Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/78ea1ce2-8d09-441d-ad92-848a5871e58b.roa
File: 78ea1ce2-8d09-441d-ad92-848a5871e58b.roa (raw, json)
Hash identifier: 6CYR466cGOyLDXSNfnT6Y1Z9ByNyjCPTiB8jwDpvTeY=
Subject key identifier: 1A:E1:F3:A8:0F:94:4E:1B:4E:0C:59:EE:70:12:76:E1:AB:85:50:09
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 668CF992E002BD7781606722B4CBEF00D3420808
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/78ea1ce2-8d09-441d-ad92-848a5871e58b.roa
Signing time: Wed 30 Apr 2025 00:21:15 +0000
ROA not before: Wed 30 Apr 2025 00:21:15 +0000
ROA not after: Wed 04 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc3::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 05 May 2025 22:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
66:8c:f9:92:e0:02:bd:77:81:60:67:22:b4:cb:ef:00:d3:42:08:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Apr 30 00:21:15 2025 GMT
Not After : Jun 4 23:59:59 2025 GMT
Subject: serialNumber=0259360ac241fdfb63f35e2339b01b2c31dc00fb5e9a4feb3f3f1508a276b763, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:6c:f6:72:1b:06:9e:bd:4a:bf:2a:fb:f0:80:
ab:57:10:28:7d:87:40:9a:ef:7f:05:11:df:d6:81:
43:7f:9f:ec:11:44:32:8b:f2:ed:31:f0:51:a3:cf:
2a:ac:89:fa:a1:d7:b4:2f:91:b3:87:63:b5:f3:c8:
2b:b0:81:92:8d:82:d4:b9:01:e5:3a:3d:6d:65:4e:
bc:5c:a4:6a:39:55:81:65:a7:13:9a:bd:8c:d4:29:
e9:0e:34:b3:04:5e:47:95:8a:d8:0c:e1:95:e0:69:
31:e4:95:f1:38:b3:33:d3:ac:4f:76:39:58:64:cd:
1e:99:e0:11:b0:ee:12:e6:bf:d9:d2:f6:a2:a4:f7:
48:5a:37:b7:5c:50:91:66:05:c3:96:ee:8e:de:e0:
a3:27:49:08:0d:0c:1c:db:a2:a8:8b:0a:16:a0:24:
af:9b:cb:84:40:ea:16:b7:8a:2e:26:0e:3e:ca:3b:
c9:be:36:32:56:3d:d6:71:bd:42:dc:14:7a:47:b0:
2b:f3:6e:0e:3b:25:39:1e:a0:73:a0:ed:7b:8d:1f:
7e:df:f3:41:4b:a9:8b:a4:73:ba:b9:a0:0a:11:27:
3c:09:37:32:0f:fa:45:4f:62:fc:ac:f5:bf:9f:1d:
6c:48:c4:1a:df:05:f5:e0:cd:9e:9c:9e:bc:0f:58:
79:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:E1:F3:A8:0F:94:4E:1B:4E:0C:59:EE:70:12:76:E1:AB:85:50:09
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/78ea1ce2-8d09-441d-ad92-848a5871e58b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc3::/36
Signature Algorithm: sha256WithRSAEncryption
39:1d:98:ff:61:b4:cc:01:ed:bb:2c:73:f1:6e:75:70:04:80:
96:0e:e9:6c:34:6e:27:ab:a6:6d:e8:c5:c3:af:46:7c:b6:72:
2d:f3:a8:03:19:90:7d:54:dd:23:c5:da:7d:24:e5:f5:19:f8:
64:46:d7:e2:e0:70:0a:c9:9b:85:eb:1e:f6:cd:06:46:fa:3b:
72:93:16:56:55:08:f4:27:43:64:3a:83:d5:e0:b6:9a:d6:41:
26:a9:ff:3a:ab:20:f2:20:ea:bd:f9:b2:60:7d:05:d2:0f:52:
a8:ca:42:65:dd:7b:1a:4a:1b:18:be:f5:e8:d4:35:6c:33:1d:
39:39:cd:2c:2f:3e:27:e3:46:a5:2c:ab:9f:f2:9a:1d:70:bf:
2a:67:b5:76:a6:52:8a:25:0e:6c:90:9f:8c:06:ae:b0:04:a3:
64:ac:7a:c3:23:c4:0d:b0:ec:bd:25:51:8b:7f:7b:10:31:94:
1d:15:7e:75:4a:30:81:39:34:92:62:f5:37:07:da:8c:c7:b6:
c4:ae:80:88:37:90:49:3d:55:93:67:65:43:87:82:42:27:30:
da:2e:89:fe:bf:90:56:1d:2a:1f:69:85:ae:60:a1:b1:18:bc:
51:14:9c:33:11:96:cc:6c:cd:1f:31:46:b7:b8:2a:66:bb:0c:
f5:28:63:65
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUZoz5kuACvXeBYGcitMvvANNCCAgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA0MzAwMDIxMTVaFw0yNTA2MDQyMzU5NTlaMHoxSTBHBgNV
BAUTQDAyNTkzNjBhYzI0MWZkZmI2M2YzNWUyMzM5YjAxYjJjMzFkYzAwZmI1ZTlh
NGZlYjNmM2YxNTA4YTI3NmI3NjMxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL1s9nIbBp69Sr8q+/CAq1cQKH2HQJrvfwUR39aBQ3+f7BFEMovy7THwUaPP
KqyJ+qHXtC+Rs4djtfPIK7CBko2C1LkB5To9bWVOvFykajlVgWWnE5q9jNQp6Q40
swReR5WK2AzhleBpMeSV8TizM9OsT3Y5WGTNHpngEbDuEua/2dL2oqT3SFo3t1xQ
kWYFw5bujt7goydJCA0MHNuiqIsKFqAkr5vLhEDqFreKLiYOPso7yb42MlY91nG9
QtwUekewK/NuDjslOR6gc6Dte40fft/zQUupi6RzurmgChEnPAk3Mg/6RU9i/Kz1
v58dbEjEGt8F9eDNnpyevA9YeXsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQa4fOo
D5ROG04MWe5wEnbhq4VQCTAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
NzhlYTFjZTItOGQwOS00NDFkLWFkOTItODQ4YTU4NzFlNThiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCABP8MA
MA0GCSqGSIb3DQEBCwUAA4IBAQA5HZj/YbTMAe27LHPxbnVwBICWDulsNG4nq6Zt
6MXDr0Z8tnIt86gDGZB9VN0jxdp9JOX1GfhkRtfi4HAKyZuF6x72zQZG+jtykxZW
VQj0J0NkOoPV4Laa1kEmqf86qyDyIOq9+bJgfQXSD1KoykJl3XsaShsYvvXo1DVs
Mx05Oc0sLz4n40alLKuf8podcL8qZ7V2plKKJQ5skJ+MBq6wBKNkrHrDI8QNsOy9
JVGLf3sQMZQdFX51SjCBOTSSYvU3B9qMx7bEroCIN5BJPVWTZ2VDh4JCJzDaLon+
v5BWHSofaYWuYKGxGLxRFJwzEZbMbM0fMUa3uCpmuwz1KGNl
-----END CERTIFICATE-----
Generated at Mon May 5 03:45:16 2025 by rpki-client