Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/a4592271-0371-4e59-91d6-8cede30d6d9a.roa
File: a4592271-0371-4e59-91d6-8cede30d6d9a.roa (raw, json)
Hash identifier: T+d9Nq+pc9004B2uL4kWfJhy78eBflj/VMFJhyXi+JY=
Subject key identifier: 53:81:60:91:44:A0:38:6E:12:0C:4A:3C:61:F8:4B:7F:97:03:4A:BA
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 3438AC9A8023A737716A3ED39AFC08E4089AD4E5
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/a4592271-0371-4e59-91d6-8cede30d6d9a.roa
Signing time: Wed 30 Apr 2025 00:10:44 +0000
ROA not before: Wed 30 Apr 2025 00:10:44 +0000
ROA not after: Wed 04 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc7:b8c0::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 05 May 2025 22:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
34:38:ac:9a:80:23:a7:37:71:6a:3e:d3:9a:fc:08:e4:08:9a:d4:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Apr 30 00:10:44 2025 GMT
Not After : Jun 4 23:59:59 2025 GMT
Subject: serialNumber=e4d0957f08f6ed93add14eff11954c42159cebe6fe1ed4da9ea798350fef512b, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:01:0f:ca:bb:96:f9:e4:93:b1:d9:62:f7:a5:
4c:5e:1d:99:5b:a5:b4:f6:1f:fc:ef:b3:2a:b4:01:
0f:6b:cd:05:a8:9b:2b:8e:41:36:a7:56:68:b2:68:
9d:39:fe:19:dc:9b:1f:1c:33:5c:c4:4a:fa:d5:14:
34:02:15:a6:08:49:d1:c9:2e:af:e5:ea:e2:92:c3:
3d:45:7e:9f:05:92:8f:1f:da:4f:43:12:13:b1:69:
51:53:13:f5:30:81:89:d3:94:b3:78:9c:57:6f:1e:
de:52:2c:c1:1f:34:1b:af:91:a4:cf:85:24:6e:31:
76:ae:31:7b:01:38:f6:b2:1e:86:39:ba:0f:46:1f:
e4:9e:fb:0c:1e:41:29:b0:d1:cf:25:07:ba:09:f9:
85:db:ed:13:5f:18:4b:92:8d:18:44:e3:9a:f8:f8:
29:af:a5:4a:5c:22:06:99:8f:23:b7:8b:86:d8:a9:
1a:66:19:eb:34:a2:be:39:36:2c:7c:7b:bb:39:61:
c9:a0:11:75:51:54:7e:fb:88:be:f8:fb:66:d0:23:
df:33:0b:75:a4:57:85:86:ef:ed:ba:e0:9e:36:86:
b8:fc:2a:a3:c8:85:2e:8e:ce:01:3a:27:e5:32:68:
da:13:95:0d:5a:2d:c3:5c:7d:b7:4f:df:be:8a:a7:
64:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:81:60:91:44:A0:38:6E:12:0C:4A:3C:61:F8:4B:7F:97:03:4A:BA
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/a4592271-0371-4e59-91d6-8cede30d6d9a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc7:b8c0::/46
Signature Algorithm: sha256WithRSAEncryption
05:17:ac:61:f0:71:d1:90:57:8d:07:02:ad:2e:7e:9b:1e:6c:
53:91:6c:d2:e8:1c:81:5c:c9:15:3a:af:b1:7d:49:d7:87:a4:
9c:1b:7f:61:a0:da:8e:74:1b:45:f2:6d:c6:1e:a6:08:f2:d4:
c2:64:4a:8f:22:f3:52:1d:19:49:5c:ef:7a:d2:c9:4e:65:70:
d0:60:9d:88:3a:95:b3:77:22:1e:84:f8:6f:6e:1f:e5:be:e4:
64:3e:69:94:a7:b5:06:41:a5:df:b0:09:c5:2c:3e:8e:f5:a6:
09:c3:50:23:69:a8:32:db:2e:f2:13:4b:66:54:56:29:cd:ea:
77:3c:86:b7:4e:52:91:9a:a7:d9:79:f8:2b:be:69:31:b6:1b:
a9:44:b7:a7:8c:7b:e5:03:dd:86:e5:8a:db:b9:7c:07:ad:fc:
34:c8:67:e6:b8:3a:de:1f:2c:8c:bf:a7:e1:43:92:94:f0:20:
41:77:6e:e8:b2:9b:04:cf:02:b5:09:13:11:22:25:17:a4:6f:
8d:dd:d5:85:5f:40:cd:8b:97:50:f8:58:a9:55:b7:c2:31:2d:
af:83:17:ba:29:b4:8e:b1:ea:31:70:16:0e:73:c0:8c:aa:78:
4b:de:e1:a6:a8:fc:39:eb:4b:bd:22:96:27:fa:cf:e3:d9:f2:
28:ee:c8:24
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUNDismoAjpzdxaj7TmvwI5Aia1OUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA0MzAwMDEwNDRaFw0yNTA2MDQyMzU5NTlaMHoxSTBHBgNV
BAUTQGU0ZDA5NTdmMDhmNmVkOTNhZGQxNGVmZjExOTU0YzQyMTU5Y2ViZTZmZTFl
ZDRkYTllYTc5ODM1MGZlZjUxMmIxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMEBD8q7lvnkk7HZYvelTF4dmVultPYf/O+zKrQBD2vNBaibK45BNqdWaLJo
nTn+GdybHxwzXMRK+tUUNAIVpghJ0ckur+Xq4pLDPUV+nwWSjx/aT0MSE7FpUVMT
9TCBidOUs3icV28e3lIswR80G6+RpM+FJG4xdq4xewE49rIehjm6D0Yf5J77DB5B
KbDRzyUHugn5hdvtE18YS5KNGETjmvj4Ka+lSlwiBpmPI7eLhtipGmYZ6zSivjk2
LHx7uzlhyaARdVFUfvuIvvj7ZtAj3zMLdaRXhYbv7brgnjaGuPwqo8iFLo7OATon
5TJo2hOVDVotw1x9t0/fvoqnZBMCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRTgWCR
RKA4bhIMSjxh+Et/lwNKujAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
YTQ1OTIyNzEtMDM3MS00ZTU5LTkxZDYtOGNlZGUzMGQ2ZDlhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAiABP8e4
wDANBgkqhkiG9w0BAQsFAAOCAQEABResYfBx0ZBXjQcCrS5+mx5sU5Fs0ugcgVzJ
FTqvsX1J14eknBt/YaDajnQbRfJtxh6mCPLUwmRKjyLzUh0ZSVzvetLJTmVw0GCd
iDqVs3ciHoT4b24f5b7kZD5plKe1BkGl37AJxSw+jvWmCcNQI2moMtsu8hNLZlRW
Kc3qdzyGt05SkZqn2Xn4K75pMbYbqUS3p4x75QPdhuWK27l8B638NMhn5rg63h8s
jL+n4UOSlPAgQXdu6LKbBM8CtQkTESIlF6Rvjd3VhV9AzYuXUPhYqVW3wjEtr4MX
uim0jrHqMXAWDnPAjKp4S97hpqj8OetLvSKWJ/rP49nyKO7IJA==
-----END CERTIFICATE-----
Generated at Mon May 5 06:06:40 2025 by rpki-client