Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/cb8e2b63-db40-4825-9c5a-943662c198a5.roa
File: cb8e2b63-db40-4825-9c5a-943662c198a5.roa (raw, json)
Hash identifier: YV8X0Pej4MuEuzdyK/FH6vq4qrm+rLnC34b3GvwdSEM=
Subject key identifier: 1B:89:ED:79:14:86:F7:8E:3F:F5:04:77:82:70:A2:D3:F6:FD:2A:8D
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 1D24C7ABF784E957C5FA0C816A901805DB43C5F5
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/cb8e2b63-db40-4825-9c5a-943662c198a5.roa
Signing time: Wed 30 Apr 2025 00:11:08 +0000
ROA not before: Wed 30 Apr 2025 00:11:08 +0000
ROA not after: Wed 04 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc7:7840::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 05 May 2025 22:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1d:24:c7:ab:f7:84:e9:57:c5:fa:0c:81:6a:90:18:05:db:43:c5:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Apr 30 00:11:08 2025 GMT
Not After : Jun 4 23:59:59 2025 GMT
Subject: serialNumber=49182a88b7c50730c76e0ff047e4c64b512e99ef69f01f79b4c6a183b1ead905, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:93:3f:c8:cc:7c:e3:f8:fb:a5:3c:f7:a2:5e:
cb:f0:ba:54:1b:14:7a:79:7e:ad:69:8f:01:86:80:
42:2f:6c:bf:ea:aa:86:d5:bd:f9:34:38:45:ea:bb:
90:19:32:de:4b:38:da:50:18:ee:8a:61:c6:09:e4:
08:46:d9:23:d0:e9:b0:63:8d:0c:3a:5e:fd:aa:12:
f2:93:3f:ae:01:e6:b9:c6:57:f3:ae:7e:86:25:fc:
31:56:02:b9:2e:0d:e5:09:49:b0:9b:65:35:ed:dc:
c2:e4:0e:2d:f3:6f:a8:de:60:15:b9:ea:4a:14:77:
0d:63:8e:86:1a:c5:2b:90:ef:75:2c:1a:ef:9a:fc:
4a:24:12:5a:4c:57:8c:ac:28:74:0a:a9:e8:36:ff:
8b:c8:a9:c4:ab:c7:96:21:12:08:c7:77:b9:0e:9f:
66:81:31:c2:8e:41:c6:79:9c:4d:9d:50:b8:3a:5e:
b1:56:f0:a0:e4:57:ce:32:a9:10:4b:3f:d9:f1:b0:
83:bd:cc:4e:2b:a9:ca:70:fc:74:07:e7:3d:47:e0:
ea:86:e1:67:d5:4f:31:0a:91:08:f2:0a:ed:c2:5f:
ab:f0:3f:9e:f1:fe:28:19:ec:50:a5:81:e3:10:97:
e4:4e:95:09:aa:f2:63:15:e4:57:4b:f1:27:2b:45:
67:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:89:ED:79:14:86:F7:8E:3F:F5:04:77:82:70:A2:D3:F6:FD:2A:8D
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/cb8e2b63-db40-4825-9c5a-943662c198a5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc7:7840::/46
Signature Algorithm: sha256WithRSAEncryption
27:65:83:a0:b1:59:26:c1:62:e7:da:78:ff:cd:ea:80:c7:04:
68:79:79:b3:4d:8b:b6:8e:bf:4c:b6:ee:89:4a:30:4a:01:7e:
31:69:24:b6:86:2f:79:ef:b2:2c:2b:06:7a:b1:c0:bb:4e:6b:
cf:29:0d:6e:55:0f:ae:3d:bc:45:24:b9:5e:c3:9b:5d:b9:46:
12:e1:8d:d9:4f:7f:2c:cc:3b:8b:ce:af:58:51:ca:49:50:ff:
e5:33:b6:dd:bb:10:43:1f:53:e7:3d:be:02:30:78:3c:ad:45:
d9:6b:a6:2d:09:e0:67:01:c5:94:40:69:6f:2c:a3:c2:ff:3b:
8b:5c:bc:33:5b:cd:6e:fd:94:c8:ca:6a:96:0a:98:19:89:cc:
fb:d7:23:92:a7:16:ec:15:27:8b:d4:f1:11:9a:33:60:9c:64:
66:66:d9:a3:22:45:69:f5:14:24:d9:d9:c1:44:96:42:69:0b:
28:2e:ad:4e:0e:b8:33:ff:42:cc:70:5a:c3:f6:84:fe:3f:44:
7b:f6:14:80:a0:cd:70:fe:50:df:b9:0f:e4:6b:75:7f:92:c5:
47:fd:99:5c:e9:2f:ce:43:7b:4f:a8:88:c8:96:91:64:c1:a8:
b9:09:52:90:55:80:bc:97:07:39:e5:fb:82:b1:dc:6b:78:8e:
b3:79:f1:c3
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUHSTHq/eE6VfF+gyBapAYBdtDxfUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA0MzAwMDExMDhaFw0yNTA2MDQyMzU5NTlaMHoxSTBHBgNV
BAUTQDQ5MTgyYTg4YjdjNTA3MzBjNzZlMGZmMDQ3ZTRjNjRiNTEyZTk5ZWY2OWYw
MWY3OWI0YzZhMTgzYjFlYWQ5MDUxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALKTP8jMfOP4+6U896Jey/C6VBsUenl+rWmPAYaAQi9sv+qqhtW9+TQ4Req7
kBky3ks42lAY7ophxgnkCEbZI9DpsGONDDpe/aoS8pM/rgHmucZX865+hiX8MVYC
uS4N5QlJsJtlNe3cwuQOLfNvqN5gFbnqShR3DWOOhhrFK5DvdSwa75r8SiQSWkxX
jKwodAqp6Db/i8ipxKvHliESCMd3uQ6fZoExwo5BxnmcTZ1QuDpesVbwoORXzjKp
EEs/2fGwg73MTiupynD8dAfnPUfg6obhZ9VPMQqRCPIK7cJfq/A/nvH+KBnsUKWB
4xCX5E6VCaryYxXkV0vxJytFZ/UCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQbie15
FIb3jj/1BHeCcKLT9v0qjTAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
Y2I4ZTJiNjMtZGI0MC00ODI1LTljNWEtOTQzNjYyYzE5OGE1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAiABP8d4
QDANBgkqhkiG9w0BAQsFAAOCAQEAJ2WDoLFZJsFi59p4/83qgMcEaHl5s02Lto6/
TLbuiUowSgF+MWkktoYvee+yLCsGerHAu05rzykNblUPrj28RSS5XsObXblGEuGN
2U9/LMw7i86vWFHKSVD/5TO23bsQQx9T5z2+AjB4PK1F2WumLQngZwHFlEBpbyyj
wv87i1y8M1vNbv2UyMpqlgqYGYnM+9cjkqcW7BUni9TxEZozYJxkZmbZoyJFafUU
JNnZwUSWQmkLKC6tTg64M/9CzHBaw/aE/j9Ee/YUgKDNcP5Q37kP5Gt1f5LFR/2Z
XOkvzkN7T6iIyJaRZMGouQlSkFWAvJcHOeX7grHca3iOs3nxww==
-----END CERTIFICATE-----
Generated at Mon May 5 03:43:49 2025 by rpki-client