Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/bb6731f4-6cec-4564-8c6d-9e46397fac5a.roa
File: bb6731f4-6cec-4564-8c6d-9e46397fac5a.roa (raw, json)
Hash identifier: 94c2SFuKgadiyXAS70DbRxQRBoTUp8CjCWnd+Sio5tk=
Subject key identifier: A4:79:6E:CE:96:A0:F8:F8:08:82:85:01:F2:A9:96:B9:98:54:C8:B2
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 5D8A713544F8D35348325E8B4DD63A841E7E81CD
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/bb6731f4-6cec-4564-8c6d-9e46397fac5a.roa
Signing time: Wed 30 Apr 2025 00:21:14 +0000
ROA not before: Wed 30 Apr 2025 00:21:14 +0000
ROA not after: Wed 04 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc3:2000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 06 May 2025 18:19:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5d:8a:71:35:44:f8:d3:53:48:32:5e:8b:4d:d6:3a:84:1e:7e:81:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Apr 30 00:21:14 2025 GMT
Not After : Jun 4 23:59:59 2025 GMT
Subject: serialNumber=c7dbea729c1af68e04a9ae24c910a30101dc7974dee10575405b3d04c48e8e03, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:93:1d:83:af:d3:f0:70:73:15:a4:02:70:0c:
09:e7:8e:53:da:b3:e6:f2:cb:5a:0b:ad:ca:fb:41:
ff:cc:75:df:02:80:ef:74:a9:12:b7:74:70:04:74:
ae:5f:8b:ba:a5:4e:e1:92:68:35:e2:0a:ce:49:e7:
08:b0:dc:c6:51:a8:98:15:0a:11:92:79:98:de:a5:
11:90:fe:18:d4:f5:11:91:0d:27:94:d2:99:be:4c:
e4:57:44:5a:b1:e5:c8:f2:d6:08:95:e0:16:c1:96:
f4:e7:87:86:1a:a5:11:0c:01:30:a7:2e:c5:27:78:
68:76:09:7b:f6:0b:0d:93:c7:c1:9d:9d:26:a6:4f:
a5:14:f8:ae:2c:00:17:10:58:df:11:bb:d7:07:58:
c0:04:91:00:39:98:86:ec:ee:60:06:10:4b:92:80:
1c:e9:ea:6e:5f:68:f1:e1:67:13:3b:40:a7:85:18:
c8:94:aa:3c:8d:94:ea:cd:d0:e5:63:27:87:42:0e:
ca:62:71:49:b8:be:ff:04:ed:3a:c9:9d:61:3e:89:
27:e5:58:96:c3:4f:ca:94:07:a4:d3:91:48:30:75:
41:25:6d:55:c6:67:a0:10:9a:9c:de:7e:eb:94:3f:
26:13:80:af:53:19:1b:ed:75:0f:f6:70:31:31:0d:
73:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:79:6E:CE:96:A0:F8:F8:08:82:85:01:F2:A9:96:B9:98:54:C8:B2
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/bb6731f4-6cec-4564-8c6d-9e46397fac5a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc3:2000::/36
Signature Algorithm: sha256WithRSAEncryption
7a:ae:5b:9d:ba:6c:51:b0:32:88:54:68:ad:42:d3:5d:7b:e9:
76:0f:62:16:5f:b5:5c:58:b3:67:b6:7e:10:6b:38:36:e2:0f:
85:ef:7e:8d:5c:c2:fe:c0:82:62:4a:ee:fa:ff:5c:fe:6b:33:
1b:7c:20:65:23:2b:c6:f9:27:33:07:47:3b:3e:b0:b7:f5:e6:
bd:7b:24:d7:6e:ea:79:21:06:de:fb:d3:29:6a:b4:08:6f:ce:
5d:d2:1c:c3:65:84:77:55:ee:c8:fe:77:15:dd:64:8e:8d:99:
23:b1:e9:d6:c7:37:e0:f1:fe:88:3a:45:66:9b:2a:2a:5d:d9:
bc:49:64:7d:8d:cb:ac:8f:70:2f:dd:aa:59:02:d8:94:57:4d:
cb:29:9d:cd:69:ff:ce:9f:7c:b3:38:72:28:b7:ac:9a:0c:ea:
e2:2f:eb:4b:03:1c:f1:f4:a4:70:cb:c1:12:08:f5:0e:6f:eb:
8a:20:34:ee:9e:ba:af:b5:e4:98:f5:c0:12:08:4d:04:5f:aa:
c1:e3:72:83:6f:db:a1:71:ec:65:8c:11:c4:5f:15:e7:18:89:
9a:40:4a:f4:d4:b8:a2:c8:ef:77:e5:a6:da:9f:45:f5:4b:b2:
42:79:40:70:e6:c8:46:b4:59:bc:1b:13:b6:1a:a6:1f:11:57:
76:ae:08:a7
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUXYpxNUT401NIMl6LTdY6hB5+gc0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA0MzAwMDIxMTRaFw0yNTA2MDQyMzU5NTlaMHoxSTBHBgNV
BAUTQGM3ZGJlYTcyOWMxYWY2OGUwNGE5YWUyNGM5MTBhMzAxMDFkYzc5NzRkZWUx
MDU3NTQwNWIzZDA0YzQ4ZThlMDMxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALSTHYOv0/BwcxWkAnAMCeeOU9qz5vLLWgutyvtB/8x13wKA73SpErd0cAR0
rl+LuqVO4ZJoNeIKzknnCLDcxlGomBUKEZJ5mN6lEZD+GNT1EZENJ5TSmb5M5FdE
WrHlyPLWCJXgFsGW9OeHhhqlEQwBMKcuxSd4aHYJe/YLDZPHwZ2dJqZPpRT4riwA
FxBY3xG71wdYwASRADmYhuzuYAYQS5KAHOnqbl9o8eFnEztAp4UYyJSqPI2U6s3Q
5WMnh0IOymJxSbi+/wTtOsmdYT6JJ+VYlsNPypQHpNORSDB1QSVtVcZnoBCanN5+
65Q/JhOAr1MZG+11D/ZwMTENc8cCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSkeW7O
lqD4+AiChQHyqZa5mFTIsjAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
YmI2NzMxZjQtNmNlYy00NTY0LThjNmQtOWU0NjM5N2ZhYzVhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCABP8Mg
MA0GCSqGSIb3DQEBCwUAA4IBAQB6rludumxRsDKIVGitQtNde+l2D2IWX7VcWLNn
tn4Qazg24g+F736NXML+wIJiSu76/1z+azMbfCBlIyvG+SczB0c7PrC39ea9eyTX
bup5IQbe+9MparQIb85d0hzDZYR3Ve7I/ncV3WSOjZkjsenWxzfg8f6IOkVmmyoq
Xdm8SWR9jcusj3Av3apZAtiUV03LKZ3Naf/On3yzOHIot6yaDOriL+tLAxzx9KRw
y8ESCPUOb+uKIDTunrqvteSY9cASCE0EX6rB43KDb9uhcexljBHEXxXnGImaQEr0
1LiiyO935aban0X1S7JCeUBw5shGtFm8GxO2GqYfEVd2rgin
-----END CERTIFICATE-----
Generated at Tue May 6 01:56:50 2025 by rpki-client