Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/89c562b8-1ff3-47cb-a104-ad1da28b42d7.roa
File: 89c562b8-1ff3-47cb-a104-ad1da28b42d7.roa (raw, json)
Hash identifier: bywOX4JrQmup9M7qLPhL7Ck75IB8phAaNAAUrMk8t6c=
Subject key identifier: 19:7D:09:4A:10:EB:E7:B5:D6:37:7B:85:F9:4A:4E:6A:CA:83:D0:80
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 6974AF9B8B42272A025A2E7DF1F453DC03B439B8
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/89c562b8-1ff3-47cb-a104-ad1da28b42d7.roa
Signing time: Wed 30 Apr 2025 00:10:48 +0000
ROA not before: Wed 30 Apr 2025 00:10:48 +0000
ROA not after: Wed 04 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc7:7880::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 05 May 2025 22:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
69:74:af:9b:8b:42:27:2a:02:5a:2e:7d:f1:f4:53:dc:03:b4:39:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Apr 30 00:10:48 2025 GMT
Not After : Jun 4 23:59:59 2025 GMT
Subject: serialNumber=5bda6931a945f9ae03e0939ba1709ecef0ec22f0b2dcf9d332d22261cff25fe8, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:51:d9:5d:00:a0:b6:8c:88:ed:53:cb:d0:a6:
2d:0b:ee:56:bb:2d:22:d6:d0:fd:a3:b4:2b:f3:fd:
b6:5d:18:1a:12:0f:e0:10:fa:1b:a2:a5:c5:80:fd:
75:5f:86:9b:e1:b7:a7:c3:18:de:2e:aa:79:31:89:
2d:97:17:f3:f6:d8:b3:9f:0d:06:a2:48:64:87:e9:
59:64:dd:d4:8b:4d:d5:ca:8f:50:41:be:e3:b3:41:
dc:39:0d:b2:d2:0f:4f:32:b1:9d:44:22:2e:23:c9:
6d:bc:d8:66:56:f1:25:0d:35:29:23:41:47:17:78:
3b:21:97:22:ba:ce:2c:25:9e:78:24:37:4d:52:c4:
3f:12:dd:19:5d:0d:f7:95:f1:75:cd:cb:0e:95:23:
46:18:72:5d:59:91:b3:2c:d1:1c:6c:14:d8:79:4d:
2f:14:56:81:f7:61:b1:7b:c3:30:58:ff:a2:88:a7:
ef:75:63:34:00:01:59:59:bc:88:58:4a:9b:a7:0d:
05:de:af:6a:b7:7e:cf:d9:a8:85:71:b3:a0:0b:11:
73:8a:8f:8b:d2:1b:f9:5a:bb:cf:8e:c7:dc:33:2c:
d5:49:c6:06:ee:b5:60:2a:9f:46:94:47:98:3a:53:
32:54:ea:ed:68:f4:2e:e4:33:0e:d8:9a:04:59:80:
e5:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:7D:09:4A:10:EB:E7:B5:D6:37:7B:85:F9:4A:4E:6A:CA:83:D0:80
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/89c562b8-1ff3-47cb-a104-ad1da28b42d7.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc7:7880::/46
Signature Algorithm: sha256WithRSAEncryption
0a:f2:54:26:ae:74:bc:ac:b2:e0:f0:9b:7b:84:97:cb:a1:b1:
3d:a7:a9:a5:64:64:d5:3e:ce:5d:a9:5b:d8:bb:48:65:fe:48:
5b:d5:64:24:cc:df:cb:90:1e:bd:9d:05:11:c5:b0:ee:c0:ce:
f8:f2:91:68:11:62:60:54:a3:11:9c:81:32:e0:0c:10:b1:c6:
d0:bc:82:a2:7a:2f:84:d4:81:1c:a4:69:74:f9:40:40:09:4c:
dc:4e:27:9b:a6:dd:9b:5d:7d:65:43:50:31:7b:2b:13:ef:46:
1d:6a:40:6e:90:b8:81:79:6a:91:db:8e:58:a7:7d:fc:fe:e5:
85:bf:dc:a3:ee:10:3e:02:c2:00:9a:62:90:fe:7b:69:ab:87:
ce:34:f5:49:62:40:12:ca:f9:a5:12:49:2e:6b:e9:6d:81:ad:
ee:60:64:3d:55:06:21:61:2b:35:0d:cb:46:20:0d:08:96:2a:
6a:39:7a:a0:71:fd:bd:d3:68:d0:02:bd:01:a9:f2:3c:85:cf:
47:42:73:29:4f:a2:7b:d2:2a:31:29:53:05:04:54:06:4a:4b:
04:e1:3d:74:81:80:7c:57:b1:9c:c4:6f:02:19:1d:30:85:c0:
1c:99:be:f1:78:78:52:71:80:9d:71:fe:b1:e9:3e:a6:ec:54:
48:12:2c:97
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUaXSvm4tCJyoCWi598fRT3AO0ObgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA0MzAwMDEwNDhaFw0yNTA2MDQyMzU5NTlaMHoxSTBHBgNV
BAUTQDViZGE2OTMxYTk0NWY5YWUwM2UwOTM5YmExNzA5ZWNlZjBlYzIyZjBiMmRj
ZjlkMzMyZDIyMjYxY2ZmMjVmZTgxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJJR2V0AoLaMiO1Ty9CmLQvuVrstItbQ/aO0K/P9tl0YGhIP4BD6G6KlxYD9
dV+Gm+G3p8MY3i6qeTGJLZcX8/bYs58NBqJIZIfpWWTd1ItN1cqPUEG+47NB3DkN
stIPTzKxnUQiLiPJbbzYZlbxJQ01KSNBRxd4OyGXIrrOLCWeeCQ3TVLEPxLdGV0N
95Xxdc3LDpUjRhhyXVmRsyzRHGwU2HlNLxRWgfdhsXvDMFj/ooin73VjNAABWVm8
iFhKm6cNBd6vard+z9mohXGzoAsRc4qPi9Ib+Vq7z47H3DMs1UnGBu61YCqfRpRH
mDpTMlTq7Wj0LuQzDtiaBFmA5YcCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQZfQlK
EOvntdY3e4X5Sk5qyoPQgDAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
ODljNTYyYjgtMWZmMy00N2NiLWExMDQtYWQxZGEyOGI0MmQ3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAiABP8d4
gDANBgkqhkiG9w0BAQsFAAOCAQEACvJUJq50vKyy4PCbe4SXy6GxPaeppWRk1T7O
Xalb2LtIZf5IW9VkJMzfy5AevZ0FEcWw7sDO+PKRaBFiYFSjEZyBMuAMELHG0LyC
onovhNSBHKRpdPlAQAlM3E4nm6bdm119ZUNQMXsrE+9GHWpAbpC4gXlqkduOWKd9
/P7lhb/co+4QPgLCAJpikP57aauHzjT1SWJAEsr5pRJJLmvpbYGt7mBkPVUGIWEr
NQ3LRiANCJYqajl6oHH9vdNo0AK9AanyPIXPR0JzKU+ie9IqMSlTBQRUBkpLBOE9
dIGAfFexnMRvAhkdMIXAHJm+8Xh4UnGAnXH+sek+puxUSBIslw==
-----END CERTIFICATE-----
Generated at Mon May 5 05:57:31 2025 by rpki-client