Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/1e498054-99a2-4f2b-82cb-7448499c313c.roa
File: 1e498054-99a2-4f2b-82cb-7448499c313c.roa (raw, json)
Hash identifier: UajXvnV7pBIp4NjkLXwc6BV5GHbKKiN4gMtPinLLGI0=
Subject key identifier: A4:EE:E0:FB:96:F6:90:B8:BA:F9:D9:88:91:58:02:5B:89:17:F5:0A
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 7E8D28C7D6E793CD71173CDCB2161F05B7F0DC49
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/1e498054-99a2-4f2b-82cb-7448499c313c.roa
Signing time: Mon 21 Apr 2025 18:40:05 +0000
ROA not before: Mon 21 Apr 2025 18:40:05 +0000
ROA not after: Mon 26 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7e:8d:28:c7:d6:e7:93:cd:71:17:3c:dc:b2:16:1f:05:b7:f0:dc:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Apr 21 18:40:05 2025 GMT
Not After : May 26 23:59:59 2025 GMT
Subject: serialNumber=8753496c430eb2fcc38ccddf904a337bd5bc6be0c808ee4af28bff02d69564b7, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:da:ae:0e:19:3a:e9:9d:b4:71:02:11:4b:16:
48:18:f9:6c:34:a6:4f:8f:cb:68:4a:ff:41:aa:52:
56:eb:8c:5d:4f:b5:4e:5c:3c:90:cf:38:36:24:63:
83:92:f3:45:d1:c7:c8:ed:0c:e4:34:90:e9:0c:b2:
bc:b7:9f:08:76:08:a8:c0:d8:ba:e1:d8:e7:9e:48:
a9:3f:67:3a:a4:e5:cf:cb:5f:7f:3b:3f:72:9d:8e:
36:fa:df:64:7f:03:9c:c9:06:ed:8b:8f:c8:19:71:
48:fa:cd:40:5e:43:7b:8c:11:85:9b:5f:6d:fa:b4:
43:a5:6f:e9:5f:20:4a:88:c1:c5:c2:fe:82:0d:fe:
e5:d6:fe:e8:7d:13:3b:35:ea:89:2d:89:c5:f5:80:
20:41:d9:a0:cf:15:8a:07:3b:f8:aa:c6:82:6f:04:
29:58:bf:ac:a5:3a:a0:b4:65:7d:e8:26:d9:ad:3b:
19:43:38:61:50:96:bf:2a:27:c5:4b:af:73:f6:f6:
0e:42:8e:07:f7:87:62:e7:71:79:8d:9d:1c:9a:10:
3d:17:37:aa:ad:1a:dc:c2:83:fa:28:98:4e:a8:55:
bb:19:92:77:a8:c9:cc:a5:9d:5e:59:d0:6f:68:29:
1a:75:dd:7a:35:a0:ca:e8:1e:9a:f8:4f:7e:d0:55:
99:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:EE:E0:FB:96:F6:90:B8:BA:F9:D9:88:91:58:02:5B:89:17:F5:0A
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/1e498054-99a2-4f2b-82cb-7448499c313c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc0::/29
Signature Algorithm: sha256WithRSAEncryption
5d:2f:38:e3:ea:41:65:fe:4f:6b:2d:6e:cd:06:83:e9:45:25:
4c:d6:01:7d:82:f9:67:34:2c:41:20:79:76:6c:1b:39:3e:ef:
2a:d4:cb:54:39:bb:42:08:07:de:a6:64:41:1b:fa:cf:0c:e7:
06:dd:2c:8b:c8:03:2c:b1:a7:c6:4c:91:38:8f:de:26:0a:16:
9a:7e:c6:e7:b4:35:fc:f8:35:01:e0:91:9b:db:76:14:36:0a:
06:f9:ab:36:d4:61:5f:46:e4:70:e5:16:68:d7:4f:7c:46:c3:
f5:95:de:1c:0f:5f:45:ec:26:90:fa:17:53:f3:2c:cf:60:0b:
38:74:32:8d:9f:11:d6:c9:7f:e8:38:75:08:d2:ae:ee:b8:6a:
69:5a:05:59:ee:04:4d:db:b9:ea:4a:03:4a:35:bd:4c:e6:dd:
a9:c3:a6:57:78:9e:8f:b9:41:6c:75:85:f3:d2:20:43:68:9e:
c5:1a:09:1f:3e:c5:46:74:8d:bc:80:0d:d7:11:32:9a:c5:08:
a5:ff:7d:27:05:bd:e6:61:12:ad:36:56:b1:e1:3c:99:5e:ea:
c3:82:cb:21:ba:90:4a:1e:06:95:9c:c7:35:41:ca:83:af:ba:
bd:1d:c5:82:c6:9e:f1:a5:59:f9:f0:75:3c:46:e1:b3:6f:24:
cc:42:f2:89
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgIUfo0ox9bnk81xFzzcshYfBbfw3EkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA0MjExODQwMDVaFw0yNTA1MjYyMzU5NTlaMHoxSTBHBgNV
BAUTQDg3NTM0OTZjNDMwZWIyZmNjMzhjY2RkZjkwNGEzMzdiZDViYzZiZTBjODA4
ZWU0YWYyOGJmZjAyZDY5NTY0YjcxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALDarg4ZOumdtHECEUsWSBj5bDSmT4/LaEr/QapSVuuMXU+1Tlw8kM84NiRj
g5LzRdHHyO0M5DSQ6QyyvLefCHYIqMDYuuHY555IqT9nOqTlz8tffzs/cp2ONvrf
ZH8DnMkG7YuPyBlxSPrNQF5De4wRhZtfbfq0Q6Vv6V8gSojBxcL+gg3+5db+6H0T
OzXqiS2JxfWAIEHZoM8Vigc7+KrGgm8EKVi/rKU6oLRlfegm2a07GUM4YVCWvyon
xUuvc/b2DkKOB/eHYudxeY2dHJoQPRc3qq0a3MKD+iiYTqhVuxmSd6jJzKWdXlnQ
b2gpGnXdejWgyugemvhPftBVmTUCAwEAAaOCAiIwggIeMB0GA1UdDgQWBBSk7uD7
lvaQuLr52YiRWAJbiRf1CjAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
MWU0OTgwNTQtOTlhMi00ZjJiLTgyY2ItNzQ0ODQ5OWMzMTNjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFAyABP8Aw
DQYJKoZIhvcNAQELBQADggEBAF0vOOPqQWX+T2stbs0Gg+lFJUzWAX2C+Wc0LEEg
eXZsGzk+7yrUy1Q5u0IIB96mZEEb+s8M5wbdLIvIAyyxp8ZMkTiP3iYKFpp+xue0
Nfz4NQHgkZvbdhQ2Cgb5qzbUYV9G5HDlFmjXT3xGw/WV3hwPX0XsJpD6F1PzLM9g
Czh0Mo2fEdbJf+g4dQjSru64amlaBVnuBE3buepKA0o1vUzm3anDpld4no+5QWx1
hfPSIENonsUaCR8+xUZ0jbyADdcRMprFCKX/fScFveZhEq02VrHhPJle6sOCyyG6
kEoeBpWcxzVByoOvur0dxYLGnvGlWfnwdTxG4bNvJMxC8ok=
-----END CERTIFICATE-----
Generated at Sat Apr 26 15:52:29 2025 by rpki-client