Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/00e367f0-18fe-4be3-8ccd-885f75baf0a5.roa
File: 00e367f0-18fe-4be3-8ccd-885f75baf0a5.roa (raw, json)
Hash identifier: 9OD8Omg1rREYyMJ4LU+OFz1acF7T5G0mCbRYm7MYnlQ=
Subject key identifier: C9:7D:B8:27:5D:E4:0C:7F:AB:4E:97:3C:7D:8B:6B:F1:5F:94:A0:81
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 31CE440DFF345D673652B2B8EE916978B3311388
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/00e367f0-18fe-4be3-8ccd-885f75baf0a5.roa
Signing time: Mon 26 May 2025 15:10:51 +0000
ROA not before: Mon 26 May 2025 15:10:51 +0000
ROA not after: Mon 30 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc0::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
31:ce:44:0d:ff:34:5d:67:36:52:b2:b8:ee:91:69:78:b3:31:13:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: May 26 15:10:51 2025 GMT
Not After : Jun 30 23:59:59 2025 GMT
Subject: serialNumber=0557d83824a9c2934bf0ff56193cdc4f8f2f1c09f3153ec2c8816c5016001a0d, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:ea:c8:8d:04:91:58:f6:24:72:93:c2:b3:da:
4a:bf:57:29:ad:8d:be:93:1a:12:94:fb:be:4c:a3:
39:56:ee:6f:62:50:4c:14:67:b4:61:0f:da:51:7f:
0d:11:17:9e:61:3a:d7:ce:b1:65:9a:fa:15:34:f9:
50:c2:54:4d:97:3f:d8:a6:51:86:0d:c2:43:87:7b:
3d:96:3c:e8:ca:cd:48:6e:d4:cc:dc:23:82:83:f4:
0f:3d:d5:22:99:ba:80:6e:e2:6b:36:a0:16:bc:b3:
64:fd:32:49:93:21:18:69:0c:93:f4:c8:fe:54:59:
52:e7:c1:9a:8e:04:45:17:4d:d1:d3:55:df:b8:16:
4b:30:18:d7:57:0c:51:7f:6d:06:f9:53:5a:5a:66:
94:4a:c0:f7:d1:63:0e:2a:66:7c:08:59:e8:95:63:
b5:57:95:c8:8c:be:a3:46:e4:60:05:73:a5:e1:bd:
65:3f:74:69:ba:8d:14:cc:81:c2:06:75:31:23:3c:
12:b7:70:8a:78:fe:a4:72:f1:8e:85:5b:17:9d:77:
01:96:5a:b1:6f:b9:6b:7f:1a:ae:01:bb:f5:94:08:
00:34:25:22:15:a2:17:d8:6e:ba:0e:04:a0:d7:19:
de:17:13:5f:a1:d4:ad:cb:1a:53:74:3d:2d:13:eb:
1f:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:7D:B8:27:5D:E4:0C:7F:AB:4E:97:3C:7D:8B:6B:F1:5F:94:A0:81
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/00e367f0-18fe-4be3-8ccd-885f75baf0a5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc0::/36
Signature Algorithm: sha256WithRSAEncryption
53:69:05:9f:d0:0e:46:a8:21:1a:b8:88:62:68:b0:7d:54:b9:
2a:58:e9:5b:8a:2a:9f:50:9d:41:96:07:7b:e8:4a:b6:99:a2:
33:59:d2:62:7d:11:40:d0:0e:db:c5:65:f2:b0:96:0f:14:a3:
9a:0d:29:87:96:62:52:ea:78:29:02:d6:cd:84:6f:e8:a4:72:
d3:39:42:51:b3:6f:09:21:0c:e0:6b:2b:24:fb:6f:9f:1f:c7:
80:2e:c4:b2:57:72:45:3d:30:42:c1:58:aa:ad:cf:c2:35:25:
a5:38:bd:8d:36:67:a8:b5:24:0a:cc:be:d1:47:6d:b7:af:09:
68:dc:3d:b7:d2:e9:23:d6:81:9f:05:cd:e4:17:7f:ed:d6:43:
8f:b7:ce:34:f7:fc:93:40:dd:98:1b:12:3a:01:aa:94:8d:9b:
cb:5f:0a:99:13:5e:5b:2b:c7:1d:d0:e0:de:23:a5:af:38:25:
64:b7:dc:95:38:45:ce:8d:ed:db:17:c1:e3:ee:68:2c:58:b5:
ae:17:9f:c4:3d:de:fd:ea:16:28:49:32:d7:58:a2:c9:f5:90:
06:a9:a4:9f:07:2b:a4:44:ba:39:46:41:9b:23:95:bc:69:bb:
1f:36:d3:68:ea:2f:8c:83:dd:3b:ba:a5:53:6d:37:cf:9a:94:
da:73:2d:1f
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUMc5EDf80XWc2UrK47pFpeLMxE4gwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA1MjYxNTEwNTFaFw0yNTA2MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDA1NTdkODM4MjRhOWMyOTM0YmYwZmY1NjE5M2NkYzRmOGYyZjFjMDlmMzE1
M2VjMmM4ODE2YzUwMTYwMDFhMGQxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIzqyI0EkVj2JHKTwrPaSr9XKa2NvpMaEpT7vkyjOVbub2JQTBRntGEP2lF/
DREXnmE6186xZZr6FTT5UMJUTZc/2KZRhg3CQ4d7PZY86MrNSG7UzNwjgoP0Dz3V
Ipm6gG7iazagFryzZP0ySZMhGGkMk/TI/lRZUufBmo4ERRdN0dNV37gWSzAY11cM
UX9tBvlTWlpmlErA99FjDipmfAhZ6JVjtVeVyIy+o0bkYAVzpeG9ZT90abqNFMyB
wgZ1MSM8Erdwinj+pHLxjoVbF513AZZasW+5a38argG79ZQIADQlIhWiF9huug4E
oNcZ3hcTX6HUrcsaU3Q9LRPrHx8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTJfbgn
XeQMf6tOlzx9i2vxX5SggTAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
MDBlMzY3ZjAtMThmZS00YmUzLThjY2QtODg1Zjc1YmFmMGE1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCABP8AA
MA0GCSqGSIb3DQEBCwUAA4IBAQBTaQWf0A5GqCEauIhiaLB9VLkqWOlbiiqfUJ1B
lgd76Eq2maIzWdJifRFA0A7bxWXysJYPFKOaDSmHlmJS6ngpAtbNhG/opHLTOUJR
s28JIQzgaysk+2+fH8eALsSyV3JFPTBCwViqrc/CNSWlOL2NNmeotSQKzL7RR223
rwlo3D230ukj1oGfBc3kF3/t1kOPt8409/yTQN2YGxI6AaqUjZvLXwqZE15bK8cd
0ODeI6WvOCVkt9yVOEXOje3bF8Hj7mgsWLWuF5/EPd796hYoSTLXWKLJ9ZAGqaSf
ByukRLo5RkGbI5W8absfNtNo6i+Mg907uqVTbTfPmpTacy0f
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:41:04 2025 by rpki-client