Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/e8f1c1f7-8389-4faf-87c9-f4a180e7bcdc.roa
File: e8f1c1f7-8389-4faf-87c9-f4a180e7bcdc.roa (raw, json)
Hash identifier: E0NHTVLrB1duRTtNROpNIuU5UgTNn1G27y30CKy9BhE=
Subject key identifier: EA:10:B2:3D:D3:C9:FA:DA:76:E2:11:B9:65:E8:F7:F2:B6:A7:21:48
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 5B1535613D6AD0C2E48526BA9374F091FD5DE2F0
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/e8f1c1f7-8389-4faf-87c9-f4a180e7bcdc.roa
Signing time: Wed 30 Apr 2025 00:11:16 +0000
ROA not before: Wed 30 Apr 2025 00:11:16 +0000
ROA not after: Wed 04 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc5:8000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 05 May 2025 22:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5b:15:35:61:3d:6a:d0:c2:e4:85:26:ba:93:74:f0:91:fd:5d:e2:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Apr 30 00:11:16 2025 GMT
Not After : Jun 4 23:59:59 2025 GMT
Subject: serialNumber=7f0b3251b477a3c1151b96c5d8dffce7fb6c367461228d086c3a3b7f6415c543, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:12:1c:8d:79:c8:27:ae:bc:fb:ea:21:3b:7f:
38:25:30:e8:c4:24:d6:56:da:e0:f6:69:5a:e9:b4:
5e:a1:de:a1:86:2b:4f:f5:9e:66:4d:ce:48:15:ca:
8a:9e:5f:8d:29:f1:c1:3d:98:28:86:3d:8f:d7:bf:
74:4d:eb:e9:3e:07:35:04:1f:5b:ff:b6:04:50:e6:
7f:f1:8f:b2:c3:91:55:c0:40:79:0e:4c:ad:d3:b2:
75:47:b2:73:b7:f0:84:90:49:c1:af:e0:91:62:9c:
41:80:06:40:b8:1e:50:0d:d4:bf:b7:92:38:73:62:
57:05:e4:6a:b0:0a:79:ab:42:db:1b:8a:fd:7d:f9:
3c:9c:e6:ef:3f:fd:d3:d3:7e:fe:e7:98:ac:fa:75:
99:70:6c:1c:7e:1a:ec:ff:0a:67:eb:07:13:67:00:
40:f3:13:60:e5:61:3e:a9:b7:af:c5:d5:79:08:b7:
87:52:f2:f6:aa:ec:4d:2b:42:c4:0a:60:12:90:ca:
24:62:91:1e:b1:90:94:27:61:1e:fa:a8:82:dd:6f:
b0:91:b8:00:07:76:c0:f2:9e:12:c7:52:9d:27:ac:
81:96:6c:b9:09:93:b7:c6:56:d0:cd:bf:84:4a:7b:
f1:0f:c8:53:80:bd:a0:c0:83:18:e2:c6:f3:99:72:
20:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:10:B2:3D:D3:C9:FA:DA:76:E2:11:B9:65:E8:F7:F2:B6:A7:21:48
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/e8f1c1f7-8389-4faf-87c9-f4a180e7bcdc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc5:8000::/36
Signature Algorithm: sha256WithRSAEncryption
31:ba:18:b2:8c:d8:3f:9b:33:71:f2:81:6d:8d:56:e9:10:0f:
de:ec:ed:d7:ed:de:cd:90:7d:86:b1:0f:5e:4b:1c:c3:0d:44:
8c:46:36:b9:05:a1:92:cc:d4:75:47:4d:f2:91:f8:5b:e6:7f:
ff:33:8e:d2:98:de:5b:49:39:ab:46:fa:34:e3:15:34:0f:41:
ed:b9:dd:86:ba:47:ed:f4:fb:ca:26:36:e8:59:ff:dc:a2:e6:
e1:ff:33:80:9d:01:fd:07:54:38:24:83:73:13:d9:66:c0:81:
11:6d:1a:ff:a8:71:45:fd:f9:36:45:46:f5:c6:ee:0e:e7:c8:
f1:db:f1:3b:55:ba:80:3e:2a:fa:dd:f5:fb:aa:bd:a8:e8:49:
31:17:d7:71:26:5d:f5:0f:79:b3:54:9c:3d:52:4e:d1:73:65:
0e:b8:ec:14:18:1b:5d:a6:30:0a:74:4c:6a:07:59:e7:7e:dc:
58:4c:68:f4:e4:7e:48:fe:93:a5:04:f4:f9:78:0b:a4:c1:a1:
0d:8d:5a:ce:99:7c:fd:ff:2b:ff:3b:63:37:22:4b:07:86:c5:
72:cc:1c:a1:a9:92:7e:52:cd:46:0a:9f:d8:12:22:c7:1b:7f:
5d:55:0b:90:0f:db:88:8b:c1:0c:b1:f9:b0:39:cf:ff:e8:a9:
f3:80:09:62
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUWxU1YT1q0MLkhSa6k3Twkf1d4vAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA0MzAwMDExMTZaFw0yNTA2MDQyMzU5NTlaMHoxSTBHBgNV
BAUTQDdmMGIzMjUxYjQ3N2EzYzExNTFiOTZjNWQ4ZGZmY2U3ZmI2YzM2NzQ2MTIy
OGQwODZjM2EzYjdmNjQxNWM1NDMxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJwSHI15yCeuvPvqITt/OCUw6MQk1lba4PZpWum0XqHeoYYrT/WeZk3OSBXK
ip5fjSnxwT2YKIY9j9e/dE3r6T4HNQQfW/+2BFDmf/GPssORVcBAeQ5MrdOydUey
c7fwhJBJwa/gkWKcQYAGQLgeUA3Uv7eSOHNiVwXkarAKeatC2xuK/X35PJzm7z/9
09N+/ueYrPp1mXBsHH4a7P8KZ+sHE2cAQPMTYOVhPqm3r8XVeQi3h1Ly9qrsTStC
xApgEpDKJGKRHrGQlCdhHvqogt1vsJG4AAd2wPKeEsdSnSesgZZsuQmTt8ZW0M2/
hEp78Q/IU4C9oMCDGOLG85lyIJcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTqELI9
08n62nbiEbll6PfytqchSDAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
ZThmMWMxZjctODM4OS00ZmFmLTg3YzktZjRhMTgwZTdiY2RjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCABP8WA
MA0GCSqGSIb3DQEBCwUAA4IBAQAxuhiyjNg/mzNx8oFtjVbpEA/e7O3X7d7NkH2G
sQ9eSxzDDUSMRja5BaGSzNR1R03ykfhb5n//M47SmN5bSTmrRvo04xU0D0Htud2G
ukft9PvKJjboWf/coubh/zOAnQH9B1Q4JINzE9lmwIERbRr/qHFF/fk2RUb1xu4O
58jx2/E7VbqAPir63fX7qr2o6EkxF9dxJl31D3mzVJw9Uk7Rc2UOuOwUGBtdpjAK
dExqB1nnftxYTGj05H5I/pOlBPT5eAukwaENjVrOmXz9/yv/O2M3IksHhsVyzByh
qZJ+Us1GCp/YEiLHG39dVQuQD9uIi8EMsfmwOc//6KnzgAli
-----END CERTIFICATE-----
Generated at Mon May 5 08:28:39 2025 by rpki-client