Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/a972fe9b-c39f-48d1-8b19-c14cbaf16237.roa
File: a972fe9b-c39f-48d1-8b19-c14cbaf16237.roa (raw, json)
Hash identifier: X7ojwVGsQ5YdhYZOzlLuR3B1RSZ3ySM1Q9kfUjM0uxo=
Subject key identifier: D0:FE:8B:8A:4D:5B:B9:A8:3E:4B:DB:B3:64:08:75:FB:78:40:63:8C
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 425C9E5CB199904887C211EB19355B1C93C16017
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/a972fe9b-c39f-48d1-8b19-c14cbaf16237.roa
Signing time: Wed 30 Apr 2025 00:21:01 +0000
ROA not before: Wed 30 Apr 2025 00:21:01 +0000
ROA not after: Wed 04 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc1::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 06 May 2025 08:37:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
42:5c:9e:5c:b1:99:90:48:87:c2:11:eb:19:35:5b:1c:93:c1:60:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Apr 30 00:21:01 2025 GMT
Not After : Jun 4 23:59:59 2025 GMT
Subject: serialNumber=6ce3a8b28290ff7fb4ad07433fbdc45b19c82e25717737902e721553c2417dc1, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:87:04:98:cf:34:44:db:9a:72:9e:16:ba:e0:
c0:68:f5:ce:dd:33:2a:c3:b7:27:8b:fe:50:e8:94:
72:ea:c3:c7:83:5a:9e:a4:5d:dd:ed:31:8b:0d:83:
94:a6:67:92:24:7a:18:dd:64:01:3f:16:7e:c4:da:
23:d6:e9:9b:73:70:c3:cd:8e:e0:6f:c9:92:17:26:
00:b8:e9:aa:39:f9:c7:4d:98:f8:de:1a:e1:d0:7b:
c9:2c:f4:af:91:22:11:f1:fb:05:fa:55:39:db:b7:
a1:b6:5e:3a:11:a3:c3:c7:94:9c:62:58:27:2b:b1:
b4:ae:ec:2c:14:93:0c:7e:a9:e4:ce:53:0b:b7:bc:
6a:46:c4:ef:6f:05:86:96:73:c4:8c:d3:85:19:07:
f7:64:e8:14:ac:76:e7:e3:bc:ce:12:bf:aa:69:16:
8e:cd:48:4c:3b:37:e7:c3:73:ec:44:f4:55:fc:15:
2c:58:8e:47:64:4b:02:d1:c0:92:59:ec:aa:51:8b:
af:a4:f1:4e:74:0d:18:79:c7:7b:16:bf:73:88:b3:
2d:73:fd:00:03:14:43:83:ae:eb:21:ad:35:6b:d9:
0b:bf:7b:16:96:43:30:89:df:91:2d:59:12:d1:18:
b9:2d:b0:e9:65:b7:a4:54:37:ca:49:00:75:e7:63:
a5:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:FE:8B:8A:4D:5B:B9:A8:3E:4B:DB:B3:64:08:75:FB:78:40:63:8C
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/a972fe9b-c39f-48d1-8b19-c14cbaf16237.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc1::/32
Signature Algorithm: sha256WithRSAEncryption
74:5f:84:4a:e8:e3:5a:99:b8:83:ca:7e:fa:28:09:6d:fb:26:
92:9f:5b:1d:32:17:c9:19:a6:72:71:54:ca:bb:34:d2:93:1e:
df:ba:21:93:d3:b5:43:e8:e4:33:b1:9a:7d:de:a6:c2:31:71:
46:5a:1e:0b:7d:74:0b:65:1c:cf:0c:2f:14:2d:ed:e2:4f:c3:
4b:bb:23:7c:61:1d:a5:71:4f:c0:27:c4:46:34:aa:c5:a0:da:
a2:3f:15:87:cf:2e:c6:00:3f:3d:1b:96:1b:4a:14:d9:14:03:
db:e1:90:77:a7:3a:54:5b:5b:bf:e0:02:6b:9b:b5:90:c5:63:
3b:bb:1b:c2:b1:c7:60:00:a8:d3:13:d7:91:1d:93:30:49:78:
73:89:16:7b:ff:a2:ee:73:96:ef:ef:1f:8b:40:3e:ab:39:10:
11:d2:e4:02:2e:1a:66:bd:14:92:db:c2:f4:c4:95:29:aa:a4:
e9:6b:eb:b6:09:61:93:47:a0:ea:47:26:d8:0b:39:2c:48:07:
cd:f8:06:05:d1:20:65:7f:c7:64:eb:10:f7:38:ba:43:37:e4:
1f:b9:78:9d:fd:03:36:4d:b3:38:08:3e:56:fd:be:37:6b:b8:
36:68:18:4d:a7:cb:c2:28:18:d1:8a:ef:be:3c:ef:a9:6a:3d:
f9:1c:87:7b
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgIUQlyeXLGZkEiHwhHrGTVbHJPBYBcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA0MzAwMDIxMDFaFw0yNTA2MDQyMzU5NTlaMHoxSTBHBgNV
BAUTQDZjZTNhOGIyODI5MGZmN2ZiNGFkMDc0MzNmYmRjNDViMTljODJlMjU3MTc3
Mzc5MDJlNzIxNTUzYzI0MTdkYzExLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJyHBJjPNETbmnKeFrrgwGj1zt0zKsO3J4v+UOiUcurDx4NanqRd3e0xiw2D
lKZnkiR6GN1kAT8WfsTaI9bpm3Nww82O4G/JkhcmALjpqjn5x02Y+N4a4dB7ySz0
r5EiEfH7BfpVOdu3obZeOhGjw8eUnGJYJyuxtK7sLBSTDH6p5M5TC7e8akbE728F
hpZzxIzThRkH92ToFKx25+O8zhK/qmkWjs1ITDs358Nz7ET0VfwVLFiOR2RLAtHA
klnsqlGLr6TxTnQNGHnHexa/c4izLXP9AAMUQ4Ou6yGtNWvZC797FpZDMInfkS1Z
EtEYuS2w6WW3pFQ3ykkAdedjpe8CAwEAAaOCAiIwggIeMB0GA1UdDgQWBBTQ/ouK
TVu5qD5L27NkCHX7eEBjjDAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
YTk3MmZlOWItYzM5Zi00OGQxLThiMTktYzE0Y2JhZjE2MjM3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACABP8Ew
DQYJKoZIhvcNAQELBQADggEBAHRfhEro41qZuIPKfvooCW37JpKfWx0yF8kZpnJx
VMq7NNKTHt+6IZPTtUPo5DOxmn3epsIxcUZaHgt9dAtlHM8MLxQt7eJPw0u7I3xh
HaVxT8AnxEY0qsWg2qI/FYfPLsYAPz0blhtKFNkUA9vhkHenOlRbW7/gAmubtZDF
Yzu7G8Kxx2AAqNMT15EdkzBJeHOJFnv/ou5zlu/vH4tAPqs5EBHS5AIuGma9FJLb
wvTElSmqpOlr67YJYZNHoOpHJtgLOSxIB834BgXRIGV/x2TrEPc4ukM35B+5eJ39
AzZNszgIPlb9vjdruDZoGE2ny8IoGNGK774876lqPfkch3s=
-----END CERTIFICATE-----
Generated at Mon May 5 13:28:42 2025 by rpki-client