Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/2b3faf28-e8b7-4e39-99e4-e3cb6577dafb.roa
File: 2b3faf28-e8b7-4e39-99e4-e3cb6577dafb.roa (raw, json)
Hash identifier: VisTnf/RybKe9fZl6X1jH3Y4Jm0At+mHWFIuaWnyYnM=
Subject key identifier: D0:88:9F:8C:08:D0:A1:9F:01:E9:A2:1E:77:18:13:6D:09:7A:0E:81
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 0504CDA0A8B18EAE97995A023CD9B3E3459355C0
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/2b3faf28-e8b7-4e39-99e4-e3cb6577dafb.roa
Signing time: Wed 30 Apr 2025 00:21:06 +0000
ROA not before: Wed 30 Apr 2025 00:21:06 +0000
ROA not after: Wed 04 Jun 2025 23:59:59 +0000
asID: 14618
IP address blocks: 2001:3fc4::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 07 May 2025 04:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
05:04:cd:a0:a8:b1:8e:ae:97:99:5a:02:3c:d9:b3:e3:45:93:55:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Apr 30 00:21:06 2025 GMT
Not After : Jun 4 23:59:59 2025 GMT
Subject: serialNumber=9037d667022b7a46b219a004e1f80822fdbbc9b1be7597a79ad928f961eb5f27, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:ed:9a:86:ea:23:13:4d:03:cb:b1:84:f8:fb:
fa:9e:dc:03:11:96:f4:00:a4:53:bb:39:98:b8:b8:
93:b3:02:23:dd:2b:ed:f2:f9:11:a9:a9:d7:f1:cf:
d7:8f:2d:81:fd:f0:80:56:4c:25:d0:59:30:2f:66:
33:10:25:f2:a5:55:e9:6b:15:8b:db:75:10:93:54:
42:54:63:4c:13:4c:47:d3:0b:63:8a:03:5d:d3:cb:
34:6e:cc:bc:7b:4f:8d:80:43:8d:f3:97:38:98:2f:
65:2d:f5:36:b5:c2:fa:0e:4c:61:c3:5f:99:7f:64:
45:67:4c:b4:ca:47:b0:31:e1:d4:06:df:af:a6:1b:
e5:93:52:eb:1e:e5:55:21:91:4f:2b:a6:a7:8a:03:
b7:9a:0f:f0:85:d8:b7:db:bd:c6:c2:d4:ef:7c:c8:
ed:f9:b8:83:ad:65:09:83:74:d3:18:df:98:a4:f6:
25:4f:67:84:0a:92:ad:e1:ef:5d:fc:ee:81:1b:35:
fd:0a:3c:84:8a:a1:24:84:79:cf:7f:b8:1c:03:e1:
57:83:88:7a:68:7f:16:79:ad:68:e4:fa:7f:c4:ba:
5b:7f:60:5c:6f:08:92:42:65:b5:68:23:99:fe:8f:
6c:90:23:34:e9:47:a8:90:ae:21:26:1c:53:9c:09:
93:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:88:9F:8C:08:D0:A1:9F:01:E9:A2:1E:77:18:13:6D:09:7A:0E:81
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/2b3faf28-e8b7-4e39-99e4-e3cb6577dafb.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc4::/36
Signature Algorithm: sha256WithRSAEncryption
87:39:a2:0a:8e:5d:3c:47:ce:84:8e:2a:e5:dd:38:76:0c:41:
69:84:18:01:18:a7:02:63:53:7d:68:5d:07:75:3a:70:ed:48:
32:e3:eb:e4:c5:0a:a6:c4:00:93:94:6b:a2:b6:f6:06:61:aa:
ad:ca:de:fb:15:80:97:26:c6:83:78:c7:6a:50:04:a7:61:18:
b9:b4:34:a8:79:a0:04:f0:ee:80:df:f1:cb:79:b8:05:c7:b2:
98:44:9a:a5:52:1f:43:10:46:88:bc:b8:36:ab:d7:45:0b:e6:
9c:4b:42:d0:05:3e:3e:39:9f:ea:37:3a:58:56:7a:4c:6d:6b:
0d:2e:01:b7:59:6e:09:5d:fd:de:3f:65:c6:8c:c0:69:9d:87:
2a:51:33:de:49:99:10:2d:5b:46:a4:4b:a2:66:c4:b8:6e:6f:
1e:75:2d:4f:cc:f7:df:64:0e:86:af:38:14:cb:14:77:5a:c3:
01:7d:13:c2:89:70:70:9d:3a:67:d0:b0:21:26:7d:53:20:6a:
2d:05:81:54:bb:38:07:43:95:9f:a4:c0:33:f5:f2:7a:f3:4f:
2e:33:98:92:15:12:19:fa:cc:e2:17:ed:00:bf:6d:4b:eb:a6:
36:da:fc:22:a1:d5:b6:41:c7:01:62:40:13:b1:df:32:34:44:
26:3c:aa:b1
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUBQTNoKixjq6XmVoCPNmz40WTVcAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA0MzAwMDIxMDZaFw0yNTA2MDQyMzU5NTlaMHoxSTBHBgNV
BAUTQDkwMzdkNjY3MDIyYjdhNDZiMjE5YTAwNGUxZjgwODIyZmRiYmM5YjFiZTc1
OTdhNzlhZDkyOGY5NjFlYjVmMjcxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJvtmobqIxNNA8uxhPj7+p7cAxGW9ACkU7s5mLi4k7MCI90r7fL5Eamp1/HP
148tgf3wgFZMJdBZMC9mMxAl8qVV6WsVi9t1EJNUQlRjTBNMR9MLY4oDXdPLNG7M
vHtPjYBDjfOXOJgvZS31NrXC+g5MYcNfmX9kRWdMtMpHsDHh1Abfr6Yb5ZNS6x7l
VSGRTyump4oDt5oP8IXYt9u9xsLU73zI7fm4g61lCYN00xjfmKT2JU9nhAqSreHv
XfzugRs1/Qo8hIqhJIR5z3+4HAPhV4OIemh/FnmtaOT6f8S6W39gXG8IkkJltWgj
mf6PbJAjNOlHqJCuISYcU5wJk8kCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTQiJ+M
CNChnwHpoh53GBNtCXoOgTAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
MmIzZmFmMjgtZThiNy00ZTM5LTk5ZTQtZTNjYjY1NzdkYWZiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCABP8QA
MA0GCSqGSIb3DQEBCwUAA4IBAQCHOaIKjl08R86Ejirl3Th2DEFphBgBGKcCY1N9
aF0HdTpw7Ugy4+vkxQqmxACTlGuitvYGYaqtyt77FYCXJsaDeMdqUASnYRi5tDSo
eaAE8O6A3/HLebgFx7KYRJqlUh9DEEaIvLg2q9dFC+acS0LQBT4+OZ/qNzpYVnpM
bWsNLgG3WW4JXf3eP2XGjMBpnYcqUTPeSZkQLVtGpEuiZsS4bm8edS1PzPffZA6G
rzgUyxR3WsMBfRPCiXBwnTpn0LAhJn1TIGotBYFUuzgHQ5WfpMAz9fJ6808uM5iS
FRIZ+sziF+0Av21L66Y22vwiodW2QccBYkATsd8yNEQmPKqx
-----END CERTIFICATE-----
Generated at Tue May 6 14:05:05 2025 by rpki-client