Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/542fe731-cba6-4c89-a3a4-ba48a69e246b.roa
File: 542fe731-cba6-4c89-a3a4-ba48a69e246b.roa (raw, json)
Hash identifier: 5D19Tu5nSO1wN4uuYfDASzFpYpxIT78azo2fVkoyswc=
Subject key identifier: 80:BD:2D:FD:0C:9D:F9:89:F0:39:5D:43:45:E6:52:AF:54:B8:E2:55
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 509C78AC98496BD2651CCA6481A6A0331755B98E
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/542fe731-cba6-4c89-a3a4-ba48a69e246b.roa
Signing time: Wed 30 Apr 2025 00:11:15 +0000
ROA not before: Wed 30 Apr 2025 00:11:15 +0000
ROA not after: Wed 04 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc5:8800::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 05 May 2025 22:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
50:9c:78:ac:98:49:6b:d2:65:1c:ca:64:81:a6:a0:33:17:55:b9:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Apr 30 00:11:15 2025 GMT
Not After : Jun 4 23:59:59 2025 GMT
Subject: serialNumber=939b4be848e1885e7353ff70881e632c36e63a64ef91d0e85f7274a86831db35, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:35:6b:2e:b1:6d:83:75:d3:03:10:2c:b7:db:
6e:23:44:c8:41:62:85:d1:ba:8c:f7:90:db:19:78:
17:35:09:ed:ca:24:44:38:4d:0a:19:3a:14:b1:0d:
2b:53:29:fe:3e:92:9d:1c:6d:05:b5:1a:b7:c9:75:
c2:cc:82:d9:1e:c5:71:3b:aa:d3:9d:04:3e:05:2e:
59:23:73:39:8c:14:36:ed:b4:5c:d9:ee:b1:a0:de:
be:08:9a:77:aa:df:69:55:a3:6e:80:57:0f:be:d2:
6d:a4:16:1b:14:56:a9:92:08:27:52:41:77:67:69:
0d:1a:2e:5c:23:b9:24:4c:c4:ec:57:b5:a8:61:5e:
4a:51:e1:7d:c0:3d:de:ac:89:0a:8b:a4:9b:8a:1f:
8e:0d:73:de:29:83:d6:73:fd:d0:15:3d:1b:41:0a:
41:bf:26:90:54:31:57:14:98:3e:c7:01:cc:b5:75:
e9:a5:10:c4:92:b9:e0:53:57:16:05:51:17:12:4e:
4f:39:2c:f1:67:45:74:81:3e:28:9a:7c:8d:58:42:
5a:dd:30:5e:0f:6e:ee:49:f9:86:d4:bb:42:82:66:
5c:22:86:4e:6d:26:2f:40:94:f6:84:0e:8b:00:b6:
88:65:8c:6b:ce:77:43:c8:da:67:2b:d9:1b:a3:8d:
8a:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:BD:2D:FD:0C:9D:F9:89:F0:39:5D:43:45:E6:52:AF:54:B8:E2:55
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/542fe731-cba6-4c89-a3a4-ba48a69e246b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc5:8800::/40
Signature Algorithm: sha256WithRSAEncryption
69:3c:a9:8c:fe:e0:d5:63:cb:7a:2e:18:af:f1:9d:d6:8e:20:
64:cf:29:2a:0b:48:20:c1:00:fd:70:32:e3:bc:82:7d:94:31:
19:10:0b:de:16:b2:75:f4:53:3b:0b:05:fe:44:ca:3c:c7:62:
1e:9f:d4:02:64:9b:3c:be:cf:eb:46:ae:03:09:65:f9:94:b3:
63:36:d7:63:e1:8e:a1:6d:88:6b:df:0b:a1:58:bb:9a:db:bf:
30:0b:40:6f:c3:60:a9:69:d6:d3:f3:e6:b7:5c:cf:94:08:a4:
1c:04:6b:2b:1e:0f:b1:93:cd:98:ac:5c:af:d1:35:70:87:a5:
a0:ee:aa:f9:03:d0:0e:9f:f5:99:b4:b8:a2:3e:b8:d6:19:7d:
9b:77:40:6a:69:86:cb:04:fc:b3:e2:4c:bb:c6:3a:73:ab:33:
17:cb:c0:e9:4f:75:1c:69:b8:6f:1c:f5:52:b9:f5:a8:e2:6f:
a3:24:54:77:e4:61:df:69:cd:52:ec:3b:47:a8:af:78:d6:d0:
11:88:7c:ea:98:9e:d3:3e:4a:4e:da:43:0d:6b:f6:c0:94:68:
3a:a1:60:9a:88:67:21:d4:4f:9f:bd:93:ea:7d:58:68:51:98:
38:3d:9c:98:91:99:9e:fe:28:87:b8:6d:e5:d6:c4:b2:73:6d:
9b:cd:ae:66
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUUJx4rJhJa9JlHMpkgaagMxdVuY4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA0MzAwMDExMTVaFw0yNTA2MDQyMzU5NTlaMHoxSTBHBgNV
BAUTQDkzOWI0YmU4NDhlMTg4NWU3MzUzZmY3MDg4MWU2MzJjMzZlNjNhNjRlZjkx
ZDBlODVmNzI3NGE4NjgzMWRiMzUxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMQ1ay6xbYN10wMQLLfbbiNEyEFihdG6jPeQ2xl4FzUJ7cokRDhNChk6FLEN
K1Mp/j6SnRxtBbUat8l1wsyC2R7FcTuq050EPgUuWSNzOYwUNu20XNnusaDevgia
d6rfaVWjboBXD77SbaQWGxRWqZIIJ1JBd2dpDRouXCO5JEzE7Fe1qGFeSlHhfcA9
3qyJCoukm4ofjg1z3imD1nP90BU9G0EKQb8mkFQxVxSYPscBzLV16aUQxJK54FNX
FgVRFxJOTzks8WdFdIE+KJp8jVhCWt0wXg9u7kn5htS7QoJmXCKGTm0mL0CU9oQO
iwC2iGWMa853Q8jaZyvZG6ONihkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSAvS39
DJ35ifA5XUNF5lKvVLjiVTAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
NTQyZmU3MzEtY2JhNi00Yzg5LWEzYTQtYmE0OGE2OWUyNDZiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACABP8WI
MA0GCSqGSIb3DQEBCwUAA4IBAQBpPKmM/uDVY8t6Lhiv8Z3WjiBkzykqC0ggwQD9
cDLjvIJ9lDEZEAveFrJ19FM7CwX+RMo8x2Ien9QCZJs8vs/rRq4DCWX5lLNjNtdj
4Y6hbYhr3wuhWLua278wC0Bvw2CpadbT8+a3XM+UCKQcBGsrHg+xk82YrFyv0TVw
h6Wg7qr5A9AOn/WZtLiiPrjWGX2bd0BqaYbLBPyz4ky7xjpzqzMXy8DpT3Ucabhv
HPVSufWo4m+jJFR35GHfac1S7DtHqK941tARiHzqmJ7TPkpO2kMNa/bAlGg6oWCa
iGch1E+fvZPqfVhoUZg4PZyYkZme/iiHuG3l1sSyc22bza5m
-----END CERTIFICATE-----
Generated at Mon May 5 06:05:44 2025 by rpki-client