Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/5f7a981a-824d-48e6-969a-7779a7b7a199.roa
File: 5f7a981a-824d-48e6-969a-7779a7b7a199.roa (raw, json)
Hash identifier: f12Rd2QBE8uGzxFYbh4+R9MlVVYZeJgz5wF4NDd0dYI=
Subject key identifier: F5:2B:DA:DD:60:4F:7E:5B:74:E8:E0:D9:35:11:32:29:CD:26:58:8B
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 32B813C014F95B65CD5172E60B7C5FD5D5D5CF8C
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/5f7a981a-824d-48e6-969a-7779a7b7a199.roa
Signing time: Wed 30 Apr 2025 00:21:04 +0000
ROA not before: Wed 30 Apr 2025 00:21:04 +0000
ROA not after: Wed 04 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc7:8000::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 05 May 2025 22:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
32:b8:13:c0:14:f9:5b:65:cd:51:72:e6:0b:7c:5f:d5:d5:d5:cf:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Apr 30 00:21:04 2025 GMT
Not After : Jun 4 23:59:59 2025 GMT
Subject: serialNumber=f413ac4c4b4cf7b1843256ed35dc5987f70e7f0f6cd4e6a019ce854b06d97cbe, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:37:63:d1:35:e5:a1:13:8d:f4:47:80:0f:be:
bc:4f:4b:c8:5f:76:0f:d7:87:6d:e4:32:f2:11:d9:
b5:81:ca:8b:70:ca:f5:a8:c8:0c:b5:f3:1b:57:05:
ed:af:bf:dc:b1:e8:55:04:84:1a:2f:10:ea:c4:36:
8c:47:25:7c:c0:a8:94:e2:5e:d8:b1:0c:80:05:ab:
01:e1:90:5d:7e:3c:04:39:07:b4:ac:c7:b3:7d:70:
e9:bf:ed:1f:50:8a:b0:08:22:a9:6e:cb:a3:21:06:
7f:5b:37:6b:37:e7:6e:82:88:7f:81:af:bc:69:04:
4a:ce:ef:32:84:19:a4:d6:a0:c3:4a:14:d9:e3:9f:
9a:71:42:e7:28:2b:df:cc:60:df:23:76:db:03:f1:
e1:05:51:b9:42:cf:d8:8c:78:c0:68:d7:04:f2:c0:
9a:74:5e:15:25:2a:f1:b5:73:ca:f9:ac:29:07:24:
06:c7:8a:65:dd:be:5a:1a:9b:1f:4b:d3:59:ed:1d:
b0:08:84:5b:12:64:37:0c:c4:b3:e9:4e:d7:67:bd:
aa:65:96:88:a8:94:20:21:a9:31:0c:f1:5a:ef:fb:
5e:b8:a3:b7:58:d5:5a:b8:42:d7:0c:71:78:c5:5c:
1e:ba:56:2c:5b:8e:95:5d:cc:96:05:0d:a0:51:ae:
d4:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:2B:DA:DD:60:4F:7E:5B:74:E8:E0:D9:35:11:32:29:CD:26:58:8B
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/5f7a981a-824d-48e6-969a-7779a7b7a199.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc7:8000::/36
Signature Algorithm: sha256WithRSAEncryption
37:aa:3e:f3:21:6f:62:84:17:e0:1a:e7:05:37:10:ca:6e:c9:
aa:b7:18:b3:80:09:f9:1d:8f:99:fd:2e:68:49:dd:59:6b:f7:
e1:e6:cc:76:25:03:5d:d3:a3:00:f3:8f:71:e9:86:29:e0:c4:
4b:f1:76:52:04:ef:36:1d:02:5a:4c:c4:7d:f7:55:a0:d6:8c:
71:e5:cc:89:a5:fa:00:e6:6e:e3:02:5c:ed:72:19:9d:dc:7e:
48:70:6e:b5:ec:e3:7d:96:1e:e3:0a:ce:52:bf:9e:2d:53:8e:
be:f7:35:b2:ce:a7:a4:ce:a4:bc:2a:f4:7b:b6:32:d9:6e:3e:
f1:e1:59:86:9e:82:b4:d8:48:31:6e:29:a7:69:6e:3f:5c:fb:
a5:e0:e3:f3:3e:82:8d:14:9f:ad:d9:c3:b9:9a:09:3c:f2:f5:
d7:19:84:a7:08:e3:7a:47:b9:be:5f:b9:9b:00:32:44:7c:ac:
ce:6d:4e:7b:f6:b8:03:eb:96:e8:d3:47:9e:f7:a7:17:f0:08:
30:82:3d:05:98:36:6c:11:a1:88:1e:7b:30:a4:97:b7:27:6c:
49:d7:6a:ba:2c:01:2d:11:28:1f:7a:a5:08:5b:d7:56:29:1d:
56:24:5c:99:66:d1:e1:9c:cc:cb:db:e9:5e:c4:e4:3c:19:67:
6a:d6:dc:29
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUMrgTwBT5W2XNUXLmC3xf1dXVz4wwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA0MzAwMDIxMDRaFw0yNTA2MDQyMzU5NTlaMHoxSTBHBgNV
BAUTQGY0MTNhYzRjNGI0Y2Y3YjE4NDMyNTZlZDM1ZGM1OTg3ZjcwZTdmMGY2Y2Q0
ZTZhMDE5Y2U4NTRiMDZkOTdjYmUxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMA3Y9E15aETjfRHgA++vE9LyF92D9eHbeQy8hHZtYHKi3DK9ajIDLXzG1cF
7a+/3LHoVQSEGi8Q6sQ2jEclfMColOJe2LEMgAWrAeGQXX48BDkHtKzHs31w6b/t
H1CKsAgiqW7LoyEGf1s3azfnboKIf4GvvGkESs7vMoQZpNagw0oU2eOfmnFC5ygr
38xg3yN22wPx4QVRuULP2Ix4wGjXBPLAmnReFSUq8bVzyvmsKQckBseKZd2+Whqb
H0vTWe0dsAiEWxJkNwzEs+lO12e9qmWWiKiUICGpMQzxWu/7Xrijt1jVWrhC1wxx
eMVcHrpWLFuOlV3MlgUNoFGu1GkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBT1K9rd
YE9+W3To4Nk1ETIpzSZYizAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
NWY3YTk4MWEtODI0ZC00OGU2LTk2OWEtNzc3OWE3YjdhMTk5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCABP8eA
MA0GCSqGSIb3DQEBCwUAA4IBAQA3qj7zIW9ihBfgGucFNxDKbsmqtxizgAn5HY+Z
/S5oSd1Za/fh5sx2JQNd06MA849x6YYp4MRL8XZSBO82HQJaTMR991Wg1oxx5cyJ
pfoA5m7jAlztchmd3H5IcG617ON9lh7jCs5Sv54tU46+9zWyzqekzqS8KvR7tjLZ
bj7x4VmGnoK02EgxbimnaW4/XPul4OPzPoKNFJ+t2cO5mgk88vXXGYSnCON6R7m+
X7mbADJEfKzObU579rgD65bo00ee96cX8Agwgj0FmDZsEaGIHnswpJe3J2xJ12q6
LAEtESgfeqUIW9dWKR1WJFyZZtHhnMzL2+lexOQ8GWdq1twp
-----END CERTIFICATE-----
Generated at Mon May 5 06:06:51 2025 by rpki-client