Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/7146d24a-48dc-45b1-ac1b-2a6c2d7b7b19.roa
File: 7146d24a-48dc-45b1-ac1b-2a6c2d7b7b19.roa (raw, json)
Hash identifier: Ico/0LmaT0gn86cVVPYoXfZwB4qq/S9rFPR6SLFZZRI=
Subject key identifier: 24:9C:4F:02:38:3F:D2:1E:47:06:62:42:AF:A0:1A:71:DA:18:AB:14
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 4923BD68E14477914AC940BBF986FF28F201EEE7
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/7146d24a-48dc-45b1-ac1b-2a6c2d7b7b19.roa
Signing time: Wed 30 Apr 2025 00:20:01 +0000
ROA not before: Wed 30 Apr 2025 00:20:01 +0000
ROA not after: Wed 04 Jun 2025 23:59:59 +0000
asID: 14618
IP address blocks: 2001:3fc3:800::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 06 May 2025 18:19:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
49:23:bd:68:e1:44:77:91:4a:c9:40:bb:f9:86:ff:28:f2:01:ee:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Apr 30 00:20:01 2025 GMT
Not After : Jun 4 23:59:59 2025 GMT
Subject: serialNumber=00624579c65d7d491a5f6a949f51dcb54f77ccb014d8259ae86894832a40976a, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fa:a3:99:22:ce:ea:bf:52:97:57:94:72:c4:48:
65:99:1e:4d:ee:5c:0d:3b:5f:44:8f:c5:3f:cf:21:
52:b0:a4:89:8b:46:10:07:ea:fa:94:63:02:30:0c:
81:b1:12:1d:d4:bb:17:6a:ef:35:34:d3:8b:ec:3d:
ee:19:20:84:8e:ce:10:fa:1a:e4:34:ea:13:e3:e3:
d6:b0:a8:f4:3e:f0:a4:44:42:fd:d6:ca:d7:5e:ba:
27:a9:91:94:77:1e:d4:6c:f4:8a:d7:d0:cf:d0:1e:
66:0e:be:ca:fa:68:2c:9b:be:b7:6a:eb:6e:5d:d8:
ab:ca:69:32:2c:08:29:53:11:fa:b4:7c:fe:d3:d9:
44:f7:3c:5d:ed:15:86:e0:86:4a:21:00:64:5d:59:
5b:14:d1:a0:3e:d5:0e:f0:e7:48:18:6c:2d:47:41:
16:be:bf:2a:b4:b7:53:87:f6:ab:ff:ea:f1:ad:82:
5f:49:f6:e8:5a:e2:9c:e5:1a:a0:1f:e9:04:61:fd:
d0:f5:a0:31:02:bc:ad:8d:d1:78:b8:d7:17:5c:a4:
4d:0a:e4:04:a5:8c:8c:ec:c7:23:39:5a:6a:33:b7:
e1:53:1f:05:f8:28:32:dc:22:bf:c1:ea:05:9d:d5:
de:d4:f0:35:e2:7e:2a:67:8c:09:fc:bf:78:54:44:
47:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:9C:4F:02:38:3F:D2:1E:47:06:62:42:AF:A0:1A:71:DA:18:AB:14
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/7146d24a-48dc-45b1-ac1b-2a6c2d7b7b19.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc3:800::/40
Signature Algorithm: sha256WithRSAEncryption
4c:0d:b2:bd:35:5b:5a:d9:ce:8b:ac:14:fb:82:78:a3:21:9a:
4f:3d:ab:1c:e9:c6:29:5f:d9:68:34:3f:c9:3e:e3:32:3b:32:
f2:9d:5b:fd:a4:03:79:2f:d0:57:11:ec:83:33:01:21:98:04:
6d:f3:e4:59:c5:14:4a:35:59:49:6e:5d:6b:36:ea:47:e3:e7:
c1:64:64:49:38:0a:b6:67:1a:11:75:4b:36:3a:cb:7f:14:60:
3c:ee:6c:a6:32:18:a3:2c:0f:56:ad:6c:01:2c:52:5d:e1:0f:
33:83:8c:a9:98:a8:34:9b:f3:f1:f4:39:bb:e7:5b:7e:e1:df:
59:ff:b6:14:9a:cf:c8:ea:e8:94:da:6a:2a:59:fa:fe:7f:11:
40:c2:a9:f7:a5:ca:77:11:a5:ff:02:0e:56:dd:84:45:cd:bd:
4b:36:10:c1:a2:30:31:e7:ac:4e:0c:94:3b:4c:56:93:10:a2:
e4:03:45:fa:1e:36:13:49:2f:1c:03:93:93:78:8d:dc:77:b5:
35:f9:52:94:d3:80:ad:1d:4d:a3:1e:48:ca:86:b5:b9:0b:d8:
09:4e:84:46:85:0e:74:64:c6:b4:4e:d8:71:4c:64:28:10:d9:
27:c1:07:5f:a5:17:11:eb:70:bb:f5:bc:c3:b6:c3:ae:53:64:
3d:af:53:a8
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUSSO9aOFEd5FKyUC7+Yb/KPIB7ucwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA0MzAwMDIwMDFaFw0yNTA2MDQyMzU5NTlaMHoxSTBHBgNV
BAUTQDAwNjI0NTc5YzY1ZDdkNDkxYTVmNmE5NDlmNTFkY2I1NGY3N2NjYjAxNGQ4
MjU5YWU4Njg5NDgzMmE0MDk3NmExLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPqjmSLO6r9Sl1eUcsRIZZkeTe5cDTtfRI/FP88hUrCkiYtGEAfq+pRjAjAM
gbESHdS7F2rvNTTTi+w97hkghI7OEPoa5DTqE+Pj1rCo9D7wpERC/dbK1166J6mR
lHce1Gz0itfQz9AeZg6+yvpoLJu+t2rrbl3Yq8ppMiwIKVMR+rR8/tPZRPc8Xe0V
huCGSiEAZF1ZWxTRoD7VDvDnSBhsLUdBFr6/KrS3U4f2q//q8a2CX0n26FrinOUa
oB/pBGH90PWgMQK8rY3ReLjXF1ykTQrkBKWMjOzHIzlaajO34VMfBfgoMtwiv8Hq
BZ3V3tTwNeJ+KmeMCfy/eFRERwkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQknE8C
OD/SHkcGYkKvoBpx2hirFDAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
NzE0NmQyNGEtNDhkYy00NWIxLWFjMWItMmE2YzJkN2I3YjE5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACABP8MI
MA0GCSqGSIb3DQEBCwUAA4IBAQBMDbK9NVta2c6LrBT7gnijIZpPPasc6cYpX9lo
ND/JPuMyOzLynVv9pAN5L9BXEeyDMwEhmARt8+RZxRRKNVlJbl1rNupH4+fBZGRJ
OAq2ZxoRdUs2Ost/FGA87mymMhijLA9WrWwBLFJd4Q8zg4ypmKg0m/Px9Dm751t+
4d9Z/7YUms/I6uiU2moqWfr+fxFAwqn3pcp3EaX/Ag5W3YRFzb1LNhDBojAx56xO
DJQ7TFaTEKLkA0X6HjYTSS8cA5OTeI3cd7U1+VKU04CtHU2jHkjKhrW5C9gJToRG
hQ50ZMa0TthxTGQoENknwQdfpRcR63C79bzDtsOuU2Q9r1Oo
-----END CERTIFICATE-----
Generated at Mon May 5 23:42:30 2025 by rpki-client