Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/2a0347bc-2355-45ba-953f-4658b951cf4b.roa
File: 2a0347bc-2355-45ba-953f-4658b951cf4b.roa (raw, json)
Hash identifier: /cLXxFAuyqhnOW21UD4bNU5pCK9XmvMyBM44dIdM3f8=
Subject key identifier: 0D:00:3F:57:2B:DC:34:7D:EA:D4:31:06:C8:88:63:1D:74:AD:43:47
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 3AB4D128F0350E95443EB9A135E9F9E45DC70B4B
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/2a0347bc-2355-45ba-953f-4658b951cf4b.roa
Signing time: Wed 30 Apr 2025 00:10:59 +0000
ROA not before: Wed 30 Apr 2025 00:10:59 +0000
ROA not after: Wed 04 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc7:78c0::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 06 May 2025 01:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3a:b4:d1:28:f0:35:0e:95:44:3e:b9:a1:35:e9:f9:e4:5d:c7:0b:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Apr 30 00:10:59 2025 GMT
Not After : Jun 4 23:59:59 2025 GMT
Subject: serialNumber=bd380eb111d01b64a2fd253fd1d5b195aec6cadf784e695e87acc36cdc9479f8, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:bb:a5:94:2b:ad:95:60:4e:a9:0a:50:f7:26:
84:0b:77:65:ce:32:0c:e1:64:d0:ce:15:85:52:ee:
7a:3d:56:89:6e:5e:b2:fb:04:54:dc:ff:a5:3c:01:
34:ca:07:69:ea:34:b6:8b:dd:cc:55:e3:5b:05:4a:
21:5e:0d:41:f0:34:52:3c:f9:33:3a:bc:2d:53:02:
09:f4:e3:a5:b4:9c:e5:23:e5:94:1c:24:d6:df:92:
8e:92:aa:bf:f6:00:e6:a0:a4:a5:43:1a:89:83:4f:
1d:25:83:55:f2:3d:cb:13:83:ba:08:7e:fe:25:42:
16:48:a0:39:f5:1d:3e:cf:56:c3:ea:11:ce:ed:33:
0a:7d:e8:a5:fb:fa:7a:7c:df:d1:1d:8e:a4:c0:86:
7d:9a:a2:f9:97:93:bb:79:2e:1f:1f:33:d1:3b:4d:
58:f3:02:f0:a7:02:9b:44:39:84:2a:62:f7:03:f1:
20:b0:9b:7c:a4:74:fc:f7:6f:e1:ea:3e:82:41:c4:
c9:8b:98:f9:19:a7:a2:02:a8:05:7d:b1:8a:de:7e:
06:3b:c3:7d:52:02:17:65:b2:6b:3a:59:ad:06:43:
77:e3:7c:26:c9:39:2d:29:bd:78:bc:91:07:ef:50:
fd:7e:a4:fb:bc:53:e5:7b:90:67:88:02:eb:06:63:
83:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:00:3F:57:2B:DC:34:7D:EA:D4:31:06:C8:88:63:1D:74:AD:43:47
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/2a0347bc-2355-45ba-953f-4658b951cf4b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc7:78c0::/46
Signature Algorithm: sha256WithRSAEncryption
90:25:96:9b:2f:f7:71:c0:e5:4a:29:9a:5b:a5:f7:7c:03:96:
42:a2:a8:40:c3:d5:45:00:1d:81:16:93:b8:07:c8:75:0f:37:
95:a7:a8:a4:4d:02:a0:58:8f:a1:d5:3a:e6:f4:23:04:80:5f:
6a:48:94:bf:4d:d2:98:aa:a7:ef:de:21:5b:98:7c:e4:4e:34:
25:e1:7f:b2:e2:54:b0:b6:ab:e8:85:d2:eb:e9:ba:ef:ed:fe:
1c:e5:74:be:98:5d:09:16:b3:99:5c:0c:91:7c:3e:13:3f:92:
bb:35:08:14:50:62:3d:8a:89:ce:9f:d3:57:09:3c:72:79:c5:
7b:9f:8f:bd:b1:79:4f:7a:94:51:70:1b:69:d6:64:21:e6:c0:
27:41:61:48:e7:dd:30:c2:ce:9f:3f:91:d8:be:b7:a8:3b:cc:
c8:11:93:81:b9:e7:40:af:06:5c:d7:66:18:3c:52:03:ee:9b:
5b:f8:fe:6e:31:bd:ae:d0:a2:45:2a:ee:77:60:b1:58:55:29:
19:89:50:a3:cd:12:e2:f9:b8:4c:07:9b:d0:f9:bb:de:15:5e:
07:df:ad:4c:3e:3b:6e:90:be:b1:ac:af:64:33:9d:3e:85:74:
50:b2:fb:f0:2b:cf:04:fa:b5:8a:0b:ec:82:c7:fd:aa:1b:7e:
8d:61:63:ae
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUOrTRKPA1DpVEPrmhNen55F3HC0swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA0MzAwMDEwNTlaFw0yNTA2MDQyMzU5NTlaMHoxSTBHBgNV
BAUTQGJkMzgwZWIxMTFkMDFiNjRhMmZkMjUzZmQxZDViMTk1YWVjNmNhZGY3ODRl
Njk1ZTg3YWNjMzZjZGM5NDc5ZjgxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANS7pZQrrZVgTqkKUPcmhAt3Zc4yDOFk0M4VhVLuej1WiW5esvsEVNz/pTwB
NMoHaeo0tovdzFXjWwVKIV4NQfA0Ujz5Mzq8LVMCCfTjpbSc5SPllBwk1t+SjpKq
v/YA5qCkpUMaiYNPHSWDVfI9yxODugh+/iVCFkigOfUdPs9Ww+oRzu0zCn3opfv6
enzf0R2OpMCGfZqi+ZeTu3kuHx8z0TtNWPMC8KcCm0Q5hCpi9wPxILCbfKR0/Pdv
4eo+gkHEyYuY+RmnogKoBX2xit5+BjvDfVICF2WyazpZrQZDd+N8Jsk5LSm9eLyR
B+9Q/X6k+7xT5XuQZ4gC6wZjg6ECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQNAD9X
K9w0ferUMQbIiGMddK1DRzAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
MmEwMzQ3YmMtMjM1NS00NWJhLTk1M2YtNDY1OGI5NTFjZjRiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAiABP8d4
wDANBgkqhkiG9w0BAQsFAAOCAQEAkCWWmy/3ccDlSimaW6X3fAOWQqKoQMPVRQAd
gRaTuAfIdQ83laeopE0CoFiPodU65vQjBIBfakiUv03SmKqn794hW5h85E40JeF/
suJUsLar6IXS6+m67+3+HOV0vphdCRazmVwMkXw+Ez+SuzUIFFBiPYqJzp/TVwk8
cnnFe5+PvbF5T3qUUXAbadZkIebAJ0FhSOfdMMLOnz+R2L63qDvMyBGTgbnnQK8G
XNdmGDxSA+6bW/j+bjG9rtCiRSrud2CxWFUpGYlQo80S4vm4TAeb0Pm73hVeB9+t
TD47bpC+sayvZDOdPoV0ULL78CvPBPq1igvsgsf9qht+jWFjrg==
-----END CERTIFICATE-----
Generated at Mon May 5 08:53:01 2025 by rpki-client