Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/3b361956-44bc-47e7-9213-cd7854c555f8.roa
File: 3b361956-44bc-47e7-9213-cd7854c555f8.roa (raw, json)
Hash identifier: Jwi4oAf7tH3V80qlBeVq/qWpoR4RptSzxrp5RsgFZrY=
Subject key identifier: D8:9C:74:C6:60:59:7A:74:D3:21:E9:8B:09:3C:5B:A4:AD:C1:50:C3
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 2CC349C5FEBE0A9274E0765ADF80B49F34648783
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/3b361956-44bc-47e7-9213-cd7854c555f8.roa
Signing time: Wed 30 Apr 2025 00:20:47 +0000
ROA not before: Wed 30 Apr 2025 00:20:47 +0000
ROA not after: Wed 04 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc7:4000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 05 May 2025 22:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2c:c3:49:c5:fe:be:0a:92:74:e0:76:5a:df:80:b4:9f:34:64:87:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Apr 30 00:20:47 2025 GMT
Not After : Jun 4 23:59:59 2025 GMT
Subject: serialNumber=2a5cbc146d48048ce041242bfdec6ec101fdbf7b15b046134e1ae87cc38d6119, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:ac:f6:c3:f2:29:a9:3b:9b:c4:26:47:95:7a:
53:2e:23:9d:15:3d:56:42:15:80:86:bc:42:a3:35:
bc:d1:ea:df:75:39:02:5c:62:30:93:4e:d0:d9:62:
de:87:12:c2:2b:6a:d2:0b:02:6a:1f:a6:94:77:31:
04:d2:82:d8:5a:4b:84:53:1c:ae:24:71:8b:08:1a:
05:aa:be:3c:a8:dc:cb:df:19:12:95:59:47:4c:5d:
51:25:fa:d1:f1:e2:b5:c6:27:81:90:36:c3:a0:20:
16:7d:4b:af:84:40:90:a0:bc:7b:3f:26:53:11:4a:
ee:df:d3:ce:ab:81:c3:e3:6d:fc:5d:35:33:1b:d0:
53:fb:94:b5:e0:c3:6e:67:59:97:7b:55:9b:7e:bd:
f3:c9:8e:e9:f4:bb:48:20:9e:b8:59:bc:a6:93:80:
0d:b4:b0:42:4c:2f:c4:32:5f:f7:f4:7d:bf:b9:3d:
13:fd:7c:b3:78:fa:a8:33:29:68:1e:52:99:3f:72:
f8:1e:bf:1d:33:85:e0:d5:b5:62:7e:3a:90:ac:a6:
5e:eb:f8:31:0a:0e:1c:e4:b4:f4:4c:bc:8c:c5:8d:
59:43:c7:8d:16:08:46:26:54:cf:a9:16:2c:4a:8f:
b2:b6:fb:cd:e1:cd:61:68:1b:ca:4a:75:6d:eb:0a:
09:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:9C:74:C6:60:59:7A:74:D3:21:E9:8B:09:3C:5B:A4:AD:C1:50:C3
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/3b361956-44bc-47e7-9213-cd7854c555f8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc7:4000::/36
Signature Algorithm: sha256WithRSAEncryption
35:1d:46:05:1d:f4:ef:62:fe:0b:f2:ca:c5:d0:46:17:ea:32:
0f:75:98:54:28:29:c7:cf:f8:a6:0d:62:21:a7:73:13:d9:4a:
71:09:cb:5e:8e:5c:be:3a:de:b7:14:37:b3:d4:97:1f:ec:a2:
22:58:3f:54:1c:ab:e2:15:e0:69:2a:7f:df:88:ce:7b:4b:ce:
eb:c2:27:e9:0d:3d:0f:0f:1c:6d:c7:ad:b3:aa:77:30:4c:4d:
cb:fe:4a:a4:a6:72:bf:54:b2:2e:50:51:06:29:0e:07:6f:6e:
55:ba:52:87:24:50:69:8d:6a:f0:0d:89:49:97:78:52:8c:a8:
0b:31:99:a8:a8:7b:50:b7:9c:98:bd:28:7f:20:da:e1:22:07:
bc:59:fa:85:ca:9b:cd:09:c4:0c:84:89:24:4a:6d:0c:05:2b:
2e:04:67:cf:9a:26:d1:2b:24:ae:5c:b5:5b:b6:54:59:17:fe:
1a:74:ed:d9:b8:3a:c5:a4:ba:62:6f:da:3b:e1:0b:ec:ba:7c:
83:bb:a3:d0:1b:d1:db:54:c5:01:72:cf:fc:12:21:b2:5b:87:
e0:4a:58:a4:9a:7d:73:c2:da:ab:f5:39:79:bb:f9:38:54:dd:
d3:ee:b8:94:44:43:4e:ff:35:d3:cf:91:96:02:d0:fa:5b:7c:
43:22:79:93
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIULMNJxf6+CpJ04HZa34C0nzRkh4MwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA0MzAwMDIwNDdaFw0yNTA2MDQyMzU5NTlaMHoxSTBHBgNV
BAUTQDJhNWNiYzE0NmQ0ODA0OGNlMDQxMjQyYmZkZWM2ZWMxMDFmZGJmN2IxNWIw
NDYxMzRlMWFlODdjYzM4ZDYxMTkxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK2s9sPyKak7m8QmR5V6Uy4jnRU9VkIVgIa8QqM1vNHq33U5AlxiMJNO0Nli
3ocSwitq0gsCah+mlHcxBNKC2FpLhFMcriRxiwgaBaq+PKjcy98ZEpVZR0xdUSX6
0fHitcYngZA2w6AgFn1Lr4RAkKC8ez8mUxFK7t/TzquBw+Nt/F01MxvQU/uUteDD
bmdZl3tVm36988mO6fS7SCCeuFm8ppOADbSwQkwvxDJf9/R9v7k9E/18s3j6qDMp
aB5SmT9y+B6/HTOF4NW1Yn46kKymXuv4MQoOHOS09Ey8jMWNWUPHjRYIRiZUz6kW
LEqPsrb7zeHNYWgbykp1besKCRcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTYnHTG
YFl6dNMh6YsJPFukrcFQwzAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
M2IzNjE5NTYtNDRiYy00N2U3LTkyMTMtY2Q3ODU0YzU1NWY4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCABP8dA
MA0GCSqGSIb3DQEBCwUAA4IBAQA1HUYFHfTvYv4L8srF0EYX6jIPdZhUKCnHz/im
DWIhp3MT2UpxCctejly+Ot63FDez1Jcf7KIiWD9UHKviFeBpKn/fiM57S87rwifp
DT0PDxxtx62zqncwTE3L/kqkpnK/VLIuUFEGKQ4Hb25VulKHJFBpjWrwDYlJl3hS
jKgLMZmoqHtQt5yYvSh/INrhIge8WfqFypvNCcQMhIkkSm0MBSsuBGfPmibRKySu
XLVbtlRZF/4adO3ZuDrFpLpib9o74QvsunyDu6PQG9HbVMUBcs/8EiGyW4fgSlik
mn1zwtqr9Tl5u/k4VN3T7riURENO/zXTz5GWAtD6W3xDInmT
-----END CERTIFICATE-----
Generated at Mon May 5 03:54:02 2025 by rpki-client