Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/5a3e112d-c8b5-4a42-9b7a-a5c567b6db32.roa
File: 5a3e112d-c8b5-4a42-9b7a-a5c567b6db32.roa (raw, json)
Hash identifier: SCu4C02Zl+zgXGPqIeYtKQjI++4TSfWoXzwLwdkDm/Q=
Subject key identifier: 4C:32:61:A4:81:45:7A:47:77:AC:A2:CE:D3:42:A4:3B:97:3E:2D:02
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 2445E809C4626782A0E1BCC6ED22FABA7B117BA1
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/5a3e112d-c8b5-4a42-9b7a-a5c567b6db32.roa
Signing time: Wed 30 Apr 2025 00:20:12 +0000
ROA not before: Wed 30 Apr 2025 00:20:12 +0000
ROA not after: Wed 04 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc3:8800::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 05 May 2025 22:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
24:45:e8:09:c4:62:67:82:a0:e1:bc:c6:ed:22:fa:ba:7b:11:7b:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Apr 30 00:20:12 2025 GMT
Not After : Jun 4 23:59:59 2025 GMT
Subject: serialNumber=e77445391af78b79b973b9344b8c8ad1c7cc2c4bc2ea3a4af573678870d28e71, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:99:9c:9a:64:bf:08:af:10:ee:93:a0:ed:aa:
ee:93:42:d7:1d:c6:ba:c3:54:f0:6d:09:60:cd:cd:
51:e1:c7:ef:74:23:c5:20:ce:63:6b:73:1a:af:b2:
c5:bc:5f:62:24:d3:72:9f:86:22:63:f9:7f:1b:6e:
04:91:5d:51:52:1d:8f:7e:8a:4f:8e:97:f6:1d:f8:
3a:21:ad:13:fc:62:5f:f4:05:33:3d:f5:53:7b:a8:
52:3e:1f:98:08:73:4d:44:57:07:33:3d:3b:c2:4b:
af:06:70:00:de:26:29:6b:6c:ef:19:18:9b:b1:d5:
0f:03:81:65:8e:01:2c:6a:d9:74:a8:66:5b:24:a4:
8c:f1:04:c3:42:59:af:e9:f6:6d:12:3e:ec:79:74:
c1:7c:f0:d9:46:99:68:cc:93:e9:da:2e:b5:0e:e5:
94:4a:a9:67:06:71:0a:a3:7c:e6:f3:9f:67:08:a2:
22:4c:73:eb:1a:da:04:71:1f:71:ea:a6:2c:66:45:
3f:5f:e3:39:e3:76:d8:ec:83:91:90:99:17:be:be:
26:ad:ec:c8:ea:7f:d4:13:5a:e7:08:ad:9c:65:cf:
87:f8:0f:be:5e:a5:ba:93:76:c3:cb:d0:09:15:ec:
55:a0:0d:66:0b:3a:32:73:ef:47:cd:a2:c1:9a:8a:
78:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:32:61:A4:81:45:7A:47:77:AC:A2:CE:D3:42:A4:3B:97:3E:2D:02
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/5a3e112d-c8b5-4a42-9b7a-a5c567b6db32.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc3:8800::/40
Signature Algorithm: sha256WithRSAEncryption
7e:8b:4d:c0:27:1c:0d:71:5c:7e:04:b4:b7:b9:a4:68:ec:bb:
49:17:05:0a:5d:d1:d2:b6:0e:49:d8:67:28:db:5a:80:26:db:
0a:ac:14:1e:5c:4b:b7:f0:7d:93:05:10:7a:91:2c:66:aa:03:
12:b8:89:76:77:0d:6b:48:21:40:47:d0:3e:ac:1b:a7:ed:86:
93:f2:6a:37:f8:f7:84:b6:db:f5:25:52:dd:ee:2b:a0:e9:ae:
ae:b7:64:29:08:39:a2:f7:d9:50:19:14:64:cd:f9:ee:c1:2d:
47:f6:94:da:b2:17:9d:b2:72:2b:e4:3b:35:30:e1:ce:11:f1:
86:c1:14:d6:3f:57:cc:95:5d:ce:b3:48:b2:98:e2:5d:8a:23:
0f:f4:24:a5:5f:fd:1e:9a:eb:6a:1a:58:73:a5:06:49:84:33:
1e:78:aa:c6:66:c5:54:03:a6:52:9e:8b:0a:21:b4:69:91:84:
c2:13:0a:a5:46:dd:56:c2:cf:c7:19:9e:f4:7d:41:eb:02:f1:
b2:a4:80:b5:2c:57:20:14:2c:3d:20:27:7a:57:74:86:ad:33:
af:88:25:9d:b9:e1:64:c7:64:e6:af:53:0b:6b:49:7c:f5:26:
e8:46:87:19:38:b4:60:9e:9c:cf:1d:4c:31:71:89:ea:c6:dd:
12:95:d3:c8
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUJEXoCcRiZ4Kg4bzG7SL6unsRe6EwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA0MzAwMDIwMTJaFw0yNTA2MDQyMzU5NTlaMHoxSTBHBgNV
BAUTQGU3NzQ0NTM5MWFmNzhiNzliOTczYjkzNDRiOGM4YWQxYzdjYzJjNGJjMmVh
M2E0YWY1NzM2Nzg4NzBkMjhlNzExLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKGZnJpkvwivEO6ToO2q7pNC1x3GusNU8G0JYM3NUeHH73QjxSDOY2tzGq+y
xbxfYiTTcp+GImP5fxtuBJFdUVIdj36KT46X9h34OiGtE/xiX/QFMz31U3uoUj4f
mAhzTURXBzM9O8JLrwZwAN4mKWts7xkYm7HVDwOBZY4BLGrZdKhmWySkjPEEw0JZ
r+n2bRI+7Hl0wXzw2UaZaMyT6doutQ7llEqpZwZxCqN85vOfZwiiIkxz6xraBHEf
ceqmLGZFP1/jOeN22OyDkZCZF76+Jq3syOp/1BNa5witnGXPh/gPvl6lupN2w8vQ
CRXsVaANZgs6MnPvR82iwZqKePECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRMMmGk
gUV6R3esos7TQqQ7lz4tAjAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
NWEzZTExMmQtYzhiNS00YTQyLTliN2EtYTVjNTY3YjZkYjMyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACABP8OI
MA0GCSqGSIb3DQEBCwUAA4IBAQB+i03AJxwNcVx+BLS3uaRo7LtJFwUKXdHStg5J
2Gco21qAJtsKrBQeXEu38H2TBRB6kSxmqgMSuIl2dw1rSCFAR9A+rBun7YaT8mo3
+PeEttv1JVLd7iug6a6ut2QpCDmi99lQGRRkzfnuwS1H9pTashedsnIr5Ds1MOHO
EfGGwRTWP1fMlV3Os0iymOJdiiMP9CSlX/0emutqGlhzpQZJhDMeeKrGZsVUA6ZS
nosKIbRpkYTCEwqlRt1Wws/HGZ70fUHrAvGypIC1LFcgFCw9ICd6V3SGrTOviCWd
ueFkx2Tmr1MLa0l89SboRocZOLRgnpzPHUwxcYnqxt0SldPI
-----END CERTIFICATE-----
Generated at Mon May 5 05:55:52 2025 by rpki-client