Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/654f1481-ba50-463b-9997-0d385dd9b0a3.roa
File: 654f1481-ba50-463b-9997-0d385dd9b0a3.roa (raw, json)
Hash identifier: uJvzLj+lO9y0NgEdOpmw0G/D+gC+ohA3z3DIlGwxCC4=
Subject key identifier: C6:9A:B9:97:B4:70:F2:03:F9:62:8D:3F:38:75:D9:35:5F:08:E2:6B
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 671CC2BA1077EE97305C82191FBE7D2864EAAFA7
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/654f1481-ba50-463b-9997-0d385dd9b0a3.roa
Signing time: Wed 30 Apr 2025 00:10:31 +0000
ROA not before: Wed 30 Apr 2025 00:10:31 +0000
ROA not after: Wed 04 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc0:800::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 07 May 2025 04:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
67:1c:c2:ba:10:77:ee:97:30:5c:82:19:1f:be:7d:28:64:ea:af:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Apr 30 00:10:31 2025 GMT
Not After : Jun 4 23:59:59 2025 GMT
Subject: serialNumber=cfda4f711e44677002e12eca3eaed593ba885590d665becab25ba445103c00f0, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:2e:85:c8:f3:3a:b0:37:b5:e6:a3:d7:de:aa:
8c:17:e7:83:df:f6:44:0b:f6:60:a5:59:7c:43:03:
bd:b7:82:12:fb:06:5a:2c:5c:46:7e:f1:f4:14:5a:
1e:88:94:4b:f6:0b:5b:91:86:21:17:15:1c:df:2d:
bd:f1:91:2f:dd:62:b4:18:eb:41:e8:1e:66:cf:c3:
93:63:36:6f:f3:36:4e:f7:21:79:5e:3b:d8:74:ad:
0d:f9:50:97:38:27:31:0c:c4:83:2c:31:cf:bb:07:
28:a5:b5:8e:31:3b:ae:03:50:1d:15:dc:f9:ba:f6:
02:ee:a1:c2:16:60:89:a9:f8:6e:1a:de:2c:a8:f6:
e5:cb:b5:b0:d4:5c:f0:92:31:92:27:41:d7:94:d5:
d4:ca:65:30:72:f5:be:02:75:06:6a:f4:4c:0b:5d:
20:cd:02:69:78:55:77:4c:43:2a:f5:ff:36:08:c1:
06:a8:86:37:c3:d7:aa:2f:ab:22:b7:ff:28:1d:3f:
27:02:54:9c:f1:9b:a0:03:91:f6:e7:59:a0:52:b3:
43:f1:52:f2:bc:b8:60:be:30:79:a0:a3:db:84:29:
f7:7c:60:a3:cf:74:37:65:bb:10:b9:50:88:5c:c8:
5a:9b:ce:7f:cc:0b:6d:ac:ce:5e:23:14:65:0c:40:
c9:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:9A:B9:97:B4:70:F2:03:F9:62:8D:3F:38:75:D9:35:5F:08:E2:6B
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/654f1481-ba50-463b-9997-0d385dd9b0a3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc0:800::/40
Signature Algorithm: sha256WithRSAEncryption
0c:7b:a2:ba:51:54:ba:67:30:69:d8:4b:1b:93:b8:15:c9:a7:
c2:dc:3a:d6:ae:2d:3d:d9:25:8e:48:0d:5f:b3:f0:09:82:e8:
43:58:13:f4:ee:f5:98:b0:61:65:5a:c5:2f:a4:22:ca:c5:f6:
97:b6:a3:ae:78:7d:dd:c9:4f:51:77:5e:f0:af:22:0d:4c:91:
da:63:d1:92:87:60:8b:92:dd:58:20:47:86:94:ea:d6:12:a8:
67:15:cf:40:b7:7f:e1:de:b7:00:23:6b:1a:8e:84:86:c4:54:
1c:15:5f:d2:ed:28:09:ca:16:0d:82:2d:ea:b4:7c:03:63:56:
f6:08:f9:6f:d8:79:ff:82:73:bc:39:29:95:54:b8:83:fc:a0:
47:5d:9f:2e:07:74:69:58:bb:af:5c:34:fa:16:ea:36:0a:44:
b2:bd:22:48:30:34:d4:f7:74:09:2f:52:66:cb:eb:ba:76:fb:
3a:20:dd:c3:8e:c3:20:36:37:67:0a:68:02:d4:5b:f2:6a:31:
d2:44:6c:e3:d9:38:19:da:b8:3b:89:cd:f6:18:04:ee:d6:cf:
85:9b:dd:47:bf:22:8c:a9:2a:54:84:ec:be:21:2b:8f:b1:a1:
2f:54:8d:1a:70:ba:aa:99:dc:fd:5b:a7:25:c3:f1:f2:97:c1:
55:11:00:07
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUZxzCuhB37pcwXIIZH759KGTqr6cwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA0MzAwMDEwMzFaFw0yNTA2MDQyMzU5NTlaMHoxSTBHBgNV
BAUTQGNmZGE0ZjcxMWU0NDY3NzAwMmUxMmVjYTNlYWVkNTkzYmE4ODU1OTBkNjY1
YmVjYWIyNWJhNDQ1MTAzYzAwZjAxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANAuhcjzOrA3teaj196qjBfng9/2RAv2YKVZfEMDvbeCEvsGWixcRn7x9BRa
HoiUS/YLW5GGIRcVHN8tvfGRL91itBjrQegeZs/Dk2M2b/M2TvcheV472HStDflQ
lzgnMQzEgywxz7sHKKW1jjE7rgNQHRXc+br2Au6hwhZgian4bhreLKj25cu1sNRc
8JIxkidB15TV1MplMHL1vgJ1Bmr0TAtdIM0CaXhVd0xDKvX/NgjBBqiGN8PXqi+r
Irf/KB0/JwJUnPGboAOR9udZoFKzQ/FS8ry4YL4weaCj24Qp93xgo890N2W7ELlQ
iFzIWpvOf8wLbazOXiMUZQxAyc0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTGmrmX
tHDyA/lijT84ddk1XwjiazAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
NjU0ZjE0ODEtYmE1MC00NjNiLTk5OTctMGQzODVkZDliMGEzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACABP8AI
MA0GCSqGSIb3DQEBCwUAA4IBAQAMe6K6UVS6ZzBp2Esbk7gVyafC3DrWri092SWO
SA1fs/AJguhDWBP07vWYsGFlWsUvpCLKxfaXtqOueH3dyU9Rd17wryINTJHaY9GS
h2CLkt1YIEeGlOrWEqhnFc9At3/h3rcAI2sajoSGxFQcFV/S7SgJyhYNgi3qtHwD
Y1b2CPlv2Hn/gnO8OSmVVLiD/KBHXZ8uB3RpWLuvXDT6Fuo2CkSyvSJIMDTU93QJ
L1Jmy+u6dvs6IN3DjsMgNjdnCmgC1FvyajHSRGzj2TgZ2rg7ic32GATu1s+Fm91H
vyKMqSpUhOy+ISuPsaEvVI0acLqqmdz9W6clw/Hyl8FVEQAH
-----END CERTIFICATE-----
Generated at Tue May 6 10:01:55 2025 by rpki-client