Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/440b3734-74c6-4eea-9712-42440de9c3b4.roa
File: 440b3734-74c6-4eea-9712-42440de9c3b4.roa (raw, json)
Hash identifier: NmxfMFlAmKcTEsX1ECovxAxI8HQTcCFCBjBMD2mJQ1E=
Subject key identifier: C3:C2:47:3D:46:A9:FE:C8:2B:AB:92:CE:5F:4C:01:F4:0A:9B:EB:68
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 4CD12529B619AD375E4E24B976F9C99730E8F8D3
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/440b3734-74c6-4eea-9712-42440de9c3b4.roa
Signing time: Wed 30 Apr 2025 00:20:43 +0000
ROA not before: Wed 30 Apr 2025 00:20:43 +0000
ROA not after: Wed 04 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc7::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 05 May 2025 22:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4c:d1:25:29:b6:19:ad:37:5e:4e:24:b9:76:f9:c9:97:30:e8:f8:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Apr 30 00:20:43 2025 GMT
Not After : Jun 4 23:59:59 2025 GMT
Subject: serialNumber=8a86085fc9d5f4ea6b6f573d834cd90d0fb7a3071c451861c6a86e0e961417db, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:00:fb:3b:da:d1:8a:45:df:6f:de:8b:18:cb:
0d:69:ef:05:d6:92:a6:f4:42:07:a7:e6:aa:29:07:
63:51:5f:3c:56:37:fc:78:f7:77:08:08:79:83:35:
4e:16:72:37:8b:0c:19:33:69:27:fc:c2:ae:b0:6b:
ac:57:57:f1:78:1b:b1:da:7d:43:90:5a:25:ff:99:
15:98:04:2d:81:87:5b:83:49:51:c5:46:4e:f6:a2:
0d:1a:95:2f:86:56:46:57:f3:78:f4:1d:57:39:bf:
f1:d7:20:cd:3b:b4:71:4a:3b:eb:66:2e:f9:a3:6d:
e5:0b:9f:97:9e:8e:d7:b9:73:24:83:21:51:73:81:
0e:a5:c8:69:f4:12:f5:f8:03:af:f7:cc:d9:aa:df:
5b:1c:bf:4f:20:93:a7:5d:60:8d:c1:3d:62:8e:91:
ca:39:43:a2:c8:ce:1e:ad:80:b2:d2:ae:08:62:c0:
00:6f:cc:79:28:99:32:f2:bf:29:27:b1:ab:71:3d:
f7:ee:cd:48:0b:7d:b2:46:63:9a:02:83:57:a3:35:
ad:7a:9e:ba:b6:48:68:a0:1e:f4:b4:99:62:7e:07:
e3:f6:30:9f:30:2b:f2:e5:f1:b1:df:a2:b4:77:40:
bb:0c:55:75:78:c3:42:46:ca:08:34:f0:cf:51:31:
a8:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:C2:47:3D:46:A9:FE:C8:2B:AB:92:CE:5F:4C:01:F4:0A:9B:EB:68
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/440b3734-74c6-4eea-9712-42440de9c3b4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc7::/36
Signature Algorithm: sha256WithRSAEncryption
3f:6a:f7:70:43:f4:a0:b4:0c:e1:e7:8f:d1:1f:5e:c9:c7:86:
af:c1:e0:cc:9b:cd:bb:96:df:57:25:ed:6d:a2:c3:ad:83:19:
a0:5d:1c:ea:a0:aa:d5:9b:ba:2e:9c:0b:1b:34:81:d7:d4:e8:
94:f0:28:71:7c:cd:0e:d5:5e:47:80:76:06:e7:ea:a6:e1:75:
14:70:74:22:ec:2b:a6:69:b5:e0:cc:ea:1d:ae:17:97:5c:2a:
5f:0f:b4:51:f4:d4:91:21:fe:27:37:3c:b8:1e:11:89:d3:60:
8b:8e:cb:fc:38:af:b8:3f:69:d4:81:71:bc:8a:db:7c:ec:4e:
19:67:fb:4f:e4:4a:56:a9:bc:2a:9c:80:17:06:f2:4e:4c:a9:
89:52:88:5d:da:de:31:6e:a7:56:30:77:f4:31:da:87:ce:5b:
0f:42:da:c9:d1:14:17:b4:d0:ed:cb:00:5d:fc:cf:7f:c5:f4:
d6:df:7d:b3:e9:e4:e6:2e:7c:53:1e:05:9f:0c:2e:55:0d:0b:
62:77:b7:0e:a2:d0:6f:9e:5a:1a:12:76:e6:75:68:e7:fc:94:
12:43:45:5e:ff:8e:a9:17:21:75:5e:6a:6d:c9:b6:79:aa:d5:
34:0a:33:fc:9f:cb:c8:a8:bc:9f:70:50:ec:70:8a:e7:b3:de:
ca:bd:69:b6
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUTNElKbYZrTdeTiS5dvnJlzDo+NMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA0MzAwMDIwNDNaFw0yNTA2MDQyMzU5NTlaMHoxSTBHBgNV
BAUTQDhhODYwODVmYzlkNWY0ZWE2YjZmNTczZDgzNGNkOTBkMGZiN2EzMDcxYzQ1
MTg2MWM2YTg2ZTBlOTYxNDE3ZGIxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK0A+zva0YpF32/eixjLDWnvBdaSpvRCB6fmqikHY1FfPFY3/Hj3dwgIeYM1
ThZyN4sMGTNpJ/zCrrBrrFdX8Xgbsdp9Q5BaJf+ZFZgELYGHW4NJUcVGTvaiDRqV
L4ZWRlfzePQdVzm/8dcgzTu0cUo762Yu+aNt5Qufl56O17lzJIMhUXOBDqXIafQS
9fgDr/fM2arfWxy/TyCTp11gjcE9Yo6RyjlDosjOHq2AstKuCGLAAG/MeSiZMvK/
KSexq3E99+7NSAt9skZjmgKDV6M1rXqeurZIaKAe9LSZYn4H4/YwnzAr8uXxsd+i
tHdAuwxVdXjDQkbKCDTwz1ExqD0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTDwkc9
Rqn+yCurks5fTAH0CpvraDAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
NDQwYjM3MzQtNzRjNi00ZWVhLTk3MTItNDI0NDBkZTljM2I0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCABP8cA
MA0GCSqGSIb3DQEBCwUAA4IBAQA/avdwQ/SgtAzh54/RH17Jx4avweDMm827lt9X
Je1tosOtgxmgXRzqoKrVm7ounAsbNIHX1OiU8ChxfM0O1V5HgHYG5+qm4XUUcHQi
7CumabXgzOodrheXXCpfD7RR9NSRIf4nNzy4HhGJ02CLjsv8OK+4P2nUgXG8itt8
7E4ZZ/tP5EpWqbwqnIAXBvJOTKmJUohd2t4xbqdWMHf0MdqHzlsPQtrJ0RQXtNDt
ywBd/M9/xfTW332z6eTmLnxTHgWfDC5VDQtid7cOotBvnloaEnbmdWjn/JQSQ0Ve
/46pFyF1XmptybZ5qtU0CjP8n8vIqLyfcFDscIrns97KvWm2
-----END CERTIFICATE-----
Generated at Mon May 5 03:58:09 2025 by rpki-client