Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/640762f4-b911-441a-995b-675a2c1eb24d.roa
File: 640762f4-b911-441a-995b-675a2c1eb24d.roa (raw, json)
Hash identifier: aVAd4srXAuhqXyJJlGkTV2TgO7EweZPuX7fh/HGCYb4=
Subject key identifier: BC:B8:52:01:90:DE:67:AF:9A:91:60:58:2A:A9:6C:DD:FD:70:E5:72
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 3CDE9C70E1B30B2605B83E6E3CF8D7FF8C2AFBDF
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/640762f4-b911-441a-995b-675a2c1eb24d.roa
Signing time: Wed 30 Apr 2025 00:11:14 +0000
ROA not before: Wed 30 Apr 2025 00:11:14 +0000
ROA not after: Wed 04 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc7:2000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 06 May 2025 18:19:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3c:de:9c:70:e1:b3:0b:26:05:b8:3e:6e:3c:f8:d7:ff:8c:2a:fb:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Apr 30 00:11:14 2025 GMT
Not After : Jun 4 23:59:59 2025 GMT
Subject: serialNumber=96f35f7abdbf0c819c793b0f89930b0068a5ad4b95070f84dd5e83dbd05fb9b9, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:09:8d:ec:3b:47:67:cb:cf:62:59:88:04:ce:
58:76:71:bd:65:2c:f9:66:05:3f:41:db:5f:9d:77:
85:de:ca:e2:f3:12:87:a0:23:ce:11:41:ac:9a:04:
d4:84:c6:f6:19:a5:d3:8f:a4:92:58:fe:82:07:f7:
33:67:28:5c:20:51:15:ff:89:c7:12:ce:2b:02:a6:
3b:13:8c:71:ad:83:70:28:0f:e2:a3:2f:07:4d:30:
b3:e0:56:5f:a6:c0:ac:82:d1:52:f1:1a:19:ab:c2:
ad:86:d3:e0:c0:01:9f:02:11:27:d0:a5:d4:84:f3:
0e:f6:74:1a:00:cb:55:33:11:da:64:77:48:e3:ee:
46:3b:3f:dd:f8:34:c4:d8:f3:51:02:e3:b3:17:a9:
7e:92:02:be:85:fa:2b:1b:96:ce:35:3d:4e:78:3d:
0c:89:c7:35:c5:db:d7:b7:b3:58:bc:df:7e:78:d5:
fd:e5:19:01:6b:2e:25:3f:ba:ca:b1:1c:95:4a:ac:
47:e8:e7:b9:f3:79:c2:a5:03:cf:2e:d8:e2:f6:2f:
6d:71:f3:67:00:f5:53:73:ba:72:ef:f9:c4:13:e0:
53:59:8b:07:99:37:69:49:cc:f0:0b:e7:04:bf:03:
64:6e:fe:9d:13:2c:62:16:bc:a2:e8:23:ba:6c:e9:
b5:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:B8:52:01:90:DE:67:AF:9A:91:60:58:2A:A9:6C:DD:FD:70:E5:72
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/640762f4-b911-441a-995b-675a2c1eb24d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc7:2000::/36
Signature Algorithm: sha256WithRSAEncryption
20:d0:38:e9:81:d6:2d:bd:74:77:da:c2:99:57:ad:b7:83:4a:
44:0c:02:35:ec:b8:df:93:c1:9e:bc:44:c7:58:33:a0:f4:73:
19:f9:1d:02:9e:04:44:a0:9c:f6:c9:59:c9:e0:13:5a:67:8b:
66:e5:dc:96:f2:41:ee:93:12:f9:dd:88:19:82:d6:07:ee:2c:
3a:c3:78:1a:4f:cd:5a:b8:1b:2c:d3:df:75:75:20:27:76:bd:
32:76:e6:ce:15:18:05:19:29:1f:e3:09:f3:76:f1:48:06:f7:
0a:07:5d:92:21:2a:ba:c0:72:83:48:4e:ef:c1:f1:bf:6c:d5:
a5:4a:c2:79:13:45:58:b1:9f:09:b6:52:3a:5d:58:ac:39:51:
e3:13:18:e8:53:46:f3:b0:3b:09:76:3d:e7:18:bf:7c:a2:4d:
a5:90:13:48:c8:59:0e:49:23:b4:ac:8f:97:e0:cd:29:08:08:
4b:ec:82:62:04:43:4f:26:9f:2d:e4:ce:06:c3:51:67:0c:70:
a3:6b:99:5d:39:0d:24:0d:f4:06:93:b4:d2:ba:38:b0:d6:42:
20:9a:b9:b7:45:92:b4:a0:92:2c:b5:2a:03:ee:43:35:ad:7c:
ed:40:c5:9e:bf:cd:c9:a4:29:9a:ef:d1:5b:fe:2a:ae:76:f1:
79:9b:dc:2c
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUPN6ccOGzCyYFuD5uPPjX/4wq+98wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA0MzAwMDExMTRaFw0yNTA2MDQyMzU5NTlaMHoxSTBHBgNV
BAUTQDk2ZjM1ZjdhYmRiZjBjODE5Yzc5M2IwZjg5OTMwYjAwNjhhNWFkNGI5NTA3
MGY4NGRkNWU4M2RiZDA1ZmI5YjkxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJgJjew7R2fLz2JZiATOWHZxvWUs+WYFP0HbX513hd7K4vMSh6AjzhFBrJoE
1ITG9hml04+kklj+ggf3M2coXCBRFf+JxxLOKwKmOxOMca2DcCgP4qMvB00ws+BW
X6bArILRUvEaGavCrYbT4MABnwIRJ9Cl1ITzDvZ0GgDLVTMR2mR3SOPuRjs/3fg0
xNjzUQLjsxepfpICvoX6KxuWzjU9Tng9DInHNcXb17ezWLzffnjV/eUZAWsuJT+6
yrEclUqsR+jnufN5wqUDzy7Y4vYvbXHzZwD1U3O6cu/5xBPgU1mLB5k3aUnM8Avn
BL8DZG7+nRMsYha8ougjumzptXUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBS8uFIB
kN5nr5qRYFgqqWzd/XDlcjAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
NjQwNzYyZjQtYjkxMS00NDFhLTk5NWItNjc1YTJjMWViMjRkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCABP8cg
MA0GCSqGSIb3DQEBCwUAA4IBAQAg0DjpgdYtvXR32sKZV623g0pEDAI17Ljfk8Ge
vETHWDOg9HMZ+R0CngREoJz2yVnJ4BNaZ4tm5dyW8kHukxL53YgZgtYH7iw6w3ga
T81auBss0991dSAndr0ydubOFRgFGSkf4wnzdvFIBvcKB12SISq6wHKDSE7vwfG/
bNWlSsJ5E0VYsZ8JtlI6XVisOVHjExjoU0bzsDsJdj3nGL98ok2lkBNIyFkOSSO0
rI+X4M0pCAhL7IJiBENPJp8t5M4Gw1FnDHCja5ldOQ0kDfQGk7TSujiw1kIgmrm3
RZK0oJIstSoD7kM1rXztQMWev83JpCma79Fb/iqudvF5m9ws
-----END CERTIFICATE-----
Generated at Mon May 5 22:23:21 2025 by rpki-client