Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/1f7b2e34-a041-4b12-a5b0-5af0d6f43b9a.roa
File: 1f7b2e34-a041-4b12-a5b0-5af0d6f43b9a.roa (raw, json)
Hash identifier: 1l/Eza6riaGMrhlvT05rD46GjalepJARC/liEDDfHt0=
Subject key identifier: 5A:AB:71:7B:0B:55:69:52:62:53:35:45:30:B5:17:40:47:12:0A:54
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 5710CA5C4B0660996FFF1FB1EB4EF5405B0B51A8
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/1f7b2e34-a041-4b12-a5b0-5af0d6f43b9a.roa
Signing time: Mon 26 May 2025 15:21:07 +0000
ROA not before: Mon 26 May 2025 15:21:07 +0000
ROA not after: Mon 30 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc1:8c00::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
57:10:ca:5c:4b:06:60:99:6f:ff:1f:b1:eb:4e:f5:40:5b:0b:51:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: May 26 15:21:07 2025 GMT
Not After : Jun 30 23:59:59 2025 GMT
Subject: serialNumber=33d0bffadbb3be6da18c9dd875ff9ad94c657ef634e2f49581c33e0fe29323be, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:15:1b:6d:7e:f5:1d:ad:cd:b1:eb:90:c6:71:
d3:a4:19:62:51:99:b3:0d:56:21:c3:20:80:42:84:
1e:8a:a6:0f:48:90:fc:0b:10:38:f3:c3:65:01:ab:
7f:73:7e:e2:8e:ff:cb:85:2e:a4:d1:74:47:91:0c:
c3:87:87:1e:7a:54:08:f8:e2:31:00:77:2e:8f:2c:
6f:59:24:fe:57:3a:78:7a:e5:9b:84:b9:a4:23:64:
ec:3d:ce:c1:c2:27:d9:6c:71:69:d5:b6:dd:66:ec:
8c:a2:52:5b:16:a3:39:ad:9a:f2:91:1a:3c:40:58:
5e:8d:89:35:10:4e:fe:3d:b3:13:02:a4:7b:f2:fb:
19:e6:a8:38:51:bd:68:42:d5:d1:6a:af:73:ba:69:
b7:06:19:d6:4a:98:4a:e7:f8:da:45:5c:4b:89:e5:
1c:12:80:1d:84:1d:f5:24:c9:45:89:0c:ed:1d:d4:
54:95:30:51:0d:82:a0:39:34:c9:7e:a6:97:07:51:
58:7e:cf:0b:5a:e1:03:21:d8:c2:8d:55:a0:16:aa:
a9:cb:3c:13:9e:2d:1d:13:82:8d:7c:6e:00:dd:d7:
df:98:74:87:2e:bb:1f:af:18:c2:08:37:ae:16:be:
f4:ba:50:2a:65:2b:2e:c8:c6:15:4f:c7:b8:35:65:
20:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:AB:71:7B:0B:55:69:52:62:53:35:45:30:B5:17:40:47:12:0A:54
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/1f7b2e34-a041-4b12-a5b0-5af0d6f43b9a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc1:8c00::/38
Signature Algorithm: sha256WithRSAEncryption
35:d2:7e:e5:ff:c7:50:e1:c1:83:7c:e1:55:c4:58:09:9e:6b:
b9:18:5a:28:9d:9f:c0:3d:42:18:e2:be:59:9a:a4:08:7b:b0:
a1:fd:17:f3:ea:35:0c:fa:16:d1:ea:81:90:c8:16:cb:1f:c9:
ce:84:82:e8:d9:54:56:fa:54:eb:4e:d7:1f:9e:78:74:62:71:
16:8d:c7:b8:6a:e8:7a:e2:4f:13:49:78:c0:08:c3:31:fc:bd:
de:eb:76:4d:a3:81:07:ff:1e:2a:c4:6c:75:0a:ae:63:dc:80:
88:4e:c6:a1:81:ad:04:88:19:b3:10:de:1a:53:ac:0c:60:1c:
ca:1b:a0:af:0b:a8:44:a3:7d:cf:e0:01:ef:aa:34:75:21:e3:
53:24:d2:35:5b:a2:84:ba:bd:80:73:c4:e7:5b:8d:e3:8e:33:
34:d5:4c:3d:ea:06:39:c0:24:df:a7:55:3e:d7:03:ad:f0:22:
2b:b3:d9:44:3f:4d:22:13:0c:de:18:b1:49:3f:b1:ac:db:b7:
97:c9:42:24:bd:36:40:53:9c:8c:0c:da:a2:93:78:23:47:0c:
50:f0:1b:4b:ce:61:5d:fd:c0:b8:c2:64:a8:fc:3e:c8:f2:57:
e1:98:34:8a:f6:64:a3:9e:9d:74:a7:b0:68:76:0f:89:bd:69:
8e:0a:c8:03
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUVxDKXEsGYJlv/x+x6071QFsLUagwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA1MjYxNTIxMDdaFw0yNTA2MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDMzZDBiZmZhZGJiM2JlNmRhMThjOWRkODc1ZmY5YWQ5NGM2NTdlZjYzNGUy
ZjQ5NTgxYzMzZTBmZTI5MzIzYmUxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMcVG21+9R2tzbHrkMZx06QZYlGZsw1WIcMggEKEHoqmD0iQ/AsQOPPDZQGr
f3N+4o7/y4UupNF0R5EMw4eHHnpUCPjiMQB3Lo8sb1kk/lc6eHrlm4S5pCNk7D3O
wcIn2WxxadW23WbsjKJSWxajOa2a8pEaPEBYXo2JNRBO/j2zEwKke/L7GeaoOFG9
aELV0Wqvc7pptwYZ1kqYSuf42kVcS4nlHBKAHYQd9STJRYkM7R3UVJUwUQ2CoDk0
yX6mlwdRWH7PC1rhAyHYwo1VoBaqqcs8E54tHROCjXxuAN3X35h0hy67H68Ywgg3
rha+9LpQKmUrLsjGFU/HuDVlIL8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRaq3F7
C1VpUmJTNUUwtRdARxIKVDAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
MWY3YjJlMzQtYTA0MS00YjEyLWE1YjAtNWFmMGQ2ZjQzYjlhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAiABP8GM
MA0GCSqGSIb3DQEBCwUAA4IBAQA10n7l/8dQ4cGDfOFVxFgJnmu5GFoonZ/APUIY
4r5ZmqQIe7Ch/Rfz6jUM+hbR6oGQyBbLH8nOhILo2VRW+lTrTtcfnnh0YnEWjce4
auh64k8TSXjACMMx/L3e63ZNo4EH/x4qxGx1Cq5j3ICITsahga0EiBmzEN4aU6wM
YBzKG6CvC6hEo33P4AHvqjR1IeNTJNI1W6KEur2Ac8TnW43jjjM01Uw96gY5wCTf
p1U+1wOt8CIrs9lEP00iEwzeGLFJP7Gs27eXyUIkvTZAU5yMDNqik3gjRwxQ8BtL
zmFd/cC4wmSo/D7I8lfhmDSK9mSjnp10p7Bodg+JvWmOCsgD
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:43:22 2025 by rpki-client