Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/9195a704-de86-4692-95c9-30d458a106d5.roa
File: 9195a704-de86-4692-95c9-30d458a106d5.roa (raw, json)
Hash identifier: pLGQ8aFUXABRikiUVlQ5mJu+nxfDm2QS89GKBz3imSU=
Subject key identifier: BC:65:06:EA:B9:64:7B:EA:D8:D9:6B:13:BE:4A:7B:2D:B7:F8:25:BF
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 14F067A41A2B0909CD03E25CE875C83A119F5AB6
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/9195a704-de86-4692-95c9-30d458a106d5.roa
Signing time: Wed 30 Apr 2025 00:21:00 +0000
ROA not before: Wed 30 Apr 2025 00:21:00 +0000
ROA not after: Wed 04 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc1:8000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 07 May 2025 23:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
14:f0:67:a4:1a:2b:09:09:cd:03:e2:5c:e8:75:c8:3a:11:9f:5a:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Apr 30 00:21:00 2025 GMT
Not After : Jun 4 23:59:59 2025 GMT
Subject: serialNumber=25d5729a20de8057f1871dfb53e562cedd40fe308c406a5c758ba97ff34183a7, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:89:9e:52:f7:65:23:a9:55:d0:de:e2:40:e7:
59:13:da:80:87:45:2b:7b:1b:ff:14:52:c0:c3:97:
47:f0:ed:4d:ce:35:a1:4d:f2:35:cf:e3:ed:c8:12:
a9:e6:44:9a:f3:7b:25:59:72:71:e9:6e:77:bb:4a:
5f:94:33:48:7d:f1:62:13:19:ce:ae:d5:69:42:ea:
af:e0:09:be:ca:19:da:9c:24:54:1f:15:f0:d1:a5:
89:2d:e6:09:fe:0b:49:9a:07:d4:fb:41:32:81:82:
88:92:a1:3d:58:6f:ab:08:ab:89:03:e3:04:2f:dd:
8e:f5:5e:9d:6f:55:e3:22:3b:21:80:1e:4e:49:15:
b6:42:50:bc:ad:12:0e:66:3b:aa:b4:7f:e5:21:3b:
ee:f5:bd:ec:67:1c:5b:db:da:00:86:8d:06:79:3d:
e9:77:61:51:03:d5:a3:7e:00:31:01:a4:2c:6b:c5:
d6:d5:36:a4:be:c8:1a:60:31:ee:46:d6:b0:93:b4:
fa:1c:4a:48:ff:4e:1f:c7:02:1d:4f:2b:0a:be:24:
d1:b9:ea:30:a3:8c:2a:0f:2c:50:32:f6:27:d8:2e:
f1:b2:68:62:7e:72:4d:8f:df:d3:38:83:76:35:b6:
d5:4c:29:0c:a6:2f:8c:2b:8b:f3:58:e0:0c:98:e4:
01:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:65:06:EA:B9:64:7B:EA:D8:D9:6B:13:BE:4A:7B:2D:B7:F8:25:BF
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/9195a704-de86-4692-95c9-30d458a106d5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc1:8000::/36
Signature Algorithm: sha256WithRSAEncryption
7e:01:6f:8b:a0:3f:c7:9d:dd:f4:b3:a8:ce:46:d7:6f:5d:14:
4a:8a:3e:a6:ff:e8:66:cf:8c:ab:f6:55:21:bd:e2:ea:57:77:
a3:0f:1f:46:20:27:bd:63:c8:b1:14:c4:bc:20:f9:d9:1b:c6:
8c:24:5b:67:c6:5b:b2:fc:97:31:e7:35:ce:7e:41:67:2c:be:
9e:01:11:1c:93:43:ea:b1:79:a8:a0:76:3f:a8:1a:af:99:17:
d8:f5:b5:02:44:7d:f5:67:cf:6a:9e:b7:c1:7c:00:78:fe:7f:
28:91:bd:75:30:fe:a6:7d:1e:a7:75:cb:36:bd:3c:d4:a3:6c:
5d:31:5b:02:23:11:fc:38:4e:7b:c5:b8:4e:c1:80:24:96:66:
e0:99:43:04:4d:90:18:5d:a6:b9:57:a6:ee:74:c9:4b:42:3d:
6c:05:ff:cb:22:78:14:27:02:ef:50:82:be:fb:0e:e4:69:98:
b3:f1:fe:06:6b:09:16:a5:ac:b5:b4:c1:41:b5:60:ae:45:a7:
d4:ab:2f:19:7a:9f:68:c6:89:eb:8f:d7:47:21:76:57:d2:23:
2d:aa:49:1e:db:45:19:01:61:d0:82:c1:c7:4c:3a:ec:66:1d:
2b:37:b1:65:78:da:9a:6e:67:ea:0e:93:a4:fc:07:38:c4:fb:
c7:09:cd:c3
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUFPBnpBorCQnNA+Jc6HXIOhGfWrYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA0MzAwMDIxMDBaFw0yNTA2MDQyMzU5NTlaMHoxSTBHBgNV
BAUTQDI1ZDU3MjlhMjBkZTgwNTdmMTg3MWRmYjUzZTU2MmNlZGQ0MGZlMzA4YzQw
NmE1Yzc1OGJhOTdmZjM0MTgzYTcxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMaJnlL3ZSOpVdDe4kDnWRPagIdFK3sb/xRSwMOXR/DtTc41oU3yNc/j7cgS
qeZEmvN7JVlycelud7tKX5QzSH3xYhMZzq7VaULqr+AJvsoZ2pwkVB8V8NGliS3m
Cf4LSZoH1PtBMoGCiJKhPVhvqwiriQPjBC/djvVenW9V4yI7IYAeTkkVtkJQvK0S
DmY7qrR/5SE77vW97GccW9vaAIaNBnk96XdhUQPVo34AMQGkLGvF1tU2pL7IGmAx
7kbWsJO0+hxKSP9OH8cCHU8rCr4k0bnqMKOMKg8sUDL2J9gu8bJoYn5yTY/f0ziD
djW21UwpDKYvjCuL81jgDJjkAZ8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBS8ZQbq
uWR76tjZaxO+Snstt/glvzAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
OTE5NWE3MDQtZGU4Ni00NjkyLTk1YzktMzBkNDU4YTEwNmQ1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCABP8GA
MA0GCSqGSIb3DQEBCwUAA4IBAQB+AW+LoD/Hnd30s6jORtdvXRRKij6m/+hmz4yr
9lUhveLqV3ejDx9GICe9Y8ixFMS8IPnZG8aMJFtnxluy/Jcx5zXOfkFnLL6eAREc
k0PqsXmooHY/qBqvmRfY9bUCRH31Z89qnrfBfAB4/n8okb11MP6mfR6ndcs2vTzU
o2xdMVsCIxH8OE57xbhOwYAklmbgmUMETZAYXaa5V6budMlLQj1sBf/LIngUJwLv
UIK++w7kaZiz8f4GawkWpay1tMFBtWCuRafUqy8Zep9oxonrj9dHIXZX0iMtqkke
20UZAWHQgsHHTDrsZh0rN7FleNqabmfqDpOk/Ac4xPvHCc3D
-----END CERTIFICATE-----
Generated at Wed May 7 04:19:12 2025 by rpki-client