Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/d0c16247-cad2-4748-8340-6fe2e6d8ce6f.roa
File: d0c16247-cad2-4748-8340-6fe2e6d8ce6f.roa (raw, json)
Hash identifier: a3Anwisn3Kys7FnpMUz+a5kQSrlzq40t4Ux/xtmYjCI=
Subject key identifier: 5E:A2:22:80:04:64:FE:B8:C0:48:57:0E:7E:23:3A:93:3D:7E:2B:69
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 06EC42EE3077153C966DA112E94988FFD11C96DC
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/d0c16247-cad2-4748-8340-6fe2e6d8ce6f.roa
Signing time: Wed 30 Apr 2025 00:20:01 +0000
ROA not before: Wed 30 Apr 2025 00:20:01 +0000
ROA not after: Wed 04 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc3:800::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 05 May 2025 22:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
06:ec:42:ee:30:77:15:3c:96:6d:a1:12:e9:49:88:ff:d1:1c:96:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Apr 30 00:20:01 2025 GMT
Not After : Jun 4 23:59:59 2025 GMT
Subject: serialNumber=e4491b188e302388168721f46acb1efd48d53f78c8f5b6d5a036b5d90278a49d, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:6e:a4:16:ef:3b:1b:ba:2e:70:f8:3e:3c:a6:
9f:64:0a:3b:03:8f:14:fe:1b:02:18:95:14:d9:a7:
b6:af:7e:cb:84:ac:11:7d:0a:7b:e1:b4:e1:70:89:
7d:6b:36:54:72:a4:06:20:74:5a:ba:fc:bd:86:c0:
16:33:1c:0e:52:cd:68:e1:57:87:b9:6c:f7:69:ac:
e4:d7:1a:4b:46:fb:6b:cd:f4:f9:3c:d9:e0:b8:4f:
f7:1b:8f:01:b6:4a:0d:82:9e:de:e6:2d:47:9b:a5:
06:06:cf:fd:bf:a5:a8:e3:8e:60:37:f8:bb:c0:3f:
49:4b:7c:f7:7a:83:68:ee:9d:a1:b1:73:e1:74:e4:
0e:57:2a:f6:e9:fc:22:2d:19:42:bd:aa:72:00:56:
7b:2d:a4:02:e8:24:04:c1:cc:51:4c:c3:7d:30:e2:
77:7b:5c:40:79:2d:13:76:46:02:b6:f5:44:42:86:
fd:7f:1b:e6:48:6f:1e:80:02:3f:4e:76:87:9f:a0:
8d:2d:d7:c1:9b:cc:57:f3:94:5d:27:fe:71:4d:de:
e9:e1:3b:db:88:44:19:b3:30:36:6d:5b:ce:bc:ac:
59:f5:1c:94:8b:90:a3:58:58:0c:75:07:94:06:0c:
56:8d:4b:c0:12:db:cf:0f:f8:f1:9c:7c:41:38:fc:
56:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:A2:22:80:04:64:FE:B8:C0:48:57:0E:7E:23:3A:93:3D:7E:2B:69
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/d0c16247-cad2-4748-8340-6fe2e6d8ce6f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc3:800::/40
Signature Algorithm: sha256WithRSAEncryption
8e:f0:55:08:b1:18:6d:7c:a0:78:a8:0f:53:cf:12:82:88:90:
7a:77:45:2f:53:5a:bd:82:72:70:c4:f1:3b:52:10:e7:a0:fc:
7e:d9:fd:35:37:d7:fd:69:17:64:29:60:18:e6:ba:af:fb:13:
56:5f:ea:71:0a:02:77:78:c6:6f:1e:3d:cc:b5:bd:b7:19:b9:
c3:10:d1:91:83:83:7d:dc:82:34:12:e2:a1:63:2e:4d:d5:1b:
d2:49:a2:91:c4:1b:4d:35:59:d0:00:11:70:5f:10:6b:4c:b3:
19:48:7f:fb:33:60:91:48:ad:4e:a9:ed:04:79:16:45:7e:1e:
26:7c:09:f4:81:94:58:85:45:05:3f:ad:7d:3d:48:93:19:22:
b5:3a:06:08:d0:2d:8b:8e:c6:2c:ae:0e:c6:8f:a8:89:b7:af:
aa:fe:7a:94:d2:eb:22:86:0f:fc:67:c8:1f:63:9d:df:25:a1:
9f:ed:38:43:52:3a:c0:79:58:8b:d1:33:dd:11:41:a8:d9:4a:
c5:19:bb:41:ac:ba:3f:cb:49:8b:70:de:0c:43:ab:87:1c:d2:
9a:ca:a1:5d:82:ef:b1:af:e1:c2:60:ea:c1:7c:76:b1:7c:36:
99:e5:e1:30:41:03:19:a5:2b:92:c6:99:23:f4:93:cd:e1:89:
9c:fe:83:3d
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUBuxC7jB3FTyWbaES6UmI/9EcltwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA0MzAwMDIwMDFaFw0yNTA2MDQyMzU5NTlaMHoxSTBHBgNV
BAUTQGU0NDkxYjE4OGUzMDIzODgxNjg3MjFmNDZhY2IxZWZkNDhkNTNmNzhjOGY1
YjZkNWEwMzZiNWQ5MDI3OGE0OWQxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALhupBbvOxu6LnD4Pjymn2QKOwOPFP4bAhiVFNmntq9+y4SsEX0Ke+G04XCJ
fWs2VHKkBiB0Wrr8vYbAFjMcDlLNaOFXh7ls92ms5NcaS0b7a830+TzZ4LhP9xuP
AbZKDYKe3uYtR5ulBgbP/b+lqOOOYDf4u8A/SUt893qDaO6dobFz4XTkDlcq9un8
Ii0ZQr2qcgBWey2kAugkBMHMUUzDfTDid3tcQHktE3ZGArb1REKG/X8b5khvHoAC
P052h5+gjS3XwZvMV/OUXSf+cU3e6eE724hEGbMwNm1bzrysWfUclIuQo1hYDHUH
lAYMVo1LwBLbzw/48Zx8QTj8VsECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBReoiKA
BGT+uMBIVw5+IzqTPX4raTAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
ZDBjMTYyNDctY2FkMi00NzQ4LTgzNDAtNmZlMmU2ZDhjZTZmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACABP8MI
MA0GCSqGSIb3DQEBCwUAA4IBAQCO8FUIsRhtfKB4qA9TzxKCiJB6d0UvU1q9gnJw
xPE7UhDnoPx+2f01N9f9aRdkKWAY5rqv+xNWX+pxCgJ3eMZvHj3Mtb23GbnDENGR
g4N93II0EuKhYy5N1RvSSaKRxBtNNVnQABFwXxBrTLMZSH/7M2CRSK1Oqe0EeRZF
fh4mfAn0gZRYhUUFP619PUiTGSK1OgYI0C2LjsYsrg7Gj6iJt6+q/nqU0usihg/8
Z8gfY53fJaGf7ThDUjrAeViL0TPdEUGo2UrFGbtBrLo/y0mLcN4MQ6uHHNKayqFd
gu+xr+HCYOrBfHaxfDaZ5eEwQQMZpSuSxpkj9JPN4Ymc/oM9
-----END CERTIFICATE-----
Generated at Mon May 5 03:43:44 2025 by rpki-client