Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/ccefeaa3-50fd-4fb5-a0d6-682ea894c5e1.roa
File: ccefeaa3-50fd-4fb5-a0d6-682ea894c5e1.roa (raw, json)
Hash identifier: yFDdnEoGxawy9MKf2KYbVVOKdjKlY5XTMnSUPM4Nfhg=
Subject key identifier: 1D:C5:92:8D:EE:60:E2:13:C0:F9:3D:E4:E3:76:77:D6:79:26:F8:0D
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 1D99B1F34DADE7EC7A8AEEAFAC94E5F657A9EF71
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/ccefeaa3-50fd-4fb5-a0d6-682ea894c5e1.roa
Signing time: Wed 30 Apr 2025 00:11:11 +0000
ROA not before: Wed 30 Apr 2025 00:11:11 +0000
ROA not after: Wed 04 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc7:5800::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 05 May 2025 22:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1d:99:b1:f3:4d:ad:e7:ec:7a:8a:ee:af:ac:94:e5:f6:57:a9:ef:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Apr 30 00:11:11 2025 GMT
Not After : Jun 4 23:59:59 2025 GMT
Subject: serialNumber=affc451752d5a2917880e4c754a63be3aaa958f1d570a7dd47a6de3fe47ed41c, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:fd:5b:af:0e:50:05:4f:f5:1f:7d:d7:ac:8e:
b8:9f:00:cd:d9:87:49:90:f4:d4:cb:d9:61:72:14:
15:51:36:54:83:bc:83:59:42:d4:08:4b:55:f3:27:
3c:5f:84:32:4a:12:e9:40:fb:5a:c5:ea:ab:9b:82:
be:82:9a:b3:97:47:c0:9e:41:7a:4d:80:2b:80:79:
4e:c4:3a:b1:9c:46:fb:63:27:63:a5:e9:c7:f0:b8:
93:b3:fe:bc:2f:57:d3:f5:4f:7a:6d:2e:bb:57:40:
96:95:29:0b:da:bd:e8:2f:99:c5:d6:e6:11:f7:a0:
66:c7:a9:16:3b:de:ed:bc:66:8e:f7:c2:bd:bd:78:
eb:e8:31:0c:a3:a0:d8:c1:6a:61:d9:0a:12:2a:c4:
34:00:7c:ef:a4:7a:51:49:f8:74:1f:73:61:00:61:
5b:89:51:2a:12:7f:48:91:c3:45:a1:1d:7a:69:b8:
4d:f1:4e:be:b5:6b:5e:c4:20:02:73:4b:db:1e:06:
8a:8f:24:d3:f6:c0:b4:2e:6c:49:53:e7:57:6c:1d:
a6:1d:a1:94:36:cb:e9:67:0a:9e:dd:d1:41:5b:41:
2e:01:2d:32:56:e5:1e:9d:69:09:80:c4:69:48:2e:
36:94:ac:dd:22:97:90:99:4c:fa:01:28:60:f1:10:
8d:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:C5:92:8D:EE:60:E2:13:C0:F9:3D:E4:E3:76:77:D6:79:26:F8:0D
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/ccefeaa3-50fd-4fb5-a0d6-682ea894c5e1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc7:5800::/40
Signature Algorithm: sha256WithRSAEncryption
21:2c:b8:82:44:5e:13:b6:58:1c:d8:08:6c:cd:e9:f2:38:9d:
99:ac:ec:a9:9f:07:14:39:b4:8f:c9:35:f4:6b:9e:6b:78:8d:
96:db:62:82:5f:6e:cd:3a:55:59:ed:c1:fb:1b:03:2f:24:96:
92:59:88:47:06:9c:ff:e5:83:77:66:12:d0:96:59:cb:50:d2:
6a:66:93:df:5f:95:9e:18:b1:8f:7f:c0:1a:3e:d6:4f:b6:b4:
eb:eb:67:af:40:f9:43:5c:26:f1:14:c2:e7:81:95:a6:74:a7:
a7:7e:4f:0a:50:32:38:70:fc:4b:33:3d:61:30:82:dd:57:0f:
94:ee:a5:e3:63:60:bd:3a:35:82:82:d6:ad:38:01:12:20:e3:
7a:57:52:62:8f:91:75:42:8b:f2:b4:b4:f1:0a:71:fc:80:3e:
19:08:9d:04:cd:6c:63:2a:37:1c:da:53:53:62:d9:fd:f8:81:
11:a5:e4:d2:f2:6f:4f:38:a4:f6:f3:86:05:02:82:26:7c:8b:
da:8d:7c:74:11:11:02:5c:2d:21:7d:b6:92:0d:c4:32:09:bc:
61:44:42:d2:83:97:a7:69:cc:9e:17:7c:23:82:c2:e8:14:0e:
b9:1e:eb:a9:05:2f:f3:56:76:72:30:1e:e3:2b:f1:46:3c:dd:
08:f2:59:fd
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUHZmx802t5+x6iu6vrJTl9lep73EwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA0MzAwMDExMTFaFw0yNTA2MDQyMzU5NTlaMHoxSTBHBgNV
BAUTQGFmZmM0NTE3NTJkNWEyOTE3ODgwZTRjNzU0YTYzYmUzYWFhOTU4ZjFkNTcw
YTdkZDQ3YTZkZTNmZTQ3ZWQ0MWMxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJb9W68OUAVP9R9916yOuJ8AzdmHSZD01MvZYXIUFVE2VIO8g1lC1AhLVfMn
PF+EMkoS6UD7WsXqq5uCvoKas5dHwJ5Bek2AK4B5TsQ6sZxG+2MnY6Xpx/C4k7P+
vC9X0/VPem0uu1dAlpUpC9q96C+ZxdbmEfegZsepFjve7bxmjvfCvb146+gxDKOg
2MFqYdkKEirENAB876R6UUn4dB9zYQBhW4lRKhJ/SJHDRaEdemm4TfFOvrVrXsQg
AnNL2x4Gio8k0/bAtC5sSVPnV2wdph2hlDbL6WcKnt3RQVtBLgEtMlblHp1pCYDE
aUguNpSs3SKXkJlM+gEoYPEQjbMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQdxZKN
7mDiE8D5PeTjdnfWeSb4DTAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
Y2NlZmVhYTMtNTBmZC00ZmI1LWEwZDYtNjgyZWE4OTRjNWUxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACABP8dY
MA0GCSqGSIb3DQEBCwUAA4IBAQAhLLiCRF4Ttlgc2AhszenyOJ2ZrOypnwcUObSP
yTX0a55reI2W22KCX27NOlVZ7cH7GwMvJJaSWYhHBpz/5YN3ZhLQllnLUNJqZpPf
X5WeGLGPf8AaPtZPtrTr62evQPlDXCbxFMLngZWmdKenfk8KUDI4cPxLMz1hMILd
Vw+U7qXjY2C9OjWCgtatOAESION6V1Jij5F1QovytLTxCnH8gD4ZCJ0EzWxjKjcc
2lNTYtn9+IERpeTS8m9POKT284YFAoImfIvajXx0ERECXC0hfbaSDcQyCbxhRELS
g5enacyeF3wjgsLoFA65HuupBS/zVnZyMB7jK/FGPN0I8ln9
-----END CERTIFICATE-----
Generated at Mon May 5 05:56:23 2025 by rpki-client