Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/f4581009-959f-4805-904e-a85043ac559b.roa
File: f4581009-959f-4805-904e-a85043ac559b.roa (raw, json)
Hash identifier: qFkQTq2tPaGlcdMFuVjzttd5lYExIof/4ExAiJHd4xE=
Subject key identifier: CA:17:70:0F:D7:33:8A:9B:10:14:6D:82:20:8D:26:67:A7:5E:6E:5A
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 6FDDE67DC1AA374D3433F9A2BE36100663358BE3
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/f4581009-959f-4805-904e-a85043ac559b.roa
Signing time: Wed 30 Apr 2025 00:20:20 +0000
ROA not before: Wed 30 Apr 2025 00:20:20 +0000
ROA not after: Wed 04 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc3:a800::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 05 May 2025 22:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6f:dd:e6:7d:c1:aa:37:4d:34:33:f9:a2:be:36:10:06:63:35:8b:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Apr 30 00:20:20 2025 GMT
Not After : Jun 4 23:59:59 2025 GMT
Subject: serialNumber=dd14c89c3b2b8090e4e7b05fd0aba5515a464fa9a3635f16c475369efbaed64f, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:70:e3:f9:db:af:d5:e3:75:5c:ed:b5:f9:8b:
81:0e:a0:f3:e4:c8:d8:ff:31:eb:55:8d:fb:09:83:
b9:64:dc:83:ec:ee:2b:36:4f:f1:b2:fd:25:51:35:
00:db:a3:8e:86:37:35:4d:88:8c:e5:fa:fa:83:00:
e2:b0:14:69:4a:be:bd:cf:47:33:79:2e:80:98:00:
c9:94:f5:eb:5d:a7:21:df:bd:b8:df:8b:5a:ac:fc:
d8:e7:eb:a5:36:e4:f9:85:9a:d2:79:18:32:b9:ba:
10:91:0a:93:43:f4:b9:d5:53:34:f6:4f:60:96:54:
84:f7:14:73:3e:0a:ca:48:ba:9e:69:85:2c:3e:e8:
3b:82:b0:30:75:07:9f:fc:02:4b:55:37:68:5f:e1:
e2:94:a3:9c:45:9a:3d:56:cc:70:97:25:85:a1:2b:
ef:4f:90:84:2d:f4:c7:82:55:64:70:f2:c3:30:2c:
8e:d1:9f:84:ca:c4:ad:4d:c1:78:eb:56:3e:ff:4a:
18:a4:da:bd:15:b7:9e:1f:4d:6c:09:96:94:88:e5:
27:a1:6f:4f:e0:53:aa:aa:9b:57:40:d1:5b:a2:ea:
85:b2:e1:14:98:3d:45:e6:85:9c:ab:a7:51:53:f1:
70:37:f4:7f:d3:bd:83:a3:d5:aa:b7:9f:77:7a:30:
17:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:17:70:0F:D7:33:8A:9B:10:14:6D:82:20:8D:26:67:A7:5E:6E:5A
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/f4581009-959f-4805-904e-a85043ac559b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc3:a800::/40
Signature Algorithm: sha256WithRSAEncryption
6b:0d:ed:13:77:ac:79:8d:09:5e:9b:d9:d6:66:90:73:09:75:
64:02:93:a5:ba:2d:f1:5b:75:bf:13:ef:08:c5:c3:f0:48:46:
69:66:55:85:91:ce:ea:77:2c:3c:39:a5:90:e5:4d:8c:a6:f5:
eb:bc:31:6f:93:e8:aa:4d:de:49:f4:a0:27:06:8c:52:f3:c0:
7f:96:ae:03:d3:b3:04:5a:db:f8:af:77:ad:a3:2d:68:f9:29:
bb:33:4b:22:ce:a8:ba:a9:fe:3e:d9:05:aa:83:48:e4:8d:14:
58:71:08:38:7d:ed:62:d4:4f:22:9a:5f:fb:2c:4b:43:f5:7a:
42:b8:41:78:2a:d5:05:e0:fc:db:e2:fe:80:9b:5f:2c:05:7b:
9d:52:f5:a2:d5:f8:95:a3:52:b6:bc:6e:eb:62:89:b0:1f:62:
f9:e0:4b:06:e4:aa:f6:01:ae:3f:a6:2b:7e:cd:03:a8:b5:c6:
d7:f3:cb:e8:ea:c3:f4:45:07:14:60:f2:0f:f0:37:f3:f9:df:
e5:24:ea:bc:c2:cd:a4:41:74:5e:1e:f3:2d:24:a2:f1:f8:ad:
8c:bc:e3:ba:b7:cd:b1:b5:1e:d6:15:4e:21:69:a9:2f:05:f0:
e2:ee:4a:14:24:79:76:09:f1:6b:ab:1d:cf:3a:62:76:8e:df:
91:6e:d5:6e
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUb93mfcGqN000M/mivjYQBmM1i+MwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA0MzAwMDIwMjBaFw0yNTA2MDQyMzU5NTlaMHoxSTBHBgNV
BAUTQGRkMTRjODljM2IyYjgwOTBlNGU3YjA1ZmQwYWJhNTUxNWE0NjRmYTlhMzYz
NWYxNmM0NzUzNjllZmJhZWQ2NGYxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAORw4/nbr9XjdVzttfmLgQ6g8+TI2P8x61WN+wmDuWTcg+zuKzZP8bL9JVE1
ANujjoY3NU2IjOX6+oMA4rAUaUq+vc9HM3kugJgAyZT1612nId+9uN+LWqz82Ofr
pTbk+YWa0nkYMrm6EJEKk0P0udVTNPZPYJZUhPcUcz4Kyki6nmmFLD7oO4KwMHUH
n/wCS1U3aF/h4pSjnEWaPVbMcJclhaEr70+QhC30x4JVZHDywzAsjtGfhMrErU3B
eOtWPv9KGKTavRW3nh9NbAmWlIjlJ6FvT+BTqqqbV0DRW6LqhbLhFJg9ReaFnKun
UVPxcDf0f9O9g6PVqrefd3owF5sCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTKF3AP
1zOKmxAUbYIgjSZnp15uWjAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
ZjQ1ODEwMDktOTU5Zi00ODA1LTkwNGUtYTg1MDQzYWM1NTliLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACABP8Oo
MA0GCSqGSIb3DQEBCwUAA4IBAQBrDe0Td6x5jQlem9nWZpBzCXVkApOlui3xW3W/
E+8IxcPwSEZpZlWFkc7qdyw8OaWQ5U2MpvXrvDFvk+iqTd5J9KAnBoxS88B/lq4D
07MEWtv4r3etoy1o+Sm7M0sizqi6qf4+2QWqg0jkjRRYcQg4fe1i1E8iml/7LEtD
9XpCuEF4KtUF4Pzb4v6Am18sBXudUvWi1fiVo1K2vG7rYomwH2L54EsG5Kr2Aa4/
pit+zQOotcbX88vo6sP0RQcUYPIP8Dfz+d/lJOq8ws2kQXReHvMtJKLx+K2MvOO6
t82xtR7WFU4haakvBfDi7koUJHl2CfFrqx3POmJ2jt+RbtVu
-----END CERTIFICATE-----
Generated at Mon May 5 06:38:31 2025 by rpki-client