Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/cd8f07c9-abc1-41dd-bad4-c7e5bf0bd4c5.roa
File: cd8f07c9-abc1-41dd-bad4-c7e5bf0bd4c5.roa (raw, json)
Hash identifier: KkHVm8ER3ywQlYnyAWD4S8kpWLpMD5aKR2weF+CXZUg=
Subject key identifier: DF:79:09:CF:F1:0C:DA:B4:20:AB:69:5C:66:26:BC:7D:A4:C2:E3:A8
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 5BE53A7D65ADD9B75A316CCD7EB5A59EA2237E5C
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/cd8f07c9-abc1-41dd-bad4-c7e5bf0bd4c5.roa
Signing time: Wed 30 Apr 2025 00:21:07 +0000
ROA not before: Wed 30 Apr 2025 00:21:07 +0000
ROA not after: Wed 04 Jun 2025 23:59:59 +0000
asID: 8987
IP address blocks: 2001:3fc4::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 06 May 2025 10:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5b:e5:3a:7d:65:ad:d9:b7:5a:31:6c:cd:7e:b5:a5:9e:a2:23:7e:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Apr 30 00:21:07 2025 GMT
Not After : Jun 4 23:59:59 2025 GMT
Subject: serialNumber=92b5238aece2a612067dedf4a9b0dfc8ba2e6888ed73dfbd553143d60b68a7d5, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:f6:85:e4:55:25:34:8b:4f:d5:f3:7d:99:7c:
a3:a7:b4:38:67:e6:86:1b:c2:69:c3:20:e8:ef:2f:
49:e5:f5:0f:16:7e:33:61:00:1f:70:87:96:a2:f3:
99:75:e3:6c:29:88:86:45:fc:94:3f:f3:86:cc:d3:
57:24:a1:c0:39:0b:d7:ee:e0:6d:ac:ac:f2:f4:e3:
77:5b:52:8a:77:1f:e2:ae:2c:64:eb:c1:b0:93:f3:
61:93:3f:9d:e2:05:fe:c9:6b:29:88:87:24:79:79:
e4:a2:37:43:0f:e4:c0:e9:26:27:75:f9:0b:05:47:
a5:21:83:1e:67:60:50:c8:8a:45:42:f4:dc:f9:48:
13:f2:97:37:50:d0:67:5e:95:d5:37:bb:09:da:63:
9f:bc:3e:58:20:ee:ec:95:41:60:a1:b3:9d:f6:40:
d6:73:15:fe:c0:e4:0a:36:fa:f8:85:15:68:b5:22:
40:c8:3d:22:19:9d:28:86:50:11:07:14:65:1c:57:
07:33:99:df:f6:95:6b:57:1b:7a:e0:65:b7:08:f8:
bf:e6:2c:4b:6d:9c:29:85:92:67:03:a3:d6:fb:00:
d1:f7:3e:a7:ca:2c:93:d0:99:d9:fc:17:23:60:4d:
07:18:c8:8f:0e:3a:95:11:c8:9e:b9:28:df:98:60:
ed:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:79:09:CF:F1:0C:DA:B4:20:AB:69:5C:66:26:BC:7D:A4:C2:E3:A8
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/cd8f07c9-abc1-41dd-bad4-c7e5bf0bd4c5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc4::/36
Signature Algorithm: sha256WithRSAEncryption
8e:ce:c1:a0:af:3b:d9:00:5f:1b:0a:89:42:d5:bf:54:54:10:
00:34:5a:e7:eb:35:a9:c9:72:07:f3:d6:8d:3b:a8:bc:39:f7:
95:3d:a2:67:c1:11:9d:48:a4:58:98:0a:28:88:b8:1a:9e:6f:
bb:ee:d4:8a:9d:69:66:71:f2:23:d9:39:6c:da:d2:0b:57:0e:
99:b0:7d:0b:87:55:6e:73:27:2b:ad:39:17:95:ce:12:46:f5:
24:62:97:c5:8c:f0:bb:5e:2b:60:80:b0:e8:e0:af:3e:ca:9c:
ed:02:2a:b2:a7:b9:19:88:80:ad:1d:9a:5a:cd:bf:50:8d:d8:
79:e3:6a:55:44:32:1f:2d:28:d1:a6:72:23:f4:95:14:fc:79:
5a:85:5e:ed:2d:80:84:47:68:a5:4c:84:e6:51:85:82:19:3e:
2e:72:42:80:c7:ff:f8:95:0b:8e:34:0b:df:d3:9b:5b:27:d3:
ac:17:9e:1d:c4:2a:1a:24:f6:ea:c0:e6:a8:ea:94:ed:70:24:
23:c2:bd:98:9e:22:75:3b:54:f1:b5:47:1f:12:25:8c:f7:a1:
e5:af:c8:4c:91:e7:ae:ab:59:3c:ab:61:3a:ed:ac:69:c3:98:
11:df:ce:f7:d4:77:67:23:ba:b9:5c:13:50:ea:cb:4a:67:3d:
78:2f:16:a6
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUW+U6fWWt2bdaMWzNfrWlnqIjflwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA0MzAwMDIxMDdaFw0yNTA2MDQyMzU5NTlaMHoxSTBHBgNV
BAUTQDkyYjUyMzhhZWNlMmE2MTIwNjdkZWRmNGE5YjBkZmM4YmEyZTY4ODhlZDcz
ZGZiZDU1MzE0M2Q2MGI2OGE3ZDUxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALT2heRVJTSLT9XzfZl8o6e0OGfmhhvCacMg6O8vSeX1DxZ+M2EAH3CHlqLz
mXXjbCmIhkX8lD/zhszTVyShwDkL1+7gbays8vTjd1tSincf4q4sZOvBsJPzYZM/
neIF/slrKYiHJHl55KI3Qw/kwOkmJ3X5CwVHpSGDHmdgUMiKRUL03PlIE/KXN1DQ
Z16V1Te7Cdpjn7w+WCDu7JVBYKGznfZA1nMV/sDkCjb6+IUVaLUiQMg9IhmdKIZQ
EQcUZRxXBzOZ3/aVa1cbeuBltwj4v+YsS22cKYWSZwOj1vsA0fc+p8osk9CZ2fwX
I2BNBxjIjw46lRHInrko35hg7aMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTfeQnP
8QzatCCraVxmJrx9pMLjqDAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
Y2Q4ZjA3YzktYWJjMS00MWRkLWJhZDQtYzdlNWJmMGJkNGM1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCABP8QA
MA0GCSqGSIb3DQEBCwUAA4IBAQCOzsGgrzvZAF8bColC1b9UVBAANFrn6zWpyXIH
89aNO6i8OfeVPaJnwRGdSKRYmAooiLganm+77tSKnWlmcfIj2Tls2tILVw6ZsH0L
h1VucycrrTkXlc4SRvUkYpfFjPC7XitggLDo4K8+ypztAiqyp7kZiICtHZpazb9Q
jdh542pVRDIfLSjRpnIj9JUU/HlahV7tLYCER2ilTITmUYWCGT4uckKAx//4lQuO
NAvf05tbJ9OsF54dxCoaJPbqwOao6pTtcCQjwr2YniJ1O1TxtUcfEiWM96Hlr8hM
keeuq1k8q2E67axpw5gR38731HdnI7q5XBNQ6stKZz14Lxam
-----END CERTIFICATE-----
Generated at Mon May 5 18:42:11 2025 by rpki-client