Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/3710654a-38ee-4fc2-8f68-9612ab45bbc3.roa
File: 3710654a-38ee-4fc2-8f68-9612ab45bbc3.roa (raw, json)
Hash identifier: lxBhziXqM5wSK7hySUaDrei5iWt1gUb9DVo1KjOnFYo=
Subject key identifier: AE:EA:41:C8:DB:A9:68:64:D1:D4:02:A4:3E:C3:B6:96:6D:57:DD:CC
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 317434D31EAD5B19F4CD4629CB99BE2CD8DF763A
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/3710654a-38ee-4fc2-8f68-9612ab45bbc3.roa
Signing time: Wed 30 Apr 2025 00:11:03 +0000
ROA not before: Wed 30 Apr 2025 00:11:03 +0000
ROA not after: Wed 04 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc3:5840::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 06 May 2025 08:37:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
31:74:34:d3:1e:ad:5b:19:f4:cd:46:29:cb:99:be:2c:d8:df:76:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Apr 30 00:11:03 2025 GMT
Not After : Jun 4 23:59:59 2025 GMT
Subject: serialNumber=b4628d34a24dbbc9a97c68a0642752d791aa32fc29a6a4e7a35f28a11a06e24f, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:e8:f2:bc:78:47:fa:06:77:1f:9f:ef:ee:f0:
4f:92:97:e1:72:86:2f:51:15:f8:e7:aa:28:c9:e8:
98:c5:c3:58:c4:75:bf:06:ce:4d:22:37:3f:c0:0f:
c4:1d:ee:00:aa:7b:f6:60:24:e5:1a:0c:25:be:09:
20:6d:cb:bb:1e:05:17:eb:4f:11:0e:63:bf:00:02:
9c:67:7b:26:31:0b:0a:60:d2:48:0a:12:b3:c4:31:
2a:50:06:7f:63:37:4f:a4:3a:2f:a6:ca:3e:62:fd:
29:6f:ac:ad:7b:cd:2b:83:3e:22:da:ef:07:27:4b:
cf:5a:aa:b5:e8:29:0e:12:ac:6f:a1:04:cf:9c:35:
35:9e:05:f4:18:8d:93:30:16:ec:e2:3b:d9:b3:2c:
2f:17:87:ed:7a:15:30:13:26:7b:02:13:3d:37:b7:
96:a3:b7:4b:0d:a9:ce:0d:55:a5:09:d3:b5:33:8c:
8d:78:7f:f0:09:5e:96:3d:fc:cf:72:b5:c9:1b:c9:
d6:09:0b:20:14:39:18:80:12:16:31:99:22:9f:54:
54:24:09:46:d9:2c:88:a0:22:6f:cf:28:42:50:c9:
a7:94:ef:cd:d7:52:3b:a0:7c:4b:15:df:5a:ad:f9:
d1:32:52:d6:ae:f6:a8:9d:1f:0e:ea:73:0c:87:e8:
3a:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:EA:41:C8:DB:A9:68:64:D1:D4:02:A4:3E:C3:B6:96:6D:57:DD:CC
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/3710654a-38ee-4fc2-8f68-9612ab45bbc3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc3:5840::/46
Signature Algorithm: sha256WithRSAEncryption
36:34:5e:7a:be:2f:9c:73:64:0e:92:16:0b:2d:26:f9:34:f1:
4b:31:da:90:d9:67:77:bd:df:1a:b3:34:ce:23:e6:fc:b4:73:
59:1c:96:ce:59:16:ca:ae:b0:ac:6b:08:e1:e4:4c:62:27:4f:
a9:0c:dc:60:4f:3d:ff:be:20:c5:be:2b:99:dd:ae:4a:f2:af:
02:05:e3:a4:0a:b7:1d:df:88:bb:7a:1e:56:64:23:65:61:9d:
f4:df:d6:6d:ce:45:bc:f0:9a:00:52:d2:f8:2c:63:af:88:b5:
a4:2e:66:e6:55:97:4a:3b:95:3f:cc:0e:81:b4:cc:0c:29:e4:
bb:70:fd:0a:a4:39:0c:06:0f:05:33:49:cf:df:fd:38:2e:48:
dd:be:70:72:aa:4d:44:79:16:65:41:7e:fe:90:b0:a2:12:f1:
0b:cd:f0:65:38:c3:34:39:4b:85:b1:09:3a:ac:72:87:a0:9d:
90:a9:a3:fa:78:6a:25:06:43:29:27:5d:5a:d9:6b:96:d4:d4:
47:5d:aa:1b:3f:cf:ee:9e:2c:17:91:4e:88:26:92:c9:4b:a9:
9e:62:48:3a:55:9c:ac:94:8e:8c:ac:0a:75:27:0c:2b:9a:b9:
e3:5e:5b:65:98:db:d6:e3:e4:62:79:5c:f8:0d:15:b2:dc:66:
04:44:18:63
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUMXQ00x6tWxn0zUYpy5m+LNjfdjowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA0MzAwMDExMDNaFw0yNTA2MDQyMzU5NTlaMHoxSTBHBgNV
BAUTQGI0NjI4ZDM0YTI0ZGJiYzlhOTdjNjhhMDY0Mjc1MmQ3OTFhYTMyZmMyOWE2
YTRlN2EzNWYyOGExMWEwNmUyNGYxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALLo8rx4R/oGdx+f7+7wT5KX4XKGL1EV+OeqKMnomMXDWMR1vwbOTSI3P8AP
xB3uAKp79mAk5RoMJb4JIG3Lux4FF+tPEQ5jvwACnGd7JjELCmDSSAoSs8QxKlAG
f2M3T6Q6L6bKPmL9KW+srXvNK4M+ItrvBydLz1qqtegpDhKsb6EEz5w1NZ4F9BiN
kzAW7OI72bMsLxeH7XoVMBMmewITPTe3lqO3Sw2pzg1VpQnTtTOMjXh/8Alelj38
z3K1yRvJ1gkLIBQ5GIASFjGZIp9UVCQJRtksiKAib88oQlDJp5TvzddSO6B8SxXf
Wq350TJS1q72qJ0fDupzDIfoOusCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSu6kHI
26loZNHUAqQ+w7aWbVfdzDAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
MzcxMDY1NGEtMzhlZS00ZmMyLThmNjgtOTYxMmFiNDViYmMzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAiABP8NY
QDANBgkqhkiG9w0BAQsFAAOCAQEANjReer4vnHNkDpIWCy0m+TTxSzHakNlnd73f
GrM0ziPm/LRzWRyWzlkWyq6wrGsI4eRMYidPqQzcYE89/74gxb4rmd2uSvKvAgXj
pAq3Hd+Iu3oeVmQjZWGd9N/Wbc5FvPCaAFLS+Cxjr4i1pC5m5lWXSjuVP8wOgbTM
DCnku3D9CqQ5DAYPBTNJz9/9OC5I3b5wcqpNRHkWZUF+/pCwohLxC83wZTjDNDlL
hbEJOqxyh6CdkKmj+nhqJQZDKSddWtlrltTUR12qGz/P7p4sF5FOiCaSyUupnmJI
OlWcrJSOjKwKdScMK5q5415bZZjb1uPkYnlc+A0VstxmBEQYYw==
-----END CERTIFICATE-----
Generated at Mon May 5 12:00:40 2025 by rpki-client