Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/3e9ca5f6-88cd-4fa7-8ab6-a2d678013349.roa
File: 3e9ca5f6-88cd-4fa7-8ab6-a2d678013349.roa (raw, json)
Hash identifier: qllljnqTqfbpc4FVBU8Ldx06BiDGdw8H4r02IXWmEzU=
Subject key identifier: D4:BA:1E:50:87:50:A2:AE:BC:80:F4:84:C7:68:BF:46:40:B7:2D:AC
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 0D3D0B78F76BEC7D98EEA7CC4433D6382B629DE8
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/3e9ca5f6-88cd-4fa7-8ab6-a2d678013349.roa
Signing time: Wed 30 Apr 2025 00:11:12 +0000
ROA not before: Wed 30 Apr 2025 00:11:12 +0000
ROA not after: Wed 04 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc7:2800::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 06 May 2025 01:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0d:3d:0b:78:f7:6b:ec:7d:98:ee:a7:cc:44:33:d6:38:2b:62:9d:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Apr 30 00:11:12 2025 GMT
Not After : Jun 4 23:59:59 2025 GMT
Subject: serialNumber=0b6c93bb1365431782e0abc8dc136d15bfe8e57ab09d9be494f2e3d517271f46, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:70:aa:5d:6f:ea:cc:5d:b9:37:c8:4e:cf:7d:
14:a8:d5:90:fd:a4:4e:e8:13:0e:e0:62:d5:91:c2:
b4:0c:33:bd:03:05:00:ab:78:56:7b:65:b3:f8:a3:
21:68:4c:a9:52:ad:8e:dd:50:07:05:d5:01:63:46:
95:8b:b5:e3:40:8a:13:90:4d:54:cf:b1:72:eb:9f:
99:68:a6:33:64:d5:a9:05:16:a0:22:44:1f:6e:b5:
e6:25:b1:cf:c6:c9:55:d4:eb:e8:88:eb:72:a4:c4:
69:56:89:52:2c:d9:2a:58:a7:a5:61:f2:35:45:f4:
f3:51:b7:9c:8b:36:f8:14:97:e4:0f:2b:9c:de:b1:
3a:1e:83:2e:68:56:2f:28:d8:72:03:ba:70:0c:3a:
c3:1f:e4:63:51:0c:0d:3d:66:c0:15:6c:f7:49:88:
16:d0:f1:a6:28:62:92:c0:cc:68:19:e9:8b:3c:83:
f4:7f:20:cb:67:da:01:1a:03:0a:0c:be:29:3c:4f:
65:4a:b4:c0:fe:20:cb:37:8a:c2:49:8b:19:77:5e:
27:81:e0:6f:35:8b:d0:0c:68:d7:4f:11:3c:e5:5f:
99:35:b1:e2:63:d4:15:e4:a7:24:95:6d:cc:06:ce:
67:52:7e:af:69:63:53:eb:c9:86:59:81:7b:c8:16:
3d:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:BA:1E:50:87:50:A2:AE:BC:80:F4:84:C7:68:BF:46:40:B7:2D:AC
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/3e9ca5f6-88cd-4fa7-8ab6-a2d678013349.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc7:2800::/40
Signature Algorithm: sha256WithRSAEncryption
2e:bd:fc:9a:0b:4c:82:34:0d:85:01:87:e6:85:69:64:48:0a:
1c:5c:6c:64:6b:a1:5e:a1:6e:3d:77:d4:76:59:41:23:d1:2b:
e4:05:b6:a3:65:a6:db:7f:74:11:d8:47:1a:81:62:85:e2:1b:
12:a0:b7:a5:49:ab:c3:6d:a0:ef:c1:65:7e:c9:24:36:ea:ee:
a0:26:e5:c4:47:31:3f:bd:5d:9b:ba:44:23:86:a9:12:bc:09:
41:39:e8:a7:e6:1a:68:79:d8:6c:de:50:52:02:db:f9:73:8a:
92:5b:0a:6b:32:7d:1d:d8:bf:53:51:84:a4:09:8b:e5:0a:66:
29:a4:a9:8c:5f:fb:25:8a:05:2c:46:e4:36:a5:32:00:af:d9:
24:2e:36:25:50:2c:db:28:d6:eb:b4:9f:0c:1a:56:57:05:1c:
83:b9:a0:86:42:ed:74:b6:e8:33:13:ea:9f:31:74:e2:fa:f0:
04:ce:f1:94:ba:45:3c:a0:52:54:98:f3:af:ca:ab:dc:7c:56:
94:8e:ea:51:da:38:3d:05:ab:24:99:2a:29:b5:89:b8:a5:60:
2e:88:83:fb:d7:6e:13:c2:88:37:37:1f:ba:cb:31:c4:83:2a:
f9:b9:a3:4c:74:96:9a:55:e4:ec:d6:16:32:e5:40:cb:c1:82:
dd:81:8c:8f
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUDT0LePdr7H2Y7qfMRDPWOCtinegwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA0MzAwMDExMTJaFw0yNTA2MDQyMzU5NTlaMHoxSTBHBgNV
BAUTQDBiNmM5M2JiMTM2NTQzMTc4MmUwYWJjOGRjMTM2ZDE1YmZlOGU1N2FiMDlk
OWJlNDk0ZjJlM2Q1MTcyNzFmNDYxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANVwql1v6sxduTfITs99FKjVkP2kTugTDuBi1ZHCtAwzvQMFAKt4Vntls/ij
IWhMqVKtjt1QBwXVAWNGlYu140CKE5BNVM+xcuufmWimM2TVqQUWoCJEH2615iWx
z8bJVdTr6IjrcqTEaVaJUizZKlinpWHyNUX081G3nIs2+BSX5A8rnN6xOh6DLmhW
LyjYcgO6cAw6wx/kY1EMDT1mwBVs90mIFtDxpihiksDMaBnpizyD9H8gy2faARoD
Cgy+KTxPZUq0wP4gyzeKwkmLGXdeJ4HgbzWL0Axo108RPOVfmTWx4mPUFeSnJJVt
zAbOZ1J+r2ljU+vJhlmBe8gWPaMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTUuh5Q
h1CirryA9ITHaL9GQLctrDAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
M2U5Y2E1ZjYtODhjZC00ZmE3LThhYjYtYTJkNjc4MDEzMzQ5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACABP8co
MA0GCSqGSIb3DQEBCwUAA4IBAQAuvfyaC0yCNA2FAYfmhWlkSAocXGxka6FeoW49
d9R2WUEj0SvkBbajZabbf3QR2EcagWKF4hsSoLelSavDbaDvwWV+ySQ26u6gJuXE
RzE/vV2bukQjhqkSvAlBOein5hpoedhs3lBSAtv5c4qSWwprMn0d2L9TUYSkCYvl
CmYppKmMX/sligUsRuQ2pTIAr9kkLjYlUCzbKNbrtJ8MGlZXBRyDuaCGQu10tugz
E+qfMXTi+vAEzvGUukU8oFJUmPOvyqvcfFaUjupR2jg9BaskmSoptYm4pWAuiIP7
124Twog3Nx+6yzHEgyr5uaNMdJaaVeTs1hYy5UDLwYLdgYyP
-----END CERTIFICATE-----
Generated at Mon May 5 10:38:10 2025 by rpki-client