Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/d0cd9905-72c5-4ff9-98df-6b0d1c12a4c1.roa
File: d0cd9905-72c5-4ff9-98df-6b0d1c12a4c1.roa (raw, json)
Hash identifier: zFOeyOseytFG0dH4GbfV0O3sG/9ykUrbDIG0HuWYEkE=
Subject key identifier: B4:4A:93:A0:13:04:81:13:E5:02:AA:0F:49:27:2A:9E:79:D1:6D:FB
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 4F7E9612A6DEACDCC1018A13C436FF7CC01FB19D
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/d0cd9905-72c5-4ff9-98df-6b0d1c12a4c1.roa
Signing time: Wed 30 Apr 2025 00:21:06 +0000
ROA not before: Wed 30 Apr 2025 00:21:06 +0000
ROA not after: Wed 04 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc4::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 06 May 2025 08:37:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4f:7e:96:12:a6:de:ac:dc:c1:01:8a:13:c4:36:ff:7c:c0:1f:b1:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Apr 30 00:21:06 2025 GMT
Not After : Jun 4 23:59:59 2025 GMT
Subject: serialNumber=f88dac47ef7010cd2827b8a033a01a43162b2c82cd7c35d988fb9e6f5d4f03e8, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:83:83:59:b6:9f:80:43:81:33:b9:34:86:89:
25:9d:90:c7:a2:9a:be:39:19:aa:db:b1:81:23:af:
02:86:d3:f1:02:3b:8f:20:af:69:17:61:15:79:90:
e8:41:39:1c:b0:4c:89:7a:04:86:ef:65:45:e2:8d:
f1:8b:2e:2f:aa:a5:3b:c5:49:2b:bd:e6:05:8f:7e:
a0:22:2f:21:ab:cc:91:61:1b:ac:d7:0a:b7:cb:51:
17:dc:87:be:3e:eb:73:e0:10:c4:0d:b7:78:5e:07:
9d:e7:34:30:43:b1:d8:45:84:6b:d6:95:12:1c:58:
94:33:1b:82:e6:89:b5:1b:06:b7:d6:9d:4d:c9:a2:
29:5b:55:93:9b:87:ed:ca:ad:c0:fb:46:cb:3b:7d:
ed:97:db:e9:a0:ed:67:27:80:e0:64:74:ba:e2:02:
ae:72:fd:1a:c8:c8:0c:bd:f3:66:24:e1:2f:84:bb:
26:e4:62:85:d5:68:2f:ce:b0:6b:bf:14:13:b8:da:
61:d5:5f:9b:b1:50:f0:ec:2c:06:98:2e:01:13:02:
50:63:20:5e:20:ed:1c:23:0b:54:8b:5d:cf:44:8a:
b4:78:6b:77:d9:58:d7:be:b5:a9:59:e7:35:7f:ee:
56:54:9f:87:23:5d:20:21:96:90:41:5b:57:54:77:
77:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:4A:93:A0:13:04:81:13:E5:02:AA:0F:49:27:2A:9E:79:D1:6D:FB
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/d0cd9905-72c5-4ff9-98df-6b0d1c12a4c1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc4::/36
Signature Algorithm: sha256WithRSAEncryption
51:a3:ce:13:d1:04:f2:d1:18:80:de:3d:67:71:a7:73:c5:0d:
54:4c:e9:02:ed:25:ca:89:35:aa:6e:9f:78:13:9e:8f:1a:bd:
c2:b6:02:a2:2c:68:34:6d:2e:05:04:ce:85:7f:67:56:fa:c7:
71:a6:08:b3:23:80:d1:b9:6e:c9:6a:26:4f:13:4d:36:1d:3c:
54:96:90:c3:e2:28:e7:86:d2:b6:f3:75:ae:97:8a:fd:b6:22:
dc:77:ee:d2:8e:e2:6c:c5:86:88:ce:e4:7b:0c:54:58:db:1f:
24:e3:07:15:a4:53:6c:59:6c:a6:3b:31:76:56:69:a1:27:a2:
69:72:ed:f9:a3:4f:39:0d:e0:83:b8:be:83:aa:10:ff:3a:76:
43:66:ca:37:89:d0:84:68:04:51:e5:3d:7b:af:4d:84:ee:12:
91:27:f6:37:a5:ac:57:84:ee:27:af:e3:92:7f:dd:8b:92:c4:
02:dd:49:c4:69:d8:6b:2b:61:79:1f:5f:c6:a6:c3:5d:0c:16:
fb:99:f0:ee:8d:9c:b7:de:f6:79:19:de:b8:20:0d:e3:e4:7a:
19:80:c8:58:9c:2f:52:a0:32:3e:0e:11:af:49:cc:60:b1:1e:
6a:f5:73:7b:5f:87:90:88:be:b3:9f:28:6b:35:4c:e0:3d:de:
3e:50:39:62
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUT36WEqberNzBAYoTxDb/fMAfsZ0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA0MzAwMDIxMDZaFw0yNTA2MDQyMzU5NTlaMHoxSTBHBgNV
BAUTQGY4OGRhYzQ3ZWY3MDEwY2QyODI3YjhhMDMzYTAxYTQzMTYyYjJjODJjZDdj
MzVkOTg4ZmI5ZTZmNWQ0ZjAzZTgxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMSDg1m2n4BDgTO5NIaJJZ2Qx6KavjkZqtuxgSOvAobT8QI7jyCvaRdhFXmQ
6EE5HLBMiXoEhu9lReKN8YsuL6qlO8VJK73mBY9+oCIvIavMkWEbrNcKt8tRF9yH
vj7rc+AQxA23eF4Hnec0MEOx2EWEa9aVEhxYlDMbguaJtRsGt9adTcmiKVtVk5uH
7cqtwPtGyzt97Zfb6aDtZyeA4GR0uuICrnL9GsjIDL3zZiThL4S7JuRihdVoL86w
a78UE7jaYdVfm7FQ8OwsBpguARMCUGMgXiDtHCMLVItdz0SKtHhrd9lY1761qVnn
NX/uVlSfhyNdICGWkEFbV1R3d3ECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBS0SpOg
EwSBE+UCqg9JJyqeedFt+zAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
ZDBjZDk5MDUtNzJjNS00ZmY5LTk4ZGYtNmIwZDFjMTJhNGMxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCABP8QA
MA0GCSqGSIb3DQEBCwUAA4IBAQBRo84T0QTy0RiA3j1ncadzxQ1UTOkC7SXKiTWq
bp94E56PGr3CtgKiLGg0bS4FBM6Ff2dW+sdxpgizI4DRuW7JaiZPE002HTxUlpDD
4ijnhtK283Wul4r9tiLcd+7SjuJsxYaIzuR7DFRY2x8k4wcVpFNsWWymOzF2Vmmh
J6Jpcu35o085DeCDuL6DqhD/OnZDZso3idCEaARR5T17r02E7hKRJ/Y3paxXhO4n
r+OSf92LksQC3UnEadhrK2F5H1/GpsNdDBb7mfDujZy33vZ5Gd64IA3j5HoZgMhY
nC9SoDI+DhGvScxgsR5q9XN7X4eQiL6znyhrNUzgPd4+UDli
-----END CERTIFICATE-----
Generated at Mon May 5 13:28:28 2025 by rpki-client