Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/df7033c9-3736-411c-b289-a6013faa6935.roa
File: df7033c9-3736-411c-b289-a6013faa6935.roa (raw, json)
Hash identifier: Jekp8MmktFZP5YLFMMwM6XGjtCcjM8fD9sP4CMLBFk4=
Subject key identifier: 70:69:8A:D3:A5:0E:7B:25:73:F6:48:06:49:70:A5:0F:2F:2E:02:05
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 42373C897EB56C52104A7DCDD9BEA91FEEF48A1B
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/df7033c9-3736-411c-b289-a6013faa6935.roa
Signing time: Wed 30 Apr 2025 00:10:39 +0000
ROA not before: Wed 30 Apr 2025 00:10:39 +0000
ROA not after: Wed 04 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc7:2880::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 06 May 2025 01:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
42:37:3c:89:7e:b5:6c:52:10:4a:7d:cd:d9:be:a9:1f:ee:f4:8a:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Apr 30 00:10:39 2025 GMT
Not After : Jun 4 23:59:59 2025 GMT
Subject: serialNumber=4070f5684363eb0dd639d45610249db76c03cb0e1905ad24ec19df04149e505d, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:e0:95:ec:0b:96:05:c1:d0:c8:dd:6e:a0:4d:
de:15:02:84:9b:d8:1f:88:04:1f:12:b9:c4:22:14:
67:44:97:0d:ad:b7:e9:b0:50:e7:99:70:0c:e6:78:
1b:3a:e1:a2:f1:57:a6:59:5b:cb:1e:46:fa:ca:2d:
50:68:fe:11:c8:fc:ab:a2:b2:ba:22:cf:c1:67:a7:
29:61:e1:97:80:d2:ab:37:c5:b7:52:c1:b0:25:7b:
f9:a3:0c:d7:76:1e:b6:de:4f:2b:bc:59:49:d9:29:
87:54:98:a6:5f:4b:74:b4:72:8f:74:d7:de:a1:72:
47:29:60:6a:52:c4:31:83:27:d7:cb:26:58:62:73:
3f:d3:a2:c5:08:25:12:a2:e2:d5:a8:f5:f4:60:15:
2d:c7:2c:2b:53:0a:6a:be:bf:46:d4:3d:8a:c2:d2:
f1:bf:da:94:49:6d:a5:b0:c2:16:34:61:d7:ec:13:
3e:89:df:85:76:6e:a1:80:d6:41:f8:24:55:0e:e1:
ec:3f:0b:20:78:dc:8e:71:bb:93:09:33:83:41:6a:
9a:bc:26:c6:df:c3:bb:47:74:56:d6:e1:40:33:1a:
51:b5:de:32:3c:10:d6:3b:45:53:fb:04:a0:e8:de:
31:44:93:4d:38:64:41:0e:14:c7:2e:c9:47:1c:31:
a3:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:69:8A:D3:A5:0E:7B:25:73:F6:48:06:49:70:A5:0F:2F:2E:02:05
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/df7033c9-3736-411c-b289-a6013faa6935.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc7:2880::/48
Signature Algorithm: sha256WithRSAEncryption
74:c3:61:44:ee:0c:fd:1b:68:24:f7:2f:74:92:19:53:75:75:
d5:43:ab:6c:1d:07:4f:5c:da:05:c4:ab:e8:bb:07:56:14:ba:
48:75:be:80:3a:c7:d6:93:30:66:86:2d:ed:ce:65:47:b7:84:
38:a2:43:d5:0f:c6:0f:da:ab:8e:da:fd:2a:77:67:31:2c:0e:
69:c4:36:ff:9d:f8:22:de:9a:80:e3:f4:2a:78:e1:5d:cd:41:
51:6e:c9:a6:84:0d:20:c7:35:94:7d:5e:ea:d5:64:2f:c9:7e:
e7:b2:59:f6:83:4e:6f:11:fd:b3:29:fc:c3:7e:48:ee:95:db:
93:53:0c:ab:ea:a4:3d:2c:29:df:6f:9e:e1:8d:3f:f5:a1:c0:
a9:1b:12:a0:d2:42:df:47:bc:9d:38:03:ee:7f:84:94:c4:99:
af:cf:9c:37:55:68:9a:44:99:90:8a:d4:db:e9:66:7d:6f:55:
f9:97:c9:da:a3:e1:ce:b3:4f:d2:8c:7b:31:7c:3b:e1:09:5f:
01:c9:f4:ad:c4:b0:21:ff:3d:a7:fd:1e:d6:80:27:a7:09:8a:
5e:32:25:fc:66:cc:de:59:a9:96:47:fc:9c:70:25:a0:e1:7e:
07:9d:e2:81:b8:24:fc:f3:c0:58:7e:44:f6:11:a0:42:7c:8b:
55:39:60:c9
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUQjc8iX61bFIQSn3N2b6pH+70ihswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA0MzAwMDEwMzlaFw0yNTA2MDQyMzU5NTlaMHoxSTBHBgNV
BAUTQDQwNzBmNTY4NDM2M2ViMGRkNjM5ZDQ1NjEwMjQ5ZGI3NmMwM2NiMGUxOTA1
YWQyNGVjMTlkZjA0MTQ5ZTUwNWQxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL3glewLlgXB0MjdbqBN3hUChJvYH4gEHxK5xCIUZ0SXDa236bBQ55lwDOZ4
GzrhovFXpllbyx5G+sotUGj+Ecj8q6KyuiLPwWenKWHhl4DSqzfFt1LBsCV7+aMM
13Yett5PK7xZSdkph1SYpl9LdLRyj3TX3qFyRylgalLEMYMn18smWGJzP9OixQgl
EqLi1aj19GAVLccsK1MKar6/RtQ9isLS8b/alEltpbDCFjRh1+wTPonfhXZuoYDW
QfgkVQ7h7D8LIHjcjnG7kwkzg0Fqmrwmxt/Du0d0VtbhQDMaUbXeMjwQ1jtFU/sE
oOjeMUSTTThkQQ4Uxy7JRxwxo1UCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRwaYrT
pQ57JXP2SAZJcKUPLy4CBTAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
ZGY3MDMzYzktMzczNi00MTFjLWIyODktYTYwMTNmYWE2OTM1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACABP8co
gDANBgkqhkiG9w0BAQsFAAOCAQEAdMNhRO4M/RtoJPcvdJIZU3V11UOrbB0HT1za
BcSr6LsHVhS6SHW+gDrH1pMwZoYt7c5lR7eEOKJD1Q/GD9qrjtr9KndnMSwOacQ2
/534It6agOP0KnjhXc1BUW7JpoQNIMc1lH1e6tVkL8l+57JZ9oNObxH9syn8w35I
7pXbk1MMq+qkPSwp32+e4Y0/9aHAqRsSoNJC30e8nTgD7n+ElMSZr8+cN1VomkSZ
kIrU2+lmfW9V+ZfJ2qPhzrNP0ox7MXw74QlfAcn0rcSwIf89p/0e1oAnpwmKXjIl
/GbM3lmplkf8nHAloOF+B53igbgk/PPAWH5E9hGgQnyLVTlgyQ==
-----END CERTIFICATE-----
Generated at Mon May 5 08:43:22 2025 by rpki-client