Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/7da13080-67e7-4ae7-b0bb-d85b087719b7.roa
File: 7da13080-67e7-4ae7-b0bb-d85b087719b7.roa (raw, json)
Hash identifier: FSAph5WuWDRIt8O0PExttHOupj4wjB8NJoTdFzlmkRI=
Subject key identifier: CB:FB:2B:0D:00:30:99:A6:0D:90:19:D0:A2:BD:96:58:51:0D:87:9E
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 518F0988FA80CBD70BD084A41F5C88096970AA5A
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/7da13080-67e7-4ae7-b0bb-d85b087719b7.roa
Signing time: Wed 30 Apr 2025 00:11:01 +0000
ROA not before: Wed 30 Apr 2025 00:11:01 +0000
ROA not after: Wed 04 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc7:7000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 06 May 2025 01:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
51:8f:09:88:fa:80:cb:d7:0b:d0:84:a4:1f:5c:88:09:69:70:aa:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Apr 30 00:11:01 2025 GMT
Not After : Jun 4 23:59:59 2025 GMT
Subject: serialNumber=ffb8ed86442434f08fcbaaa3f57d12a65780aec503adc23e78b23be5ef22355b, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:d0:99:ce:01:2e:a5:04:6d:11:fa:f6:e3:fe:
90:c7:31:46:4d:4d:44:79:c6:0e:50:cd:30:8a:b3:
96:a2:91:4b:16:a4:44:e6:b4:36:2d:8d:42:67:11:
36:7f:9b:67:af:9c:1d:d2:2d:00:7c:17:ba:97:e6:
9f:c8:ef:b4:e2:0a:46:53:3d:18:04:57:ba:21:6a:
34:28:3c:ab:e7:5e:91:51:69:53:d6:e0:61:d7:5b:
99:b2:0a:68:40:d7:2e:04:79:94:36:9f:90:9c:18:
2a:81:b6:91:be:f7:54:24:6f:16:a1:c6:28:0b:77:
36:d3:6e:d3:ab:5c:26:c1:4f:7f:27:fd:d9:ae:20:
30:5d:4b:64:e7:c5:3c:68:cb:cc:ed:78:2e:ac:44:
61:d0:e2:a9:bd:d3:06:7f:49:a4:94:de:97:f6:77:
1c:8f:d6:7f:7c:5b:26:80:0f:f2:9d:60:96:24:0c:
6f:a0:76:82:78:6f:18:8d:e4:87:ea:01:30:9d:ee:
d9:8c:ce:7c:72:2d:8c:d4:9a:10:91:0b:24:76:f5:
6e:39:ce:f8:7a:61:a8:2a:ba:3c:fa:d4:a8:0a:7d:
63:9b:c0:f1:e0:c0:f3:f7:7b:22:c3:f7:08:5e:b8:
a0:00:4c:d1:78:b2:30:71:fc:8b:27:40:bf:53:dd:
f3:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:FB:2B:0D:00:30:99:A6:0D:90:19:D0:A2:BD:96:58:51:0D:87:9E
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/7da13080-67e7-4ae7-b0bb-d85b087719b7.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc7:7000::/36
Signature Algorithm: sha256WithRSAEncryption
62:f0:b5:29:5b:c7:85:87:e0:a2:c3:d9:42:05:c3:4f:11:bb:
d3:38:2a:2c:ad:8b:af:e1:69:9f:81:af:42:10:4f:d8:ee:a3:
e3:80:ff:df:2c:14:b6:78:fc:21:df:ff:9e:f5:14:89:37:73:
44:0b:5f:e8:d2:0c:bc:dd:05:a0:73:e8:55:89:2a:3e:24:cd:
ed:20:06:73:35:3b:1c:eb:79:17:f1:e6:b1:d1:b6:23:0e:7c:
78:68:26:fc:7d:79:0b:f2:51:ab:af:ae:44:ab:3a:83:5a:4b:
ed:f1:1c:58:4f:35:0d:83:d3:fd:4c:2a:20:0e:cd:e4:92:24:
da:0b:8a:0c:ff:f4:99:22:ee:4e:8f:28:7e:12:8e:84:e6:79:
7c:35:02:49:b2:d9:e9:c3:9a:e3:20:84:ad:34:0e:5e:2b:e4:
49:37:c5:d1:cd:af:28:98:e7:6e:28:c2:af:10:33:89:a9:72:
9d:f8:99:75:76:75:83:0e:73:84:1d:67:5a:24:4e:60:87:30:
f5:8e:c6:3b:36:51:8d:54:16:0b:9b:05:b1:ba:03:c5:17:23:
a6:12:e1:e0:c2:1a:c7:16:33:2b:10:5b:4b:2f:2b:e4:ca:19:
4d:2c:3f:80:b0:01:31:b8:85:6f:10:c4:82:a5:0f:ce:24:80:
45:de:aa:78
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUUY8JiPqAy9cL0ISkH1yICWlwqlowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA0MzAwMDExMDFaFw0yNTA2MDQyMzU5NTlaMHoxSTBHBgNV
BAUTQGZmYjhlZDg2NDQyNDM0ZjA4ZmNiYWFhM2Y1N2QxMmE2NTc4MGFlYzUwM2Fk
YzIzZTc4YjIzYmU1ZWYyMjM1NWIxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKzQmc4BLqUEbRH69uP+kMcxRk1NRHnGDlDNMIqzlqKRSxakROa0Ni2NQmcR
Nn+bZ6+cHdItAHwXupfmn8jvtOIKRlM9GARXuiFqNCg8q+dekVFpU9bgYddbmbIK
aEDXLgR5lDafkJwYKoG2kb73VCRvFqHGKAt3NtNu06tcJsFPfyf92a4gMF1LZOfF
PGjLzO14LqxEYdDiqb3TBn9JpJTel/Z3HI/Wf3xbJoAP8p1gliQMb6B2gnhvGI3k
h+oBMJ3u2YzOfHItjNSaEJELJHb1bjnO+HphqCq6PPrUqAp9Y5vA8eDA8/d7IsP3
CF64oABM0XiyMHH8iydAv1Pd84cCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTL+ysN
ADCZpg2QGdCivZZYUQ2HnjAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
N2RhMTMwODAtNjdlNy00YWU3LWIwYmItZDg1YjA4NzcxOWI3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCABP8dw
MA0GCSqGSIb3DQEBCwUAA4IBAQBi8LUpW8eFh+Ciw9lCBcNPEbvTOCosrYuv4Wmf
ga9CEE/Y7qPjgP/fLBS2ePwh3/+e9RSJN3NEC1/o0gy83QWgc+hViSo+JM3tIAZz
NTsc63kX8eax0bYjDnx4aCb8fXkL8lGrr65EqzqDWkvt8RxYTzUNg9P9TCogDs3k
kiTaC4oM//SZIu5Ojyh+Eo6E5nl8NQJJstnpw5rjIIStNA5eK+RJN8XRza8omOdu
KMKvEDOJqXKd+Jl1dnWDDnOEHWdaJE5ghzD1jsY7NlGNVBYLmwWxugPFFyOmEuHg
whrHFjMrEFtLLyvkyhlNLD+AsAExuIVvEMSCpQ/OJIBF3qp4
-----END CERTIFICATE-----
Generated at Mon May 5 10:53:04 2025 by rpki-client