Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/42a75e81-4259-49a6-bdf2-3b7976817e78.roa
File: 42a75e81-4259-49a6-bdf2-3b7976817e78.roa (raw, json)
Hash identifier: vD+d+CMyaovDvwkVDC7o0aHHpSsOPJJ7BETwAfBEtic=
Subject key identifier: 28:08:DB:69:40:77:07:87:9B:80:0A:3D:7D:C8:77:A1:55:E3:35:A0
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 77B168ECC188701B874D74538ACEB04E8F53B768
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/42a75e81-4259-49a6-bdf2-3b7976817e78.roa
Signing time: Wed 30 Apr 2025 00:11:03 +0000
ROA not before: Wed 30 Apr 2025 00:11:03 +0000
ROA not after: Wed 04 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc3:5000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 05 May 2025 22:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
77:b1:68:ec:c1:88:70:1b:87:4d:74:53:8a:ce:b0:4e:8f:53:b7:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Apr 30 00:11:03 2025 GMT
Not After : Jun 4 23:59:59 2025 GMT
Subject: serialNumber=7aec7c7fb41e6cdd0f96e283ef7ecfc94e382fafde433c83debbb028430a750d, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:7d:12:23:7c:09:27:f2:f4:58:4a:f6:15:5f:
d1:75:eb:d4:2d:09:2a:45:bc:10:b8:66:70:fd:ba:
f3:a1:be:78:a1:6c:bf:83:61:5a:20:d4:8e:61:4d:
74:64:6f:0a:af:37:84:0e:f1:0a:bd:03:64:a5:4e:
1c:ba:80:36:63:9b:9d:83:50:90:c8:31:07:cf:15:
a2:32:7e:15:b9:44:4c:7c:74:96:6a:bb:41:5d:70:
08:93:a2:ae:1e:9e:74:b0:92:e6:95:38:a7:97:c4:
65:38:c4:ec:4b:8a:a0:27:2e:92:7e:1e:3d:56:30:
75:aa:45:f0:ad:32:7b:e8:4a:09:61:66:91:4a:2a:
89:21:b6:68:68:b1:7c:3a:d1:33:c2:bf:16:d4:6e:
26:d2:54:9e:3f:82:f0:89:98:bd:ef:6b:d3:da:f0:
de:11:5e:59:ed:56:4f:16:83:df:62:be:ba:a5:e2:
9c:15:7e:98:b5:5d:19:51:73:b4:1f:fa:ad:01:f9:
42:de:0d:23:90:f0:77:17:dc:03:03:b7:b5:49:b4:
67:12:9f:fa:18:fb:dc:b2:f9:ee:a9:dd:d8:6a:46:
4e:00:81:15:6c:3c:c4:3d:be:f1:f2:ba:e6:0a:6a:
77:74:c7:3b:a7:1e:ba:7b:41:06:df:2e:5f:b1:d0:
9e:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:08:DB:69:40:77:07:87:9B:80:0A:3D:7D:C8:77:A1:55:E3:35:A0
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/42a75e81-4259-49a6-bdf2-3b7976817e78.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc3:5000::/36
Signature Algorithm: sha256WithRSAEncryption
98:eb:10:fb:d5:10:36:34:81:5c:3c:25:9f:2e:3b:52:86:fc:
23:ae:e8:09:54:b9:4e:d7:1e:73:8c:49:1e:36:cf:0d:6f:5b:
94:74:82:8c:d6:9d:bc:60:86:74:fd:df:76:2d:be:3a:d3:46:
39:b9:dc:b2:63:83:d4:0b:6c:47:ab:1f:b6:12:ba:57:90:fd:
e5:91:7f:5b:c4:a6:16:79:a6:53:51:f2:98:11:3b:3d:f9:e9:
5a:94:fd:9d:d8:9f:50:88:aa:6a:ce:8a:3e:ed:71:41:8a:4b:
8a:80:f2:6b:eb:2d:7b:40:76:58:4f:06:4d:d5:90:08:b2:05:
3f:ad:be:15:ad:79:8d:5b:cd:07:ef:8e:99:98:31:80:27:16:
1c:7f:82:07:4c:1a:1c:5c:b1:0d:3c:33:8e:b5:95:ad:4a:02:
f5:4a:a9:56:f1:e5:83:1b:e1:a4:8c:a3:83:b4:c8:28:98:8a:
66:94:4b:88:05:a4:f6:b9:a4:be:21:9c:6f:3d:89:ed:83:b5:
0d:f5:87:3b:73:b7:b2:83:a1:17:61:dc:31:a9:0b:29:9f:9d:
6f:54:e4:1e:80:c3:11:af:69:b0:6e:c3:b6:85:54:30:a7:5d:
21:2d:bf:c3:c1:e9:41:33:75:2e:91:13:7b:d5:69:30:1f:f1:
13:d7:39:3d
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUd7Fo7MGIcBuHTXRTis6wTo9Tt2gwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA0MzAwMDExMDNaFw0yNTA2MDQyMzU5NTlaMHoxSTBHBgNV
BAUTQDdhZWM3YzdmYjQxZTZjZGQwZjk2ZTI4M2VmN2VjZmM5NGUzODJmYWZkZTQz
M2M4M2RlYmJiMDI4NDMwYTc1MGQxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALJ9EiN8CSfy9FhK9hVf0XXr1C0JKkW8ELhmcP2686G+eKFsv4NhWiDUjmFN
dGRvCq83hA7xCr0DZKVOHLqANmObnYNQkMgxB88VojJ+FblETHx0lmq7QV1wCJOi
rh6edLCS5pU4p5fEZTjE7EuKoCcukn4ePVYwdapF8K0ye+hKCWFmkUoqiSG2aGix
fDrRM8K/FtRuJtJUnj+C8ImYve9r09rw3hFeWe1WTxaD32K+uqXinBV+mLVdGVFz
tB/6rQH5Qt4NI5DwdxfcAwO3tUm0ZxKf+hj73LL57qnd2GpGTgCBFWw8xD2+8fK6
5gpqd3THO6ceuntBBt8uX7HQnh8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQoCNtp
QHcHh5uACj19yHehVeM1oDAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
NDJhNzVlODEtNDI1OS00OWE2LWJkZjItM2I3OTc2ODE3ZTc4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCABP8NQ
MA0GCSqGSIb3DQEBCwUAA4IBAQCY6xD71RA2NIFcPCWfLjtShvwjrugJVLlO1x5z
jEkeNs8Nb1uUdIKM1p28YIZ0/d92Lb4600Y5udyyY4PUC2xHqx+2ErpXkP3lkX9b
xKYWeaZTUfKYETs9+elalP2d2J9QiKpqzoo+7XFBikuKgPJr6y17QHZYTwZN1ZAI
sgU/rb4VrXmNW80H746ZmDGAJxYcf4IHTBocXLENPDOOtZWtSgL1SqlW8eWDG+Gk
jKODtMgomIpmlEuIBaT2uaS+IZxvPYntg7UN9Yc7c7eyg6EXYdwxqQspn51vVOQe
gMMRr2mwbsO2hVQwp10hLb/DwelBM3UukRN71WkwH/ET1zk9
-----END CERTIFICATE-----
Generated at Mon May 5 06:06:34 2025 by rpki-client