Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/bb926853-f3ad-4f1a-b024-12b34c55d5bc.roa
File: bb926853-f3ad-4f1a-b024-12b34c55d5bc.roa (raw, json)
Hash identifier: 5IJMji06/PIR5TysBv45uYjv6dTZjN4xDjpUwYJvTlc=
Subject key identifier: 8E:82:CF:47:28:44:C0:0B:3C:04:5D:86:84:DB:87:84:B7:4A:34:38
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 529F04C7EE2117272E8B4AD5269FE49B8D92472F
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/bb926853-f3ad-4f1a-b024-12b34c55d5bc.roa
Signing time: Wed 30 Apr 2025 00:10:39 +0000
ROA not before: Wed 30 Apr 2025 00:10:39 +0000
ROA not after: Wed 04 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc7:f880::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 07 May 2025 14:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
52:9f:04:c7:ee:21:17:27:2e:8b:4a:d5:26:9f:e4:9b:8d:92:47:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Apr 30 00:10:39 2025 GMT
Not After : Jun 4 23:59:59 2025 GMT
Subject: serialNumber=31b5145ac916093d7f77c82fc5f6ad4931134f7d7557e57ca0cb4f184f41232a, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:ea:c6:42:e2:7e:0e:8b:72:aa:60:27:92:61:
92:17:e1:c2:6a:75:39:f2:ea:ae:d5:59:ac:f7:8e:
8f:85:68:9a:db:29:7a:4b:31:28:60:73:04:4d:18:
dc:e8:b4:c8:48:c8:bd:fd:ce:4e:3d:fd:0b:97:ad:
23:da:c1:ea:72:f0:6c:84:4f:7a:f5:3d:92:bd:2d:
57:fc:c8:d0:dc:95:65:f9:54:e4:c4:d4:59:17:cf:
66:d2:dd:79:d6:95:04:79:d6:c1:06:7e:9d:10:91:
e5:cd:b5:69:6e:34:78:ab:95:42:f2:63:69:41:5f:
d3:e3:bb:a2:e9:6e:92:29:55:7b:ae:f5:18:e5:68:
a5:ab:60:89:fd:59:9b:53:33:d3:31:8e:22:a0:44:
3f:1d:c0:c3:5a:bb:64:9e:04:b4:db:16:b6:15:a0:
a6:07:3c:f1:fc:66:68:ca:3b:ad:64:48:80:a4:b5:
11:bf:00:ce:a0:21:f0:41:9e:09:09:c3:f5:d6:87:
6b:ed:b5:fb:50:ce:8a:07:8a:5a:44:ef:19:b4:53:
52:67:86:aa:59:73:a9:67:d1:c1:fc:c6:be:76:3d:
6c:4f:56:12:4a:58:59:42:96:97:e6:93:5d:be:2d:
75:e4:66:96:d1:ae:c4:5c:bf:d9:4f:bd:14:d9:d6:
b0:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:82:CF:47:28:44:C0:0B:3C:04:5D:86:84:DB:87:84:B7:4A:34:38
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/bb926853-f3ad-4f1a-b024-12b34c55d5bc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc7:f880::/48
Signature Algorithm: sha256WithRSAEncryption
60:1b:c7:63:51:1d:47:ae:07:64:98:44:31:5b:79:54:28:82:
c9:8e:c7:4d:32:6a:3b:da:b4:a2:d9:81:d1:8e:7b:d4:b3:88:
ed:e2:4b:c6:b1:4a:20:f1:41:44:e7:9d:a0:44:fc:c4:b4:d0:
1a:3c:2e:64:57:27:80:c1:8f:b7:d1:21:ce:e9:cf:2f:a4:17:
26:3e:a7:f6:ee:cc:2a:fb:c9:b3:71:8b:7f:72:3f:2b:d7:72:
4b:23:19:ee:47:b4:5c:ec:79:80:fa:8e:27:a3:f3:2e:08:78:
ba:e4:67:66:8f:10:5b:03:fe:f7:12:13:f9:83:e7:01:26:c1:
75:5a:17:a6:55:2e:fa:7b:12:65:7a:bd:24:6d:62:b0:22:fb:
d1:15:17:20:bc:30:2f:dc:2c:56:95:a9:9a:bd:64:23:b3:6e:
ae:cf:78:34:d9:b7:34:96:b3:f9:85:e3:9a:29:42:a3:1c:aa:
bf:ed:cb:c4:35:5e:ba:57:6c:e3:16:7f:9d:08:4c:8f:b7:91:
b7:e9:a4:bc:af:5d:95:f8:2b:76:e3:a3:52:0f:36:1d:9b:55:
05:15:e1:76:ec:56:f3:86:3b:89:ab:e0:ba:82:9f:ca:a9:62:
f6:e7:1f:6c:54:d4:f7:a6:48:d8:fa:46:05:0b:2f:d6:8e:5a:
50:39:ed:c8
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUUp8Ex+4hFycui0rVJp/km42SRy8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA0MzAwMDEwMzlaFw0yNTA2MDQyMzU5NTlaMHoxSTBHBgNV
BAUTQDMxYjUxNDVhYzkxNjA5M2Q3Zjc3YzgyZmM1ZjZhZDQ5MzExMzRmN2Q3NTU3
ZTU3Y2EwY2I0ZjE4NGY0MTIzMmExLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMfqxkLifg6LcqpgJ5Jhkhfhwmp1OfLqrtVZrPeOj4VomtspeksxKGBzBE0Y
3Oi0yEjIvf3OTj39C5etI9rB6nLwbIRPevU9kr0tV/zI0NyVZflU5MTUWRfPZtLd
edaVBHnWwQZ+nRCR5c21aW40eKuVQvJjaUFf0+O7oulukilVe671GOVopatgif1Z
m1Mz0zGOIqBEPx3Aw1q7ZJ4EtNsWthWgpgc88fxmaMo7rWRIgKS1Eb8AzqAh8EGe
CQnD9daHa+21+1DOigeKWkTvGbRTUmeGqllzqWfRwfzGvnY9bE9WEkpYWUKWl+aT
Xb4tdeRmltGuxFy/2U+9FNnWsG0CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSOgs9H
KETACzwEXYaE24eEt0o0ODAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
YmI5MjY4NTMtZjNhZC00ZjFhLWIwMjQtMTJiMzRjNTVkNWJjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACABP8f4
gDANBgkqhkiG9w0BAQsFAAOCAQEAYBvHY1EdR64HZJhEMVt5VCiCyY7HTTJqO9q0
otmB0Y571LOI7eJLxrFKIPFBROedoET8xLTQGjwuZFcngMGPt9EhzunPL6QXJj6n
9u7MKvvJs3GLf3I/K9dySyMZ7ke0XOx5gPqOJ6PzLgh4uuRnZo8QWwP+9xIT+YPn
ASbBdVoXplUu+nsSZXq9JG1isCL70RUXILwwL9wsVpWpmr1kI7Nurs94NNm3NJaz
+YXjmilCoxyqv+3LxDVeulds4xZ/nQhMj7eRt+mkvK9dlfgrduOjUg82HZtVBRXh
duxW84Y7iavguoKfyqli9ucfbFTU96ZI2PpGBQsv1o5aUDntyA==
-----END CERTIFICATE-----
Generated at Tue May 6 17:03:33 2025 by rpki-client