Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/215a2c9b-4dc1-48db-846e-de75149ba3ec.roa
File: 215a2c9b-4dc1-48db-846e-de75149ba3ec.roa (raw, json)
Hash identifier: if6KACh21NpHwgjQP6WlCU5jqCyEE3RnrSq09sKQ+mE=
Subject key identifier: 2C:7F:A1:C8:CA:2C:D4:76:8E:3A:EC:F3:20:72:09:F4:4E:4C:5C:A1
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 74C5B4E9F34E3B75B0EA7B4C76AADD704A863877
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/215a2c9b-4dc1-48db-846e-de75149ba3ec.roa
Signing time: Wed 30 Apr 2025 00:21:10 +0000
ROA not before: Wed 30 Apr 2025 00:21:10 +0000
ROA not after: Wed 04 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc2::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 06 May 2025 18:19:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
74:c5:b4:e9:f3:4e:3b:75:b0:ea:7b:4c:76:aa:dd:70:4a:86:38:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Apr 30 00:21:10 2025 GMT
Not After : Jun 4 23:59:59 2025 GMT
Subject: serialNumber=b56ff8f3437c11ba3ad25cdc4f960a1fb4f3322a89d6c5de44116923b91cb444, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:4f:72:c7:0d:8b:19:aa:a4:e2:6b:97:fd:0b:
55:22:17:73:ab:09:e9:6b:cb:bc:ed:e0:db:17:63:
84:12:86:cb:9f:47:b2:28:6e:10:f1:6c:08:3c:ab:
76:71:de:f1:ce:94:aa:f3:6a:3c:30:47:44:9b:d9:
c5:e5:b5:9c:71:c9:66:23:56:64:a5:9e:20:3f:0c:
9c:17:81:18:1c:20:77:0b:d8:ee:0e:16:4c:e5:f5:
13:a2:d9:62:c4:b5:e4:e3:61:36:c5:1d:e3:1d:f5:
37:25:d8:cc:70:13:84:65:ab:28:6e:c3:9b:ba:06:
fa:10:35:9f:16:e4:eb:05:fd:af:1e:bc:a6:86:d1:
88:40:f0:0f:57:e1:57:a0:c2:17:e3:e8:b9:80:db:
40:51:23:91:af:d2:51:0e:4a:49:98:8a:75:79:e4:
b1:60:75:44:7f:ca:71:51:a9:0c:1e:10:8d:6b:7c:
c2:9b:e0:d8:6c:ce:f7:07:91:bc:58:aa:dc:ad:5a:
48:cf:bb:53:6a:fb:ce:81:e4:2c:bd:d5:9e:8f:4d:
cc:6a:4e:fb:97:d4:8f:74:c9:0f:8b:06:f2:c5:48:
7b:06:b5:75:7c:d2:51:e3:3b:58:fe:0e:fb:27:15:
5a:c5:9d:72:2a:d2:fa:c5:bb:32:a1:12:ce:78:e3:
02:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:7F:A1:C8:CA:2C:D4:76:8E:3A:EC:F3:20:72:09:F4:4E:4C:5C:A1
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/215a2c9b-4dc1-48db-846e-de75149ba3ec.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc2::/32
Signature Algorithm: sha256WithRSAEncryption
2f:5b:fc:e2:a6:d9:00:01:17:a8:0c:cc:6c:8f:2b:a1:4b:c5:
fb:64:31:47:5e:25:f4:00:11:8e:30:9b:a3:5b:d6:30:7d:df:
0c:85:42:12:00:54:f2:c9:bc:3d:00:50:cb:55:54:c5:a6:7c:
ea:12:3b:85:20:ab:fe:6e:a9:2e:e7:4a:f5:72:d3:9a:07:a5:
90:ab:f6:65:67:38:1a:0b:ce:89:58:7a:b5:e7:57:61:d7:7b:
1f:85:cd:82:1a:3d:80:39:f8:eb:46:0e:d4:20:21:11:a1:f5:
68:77:fc:62:00:a2:52:2d:d1:c1:32:7a:6c:ca:dd:38:05:79:
38:74:1d:5d:d3:db:4e:76:23:f4:eb:b7:41:2b:ff:06:b6:5c:
62:bb:ab:ee:53:3d:af:ba:9b:93:a7:42:85:d9:9a:1c:66:88:
32:fb:06:d4:fa:4c:7f:d5:60:51:f1:4c:03:21:bb:cf:8e:71:
ea:df:dc:30:60:6d:77:ca:ff:33:d6:fe:b5:ba:c3:9b:9a:11:
f8:ae:50:71:12:4e:44:6e:87:62:a1:35:f0:6a:64:66:a8:fc:
9a:26:ff:10:5f:8d:bf:d2:dc:63:ae:5c:88:80:96:c9:4c:2a:
8f:71:f3:82:ec:35:5e:bc:c2:d3:4e:3f:65:90:5a:94:24:ae:
d4:8e:07:89
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgIUdMW06fNOO3Ww6ntMdqrdcEqGOHcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA0MzAwMDIxMTBaFw0yNTA2MDQyMzU5NTlaMHoxSTBHBgNV
BAUTQGI1NmZmOGYzNDM3YzExYmEzYWQyNWNkYzRmOTYwYTFmYjRmMzMyMmE4OWQ2
YzVkZTQ0MTE2OTIzYjkxY2I0NDQxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALNPcscNixmqpOJrl/0LVSIXc6sJ6WvLvO3g2xdjhBKGy59HsihuEPFsCDyr
dnHe8c6UqvNqPDBHRJvZxeW1nHHJZiNWZKWeID8MnBeBGBwgdwvY7g4WTOX1E6LZ
YsS15ONhNsUd4x31NyXYzHAThGWrKG7Dm7oG+hA1nxbk6wX9rx68pobRiEDwD1fh
V6DCF+PouYDbQFEjka/SUQ5KSZiKdXnksWB1RH/KcVGpDB4QjWt8wpvg2GzO9weR
vFiq3K1aSM+7U2r7zoHkLL3Vno9NzGpO+5fUj3TJD4sG8sVIewa1dXzSUeM7WP4O
+ycVWsWdcirS+sW7MqESznjjAt0CAwEAAaOCAiIwggIeMB0GA1UdDgQWBBQsf6HI
yizUdo467PMgcgn0TkxcoTAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
MjE1YTJjOWItNGRjMS00OGRiLTg0NmUtZGU3NTE0OWJhM2VjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACABP8Iw
DQYJKoZIhvcNAQELBQADggEBAC9b/OKm2QABF6gMzGyPK6FLxftkMUdeJfQAEY4w
m6Nb1jB93wyFQhIAVPLJvD0AUMtVVMWmfOoSO4Ugq/5uqS7nSvVy05oHpZCr9mVn
OBoLzolYerXnV2HXex+FzYIaPYA5+OtGDtQgIRGh9Wh3/GIAolIt0cEyemzK3TgF
eTh0HV3T2052I/Trt0Er/wa2XGK7q+5TPa+6m5OnQoXZmhxmiDL7BtT6TH/VYFHx
TAMhu8+Ocerf3DBgbXfK/zPW/rW6w5uaEfiuUHESTkRuh2KhNfBqZGao/Jom/xBf
jb/S3GOuXIiAlslMKo9x84LsNV68wtNOP2WQWpQkrtSOB4k=
-----END CERTIFICATE-----
Generated at Mon May 5 21:01:19 2025 by rpki-client