Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/4c3a78bf-d9cf-418f-8a3a-8c3e72470c1c.roa
File: 4c3a78bf-d9cf-418f-8a3a-8c3e72470c1c.roa (raw, json)
Hash identifier: DAe0wLZ/4cuatvlKFWyle2oochnfb+GhiuVzQuJsUgc=
Subject key identifier: CE:36:F2:A8:7F:F1:1A:A8:FB:FE:11:76:8A:2F:0F:B5:7A:6D:DF:78
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 6F385F90A3EF97224008207C33705B67A970382C
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/4c3a78bf-d9cf-418f-8a3a-8c3e72470c1c.roa
Signing time: Wed 30 Apr 2025 00:10:38 +0000
ROA not before: Wed 30 Apr 2025 00:10:38 +0000
ROA not after: Wed 04 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc0:840::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 05 May 2025 22:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6f:38:5f:90:a3:ef:97:22:40:08:20:7c:33:70:5b:67:a9:70:38:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Apr 30 00:10:38 2025 GMT
Not After : Jun 4 23:59:59 2025 GMT
Subject: serialNumber=c23184c3624df82a52454e8d34b675605fb28fb2d12f949b9a18c74626bdbc4f, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:f7:b5:c5:ec:c5:a1:f7:3b:f5:25:41:6e:d1:
ad:9b:18:7e:57:69:ed:99:45:72:00:f4:36:5e:a1:
61:d1:15:53:6b:64:40:1d:0f:37:6d:0c:fb:7a:14:
43:c0:0c:41:33:a7:9d:99:5b:30:08:b5:9d:f8:20:
59:dc:cc:8e:f5:a9:bb:9d:a0:6a:91:57:54:c3:b0:
a8:6a:cc:29:91:d6:72:10:20:87:43:69:81:4f:b6:
2f:b5:00:f6:7f:e6:4c:37:91:05:dd:f3:e2:a5:c4:
da:8a:0b:43:f9:8e:a0:25:cc:30:cb:0b:7a:ff:bb:
65:11:6a:39:be:06:6e:a9:5e:d3:32:56:a0:2a:7f:
fb:44:77:81:4a:79:de:98:c1:96:7d:c4:1f:87:5d:
e2:5e:d1:55:7b:b7:11:83:9b:29:91:91:b3:3d:a4:
35:21:d5:80:b4:31:3c:16:7a:b3:37:eb:68:35:b9:
1a:38:34:c4:56:7f:48:e5:04:bc:c7:ef:c6:8d:5c:
b6:00:e9:ee:75:c3:6a:b2:24:65:14:45:1e:46:72:
a5:d6:e8:e0:1a:24:75:ee:93:c7:2b:76:d0:c6:8a:
64:13:81:af:68:da:33:85:3c:f1:3e:05:34:48:8b:
04:39:9f:3d:c6:67:d5:c7:8b:b9:80:25:4e:05:f0:
cf:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:36:F2:A8:7F:F1:1A:A8:FB:FE:11:76:8A:2F:0F:B5:7A:6D:DF:78
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/4c3a78bf-d9cf-418f-8a3a-8c3e72470c1c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc0:840::/48
Signature Algorithm: sha256WithRSAEncryption
1c:88:dd:41:e3:bb:47:78:17:98:ec:a1:33:44:58:41:f2:b7:
b5:49:43:40:ec:e9:52:d4:f3:f4:0d:14:42:64:8f:68:1d:13:
7c:86:d5:ce:e0:ce:3b:fe:5e:16:73:eb:43:92:52:5c:d8:4f:
c8:71:06:30:af:88:87:3f:3d:fc:fb:80:23:11:e8:ea:59:ce:
1f:c7:28:0e:39:a9:8f:e2:da:1e:82:99:84:7d:28:59:cc:d7:
11:5f:46:55:f5:7e:fd:88:78:3e:89:e5:20:39:60:73:69:5b:
3c:2e:00:73:a4:3b:3e:a5:7f:15:1a:01:da:31:16:63:75:ce:
59:68:fd:95:d7:2d:5b:21:3e:3f:66:66:ac:a8:0a:01:67:9f:
69:5b:38:de:14:18:b9:2d:2d:a3:87:df:8d:42:73:70:1a:3f:
4a:32:ae:73:fc:00:60:ca:68:35:c6:ea:42:8e:93:9f:f4:c9:
12:7d:01:a9:47:dc:0d:31:c6:84:19:35:39:9f:94:e5:38:8b:
24:f4:b7:ee:9d:6e:c2:28:e5:45:37:67:58:ed:ec:84:6c:b3:
77:92:6e:da:8f:1c:f6:bf:9f:dc:71:50:2e:21:f8:a1:94:7a:
62:b4:bf:c2:a6:97:18:3e:3d:37:e1:b0:63:0c:96:ff:82:9e:
b7:42:3f:ca
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUbzhfkKPvlyJACCB8M3BbZ6lwOCwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA0MzAwMDEwMzhaFw0yNTA2MDQyMzU5NTlaMHoxSTBHBgNV
BAUTQGMyMzE4NGMzNjI0ZGY4MmE1MjQ1NGU4ZDM0YjY3NTYwNWZiMjhmYjJkMTJm
OTQ5YjlhMThjNzQ2MjZiZGJjNGYxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKX3tcXsxaH3O/UlQW7RrZsYfldp7ZlFcgD0Nl6hYdEVU2tkQB0PN20M+3oU
Q8AMQTOnnZlbMAi1nfggWdzMjvWpu52gapFXVMOwqGrMKZHWchAgh0NpgU+2L7UA
9n/mTDeRBd3z4qXE2ooLQ/mOoCXMMMsLev+7ZRFqOb4Gbqle0zJWoCp/+0R3gUp5
3pjBln3EH4dd4l7RVXu3EYObKZGRsz2kNSHVgLQxPBZ6szfraDW5Gjg0xFZ/SOUE
vMfvxo1ctgDp7nXDarIkZRRFHkZypdbo4Bokde6Txyt20MaKZBOBr2jaM4U88T4F
NEiLBDmfPcZn1ceLuYAlTgXwz1sCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTONvKo
f/EaqPv+EXaKLw+1em3feDAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
NGMzYTc4YmYtZDljZi00MThmLThhM2EtOGMzZTcyNDcwYzFjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACABP8AI
QDANBgkqhkiG9w0BAQsFAAOCAQEAHIjdQeO7R3gXmOyhM0RYQfK3tUlDQOzpUtTz
9A0UQmSPaB0TfIbVzuDOO/5eFnPrQ5JSXNhPyHEGMK+Ihz89/PuAIxHo6lnOH8co
Djmpj+LaHoKZhH0oWczXEV9GVfV+/Yh4PonlIDlgc2lbPC4Ac6Q7PqV/FRoB2jEW
Y3XOWWj9ldctWyE+P2ZmrKgKAWefaVs43hQYuS0to4ffjUJzcBo/SjKuc/wAYMpo
NcbqQo6Tn/TJEn0BqUfcDTHGhBk1OZ+U5TiLJPS37p1uwijlRTdnWO3shGyzd5Ju
2o8c9r+f3HFQLiH4oZR6YrS/wqaXGD49N+GwYwyW/4Ket0I/yg==
-----END CERTIFICATE-----
Generated at Mon May 5 03:41:02 2025 by rpki-client