Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/50b0c8f5-9b03-4d00-b7bc-30a253b83be3.roa
File: 50b0c8f5-9b03-4d00-b7bc-30a253b83be3.roa (raw, json)
Hash identifier: LYz1KFLdNEMJUF9Ix0F+dzOy0nPUFhDsQzR/f4aa8kE=
Subject key identifier: CB:98:F0:00:D5:B4:F0:33:2A:FE:1A:21:A5:40:F8:73:82:7C:D3:24
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 70C6EFF8B270DD31D60D029C1EDB8B1234035B01
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/50b0c8f5-9b03-4d00-b7bc-30a253b83be3.roa
Signing time: Wed 30 Apr 2025 00:21:08 +0000
ROA not before: Wed 30 Apr 2025 00:21:08 +0000
ROA not after: Wed 04 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc7:c000::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 06 May 2025 10:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
70:c6:ef:f8:b2:70:dd:31:d6:0d:02:9c:1e:db:8b:12:34:03:5b:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Apr 30 00:21:08 2025 GMT
Not After : Jun 4 23:59:59 2025 GMT
Subject: serialNumber=6af9f1b79fa87a1d4ddd54a2ffd3f5b605325598c02714a18df18904ff9541d5, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:46:c7:9d:cf:24:b6:ef:c6:3f:b7:54:20:08:
54:5b:e6:5b:53:4f:5d:88:9d:51:c0:57:99:73:d8:
31:d2:d8:26:83:28:c6:0d:8a:49:84:3c:d0:8c:b3:
6f:a6:23:f0:1e:4f:ee:23:7c:3e:73:5d:fe:e9:5d:
a3:b6:71:15:1e:d7:68:94:57:d8:fe:e1:0e:3e:1e:
33:a6:f1:6a:92:1e:8b:23:f2:c4:81:5e:54:a3:8d:
ae:1d:c3:6f:1e:c5:b0:a7:10:f6:af:2c:17:c7:35:
d8:cb:5f:a2:7e:95:1a:2f:84:c6:bd:05:04:05:97:
3a:0f:49:f9:16:8c:82:6c:43:0c:2a:fd:eb:bc:6a:
d2:83:57:31:b7:2f:7f:54:96:c3:e9:5c:8a:0a:9e:
6e:34:3b:f2:99:66:34:14:81:3c:cf:4e:b3:b6:41:
eb:e3:43:6c:6f:d4:19:f8:c2:94:67:e1:97:72:5c:
74:76:86:cf:9e:94:83:21:02:aa:d2:ac:1c:3e:b6:
c8:29:7a:05:a4:32:fe:08:40:7a:03:9d:dd:c2:cd:
67:6d:fb:cc:98:82:d1:c1:20:f1:de:49:cc:7a:50:
c0:f0:02:15:20:b4:af:a8:83:61:8e:a8:59:f7:33:
2b:22:b5:78:55:c4:c5:61:99:cf:6e:92:45:98:c9:
19:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:98:F0:00:D5:B4:F0:33:2A:FE:1A:21:A5:40:F8:73:82:7C:D3:24
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/50b0c8f5-9b03-4d00-b7bc-30a253b83be3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc7:c000::/36
Signature Algorithm: sha256WithRSAEncryption
6e:5e:3d:b9:4a:89:23:a5:5d:9e:ee:36:bb:f4:b0:87:37:ba:
76:6e:c0:28:c5:d7:43:d3:63:1a:f9:56:ad:fa:9e:57:50:cc:
c6:e4:5c:5c:12:8c:dd:51:0c:08:f1:68:18:2e:6b:c5:9a:28:
2a:19:65:c6:82:c2:b2:3f:61:b6:c8:3a:58:8e:8a:35:1b:ae:
1a:a6:e5:f7:f6:72:7e:bd:16:b9:50:c8:ed:56:d5:d1:11:a6:
b2:08:9b:53:65:e0:c0:d2:dc:61:87:25:ba:97:5e:fc:20:27:
52:fe:a1:ab:5d:0b:36:74:d4:7d:7a:50:86:70:fc:81:f4:ce:
32:60:cf:ce:0a:6d:cb:fd:88:a5:4b:73:13:f1:90:7a:cf:0f:
00:17:ab:fc:46:7c:89:72:50:09:04:f8:9b:76:41:e6:cd:51:
5a:d0:94:3f:38:49:e9:54:ad:37:0a:9f:5d:d5:65:db:72:52:
22:ff:90:e3:96:24:f0:8f:99:f5:06:44:bb:27:c6:34:bd:96:
30:ae:fe:7f:da:8d:cb:39:3f:8c:31:e8:39:0b:0e:27:ae:bc:
cc:5e:4d:23:72:96:d4:49:60:af:f3:3c:1c:25:0b:56:60:5f:
de:5d:53:be:e8:a6:ea:33:e2:9f:ee:c5:b9:a0:54:4c:8f:d7:
9e:f6:b4:8b
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUcMbv+LJw3THWDQKcHtuLEjQDWwEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA0MzAwMDIxMDhaFw0yNTA2MDQyMzU5NTlaMHoxSTBHBgNV
BAUTQDZhZjlmMWI3OWZhODdhMWQ0ZGRkNTRhMmZmZDNmNWI2MDUzMjU1OThjMDI3
MTRhMThkZjE4OTA0ZmY5NTQxZDUxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANtGx53PJLbvxj+3VCAIVFvmW1NPXYidUcBXmXPYMdLYJoMoxg2KSYQ80Iyz
b6Yj8B5P7iN8PnNd/uldo7ZxFR7XaJRX2P7hDj4eM6bxapIeiyPyxIFeVKONrh3D
bx7FsKcQ9q8sF8c12Mtfon6VGi+Exr0FBAWXOg9J+RaMgmxDDCr967xq0oNXMbcv
f1SWw+lcigqebjQ78plmNBSBPM9Os7ZB6+NDbG/UGfjClGfhl3JcdHaGz56UgyEC
qtKsHD62yCl6BaQy/ghAegOd3cLNZ237zJiC0cEg8d5JzHpQwPACFSC0r6iDYY6o
WfczKyK1eFXExWGZz26SRZjJGbUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTLmPAA
1bTwMyr+GiGlQPhzgnzTJDAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
NTBiMGM4ZjUtOWIwMy00ZDAwLWI3YmMtMzBhMjUzYjgzYmUzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCABP8fA
MA0GCSqGSIb3DQEBCwUAA4IBAQBuXj25SokjpV2e7ja79LCHN7p2bsAoxddD02Ma
+Vat+p5XUMzG5FxcEozdUQwI8WgYLmvFmigqGWXGgsKyP2G2yDpYjoo1G64apuX3
9nJ+vRa5UMjtVtXREaayCJtTZeDA0txhhyW6l178ICdS/qGrXQs2dNR9elCGcPyB
9M4yYM/OCm3L/YilS3MT8ZB6zw8AF6v8RnyJclAJBPibdkHmzVFa0JQ/OEnpVK03
Cp9d1WXbclIi/5DjliTwj5n1BkS7J8Y0vZYwrv5/2o3LOT+MMeg5Cw4nrrzMXk0j
cpbUSWCv8zwcJQtWYF/eXVO+6KbqM+Kf7sW5oFRMj9ee9rSL
-----END CERTIFICATE-----
Generated at Mon May 5 18:51:58 2025 by rpki-client