Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/bfd462bd-2e1f-485f-aa9c-e7e0c0bcb690.roa
File: bfd462bd-2e1f-485f-aa9c-e7e0c0bcb690.roa (raw, json)
Hash identifier: Yf9RZEYBeDyXUL4w8p78xKGO8OrKktW4cSNtovXPnPY=
Subject key identifier: 73:AB:E8:01:F9:DB:3B:3F:F8:11:4F:DC:DF:1C:8E:47:22:64:66:E8
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 2260FEB2F298F42AEB8F4A6B0C2584FB63B8C6CD
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/bfd462bd-2e1f-485f-aa9c-e7e0c0bcb690.roa
Signing time: Wed 30 Apr 2025 00:21:12 +0000
ROA not before: Wed 30 Apr 2025 00:21:12 +0000
ROA not after: Wed 04 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc7:a000::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 05 May 2025 22:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
22:60:fe:b2:f2:98:f4:2a:eb:8f:4a:6b:0c:25:84:fb:63:b8:c6:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Apr 30 00:21:12 2025 GMT
Not After : Jun 4 23:59:59 2025 GMT
Subject: serialNumber=ea816a9c79c101dffb2da4256b36d1d03505a4a13de41b2926317bcd24ef69f0, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:42:71:d4:8d:75:11:89:d8:0c:e7:16:ea:f4:
89:59:27:b6:83:e7:92:22:4b:a7:73:d1:7a:dc:00:
ea:bb:94:2e:83:6d:af:e9:06:62:e6:84:84:65:1f:
c0:a3:68:f7:75:d2:02:4d:1b:11:5c:0b:9d:41:7e:
01:07:a3:f7:59:36:fe:1b:ba:d3:6c:5b:65:44:fe:
2b:6f:dd:e8:87:c2:37:0c:30:66:12:6c:00:03:63:
ee:57:c9:9f:43:52:4a:30:2b:70:88:1c:0e:6f:ea:
0d:3b:44:f7:42:a3:61:78:b6:6b:72:83:7e:da:4f:
ab:9e:5a:3f:d3:b4:79:d0:63:e3:18:64:a5:3e:f1:
bf:e6:5b:54:a4:0e:12:7e:a8:a3:d0:00:62:cb:be:
20:00:af:96:41:38:7b:1e:54:04:17:7b:4b:fa:ea:
b1:4e:8e:34:e7:f3:31:bc:2d:fb:4c:92:19:40:6c:
12:39:11:74:e2:d7:4d:71:70:6f:65:3f:bb:39:6b:
39:90:c1:0d:32:13:56:44:51:d7:7a:80:d4:cc:14:
36:0c:8d:09:6e:3f:2b:fa:a3:33:28:85:66:10:9b:
12:dd:4a:15:87:38:7a:63:62:9d:de:3d:95:42:c9:
a7:22:4e:c1:b2:b0:4c:93:43:52:3e:f9:d2:99:97:
46:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:AB:E8:01:F9:DB:3B:3F:F8:11:4F:DC:DF:1C:8E:47:22:64:66:E8
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/bfd462bd-2e1f-485f-aa9c-e7e0c0bcb690.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc7:a000::/36
Signature Algorithm: sha256WithRSAEncryption
6d:01:29:a9:ef:1d:02:73:af:46:af:ca:d7:55:5f:fe:16:48:
74:4a:87:fc:85:65:f8:44:10:56:e2:93:d5:d2:e0:f3:0c:00:
ab:d3:8e:14:d6:ce:24:2f:f0:85:3d:ca:5e:ed:20:8d:1a:d5:
17:13:26:4f:16:83:14:a7:22:86:cb:31:29:85:4d:02:0f:b1:
73:3f:7b:51:73:90:ea:9a:ca:b4:d3:0a:22:16:c9:6b:b4:02:
16:4e:ab:eb:cd:26:cb:46:19:06:42:26:6a:fa:d6:0f:71:9d:
94:83:05:27:38:bc:88:92:3a:80:21:07:49:37:f9:5f:89:95:
d7:40:61:d4:6b:39:9c:23:c1:de:bf:15:56:bf:76:67:a4:81:
99:0d:37:78:76:b8:17:89:90:d4:a5:30:eb:87:d0:5f:76:c7:
c1:ac:ba:52:72:61:2d:68:84:7f:c8:17:1c:d1:09:f7:88:84:
f8:97:18:97:2f:19:df:7d:b9:a6:f5:48:6d:45:17:86:77:7b:
25:19:20:73:2b:30:79:20:05:5e:9f:22:f9:2e:3b:c0:c6:61:
ce:ed:f7:09:ab:15:72:5a:ba:be:98:b3:72:00:53:11:52:76:
d4:0d:41:24:2e:48:ea:3f:db:2f:5a:fa:c0:ae:04:58:3a:a3:
d7:14:9d:54
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUImD+svKY9Crrj0prDCWE+2O4xs0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA0MzAwMDIxMTJaFw0yNTA2MDQyMzU5NTlaMHoxSTBHBgNV
BAUTQGVhODE2YTljNzljMTAxZGZmYjJkYTQyNTZiMzZkMWQwMzUwNWE0YTEzZGU0
MWIyOTI2MzE3YmNkMjRlZjY5ZjAxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL9CcdSNdRGJ2AznFur0iVkntoPnkiJLp3PRetwA6ruULoNtr+kGYuaEhGUf
wKNo93XSAk0bEVwLnUF+AQej91k2/hu602xbZUT+K2/d6IfCNwwwZhJsAANj7lfJ
n0NSSjArcIgcDm/qDTtE90KjYXi2a3KDftpPq55aP9O0edBj4xhkpT7xv+ZbVKQO
En6oo9AAYsu+IACvlkE4ex5UBBd7S/rqsU6ONOfzMbwt+0ySGUBsEjkRdOLXTXFw
b2U/uzlrOZDBDTITVkRR13qA1MwUNgyNCW4/K/qjMyiFZhCbEt1KFYc4emNind49
lULJpyJOwbKwTJNDUj750pmXRm8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRzq+gB
+ds7P/gRT9zfHI5HImRm6DAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
YmZkNDYyYmQtMmUxZi00ODVmLWFhOWMtZTdlMGMwYmNiNjkwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCABP8eg
MA0GCSqGSIb3DQEBCwUAA4IBAQBtASmp7x0Cc69Gr8rXVV/+Fkh0Sof8hWX4RBBW
4pPV0uDzDACr044U1s4kL/CFPcpe7SCNGtUXEyZPFoMUpyKGyzEphU0CD7FzP3tR
c5Dqmsq00woiFslrtAIWTqvrzSbLRhkGQiZq+tYPcZ2UgwUnOLyIkjqAIQdJN/lf
iZXXQGHUazmcI8HevxVWv3ZnpIGZDTd4drgXiZDUpTDrh9BfdsfBrLpScmEtaIR/
yBcc0Qn3iIT4lxiXLxnffbmm9UhtRReGd3slGSBzKzB5IAVenyL5LjvAxmHO7fcJ
qxVyWrq+mLNyAFMRUnbUDUEkLkjqP9svWvrArgRYOqPXFJ1U
-----END CERTIFICATE-----
Generated at Mon May 5 08:23:04 2025 by rpki-client