Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/c956296d-d626-42b2-a9ef-bb988f4c3cc9.roa
File: c956296d-d626-42b2-a9ef-bb988f4c3cc9.roa (raw, json)
Hash identifier: dXHsskIEW1nearWNTd/YdOh3ih0X85GtwCd+VN9HXzc=
Subject key identifier: C5:7C:25:A3:CC:77:6C:3B:C9:98:49:DD:1B:6F:36:28:FB:DE:51:45
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 2929B21A2804DD05D37FEB3A06679733BC304973
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/c956296d-d626-42b2-a9ef-bb988f4c3cc9.roa
Signing time: Wed 30 Apr 2025 00:11:10 +0000
ROA not before: Wed 30 Apr 2025 00:11:10 +0000
ROA not after: Wed 04 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc3:58c0::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 05 May 2025 22:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
29:29:b2:1a:28:04:dd:05:d3:7f:eb:3a:06:67:97:33:bc:30:49:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Apr 30 00:11:10 2025 GMT
Not After : Jun 4 23:59:59 2025 GMT
Subject: serialNumber=9b062ecf9c38ca4700db2ef67ef347959388717199d96328593bfee512438dea, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:6c:50:bf:a8:c1:f4:85:15:7e:65:cb:55:26:
b3:d4:11:c7:5c:dc:ae:db:1d:e9:fd:a1:7f:31:24:
cb:e3:4c:a6:7a:f3:77:f6:97:d4:1c:44:3a:9d:cd:
7e:74:5f:f4:ce:18:d0:e7:73:c1:60:8c:57:c6:d3:
08:3d:d9:fd:b4:f3:d0:ce:16:bc:f0:d6:0e:1b:3b:
32:43:1a:36:67:48:ba:48:66:06:39:b7:dd:df:de:
57:4a:0e:1e:a9:49:35:29:8b:94:45:39:c3:dd:37:
a3:04:b1:91:b7:88:67:7b:68:10:04:6e:07:96:00:
e9:ea:1d:d3:81:e1:b3:8e:27:7e:ef:ff:32:94:52:
f8:04:6c:e4:71:dc:be:c3:58:46:1b:86:08:49:bd:
7e:9e:a8:ba:e3:b5:2f:c6:53:da:39:6e:e3:a8:64:
ce:c7:ac:08:ca:2b:0e:54:ff:59:af:b7:8d:37:ba:
e1:9a:ac:d0:45:6f:8b:14:e4:09:0b:39:2b:a9:4c:
a6:07:2d:3f:e2:45:0b:43:f9:87:12:22:50:75:dd:
02:23:87:db:11:f2:d3:e1:bb:cc:72:44:80:5e:d3:
85:d4:11:05:9b:94:2f:fc:8a:be:0a:e4:d9:b7:35:
e9:a8:88:77:e1:92:a8:74:a8:75:b4:f6:9c:21:c8:
24:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:7C:25:A3:CC:77:6C:3B:C9:98:49:DD:1B:6F:36:28:FB:DE:51:45
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/c956296d-d626-42b2-a9ef-bb988f4c3cc9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc3:58c0::/46
Signature Algorithm: sha256WithRSAEncryption
70:16:77:ea:7b:cc:a1:1f:69:14:6a:a8:8c:a0:9d:fe:7e:9f:
e9:af:f3:14:0d:16:02:2f:99:a2:16:9f:85:5e:15:cd:bc:6d:
b6:bd:78:aa:9a:8a:91:bd:1c:9d:6a:b7:78:1c:45:15:b4:01:
08:19:68:07:81:61:39:ee:ac:47:f3:c4:aa:82:19:bd:58:d9:
ea:d7:a8:24:15:3c:fd:64:70:a0:cb:38:fc:a6:21:57:66:d6:
16:af:26:6d:37:00:a4:f3:8e:1f:c0:7f:85:4c:74:f3:2c:45:
2a:62:70:7f:c5:f5:af:1b:37:40:eb:b2:25:1c:62:06:2f:d8:
94:c6:71:89:06:28:0a:dd:73:df:e0:64:8b:16:4f:d2:88:42:
d2:e1:9a:b6:95:45:cb:48:ef:3a:14:9c:9b:72:62:ba:b1:7b:
a8:fb:9a:c3:44:36:29:a6:77:ec:9b:71:c2:3d:09:76:c1:96:
94:0b:a7:9a:71:5d:f0:05:e3:84:06:c9:5b:de:1a:59:55:8b:
9c:45:7e:ea:dd:36:48:94:95:1b:46:78:77:ec:3f:d7:ee:d4:
fa:80:42:9a:32:33:53:98:af:cb:f1:b7:02:c8:83:78:a3:cb:
12:1b:2e:64:7f:4f:41:1a:81:f1:dc:7b:28:1d:a3:09:e9:b2:
99:74:e7:c7
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUKSmyGigE3QXTf+s6BmeXM7wwSXMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA0MzAwMDExMTBaFw0yNTA2MDQyMzU5NTlaMHoxSTBHBgNV
BAUTQDliMDYyZWNmOWMzOGNhNDcwMGRiMmVmNjdlZjM0Nzk1OTM4ODcxNzE5OWQ5
NjMyODU5M2JmZWU1MTI0MzhkZWExLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJlsUL+owfSFFX5ly1Ums9QRx1zcrtsd6f2hfzEky+NMpnrzd/aX1BxEOp3N
fnRf9M4Y0OdzwWCMV8bTCD3Z/bTz0M4WvPDWDhs7MkMaNmdIukhmBjm33d/eV0oO
HqlJNSmLlEU5w903owSxkbeIZ3toEARuB5YA6eod04Hhs44nfu//MpRS+ARs5HHc
vsNYRhuGCEm9fp6ouuO1L8ZT2jlu46hkzsesCMorDlT/Wa+3jTe64Zqs0EVvixTk
CQs5K6lMpgctP+JFC0P5hxIiUHXdAiOH2xHy0+G7zHJEgF7ThdQRBZuUL/yKvgrk
2bc16aiId+GSqHSodbT2nCHIJDkCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTFfCWj
zHdsO8mYSd0bbzYo+95RRTAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
Yzk1NjI5NmQtZDYyNi00MmIyLWE5ZWYtYmI5ODhmNGMzY2M5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAiABP8NY
wDANBgkqhkiG9w0BAQsFAAOCAQEAcBZ36nvMoR9pFGqojKCd/n6f6a/zFA0WAi+Z
ohafhV4Vzbxttr14qpqKkb0cnWq3eBxFFbQBCBloB4FhOe6sR/PEqoIZvVjZ6teo
JBU8/WRwoMs4/KYhV2bWFq8mbTcApPOOH8B/hUx08yxFKmJwf8X1rxs3QOuyJRxi
Bi/YlMZxiQYoCt1z3+BkixZP0ohC0uGatpVFy0jvOhScm3JiurF7qPuaw0Q2KaZ3
7Jtxwj0JdsGWlAunmnFd8AXjhAbJW94aWVWLnEV+6t02SJSVG0Z4d+w/1+7U+oBC
mjIzU5ivy/G3AsiDeKPLEhsuZH9PQRqB8dx7KB2jCemymXTnxw==
-----END CERTIFICATE-----
Generated at Mon May 5 03:40:45 2025 by rpki-client