Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/336f8390-241d-4b6f-9822-91232dc553f3.roa
File: 336f8390-241d-4b6f-9822-91232dc553f3.roa (raw, json)
Hash identifier: HXvbpIk59StbQuaDuYUEHje1b+57i6k59fN/Tk/ux2U=
Subject key identifier: B2:20:4C:5C:0A:BD:77:A4:FA:6E:31:4C:97:2A:A7:AD:84:1B:C3:CF
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 4BDB5720879BBA597BE7ED6CBAC7A51E903506A2
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/336f8390-241d-4b6f-9822-91232dc553f3.roa
Signing time: Wed 30 Apr 2025 00:20:06 +0000
ROA not before: Wed 30 Apr 2025 00:20:06 +0000
ROA not after: Wed 04 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc7:6800::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 06 May 2025 01:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4b:db:57:20:87:9b:ba:59:7b:e7:ed:6c:ba:c7:a5:1e:90:35:06:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Apr 30 00:20:06 2025 GMT
Not After : Jun 4 23:59:59 2025 GMT
Subject: serialNumber=d1eed5ec67f0fedac6b3394ecab315f9a3b843f1238716af723512de33a1db28, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:20:7b:c9:aa:13:16:bb:73:19:7e:57:56:5b:
27:2d:f8:69:ba:68:d4:64:9c:39:2c:8f:5e:78:d3:
67:1b:b4:1f:50:d4:65:02:27:60:b1:40:e0:7e:df:
d1:ec:ce:e0:54:c9:7d:d2:03:e2:6f:0a:f6:c9:23:
31:e4:15:5e:28:a8:9b:7e:7c:93:ed:95:18:11:8a:
c3:38:5a:3a:01:68:a8:23:a3:39:a8:12:bc:38:58:
0d:9d:c2:7b:1a:f7:84:15:2f:0f:37:3b:df:17:93:
eb:cc:c6:6a:8d:12:32:c1:5d:2c:cf:e3:f6:2e:6e:
9f:fb:89:9f:75:9e:53:5b:33:87:62:38:42:9c:b0:
54:fe:c9:10:41:6c:b6:75:77:ed:0e:1e:77:09:2c:
99:7b:56:10:a3:42:f2:c2:29:a9:b5:82:db:1e:72:
d6:6a:bd:1b:f1:f2:1d:1a:03:12:fd:b3:ed:db:aa:
70:77:4a:36:3c:00:d0:b4:e2:a2:a2:0c:91:a1:36:
c0:9e:7a:8b:ba:9e:8e:4f:c6:85:9a:70:90:e6:c9:
a2:ac:32:f3:23:61:e4:2d:f9:bd:27:b4:ff:eb:47:
c7:a1:e1:e4:5a:02:69:f6:eb:57:19:2e:ad:bb:be:
2c:fc:23:f4:1d:d1:f7:cd:e1:81:f5:19:fd:26:9c:
b2:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:20:4C:5C:0A:BD:77:A4:FA:6E:31:4C:97:2A:A7:AD:84:1B:C3:CF
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/336f8390-241d-4b6f-9822-91232dc553f3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc7:6800::/40
Signature Algorithm: sha256WithRSAEncryption
66:31:8a:a1:d2:c0:bb:56:35:4d:50:00:ce:a4:7e:f9:07:d0:
3d:02:fd:f1:b2:c2:19:54:00:1a:f8:6b:53:9c:47:07:40:b8:
ce:4b:d4:4c:e3:c2:61:1a:2f:65:36:0d:08:39:68:e3:56:3b:
e5:cf:9d:2b:34:c5:0c:2d:08:9a:49:89:c1:29:5e:f7:0a:b6:
bf:5c:31:fa:8f:af:62:32:42:81:27:03:e8:cf:44:9e:cc:70:
55:89:0c:a5:02:a0:13:85:c7:10:ec:f9:0d:45:ff:27:dd:62:
f8:7a:d3:40:d2:b4:84:93:73:8f:89:6a:87:32:39:ef:39:69:
f5:5b:c9:3d:14:c9:c9:f7:00:c1:00:ca:c9:73:42:e5:e5:9f:
55:37:04:c8:c7:9c:cc:9c:20:9c:a5:52:1f:18:7f:af:25:92:
49:aa:e6:f9:3b:e9:3d:20:05:16:3a:7b:0a:d9:25:d6:fd:a5:
fb:98:e6:57:a0:64:2e:3d:6a:29:b3:2a:b1:08:31:91:64:03:
3b:dc:b0:12:3e:a9:c6:c4:a4:f6:b3:b8:66:13:39:c1:9c:9d:
a5:a2:ab:15:36:db:d8:3b:fd:78:a8:39:f4:9b:54:b5:42:30:
3c:39:e2:f3:16:2f:fa:b6:34:c5:11:c4:0b:a1:72:c7:66:71:
6f:2f:00:10
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUS9tXIIebull75+1suselHpA1BqIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA0MzAwMDIwMDZaFw0yNTA2MDQyMzU5NTlaMHoxSTBHBgNV
BAUTQGQxZWVkNWVjNjdmMGZlZGFjNmIzMzk0ZWNhYjMxNWY5YTNiODQzZjEyMzg3
MTZhZjcyMzUxMmRlMzNhMWRiMjgxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKAge8mqExa7cxl+V1ZbJy34abpo1GScOSyPXnjTZxu0H1DUZQInYLFA4H7f
0ezO4FTJfdID4m8K9skjMeQVXiiom358k+2VGBGKwzhaOgFoqCOjOagSvDhYDZ3C
exr3hBUvDzc73xeT68zGao0SMsFdLM/j9i5un/uJn3WeU1szh2I4QpywVP7JEEFs
tnV37Q4edwksmXtWEKNC8sIpqbWC2x5y1mq9G/HyHRoDEv2z7duqcHdKNjwA0LTi
oqIMkaE2wJ56i7qejk/GhZpwkObJoqwy8yNh5C35vSe0/+tHx6Hh5FoCafbrVxku
rbu+LPwj9B3R983hgfUZ/SacsvcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSyIExc
Cr13pPpuMUyXKqethBvDzzAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
MzM2ZjgzOTAtMjQxZC00YjZmLTk4MjItOTEyMzJkYzU1M2YzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACABP8do
MA0GCSqGSIb3DQEBCwUAA4IBAQBmMYqh0sC7VjVNUADOpH75B9A9Av3xssIZVAAa
+GtTnEcHQLjOS9RM48JhGi9lNg0IOWjjVjvlz50rNMUMLQiaSYnBKV73Cra/XDH6
j69iMkKBJwPoz0SezHBViQylAqAThccQ7PkNRf8n3WL4etNA0rSEk3OPiWqHMjnv
OWn1W8k9FMnJ9wDBAMrJc0Ll5Z9VNwTIx5zMnCCcpVIfGH+vJZJJqub5O+k9IAUW
OnsK2SXW/aX7mOZXoGQuPWopsyqxCDGRZAM73LASPqnGxKT2s7hmEznBnJ2loqsV
NtvYO/14qDn0m1S1QjA8OeLzFi/6tjTFEcQLoXLHZnFvLwAQ
-----END CERTIFICATE-----
Generated at Mon May 5 11:22:40 2025 by rpki-client