Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/baededf2-26d8-42f7-b8bc-fbf1dc4fb03d.roa
File: baededf2-26d8-42f7-b8bc-fbf1dc4fb03d.roa (raw, json)
Hash identifier: 34xKR9yUzNveEuJ+oAc9c5fHMmsa/lBq4kN/5j5uvIs=
Subject key identifier: D7:12:49:62:21:13:8B:97:3A:34:26:DC:58:99:3B:48:33:1D:23:F8
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 04FF405B202B1149E911B70028EF5E50011092A4
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/baededf2-26d8-42f7-b8bc-fbf1dc4fb03d.roa
Signing time: Wed 30 Apr 2025 00:20:44 +0000
ROA not before: Wed 30 Apr 2025 00:20:44 +0000
ROA not after: Wed 04 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc7:6000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 06 May 2025 08:37:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
04:ff:40:5b:20:2b:11:49:e9:11:b7:00:28:ef:5e:50:01:10:92:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Apr 30 00:20:44 2025 GMT
Not After : Jun 4 23:59:59 2025 GMT
Subject: serialNumber=ab4d871275b861180049bcad60aeb4d64df606e9d5f35ad79e81f3c6c2f2918d, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:41:e7:dc:1c:17:32:88:df:13:40:60:1f:f4:
41:b4:00:80:95:9e:89:2a:c8:80:8e:b8:f0:7d:f2:
d1:a9:65:0e:e3:02:df:4b:d5:0c:82:f1:40:8b:01:
9b:4f:33:a4:7c:10:e1:94:6d:44:9c:85:e3:59:c0:
95:bb:e8:eb:40:3b:36:8d:e4:82:17:6d:c1:75:bc:
a7:07:1a:1b:b2:c5:2f:db:0d:a4:99:2c:40:35:71:
5e:2d:11:ab:79:6f:03:83:1d:e6:3a:c4:55:ef:a4:
f1:5e:d4:40:5b:75:3b:fd:08:8d:be:c1:b3:90:d6:
40:4d:f9:9a:a5:c0:7d:9b:75:58:d4:42:41:8d:e4:
4d:9a:2a:1b:dd:de:68:95:a0:87:d0:27:1e:f5:4a:
d8:a3:c8:60:81:41:4f:c5:92:58:43:5b:47:c2:fe:
ed:99:96:70:40:f4:84:c0:c0:9d:45:69:af:25:95:
2e:a0:90:c7:50:f1:b7:94:63:ef:be:71:b1:1c:5a:
51:49:47:66:b4:41:5f:54:6c:1c:66:45:dc:95:d1:
d8:0e:c6:7f:c8:72:bb:d5:41:ca:59:25:ca:c7:c8:
70:e9:24:cb:53:ee:93:8b:6d:da:2a:36:55:0a:64:
8a:e1:98:d0:0c:29:4a:ce:54:fc:a9:da:dc:63:64:
2d:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:12:49:62:21:13:8B:97:3A:34:26:DC:58:99:3B:48:33:1D:23:F8
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/baededf2-26d8-42f7-b8bc-fbf1dc4fb03d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc7:6000::/36
Signature Algorithm: sha256WithRSAEncryption
2c:f5:52:38:a3:ac:2c:3d:bd:cb:e1:21:2c:06:80:be:0b:93:
76:66:2e:3a:35:a2:46:2d:d7:c3:0b:84:86:15:c7:c4:0b:9f:
7c:d8:15:dc:28:3f:0b:ed:6a:0d:ae:68:26:b4:68:85:dc:a5:
a1:0b:ca:ef:a9:8e:03:ee:43:eb:75:dc:9e:f1:68:7a:a6:06:
ef:fd:a2:8e:90:2f:33:3c:30:43:a5:92:17:8f:9a:e7:66:fc:
64:0d:36:f6:3e:1d:2a:29:e0:0e:0a:fe:1e:fb:f3:be:da:0a:
87:2d:17:74:1f:71:c3:e6:13:b0:30:4d:75:82:86:48:8f:6f:
4b:6e:6e:80:33:5a:7a:8b:61:8a:2f:ea:13:e3:4d:69:5e:eb:
33:8c:5a:fd:58:9e:66:ff:2d:09:79:e1:d5:e0:26:53:dc:01:
c4:00:6c:82:7b:79:e7:8d:1d:79:1c:10:eb:b6:40:e3:bb:82:
5e:27:3e:10:d8:03:34:bb:01:85:1d:07:3a:63:3c:6c:58:98:
05:da:e4:d1:fe:d6:9b:63:e5:89:6d:77:fb:53:ff:62:a6:67:
ea:cc:6e:f8:d2:11:e4:42:16:88:43:f9:40:d0:ee:02:33:7d:
97:f6:83:a2:f8:e8:59:75:d5:b3:d3:42:4b:67:67:1b:03:48:
29:03:a2:e2
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUBP9AWyArEUnpEbcAKO9eUAEQkqQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA0MzAwMDIwNDRaFw0yNTA2MDQyMzU5NTlaMHoxSTBHBgNV
BAUTQGFiNGQ4NzEyNzViODYxMTgwMDQ5YmNhZDYwYWViNGQ2NGRmNjA2ZTlkNWYz
NWFkNzllODFmM2M2YzJmMjkxOGQxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKZB59wcFzKI3xNAYB/0QbQAgJWeiSrIgI648H3y0allDuMC30vVDILxQIsB
m08zpHwQ4ZRtRJyF41nAlbvo60A7No3kghdtwXW8pwcaG7LFL9sNpJksQDVxXi0R
q3lvA4Md5jrEVe+k8V7UQFt1O/0Ijb7Bs5DWQE35mqXAfZt1WNRCQY3kTZoqG93e
aJWgh9AnHvVK2KPIYIFBT8WSWENbR8L+7ZmWcED0hMDAnUVpryWVLqCQx1Dxt5Rj
775xsRxaUUlHZrRBX1RsHGZF3JXR2A7Gf8hyu9VBylklysfIcOkky1Puk4tt2io2
VQpkiuGY0AwpSs5U/Kna3GNkLW0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTXEkli
IROLlzo0JtxYmTtIMx0j+DAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
YmFlZGVkZjItMjZkOC00MmY3LWI4YmMtZmJmMWRjNGZiMDNkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCABP8dg
MA0GCSqGSIb3DQEBCwUAA4IBAQAs9VI4o6wsPb3L4SEsBoC+C5N2Zi46NaJGLdfD
C4SGFcfEC5982BXcKD8L7WoNrmgmtGiF3KWhC8rvqY4D7kPrddye8Wh6pgbv/aKO
kC8zPDBDpZIXj5rnZvxkDTb2Ph0qKeAOCv4e+/O+2gqHLRd0H3HD5hOwME11goZI
j29Lbm6AM1p6i2GKL+oT401pXuszjFr9WJ5m/y0JeeHV4CZT3AHEAGyCe3nnjR15
HBDrtkDju4JeJz4Q2AM0uwGFHQc6YzxsWJgF2uTR/tabY+WJbXf7U/9ipmfqzG74
0hHkQhaIQ/lA0O4CM32X9oOi+OhZddWz00JLZ2cbA0gpA6Li
-----END CERTIFICATE-----
Generated at Mon May 5 13:28:36 2025 by rpki-client