Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/7a702f26-ffbc-4360-bbd5-3f1d03920b68.roa
File: 7a702f26-ffbc-4360-bbd5-3f1d03920b68.roa (raw, json)
Hash identifier: bclxED8azSgHsknh4TDWb7ALN1JEIZ3BGZkNcG8pq6E=
Subject key identifier: 3D:33:BE:D2:CE:34:E4:97:2F:0B:72:2C:BC:DA:2B:B0:3B:E3:95:49
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 13BCD8E94160A66EB9AC176757B73239A25CFECB
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/7a702f26-ffbc-4360-bbd5-3f1d03920b68.roa
Signing time: Wed 30 Apr 2025 00:11:10 +0000
ROA not before: Wed 30 Apr 2025 00:11:10 +0000
ROA not after: Wed 04 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc7:b880::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 05 May 2025 22:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
13:bc:d8:e9:41:60:a6:6e:b9:ac:17:67:57:b7:32:39:a2:5c:fe:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Apr 30 00:11:10 2025 GMT
Not After : Jun 4 23:59:59 2025 GMT
Subject: serialNumber=452b5e69e0c591217ff63fdc3ed34dbf72e1ef3c0335deb72039754beeb5341a, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:35:58:04:4d:cf:bc:ac:85:7c:6a:31:71:7d:
60:94:45:e0:b8:75:7e:f3:d0:d5:a4:a2:50:bd:76:
b3:95:64:46:d8:96:d4:13:56:4d:89:b8:eb:58:f5:
d9:2b:4c:c9:fa:98:5a:3f:93:a8:14:db:a7:1a:6b:
ed:aa:a4:c0:7c:35:f1:a7:1b:66:57:5e:49:e7:ee:
15:be:c0:43:72:87:d8:8e:06:73:31:ec:30:8f:f8:
51:a5:9f:2c:f4:60:d2:5d:10:ae:93:2b:4c:20:25:
82:e4:47:16:9f:f7:94:00:6d:22:eb:94:1e:ac:e5:
4c:40:4d:2f:b1:dc:05:69:52:e5:9b:86:4d:d2:c7:
34:28:f0:b6:3e:43:6f:21:35:97:dc:7b:c7:ce:66:
31:9b:a0:d8:1a:89:c4:dc:16:f2:aa:cc:0a:04:8a:
da:21:83:4e:ad:b1:6c:5e:66:b0:12:62:d3:50:ae:
59:54:44:af:11:6c:b6:b2:d8:a8:2c:3f:08:b1:f1:
1e:e8:d9:53:11:4d:d2:44:71:c7:ef:eb:d8:28:2b:
47:c5:c6:b7:b2:13:8c:91:b1:96:7b:73:53:cf:53:
69:86:33:5b:6c:41:20:05:5a:24:47:c4:7a:77:26:
b7:0d:c1:d1:5a:62:5e:57:f8:42:85:bf:48:61:46:
c9:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:33:BE:D2:CE:34:E4:97:2F:0B:72:2C:BC:DA:2B:B0:3B:E3:95:49
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/7a702f26-ffbc-4360-bbd5-3f1d03920b68.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc7:b880::/46
Signature Algorithm: sha256WithRSAEncryption
2b:45:3e:b5:7e:3a:cc:16:73:00:e7:ca:d4:2b:cf:ba:f8:b7:
38:e8:fe:9a:e7:04:c0:98:8d:67:f3:ee:35:24:94:c6:bf:f2:
86:19:92:dc:6c:aa:8f:b3:f8:41:71:d7:34:68:e0:02:ed:e1:
b4:2a:9b:ed:90:0a:97:59:02:c7:9a:1a:f7:b8:09:2b:ea:0a:
e5:1a:d6:05:d7:bf:38:c2:5e:50:da:ef:16:3d:94:0f:d2:46:
63:e6:a6:45:74:ad:39:5e:f4:32:2f:cf:75:ba:cd:b3:9f:44:
2d:59:af:99:31:b8:6a:49:ee:01:a0:42:16:d4:54:dd:e5:69:
8d:00:d3:ee:c5:2c:80:7f:50:ce:b5:31:b4:54:b2:2c:77:84:
94:bb:a5:2a:65:d1:42:3c:8b:22:62:3b:a5:f5:51:75:94:0b:
5d:5b:12:7f:5c:59:3f:9b:62:b9:c4:23:00:28:e0:01:88:c3:
97:b7:88:ca:20:f3:ff:3b:92:48:13:71:f8:fe:0e:3d:52:d5:
fc:7f:41:fd:4f:0a:9d:a2:83:fd:84:3a:b8:04:81:09:c2:ae:
37:f8:6c:a9:20:82:5a:fd:40:29:3e:ac:c7:03:d2:27:33:2d:
3d:71:fe:55:e6:9a:b2:d5:58:37:5d:84:37:43:06:d9:5a:0f:
e5:4e:49:6b
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUE7zY6UFgpm65rBdnV7cyOaJc/sswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA0MzAwMDExMTBaFw0yNTA2MDQyMzU5NTlaMHoxSTBHBgNV
BAUTQDQ1MmI1ZTY5ZTBjNTkxMjE3ZmY2M2ZkYzNlZDM0ZGJmNzJlMWVmM2MwMzM1
ZGViNzIwMzk3NTRiZWViNTM0MWExLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJE1WARNz7yshXxqMXF9YJRF4Lh1fvPQ1aSiUL12s5VkRtiW1BNWTYm461j1
2StMyfqYWj+TqBTbpxpr7aqkwHw18acbZldeSefuFb7AQ3KH2I4GczHsMI/4UaWf
LPRg0l0QrpMrTCAlguRHFp/3lABtIuuUHqzlTEBNL7HcBWlS5ZuGTdLHNCjwtj5D
byE1l9x7x85mMZug2BqJxNwW8qrMCgSK2iGDTq2xbF5msBJi01CuWVRErxFstrLY
qCw/CLHxHujZUxFN0kRxx+/r2CgrR8XGt7ITjJGxlntzU89TaYYzW2xBIAVaJEfE
encmtw3B0VpiXlf4QoW/SGFGyWECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQ9M77S
zjTkly8Lciy82iuwO+OVSTAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
N2E3MDJmMjYtZmZiYy00MzYwLWJiZDUtM2YxZDAzOTIwYjY4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAiABP8e4
gDANBgkqhkiG9w0BAQsFAAOCAQEAK0U+tX46zBZzAOfK1CvPuvi3OOj+mucEwJiN
Z/PuNSSUxr/yhhmS3Gyqj7P4QXHXNGjgAu3htCqb7ZAKl1kCx5oa97gJK+oK5RrW
Bde/OMJeUNrvFj2UD9JGY+amRXStOV70Mi/PdbrNs59ELVmvmTG4aknuAaBCFtRU
3eVpjQDT7sUsgH9QzrUxtFSyLHeElLulKmXRQjyLImI7pfVRdZQLXVsSf1xZP5ti
ucQjACjgAYjDl7eIyiDz/zuSSBNx+P4OPVLV/H9B/U8KnaKD/YQ6uASBCcKuN/hs
qSCCWv1AKT6sxwPSJzMtPXH+VeaastVYN12EN0MG2VoP5U5Jaw==
-----END CERTIFICATE-----
Generated at Mon May 5 06:30:05 2025 by rpki-client