Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/8d33474a-7193-4fb1-90e2-82106a40b461.roa
File: 8d33474a-7193-4fb1-90e2-82106a40b461.roa (raw, json)
Hash identifier: jAtpMqwWVwjS2RRi7/FIsGQ7fSrzxbyV4otZisEmImY=
Subject key identifier: 17:A3:73:3F:24:D4:6B:8C:9D:D1:D3:D7:08:9C:C5:8A:99:A9:70:72
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 0F7CCC7FFC339519701DCB605F9C07A99280726A
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/8d33474a-7193-4fb1-90e2-82106a40b461.roa
Signing time: Wed 30 Apr 2025 00:20:08 +0000
ROA not before: Wed 30 Apr 2025 00:20:08 +0000
ROA not after: Wed 04 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc3:2800::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 06 May 2025 08:37:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0f:7c:cc:7f:fc:33:95:19:70:1d:cb:60:5f:9c:07:a9:92:80:72:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Apr 30 00:20:08 2025 GMT
Not After : Jun 4 23:59:59 2025 GMT
Subject: serialNumber=7de1bc8a59371490ffcf026361c91abd85f11c5488794629558c83ecb8e26dae, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:39:0b:00:b5:09:dc:d5:a5:ed:65:b3:40:44:
d1:08:17:cb:f0:bf:85:e5:b5:b8:55:35:d6:b1:dc:
3b:71:ac:dd:fc:af:cc:a2:25:bc:7a:d5:78:fc:c7:
f8:37:53:32:bc:17:72:7f:e4:fb:06:7a:12:de:b7:
86:38:c1:fe:7c:cd:43:14:eb:e7:b6:87:6b:d3:f8:
f5:52:1c:a4:16:37:a6:12:1a:58:24:85:d0:6b:a8:
6b:ce:6a:db:ac:a3:4a:e6:46:2c:43:65:17:78:a3:
92:6f:6c:b0:ad:7f:51:0c:89:8d:6a:e4:ee:ad:46:
8b:a6:5d:cb:c5:b6:7c:44:54:95:df:93:3a:0d:5a:
62:20:90:c3:c9:a8:4c:b1:44:56:88:29:04:47:c6:
70:ce:04:d9:37:8f:fd:97:8d:5f:4d:09:50:61:8f:
db:52:c1:b2:eb:2c:06:d9:4f:c3:4a:f0:f0:e1:03:
0d:71:4d:f1:3d:cf:df:8d:71:34:b4:4c:7f:6a:4c:
2a:3a:3b:b8:a8:1c:2d:19:b1:da:19:5a:6b:3c:e4:
e0:63:97:ec:7f:fc:ee:5e:a1:df:04:5c:0d:fe:b4:
34:c0:9d:96:5c:a1:79:fa:0a:8d:70:ee:19:bb:83:
28:81:c8:65:e3:99:ce:53:6f:30:11:14:3b:92:42:
3b:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:A3:73:3F:24:D4:6B:8C:9D:D1:D3:D7:08:9C:C5:8A:99:A9:70:72
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/8d33474a-7193-4fb1-90e2-82106a40b461.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc3:2800::/40
Signature Algorithm: sha256WithRSAEncryption
07:81:bb:ff:12:e2:15:71:71:65:39:19:94:0a:fa:97:86:47:
b3:b1:ec:43:fd:ef:5f:46:81:7c:4b:55:8d:3e:05:21:47:2e:
d0:2c:06:c0:3d:5a:fb:de:31:ee:d5:da:57:79:f7:61:ef:9a:
a1:f8:55:7b:6c:b9:4f:a5:54:ef:00:d3:3b:a8:95:f6:5f:35:
56:8f:56:62:bb:15:dd:d3:81:11:fc:ec:cb:03:cc:fd:b3:06:
c5:e3:a2:93:18:ff:f9:b1:91:e4:cc:8e:10:d2:55:b3:eb:44:
b8:1a:32:45:73:db:1b:6d:15:43:47:f7:65:11:c9:a7:41:fa:
9a:db:ba:a0:c0:26:a4:84:3e:f9:1e:26:2b:62:ce:33:bd:a6:
56:bb:9d:62:4f:b9:ee:79:70:e5:40:63:1a:d4:1f:48:f9:9a:
7d:ab:10:73:bb:be:53:36:e1:a6:d5:e8:8b:eb:82:6d:66:f5:
79:c9:99:ac:88:59:ec:e6:ed:20:48:91:10:99:ca:78:f8:b8:
74:ba:82:bf:7e:62:3f:85:1d:58:7c:dc:10:0c:d9:00:1e:2f:
47:47:19:3d:ab:8c:2e:2a:8c:e0:45:98:ff:1e:90:44:da:c7:
c8:f5:07:fc:fa:ca:da:de:09:9d:14:ed:30:35:d5:d2:7f:d2:
26:06:1f:0b
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUD3zMf/wzlRlwHctgX5wHqZKAcmowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA0MzAwMDIwMDhaFw0yNTA2MDQyMzU5NTlaMHoxSTBHBgNV
BAUTQDdkZTFiYzhhNTkzNzE0OTBmZmNmMDI2MzYxYzkxYWJkODVmMTFjNTQ4ODc5
NDYyOTU1OGM4M2VjYjhlMjZkYWUxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMU5CwC1CdzVpe1ls0BE0QgXy/C/heW1uFU11rHcO3Gs3fyvzKIlvHrVePzH
+DdTMrwXcn/k+wZ6Et63hjjB/nzNQxTr57aHa9P49VIcpBY3phIaWCSF0Guoa85q
26yjSuZGLENlF3ijkm9ssK1/UQyJjWrk7q1Gi6Zdy8W2fERUld+TOg1aYiCQw8mo
TLFEVogpBEfGcM4E2TeP/ZeNX00JUGGP21LBsussBtlPw0rw8OEDDXFN8T3P341x
NLRMf2pMKjo7uKgcLRmx2hlaazzk4GOX7H/87l6h3wRcDf60NMCdllyhefoKjXDu
GbuDKIHIZeOZzlNvMBEUO5JCO1cCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQXo3M/
JNRrjJ3R09cInMWKmalwcjAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
OGQzMzQ3NGEtNzE5My00ZmIxLTkwZTItODIxMDZhNDBiNDYxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACABP8Mo
MA0GCSqGSIb3DQEBCwUAA4IBAQAHgbv/EuIVcXFlORmUCvqXhkezsexD/e9fRoF8
S1WNPgUhRy7QLAbAPVr73jHu1dpXefdh75qh+FV7bLlPpVTvANM7qJX2XzVWj1Zi
uxXd04ER/OzLA8z9swbF46KTGP/5sZHkzI4Q0lWz60S4GjJFc9sbbRVDR/dlEcmn
Qfqa27qgwCakhD75HiYrYs4zvaZWu51iT7nueXDlQGMa1B9I+Zp9qxBzu75TNuGm
1eiL64JtZvV5yZmsiFns5u0gSJEQmcp4+Lh0uoK/fmI/hR1YfNwQDNkAHi9HRxk9
q4wuKozgRZj/HpBE2sfI9Qf8+sra3gmdFO0wNdXSf9ImBh8L
-----END CERTIFICATE-----
Generated at Mon May 5 12:00:15 2025 by rpki-client