Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/e1d00d70-da0c-4922-8124-95401dba4efc.roa
File: e1d00d70-da0c-4922-8124-95401dba4efc.roa (raw, json)
Hash identifier: xc4W9+CxBZO0kE9yhHYG33sSzfxFubhLFxcQ8UvPjHI=
Subject key identifier: CD:40:02:B4:34:F2:D2:C8:4D:E6:7C:6B:C5:A6:6C:4C:78:C1:3B:86
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 5158FFC4A750ACC5CED12BAB29D083BBE50FD485
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/e1d00d70-da0c-4922-8124-95401dba4efc.roa
Signing time: Wed 30 Apr 2025 00:10:36 +0000
ROA not before: Wed 30 Apr 2025 00:10:36 +0000
ROA not after: Wed 04 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc7:f8c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 05 May 2025 22:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
51:58:ff:c4:a7:50:ac:c5:ce:d1:2b:ab:29:d0:83:bb:e5:0f:d4:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Apr 30 00:10:36 2025 GMT
Not After : Jun 4 23:59:59 2025 GMT
Subject: serialNumber=b0f2212f6fc9b95de1a327cbaa3ba2ee9f9cd7a4113d1c19bb6f020e1aad6a4a, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:f7:62:78:25:37:95:53:9b:cf:ba:d4:4e:f6:
64:f1:b2:2b:22:4f:20:de:5c:96:34:f9:5a:bc:25:
ea:3e:08:83:a6:32:7a:f0:b5:f7:04:2e:7f:eb:73:
3d:7f:a6:8b:8a:32:71:95:2b:86:f7:de:bd:d4:e9:
1d:e1:b2:0c:6c:64:3d:91:5e:80:a5:72:84:02:50:
3f:64:5d:cf:93:31:8f:da:e6:fd:37:8f:57:7a:49:
bb:73:65:e5:07:1a:6f:7f:03:c5:b2:01:b3:5a:75:
6d:8e:e5:e3:80:10:5d:02:c2:da:2c:3e:eb:24:16:
8c:52:14:9c:91:67:41:ed:c9:51:a6:b7:12:6d:93:
f8:50:13:da:4e:19:1b:bf:7d:7c:08:c9:fc:00:96:
25:5e:5c:55:f0:21:3d:3a:73:7f:04:04:57:2a:4a:
dd:75:16:a7:85:0e:50:8a:97:c1:a0:7d:31:1a:fe:
d4:1c:88:7c:71:de:13:54:2a:33:dc:41:bc:67:68:
7a:ee:ad:dc:37:c0:a8:e4:89:84:50:3d:b4:0d:30:
a7:2d:3e:3d:16:85:24:3a:c1:a6:9e:e4:fe:e3:aa:
7f:01:be:c3:14:3e:15:4c:e3:78:22:95:2d:c3:e9:
f7:a9:1b:8d:21:ef:03:dd:7f:42:04:14:59:9c:6d:
78:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:40:02:B4:34:F2:D2:C8:4D:E6:7C:6B:C5:A6:6C:4C:78:C1:3B:86
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/e1d00d70-da0c-4922-8124-95401dba4efc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc7:f8c0::/48
Signature Algorithm: sha256WithRSAEncryption
66:df:db:2b:a5:e8:de:3f:50:61:ee:1d:7b:f6:58:30:26:51:
c5:67:68:0a:c0:9d:38:7b:09:e7:51:47:c3:93:da:0f:30:c0:
28:9f:0c:35:39:a3:64:22:53:2a:03:eb:19:39:8e:29:56:38:
78:be:ed:83:e7:d8:4e:8f:92:ac:03:15:9e:df:54:ed:7c:3d:
ad:55:81:a1:17:13:49:2b:0b:80:4d:f6:ce:df:1e:88:9c:67:
4e:13:66:ce:c8:3f:04:f4:30:26:5f:81:fa:be:ba:c8:54:9b:
1d:fd:c1:3b:71:7d:9d:a0:f9:e7:2f:4f:5c:90:06:6d:db:80:
e9:c4:f7:de:49:27:bd:e4:29:e2:d7:9d:3c:15:d5:2c:db:f7:
e8:61:09:a6:ef:91:65:4b:74:20:b0:c5:40:6d:09:27:77:79:
c4:0f:19:28:6f:c2:0e:ca:69:cc:81:fe:b4:ff:39:51:f4:dc:
7b:81:ae:03:0b:22:a4:39:38:2c:6b:95:0c:c2:91:68:6c:05:
4e:ca:9f:62:ac:cf:ce:a4:6d:c0:a6:d1:8a:d3:eb:eb:6b:f9:
c7:0e:b7:f3:92:e1:9c:92:16:bd:ed:97:5c:f5:4c:ce:42:ef:
b9:40:cb:1f:af:82:e1:68:a2:e1:d4:ec:fd:43:c8:1d:f4:09:
c5:95:27:9e
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUUVj/xKdQrMXO0SurKdCDu+UP1IUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA0MzAwMDEwMzZaFw0yNTA2MDQyMzU5NTlaMHoxSTBHBgNV
BAUTQGIwZjIyMTJmNmZjOWI5NWRlMWEzMjdjYmFhM2JhMmVlOWY5Y2Q3YTQxMTNk
MWMxOWJiNmYwMjBlMWFhZDZhNGExLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMD3YnglN5VTm8+61E72ZPGyKyJPIN5cljT5Wrwl6j4Ig6YyevC19wQuf+tz
PX+mi4oycZUrhvfevdTpHeGyDGxkPZFegKVyhAJQP2Rdz5Mxj9rm/TePV3pJu3Nl
5Qcab38DxbIBs1p1bY7l44AQXQLC2iw+6yQWjFIUnJFnQe3JUaa3Em2T+FAT2k4Z
G799fAjJ/ACWJV5cVfAhPTpzfwQEVypK3XUWp4UOUIqXwaB9MRr+1ByIfHHeE1Qq
M9xBvGdoeu6t3DfAqOSJhFA9tA0wpy0+PRaFJDrBpp7k/uOqfwG+wxQ+FUzjeCKV
LcPp96kbjSHvA91/QgQUWZxteB0CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTNQAK0
NPLSyE3mfGvFpmxMeME7hjAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
ZTFkMDBkNzAtZGEwYy00OTIyLTgxMjQtOTU0MDFkYmE0ZWZjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACABP8f4
wDANBgkqhkiG9w0BAQsFAAOCAQEAZt/bK6Xo3j9QYe4de/ZYMCZRxWdoCsCdOHsJ
51FHw5PaDzDAKJ8MNTmjZCJTKgPrGTmOKVY4eL7tg+fYTo+SrAMVnt9U7Xw9rVWB
oRcTSSsLgE32zt8eiJxnThNmzsg/BPQwJl+B+r66yFSbHf3BO3F9naD55y9PXJAG
bduA6cT33kknveQp4tedPBXVLNv36GEJpu+RZUt0ILDFQG0JJ3d5xA8ZKG/CDspp
zIH+tP85UfTce4GuAwsipDk4LGuVDMKRaGwFTsqfYqzPzqRtwKbRitPr62v5xw63
85LhnJIWve2XXPVMzkLvuUDLH6+C4Wii4dTs/UPIHfQJxZUnng==
-----END CERTIFICATE-----
Generated at Mon May 5 08:24:41 2025 by rpki-client