Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/9623dcba-6a97-4717-ac77-dd16d3c33f78.roa
File: 9623dcba-6a97-4717-ac77-dd16d3c33f78.roa (raw, json)
Hash identifier: x/oezbvd2HLHXZRsjKNo1UCOXEV+xTPDRs3n+8CrTRg=
Subject key identifier: 0E:F9:98:65:73:CB:09:F4:0A:4E:8E:2F:CA:59:7C:1C:42:49:61:F7
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 38170310BFAC958463C640B50353BF033BF6A449
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/9623dcba-6a97-4717-ac77-dd16d3c33f78.roa
Signing time: Wed 30 Apr 2025 00:21:15 +0000
ROA not before: Wed 30 Apr 2025 00:21:15 +0000
ROA not after: Wed 04 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc5::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 06 May 2025 01:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
38:17:03:10:bf:ac:95:84:63:c6:40:b5:03:53:bf:03:3b:f6:a4:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Apr 30 00:21:15 2025 GMT
Not After : Jun 4 23:59:59 2025 GMT
Subject: serialNumber=766c3549a7e774b1dff2bc6e7e94625f622e63a712ede26e8cbda850d0fcc07a, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:e2:c4:77:d6:b3:6e:b9:b2:d8:1d:f6:7e:71:
23:35:f7:4d:f4:5f:bf:6a:1b:f8:7f:07:6e:58:78:
f7:b3:3a:59:02:2b:78:8e:58:99:ea:b5:bd:0a:f2:
8a:3e:64:7c:c3:94:f0:25:49:18:a7:f8:90:3d:19:
6d:7f:ba:3c:87:0d:f7:44:16:a4:68:48:79:e1:16:
c1:5a:92:ed:57:fc:89:d7:23:14:e9:ef:1b:2a:92:
50:8d:b9:b7:d1:6b:df:92:30:73:64:f2:e2:a5:45:
92:bb:0f:69:5d:93:5c:d7:81:f3:bb:e9:48:58:d9:
dc:88:1d:46:e4:45:01:00:24:38:eb:d6:ee:af:88:
a3:33:b9:49:3d:5c:72:f0:68:91:fe:ab:4c:38:c3:
59:70:e3:54:1b:0d:3b:cd:94:46:fe:c4:05:18:92:
10:ee:6d:23:21:42:83:7d:b6:34:89:63:34:4e:9f:
e6:0a:b8:d4:fc:d9:3f:dc:c7:aa:8f:a6:33:c3:59:
69:84:f2:6e:81:74:9d:96:83:a1:f6:29:bc:f7:26:
57:fb:da:02:5a:f8:43:51:00:77:0f:4f:23:d2:13:
ac:57:9f:ad:29:96:4e:91:1e:9b:a2:da:a3:dd:77:
3c:4a:d6:4c:71:82:4c:3b:75:20:ef:a3:e0:21:a1:
bb:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:F9:98:65:73:CB:09:F4:0A:4E:8E:2F:CA:59:7C:1C:42:49:61:F7
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/9623dcba-6a97-4717-ac77-dd16d3c33f78.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc5::/36
Signature Algorithm: sha256WithRSAEncryption
33:58:cf:c8:8c:7f:fb:a5:f1:08:77:ff:98:83:3e:f3:c6:ea:
6e:34:2c:ae:c4:42:c9:60:12:29:78:4e:a5:6b:7e:33:72:35:
84:6f:4f:a8:ad:6c:23:9d:a1:5a:cb:65:67:d9:bc:0c:06:7d:
0e:c3:3a:bb:9d:50:8f:a5:b4:79:49:56:74:04:c8:6f:a1:f6:
73:95:46:a1:b7:9b:de:32:56:28:a5:ae:ac:35:f0:ca:05:22:
1d:bd:3e:5d:16:fd:c3:8f:9c:7f:c7:33:b5:f0:d3:3a:be:6b:
ef:51:80:bd:72:2c:77:19:2b:c5:52:47:72:fa:12:3e:5b:b7:
a2:8c:ea:09:8a:b2:aa:61:d9:3f:ae:da:a9:df:71:46:a5:a2:
ee:bc:ba:ec:24:f9:49:69:35:0d:39:db:cd:33:8b:38:98:13:
ca:ba:52:a0:d0:a9:e9:4b:0c:18:c9:5b:8d:6c:3d:9d:fc:f2:
ea:b5:ec:a6:55:8b:ed:2b:ec:f4:48:e2:dc:db:e6:7e:1f:ec:
cf:e6:cb:6d:b4:c2:50:a7:75:68:9d:a8:e9:c6:d3:00:7a:b5:
9e:55:e1:58:4a:a1:25:a0:e0:48:db:85:86:6e:c9:54:aa:fb:
65:67:69:c3:c8:a9:c5:58:9c:90:89:68:3f:70:fe:7c:0f:a3:
c9:ea:08:d3
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUOBcDEL+slYRjxkC1A1O/Azv2pEkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA0MzAwMDIxMTVaFw0yNTA2MDQyMzU5NTlaMHoxSTBHBgNV
BAUTQDc2NmMzNTQ5YTdlNzc0YjFkZmYyYmM2ZTdlOTQ2MjVmNjIyZTYzYTcxMmVk
ZTI2ZThjYmRhODUwZDBmY2MwN2ExLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMbixHfWs265stgd9n5xIzX3TfRfv2ob+H8Hblh497M6WQIreI5Ymeq1vQry
ij5kfMOU8CVJGKf4kD0ZbX+6PIcN90QWpGhIeeEWwVqS7Vf8idcjFOnvGyqSUI25
t9Fr35Iwc2Ty4qVFkrsPaV2TXNeB87vpSFjZ3IgdRuRFAQAkOOvW7q+IozO5ST1c
cvBokf6rTDjDWXDjVBsNO82URv7EBRiSEO5tIyFCg322NIljNE6f5gq41PzZP9zH
qo+mM8NZaYTyboF0nZaDofYpvPcmV/vaAlr4Q1EAdw9PI9ITrFefrSmWTpEem6La
o913PErWTHGCTDt1IO+j4CGhu9ECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQO+Zhl
c8sJ9ApOji/KWXwcQklh9zAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
OTYyM2RjYmEtNmE5Ny00NzE3LWFjNzctZGQxNmQzYzMzZjc4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCABP8UA
MA0GCSqGSIb3DQEBCwUAA4IBAQAzWM/IjH/7pfEId/+Ygz7zxupuNCyuxELJYBIp
eE6la34zcjWEb0+orWwjnaFay2Vn2bwMBn0Owzq7nVCPpbR5SVZ0BMhvofZzlUah
t5veMlYopa6sNfDKBSIdvT5dFv3Dj5x/xzO18NM6vmvvUYC9cix3GSvFUkdy+hI+
W7eijOoJirKqYdk/rtqp33FGpaLuvLrsJPlJaTUNOdvNM4s4mBPKulKg0KnpSwwY
yVuNbD2d/PLqteymVYvtK+z0SOLc2+Z+H+zP5stttMJQp3VonajpxtMAerWeVeFY
SqEloOBI24WGbslUqvtlZ2nDyKnFWJyQiWg/cP58D6PJ6gjT
-----END CERTIFICATE-----
Generated at Mon May 5 11:02:47 2025 by rpki-client