Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/2a82b03e-517c-4a81-96ab-2cf6049a7f3d.roa
File: 2a82b03e-517c-4a81-96ab-2cf6049a7f3d.roa (raw, json)
Hash identifier: nGRN0YYDyPKVZZ8fxLMJFHVNEW37IPUF89Npb6uDTGo=
Subject key identifier: 42:93:CE:41:E5:E9:B7:D4:05:4B:BA:22:60:41:A4:98:22:CA:D5:2E
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 6C465F03E64CCD6606C4B2E267AEBE2D51721B5E
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/2a82b03e-517c-4a81-96ab-2cf6049a7f3d.roa
Signing time: Wed 30 Apr 2025 00:20:17 +0000
ROA not before: Wed 30 Apr 2025 00:20:17 +0000
ROA not after: Wed 04 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc3:6800::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 06 May 2025 01:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6c:46:5f:03:e6:4c:cd:66:06:c4:b2:e2:67:ae:be:2d:51:72:1b:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Apr 30 00:20:17 2025 GMT
Not After : Jun 4 23:59:59 2025 GMT
Subject: serialNumber=e321a85e47cdcb60b78117682ca31fa1806d150473628f6331b528d0a949c87a, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:a5:2d:b8:cd:ae:54:9b:cd:bc:50:64:22:a8:
73:39:2e:eb:42:19:1d:11:5c:f8:9b:e3:65:b4:1d:
ec:25:54:3d:e1:44:93:46:fc:ad:97:0b:0c:68:fd:
ae:ce:ae:d6:82:34:67:50:38:34:57:f7:ff:f7:b1:
38:37:d3:c2:e6:07:36:53:e9:27:c9:d3:09:61:11:
e1:f0:3d:4f:71:31:65:aa:22:f7:56:cb:22:21:69:
60:6f:24:0c:b0:af:da:31:3e:b6:c4:54:6a:8f:36:
f6:6b:a1:3c:78:75:77:2d:b1:0b:1f:0a:04:69:41:
ab:82:41:3a:7d:68:93:9e:3f:3a:c4:22:d8:c8:d3:
88:5a:42:4c:82:a6:a8:d8:19:b9:17:31:2d:84:dd:
72:56:20:e9:24:41:e8:b8:d7:87:d2:2f:34:8d:b1:
79:7c:91:50:7d:d2:4d:39:9f:3d:93:0a:64:a4:14:
a8:d9:97:6e:66:7a:02:69:e6:58:7e:47:c1:71:e3:
c2:89:fb:f8:22:6b:c8:57:47:e7:bf:aa:56:a7:88:
bb:b5:ca:5e:05:de:45:5e:54:2b:ab:6e:8b:c5:be:
e3:ad:3d:68:71:84:a9:cb:01:2c:23:ea:5a:de:5d:
89:4a:2b:7c:50:96:24:ac:a0:b9:c5:31:40:2b:df:
50:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:93:CE:41:E5:E9:B7:D4:05:4B:BA:22:60:41:A4:98:22:CA:D5:2E
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/2a82b03e-517c-4a81-96ab-2cf6049a7f3d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc3:6800::/40
Signature Algorithm: sha256WithRSAEncryption
94:ca:a4:7e:4b:66:c5:97:dd:07:fc:13:5f:90:04:83:f0:28:
d0:80:af:ca:38:f2:39:a7:1e:ca:f7:6c:e0:e8:c2:50:81:91:
82:42:d2:91:6e:e6:a8:52:27:5c:19:00:6b:45:96:14:94:4b:
1a:ee:d6:99:db:90:46:49:36:85:2e:fc:bf:22:92:eb:eb:02:
1f:1e:d2:2e:bc:ca:43:6a:9f:7a:b6:2d:b3:5f:54:f6:ba:ea:
60:05:f3:b5:9d:84:11:b8:2f:c5:aa:d1:4a:a7:2d:a7:57:f5:
bb:dc:bc:8a:14:7b:fd:89:54:3f:c1:c2:ca:23:a0:33:84:7e:
75:80:a3:e9:61:a2:ab:a3:9d:9e:96:83:0e:9f:73:60:b8:88:
c4:8e:9c:94:96:d5:f2:73:43:75:75:68:7f:5b:9a:54:fc:e8:
c1:0f:49:6b:18:a7:8e:ec:9f:43:08:3e:4e:41:11:7c:c3:d4:
30:ff:78:30:1c:cd:cf:5c:6e:e8:19:68:44:75:01:95:d3:46:
4d:a5:ce:ba:30:21:24:47:9d:e0:4a:51:70:ea:b4:7d:e7:d5:
4e:a7:35:f9:0c:14:1a:cd:94:4d:b9:c4:ba:17:67:85:06:55:
22:51:e8:9e:0d:c3:90:75:c0:16:42:ec:10:bd:5e:18:6c:8b:
41:45:69:3c
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUbEZfA+ZMzWYGxLLiZ66+LVFyG14wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA0MzAwMDIwMTdaFw0yNTA2MDQyMzU5NTlaMHoxSTBHBgNV
BAUTQGUzMjFhODVlNDdjZGNiNjBiNzgxMTc2ODJjYTMxZmExODA2ZDE1MDQ3MzYy
OGY2MzMxYjUyOGQwYTk0OWM4N2ExLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK6lLbjNrlSbzbxQZCKoczku60IZHRFc+JvjZbQd7CVUPeFEk0b8rZcLDGj9
rs6u1oI0Z1A4NFf3//exODfTwuYHNlPpJ8nTCWER4fA9T3ExZaoi91bLIiFpYG8k
DLCv2jE+tsRUao829muhPHh1dy2xCx8KBGlBq4JBOn1ok54/OsQi2MjTiFpCTIKm
qNgZuRcxLYTdclYg6SRB6LjXh9IvNI2xeXyRUH3STTmfPZMKZKQUqNmXbmZ6Amnm
WH5HwXHjwon7+CJryFdH57+qVqeIu7XKXgXeRV5UK6tui8W+4609aHGEqcsBLCPq
Wt5diUorfFCWJKygucUxQCvfUEMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRCk85B
5em31AVLuiJgQaSYIsrVLjAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
MmE4MmIwM2UtNTE3Yy00YTgxLTk2YWItMmNmNjA0OWE3ZjNkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACABP8No
MA0GCSqGSIb3DQEBCwUAA4IBAQCUyqR+S2bFl90H/BNfkASD8CjQgK/KOPI5px7K
92zg6MJQgZGCQtKRbuaoUidcGQBrRZYUlEsa7taZ25BGSTaFLvy/IpLr6wIfHtIu
vMpDap96ti2zX1T2uupgBfO1nYQRuC/FqtFKpy2nV/W73LyKFHv9iVQ/wcLKI6Az
hH51gKPpYaKro52eloMOn3NguIjEjpyUltXyc0N1dWh/W5pU/OjBD0lrGKeO7J9D
CD5OQRF8w9Qw/3gwHM3PXG7oGWhEdQGV00ZNpc66MCEkR53gSlFw6rR959VOpzX5
DBQazZRNucS6F2eFBlUiUeieDcOQdcAWQuwQvV4YbItBRWk8
-----END CERTIFICATE-----
Generated at Mon May 5 10:37:16 2025 by rpki-client