Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/4723f2a2-88af-42fa-b700-a780f4cd2903.roa
File: 4723f2a2-88af-42fa-b700-a780f4cd2903.roa (raw, json)
Hash identifier: Zke+JxishY28Bd37NmBYFdVZFP07RjE2UBLLyL0/jQ0=
Subject key identifier: 4D:9A:C7:FB:54:08:6A:52:25:11:99:F6:D0:BC:FD:8B:F6:D4:58:38
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 52E5F2E4CAB79B96414103FB06A4E6630CA77158
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/4723f2a2-88af-42fa-b700-a780f4cd2903.roa
Signing time: Wed 30 Apr 2025 00:20:41 +0000
ROA not before: Wed 30 Apr 2025 00:20:41 +0000
ROA not after: Wed 04 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc3:a000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 05 May 2025 22:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
52:e5:f2:e4:ca:b7:9b:96:41:41:03:fb:06:a4:e6:63:0c:a7:71:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Apr 30 00:20:41 2025 GMT
Not After : Jun 4 23:59:59 2025 GMT
Subject: serialNumber=2e2a323e7af545878a70f347fe37e82702909049e0fe008e32718e84a7a677d6, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:0b:77:f1:ae:e5:30:4e:08:63:9f:56:ba:50:
66:fd:70:a2:5a:7b:c6:e7:9a:ee:87:d9:0d:9c:11:
e5:e4:bf:2c:70:80:e1:af:25:f6:76:ae:72:15:d7:
8c:3f:c5:71:c2:a8:35:89:72:5d:70:24:27:42:d7:
6e:4b:4d:48:1b:ce:ff:40:1d:78:55:23:f2:12:b6:
60:e8:b2:2c:1e:9f:3c:d6:71:e4:f9:1b:f7:4a:3d:
25:9f:54:7f:c6:9d:4e:d6:8e:aa:a7:a7:32:a0:fa:
d5:1b:9b:60:72:eb:bb:7e:e8:95:6c:a4:cf:ca:95:
d9:5a:af:9a:e7:eb:fc:e6:39:c3:46:db:ae:92:5b:
e4:14:6a:46:d6:02:6e:5c:f1:b8:49:82:26:3a:c4:
28:c4:6d:7a:64:ab:58:d7:9d:3d:ad:04:d1:a8:a7:
38:f7:41:80:5e:19:53:c4:68:41:af:0a:10:84:a5:
8a:60:76:1f:90:b4:55:0d:33:1c:c3:9b:46:c1:b2:
62:cf:8f:e1:44:94:27:82:79:9e:0a:f5:48:e4:46:
96:a0:29:d8:b1:8e:59:e2:4d:56:28:24:ea:0e:5a:
79:25:8e:32:bd:63:5e:2a:88:a2:1d:d7:4f:a6:5a:
a6:6b:6d:3d:3b:82:fc:a0:35:d1:3c:99:08:6c:3c:
28:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:9A:C7:FB:54:08:6A:52:25:11:99:F6:D0:BC:FD:8B:F6:D4:58:38
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/4723f2a2-88af-42fa-b700-a780f4cd2903.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc3:a000::/36
Signature Algorithm: sha256WithRSAEncryption
77:63:a1:83:c5:ef:d2:2f:7b:c0:5f:52:05:92:10:a3:6a:fd:
4f:19:07:c2:83:14:37:b3:d4:ac:1a:f5:ef:8a:0d:0a:d3:5a:
b2:4c:60:50:64:d6:dd:17:9d:93:a4:a0:b0:1d:f3:82:ed:9c:
51:6c:81:0f:76:61:8d:b2:41:36:22:2f:a2:df:93:09:fd:13:
58:a2:49:a8:52:97:6b:47:20:65:ab:3c:72:39:26:fd:d9:af:
e2:a3:0d:c7:22:5d:9c:40:3e:49:e8:50:97:0e:96:5c:4f:e3:
47:41:57:58:f5:4e:9f:ab:c0:38:3a:48:aa:7d:a4:fc:7c:22:
52:a5:38:53:73:e9:ec:e7:72:ce:f1:63:4a:af:ef:28:1a:18:
df:6f:7a:e6:c5:b4:24:8b:a2:3b:e2:33:33:4e:24:7d:6e:c4:
71:4d:25:88:ff:7a:00:a9:0e:ee:21:0f:dc:3b:8d:d0:39:7a:
46:d3:30:70:01:37:44:bc:ee:48:e9:15:2e:2d:71:a5:9e:9d:
e4:6c:f2:c8:a4:09:8b:25:89:49:ed:1f:8b:40:77:72:af:de:
e9:68:e4:2d:8d:f8:bf:4d:e1:08:a6:d6:51:62:21:80:6e:c7:
fc:52:d5:dd:1e:fa:39:52:8c:d3:39:11:a6:3f:3d:85:a7:66:
21:24:9f:da
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUUuXy5Mq3m5ZBQQP7BqTmYwyncVgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA0MzAwMDIwNDFaFw0yNTA2MDQyMzU5NTlaMHoxSTBHBgNV
BAUTQDJlMmEzMjNlN2FmNTQ1ODc4YTcwZjM0N2ZlMzdlODI3MDI5MDkwNDllMGZl
MDA4ZTMyNzE4ZTg0YTdhNjc3ZDYxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALoLd/Gu5TBOCGOfVrpQZv1wolp7xuea7ofZDZwR5eS/LHCA4a8l9nauchXX
jD/FccKoNYlyXXAkJ0LXbktNSBvO/0AdeFUj8hK2YOiyLB6fPNZx5Pkb90o9JZ9U
f8adTtaOqqenMqD61RubYHLru37olWykz8qV2Vqvmufr/OY5w0bbrpJb5BRqRtYC
blzxuEmCJjrEKMRtemSrWNedPa0E0ainOPdBgF4ZU8RoQa8KEISlimB2H5C0VQ0z
HMObRsGyYs+P4USUJ4J5ngr1SORGlqAp2LGOWeJNVigk6g5aeSWOMr1jXiqIoh3X
T6ZapmttPTuC/KA10TyZCGw8KFECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRNmsf7
VAhqUiURmfbQvP2L9tRYODAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
NDcyM2YyYTItODhhZi00MmZhLWI3MDAtYTc4MGY0Y2QyOTAzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCABP8Og
MA0GCSqGSIb3DQEBCwUAA4IBAQB3Y6GDxe/SL3vAX1IFkhCjav1PGQfCgxQ3s9Ss
GvXvig0K01qyTGBQZNbdF52TpKCwHfOC7ZxRbIEPdmGNskE2Ii+i35MJ/RNYokmo
UpdrRyBlqzxyOSb92a/iow3HIl2cQD5J6FCXDpZcT+NHQVdY9U6fq8A4OkiqfaT8
fCJSpThTc+ns53LO8WNKr+8oGhjfb3rmxbQki6I74jMzTiR9bsRxTSWI/3oAqQ7u
IQ/cO43QOXpG0zBwATdEvO5I6RUuLXGlnp3kbPLIpAmLJYlJ7R+LQHdyr97paOQt
jfi/TeEIptZRYiGAbsf8UtXdHvo5UozTORGmPz2Fp2YhJJ/a
-----END CERTIFICATE-----
Generated at Mon May 5 03:53:05 2025 by rpki-client