Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/a027acd6-b75f-42ce-9bfb-ac426d92b141.roa
File: a027acd6-b75f-42ce-9bfb-ac426d92b141.roa (raw, json)
Hash identifier: v8+yKyeGKJ3n+AAWMwMfDCYrIQPDcDZIFO+ythIhfsY=
Subject key identifier: E2:10:8E:C8:26:3C:0F:AD:0B:5B:D8:83:97:B6:DF:FD:B7:3C:6F:F6
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 6CD955501A54020707A1614D20B64268B223FCB7
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/a027acd6-b75f-42ce-9bfb-ac426d92b141.roa
Signing time: Wed 30 Apr 2025 00:20:42 +0000
ROA not before: Wed 30 Apr 2025 00:20:42 +0000
ROA not after: Wed 04 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc3:4000::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 06 May 2025 01:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6c:d9:55:50:1a:54:02:07:07:a1:61:4d:20:b6:42:68:b2:23:fc:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Apr 30 00:20:42 2025 GMT
Not After : Jun 4 23:59:59 2025 GMT
Subject: serialNumber=431f79661340dfc2030627183a44103dd3f35daf4140aa66a0cd7970bb6830e3, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:cb:2b:c7:9c:2a:5f:dd:fe:2c:73:2f:30:7b:
dc:f0:d7:30:15:ba:ca:5a:fe:d8:36:14:5d:54:f2:
c9:fa:d1:6e:a7:5d:30:db:0b:27:81:19:a5:00:cd:
6f:da:c7:39:40:83:7c:fb:60:e5:b9:93:e0:88:51:
6b:2a:ab:42:1b:d7:2c:f8:dc:de:7e:e1:ac:52:30:
1d:79:9d:58:0a:fe:44:af:8a:47:7f:07:c3:48:75:
b1:3a:0a:f5:da:f4:a9:f1:03:c7:75:76:8c:d9:89:
7a:f8:d9:de:14:f1:f4:83:e1:47:66:04:90:0e:65:
fa:18:5c:68:4b:92:63:6a:e3:4e:af:a8:ae:08:1a:
bb:7f:64:48:53:ea:3c:95:f2:29:da:5b:12:3e:ec:
0b:ef:a5:82:b9:8c:60:5c:04:e4:5f:7a:9c:48:c7:
05:dc:ef:39:0d:be:16:14:76:40:8f:b2:fe:50:cf:
06:0a:9b:09:b6:16:c3:7a:e2:c7:a6:f8:a0:3d:64:
a9:69:6d:0b:a9:fc:b8:d6:d8:48:f7:60:a4:c8:a9:
d3:c2:11:65:28:7f:12:71:26:a5:a6:83:58:83:c4:
23:5d:2c:4c:e1:b3:e6:63:f7:c7:c4:4e:cb:1e:61:
64:a9:6a:0a:af:61:76:09:61:fc:78:bf:e5:d9:a2:
98:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:10:8E:C8:26:3C:0F:AD:0B:5B:D8:83:97:B6:DF:FD:B7:3C:6F:F6
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/a027acd6-b75f-42ce-9bfb-ac426d92b141.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc3:4000::/36
Signature Algorithm: sha256WithRSAEncryption
4e:62:ab:e8:a1:17:54:f6:70:91:86:14:5b:c3:a3:04:13:ca:
9a:a4:6d:a0:6b:af:67:8c:d1:a2:b9:e0:64:a3:f4:55:b8:1c:
6c:b7:99:d4:a8:b3:d2:1d:81:f7:fc:40:98:9e:09:11:fe:e9:
f4:c0:37:4d:36:05:12:3c:cd:87:21:dd:9d:12:64:f3:ed:a7:
83:07:87:cb:8a:66:68:15:fd:28:a7:9d:34:43:e3:c0:6c:30:
a3:8b:ba:8a:b9:51:bc:6c:cf:de:28:b4:30:df:83:28:9f:71:
b5:2d:40:c5:5f:03:b5:d0:9a:2b:27:1e:5e:22:aa:16:8a:be:
42:0d:ad:c8:50:b4:4e:8e:c0:d6:41:86:17:97:b4:2e:cb:c6:
c4:46:d3:4e:ea:89:39:a9:9e:fa:b0:27:2d:0c:a4:1d:d1:1b:
23:46:52:e6:78:16:61:9f:7e:5f:fc:30:15:c6:ec:ae:c0:4a:
e2:9d:1b:a7:06:5c:52:b9:2c:d8:7c:59:ac:f6:66:0a:e2:76:
ed:61:c8:5d:56:0f:bf:d1:a3:a2:6d:45:40:99:e0:47:e8:5b:
00:e0:c5:82:0c:5b:18:0a:16:53:e2:ec:e1:b9:ca:27:2f:1a:
2a:94:b3:d9:8e:1b:3c:da:68:87:61:58:58:a3:bf:4d:fd:2d:
07:55:e0:24
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUbNlVUBpUAgcHoWFNILZCaLIj/LcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA0MzAwMDIwNDJaFw0yNTA2MDQyMzU5NTlaMHoxSTBHBgNV
BAUTQDQzMWY3OTY2MTM0MGRmYzIwMzA2MjcxODNhNDQxMDNkZDNmMzVkYWY0MTQw
YWE2NmEwY2Q3OTcwYmI2ODMwZTMxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM3LK8ecKl/d/ixzLzB73PDXMBW6ylr+2DYUXVTyyfrRbqddMNsLJ4EZpQDN
b9rHOUCDfPtg5bmT4IhRayqrQhvXLPjc3n7hrFIwHXmdWAr+RK+KR38Hw0h1sToK
9dr0qfEDx3V2jNmJevjZ3hTx9IPhR2YEkA5l+hhcaEuSY2rjTq+orggau39kSFPq
PJXyKdpbEj7sC++lgrmMYFwE5F96nEjHBdzvOQ2+FhR2QI+y/lDPBgqbCbYWw3ri
x6b4oD1kqWltC6n8uNbYSPdgpMip08IRZSh/EnEmpaaDWIPEI10sTOGz5mP3x8RO
yx5hZKlqCq9hdglh/Hi/5dmimNsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTiEI7I
JjwPrQtb2IOXtt/9tzxv9jAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
YTAyN2FjZDYtYjc1Zi00MmNlLTliZmItYWM0MjZkOTJiMTQxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCABP8NA
MA0GCSqGSIb3DQEBCwUAA4IBAQBOYqvooRdU9nCRhhRbw6MEE8qapG2ga69njNGi
ueBko/RVuBxst5nUqLPSHYH3/ECYngkR/un0wDdNNgUSPM2HId2dEmTz7aeDB4fL
imZoFf0op500Q+PAbDCji7qKuVG8bM/eKLQw34Mon3G1LUDFXwO10JorJx5eIqoW
ir5CDa3IULROjsDWQYYXl7Quy8bERtNO6ok5qZ76sCctDKQd0RsjRlLmeBZhn35f
/DAVxuyuwErinRunBlxSuSzYfFms9mYK4nbtYchdVg+/0aOibUVAmeBH6FsA4MWC
DFsYChZT4uzhuconLxoqlLPZjhs82miHYVhYo79N/S0HVeAk
-----END CERTIFICATE-----
Generated at Mon May 5 10:50:39 2025 by rpki-client