d:bf:f6:10:c3:13:57:ed:75:71:07:5f:39:70:d4:
3f:be:b7:f6:ac:71:1d:aa:f2:cc:0b:33:95:5c:25:
42:29:6b:7e:f7:ad:da:14:46:aa:cd:ce:7a:78:e1:
af:e0:1e:3d:a9:50:b9:13:9e:7a:59:79:fa:32:0a:
f4:d5:42:57:04:7d:a3:8c:6f:4d:00:91:fd:b1:48:
04:ef:59:d0:11:3f:05:d9:eb:7a:fa:53:9b:84:67:
05:02:73:fa:0f:72:89:10:91:8c:1f:54:34:ff:50:
93:63:e8:88:5f:47:1f:72:e1:91:5c:ec:91:11:f6:
ba:a8:9a:53:a2:5a:d4:a3:d5:11:75:1b:46:eb:17:
54:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:25:9B:0A:BD:06:10:C9:E3:E0:71:57:46:C8:0C:53:A0:B5:20:CB
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/1d757286-8eda-42c2-aecf-19a8c013dc64.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc1:8400::/38
Signature Algorithm: sha256WithRSAEncryption
31:30:e9:03:db:ca:96:5e:28:1e:30:77:11:49:f3:1e:12:e9:
90:a7:8b:d9:68:6c:7f:63:61:15:0b:25:77:ba:b2:cf:55:b9:
02:fe:3b:f5:e1:98:b8:11:bb:d9:15:39:6a:c1:f7:4d:91:fb:
c6:c8:15:bb:65:a6:21:52:d3:29:ab:66:2c:93:2e:3b:43:b0:
39:ab:6a:f7:39:c5:3e:a2:fa:e6:47:06:6e:c0:2f:49:22:b0:
e9:d9:0f:15:32:95:87:16:69:36:4c:74:8f:6b:32:77:1f:c9:
11:ff:4d:9a:49:85:b7:56:34:da:a4:d1:b0:a8:3f:12:31:27:
55:81:39:6f:c2:ee:80:7b:8d:70:a6:17:1a:10:7e:cd:9f:0f:
2d:88:f7:f3:87:c9:5a:ab:30:35:a2:94:e1:c3:3c:89:da:49:
da:af:a5:62:81:0e:ef:05:85:35:59:6c:2c:4c:45:b4:61:55:
61:1d:30:6a:7b:78:92:2f:63:1b:65:31:be:08:b2:10:7f:ec:
45:cf:0e:0b:d1:63:d1:ff:5c:7b:04:c0:f0:ce:c0:1f:69:f4:
97:60:ee:45:92:82:26:76:95:41:f3:0a:4f:1e:77:d2:6a:fd:
2f:be:57:ca:ba:f0:1f:24:8e:48:20:12:b1:91:67:00:fc:7a:
00:9c:39:38
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIURM0//Nq7wJEDcP/9Cq5bx6u7q44wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA0MzAwMDIwMjNaFw0yNTA2MDQyMzU5NTlaMHoxSTBHBgNV
BAUTQGYwMWM5NzIyZjg1NzM2NDA5NGU4NDA0NTUwM2JiNjlkNjlkZThiY2Y5ZTZm
ZWQyNDc0NWNjMDFlNWY0MzI5ZmMxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK10pI9yqf4V+P9pzIdN6v3puJqymPS23ns7lcNQlzlXUOJl/zDbXHo5cFKw
T/iL5NjtHcyi+Yz905W0WINFJMz/cXeHLJDM4a/WOx+b7EeTSEDaB7p0HDCU3pQZ
VMjIsJxZcroNH2Py+MyTNvqUOaSQi0sBie2Ybb/2EMMTV+11cQdfOXDUP7639qxx
HaryzAszlVwlQilrfvet2hRGqs3Oenjhr+AePalQuROeell5+jIK9NVCVwR9o4xv
TQCR/bFIBO9Z0BE/BdnrevpTm4RnBQJz+g9yiRCRjB9UNP9Qk2PoiF9HH3LhkVzs
kRH2uqiaU6Ja1KPVEXUbRusXVOUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRtJZsK
vQYQyePgcVdGyAxToLUgyzAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
MWQ3NTcyODYtOGVkYS00MmMyLWFlY2YtMTlhOGMwMTNkYzY0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAiABP8GE
MA0GCSqGSIb3DQEBCwUAA4IBAQAxMOkD28qWXigeMHcRSfMeEumQp4vZaGx/Y2EV
CyV3urLPVbkC/jv14Zi4EbvZFTlqwfdNkfvGyBW7ZaYhUtMpq2Ysky47Q7A5q2r3
OcU+ovrmRwZuwC9JIrDp2Q8VMpWHFmk2THSPazJ3H8kR/02aSYW3VjTapNGwqD8S
MSdVgTlvwu6Ae41wphcaEH7Nnw8tiPfzh8laqzA1opThwzyJ2knar6VigQ7vBYU1
WWwsTEW0YVVhHTBqe3iSL2MbZTG+CLIQf+xFzw4L0WPR/1x7BMDwzsAfafSXYO5F
koImdpVB8wpPHnfSav0vvlfKuvAfJI5IIBKxkWcA/HoAnDk4
-----END CERTIFICATE-----
Generated at Mon May 5 18:58:46 2025 by rpki-client