Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/874d8aa0-85dd-4eab-a13b-64fd443394da.roa
File: 874d8aa0-85dd-4eab-a13b-64fd443394da.roa (raw, json)
Hash identifier: I0m/i/2XrlXOTUA5KGsJvjtThA8cj+8dK4d+H7QcakU=
Subject key identifier: 0E:11:3E:1E:1E:D0:E2:40:06:B4:5A:AE:26:51:22:9E:BA:11:F3:9B
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 095C1C8D170C2311C3A145C381A92C1B25068837
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/874d8aa0-85dd-4eab-a13b-64fd443394da.roa
Signing time: Wed 30 Apr 2025 00:11:04 +0000
ROA not before: Wed 30 Apr 2025 00:11:04 +0000
ROA not after: Wed 04 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc3:5800::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 05 May 2025 22:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
09:5c:1c:8d:17:0c:23:11:c3:a1:45:c3:81:a9:2c:1b:25:06:88:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Apr 30 00:11:04 2025 GMT
Not After : Jun 4 23:59:59 2025 GMT
Subject: serialNumber=034b8c3dc1730297ed491fa7448f4ad893bd3d78b9893fefa4283d8a9f19f89e, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:fd:fe:96:2f:d2:4e:20:64:9a:9d:40:8e:eb:
ff:1f:f1:31:47:de:eb:88:44:09:ad:76:9a:e0:9f:
f9:ff:64:a7:32:a1:eb:b9:ee:55:62:43:ba:be:9b:
e8:2c:63:3f:ff:80:95:4b:87:09:cc:e1:6a:a7:99:
ef:91:c4:77:b6:fa:5e:fc:a7:3a:59:46:a7:9a:0c:
f2:ce:e9:42:02:d3:a9:63:bc:3c:66:0d:96:2a:8f:
fc:ee:13:81:bd:73:7d:8c:ad:6b:99:d8:f5:e6:77:
e5:1e:06:a1:ea:c4:dd:89:37:dd:13:4b:5a:cb:c8:
91:14:ab:2a:e8:bb:cd:19:b4:95:28:00:92:cd:b0:
e4:b1:9e:63:2a:78:35:3c:e1:cd:12:e1:0a:81:e9:
24:b6:1f:39:43:14:6e:d8:25:55:18:9f:47:b4:f5:
8c:8e:a6:8c:1c:2b:2f:dc:b1:84:d0:83:73:9a:45:
62:61:e0:5f:61:ee:90:d0:89:7c:8c:46:45:98:7f:
46:03:0e:01:19:99:eb:d6:e5:eb:93:aa:36:11:70:
d0:0f:47:da:e3:b5:ac:cc:c3:10:dc:8b:45:75:49:
0d:7d:44:ef:f2:55:8f:5b:45:f1:20:e9:20:e0:2b:
5e:f7:a1:00:ec:6b:a8:07:67:35:95:ad:1f:f3:94:
66:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:11:3E:1E:1E:D0:E2:40:06:B4:5A:AE:26:51:22:9E:BA:11:F3:9B
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/874d8aa0-85dd-4eab-a13b-64fd443394da.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc3:5800::/40
Signature Algorithm: sha256WithRSAEncryption
ab:f9:e1:09:94:79:fd:f0:f7:2b:bd:a4:d9:f1:32:71:25:f4:
f5:72:e2:de:6f:cb:98:af:4f:f7:7d:c5:30:21:ad:a0:8f:40:
96:02:73:f0:97:94:7a:32:24:76:db:56:21:f4:4b:b8:73:9c:
a7:13:6e:ec:7b:cb:59:3e:7d:9a:36:a6:be:ba:c9:e0:4d:a6:
98:7e:26:bd:e5:94:e2:35:41:10:35:05:92:aa:a2:40:e2:51:
a2:c9:f6:2d:46:60:0a:10:9b:b8:66:e5:64:5b:ed:21:14:b7:
20:6c:85:7f:73:cf:0e:fa:50:21:ec:5b:70:30:05:5f:78:a7:
52:fb:d8:59:12:c7:ed:d5:4a:e5:dc:ec:e2:cc:57:47:2b:1d:
87:2f:ec:33:91:58:1f:f8:6f:1c:00:cf:87:35:11:47:cf:1a:
81:c3:e4:f4:5e:ca:01:83:f5:bd:74:12:48:2e:a9:c1:68:9f:
f2:19:aa:7d:63:1b:aa:51:79:38:fa:31:ed:58:4d:5b:78:ae:
5e:3c:f1:b7:ff:6d:68:dd:fe:de:ca:f7:93:71:45:2f:c5:57:
b8:f0:53:51:e3:69:62:17:ce:19:8b:1d:69:53:36:a5:2b:dd:
b2:ef:de:bb:4a:38:dc:2e:96:e9:01:1c:a5:c6:a2:e5:9c:00:
ae:94:4d:b6
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUCVwcjRcMIxHDoUXDgaksGyUGiDcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA0MzAwMDExMDRaFw0yNTA2MDQyMzU5NTlaMHoxSTBHBgNV
BAUTQDAzNGI4YzNkYzE3MzAyOTdlZDQ5MWZhNzQ0OGY0YWQ4OTNiZDNkNzhiOTg5
M2ZlZmE0MjgzZDhhOWYxOWY4OWUxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAI/9/pYv0k4gZJqdQI7r/x/xMUfe64hECa12muCf+f9kpzKh67nuVWJDur6b
6CxjP/+AlUuHCczhaqeZ75HEd7b6XvynOllGp5oM8s7pQgLTqWO8PGYNliqP/O4T
gb1zfYyta5nY9eZ35R4GoerE3Yk33RNLWsvIkRSrKui7zRm0lSgAks2w5LGeYyp4
NTzhzRLhCoHpJLYfOUMUbtglVRifR7T1jI6mjBwrL9yxhNCDc5pFYmHgX2HukNCJ
fIxGRZh/RgMOARmZ69bl65OqNhFw0A9H2uO1rMzDENyLRXVJDX1E7/JVj1tF8SDp
IOArXvehAOxrqAdnNZWtH/OUZr0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQOET4e
HtDiQAa0Wq4mUSKeuhHzmzAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
ODc0ZDhhYTAtODVkZC00ZWFiLWExM2ItNjRmZDQ0MzM5NGRhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACABP8NY
MA0GCSqGSIb3DQEBCwUAA4IBAQCr+eEJlHn98PcrvaTZ8TJxJfT1cuLeb8uYr0/3
fcUwIa2gj0CWAnPwl5R6MiR221Yh9Eu4c5ynE27se8tZPn2aNqa+usngTaaYfia9
5ZTiNUEQNQWSqqJA4lGiyfYtRmAKEJu4ZuVkW+0hFLcgbIV/c88O+lAh7FtwMAVf
eKdS+9hZEsft1Url3OzizFdHKx2HL+wzkVgf+G8cAM+HNRFHzxqBw+T0XsoBg/W9
dBJILqnBaJ/yGap9YxuqUXk4+jHtWE1beK5ePPG3/21o3f7eyveTcUUvxVe48FNR
42liF84Zix1pUzalK92y7967SjjcLpbpARylxqLlnACulE22
-----END CERTIFICATE-----
Generated at Mon May 5 06:06:23 2025 by rpki-client