Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/2743eb54-0e16-4048-a058-1bc32c140fc6.roa
File: 2743eb54-0e16-4048-a058-1bc32c140fc6.roa (raw, json)
Hash identifier: tZFL9oEMeKwgDZuGLBUTEuKwhmc2ffRY7EA5B33QE10=
Subject key identifier: EF:5B:16:84:C7:9E:DE:A8:EF:A6:4F:C5:C1:CA:CB:E7:C8:22:7B:8F
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 2494A089C19C27CE07CFAB61FC5EEC7672075C97
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/2743eb54-0e16-4048-a058-1bc32c140fc6.roa
Signing time: Mon 26 May 2025 15:10:20 +0000
ROA not before: Mon 26 May 2025 15:10:20 +0000
ROA not after: Mon 30 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc7:b840::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
24:94:a0:89:c1:9c:27:ce:07:cf:ab:61:fc:5e:ec:76:72:07:5c:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: May 26 15:10:20 2025 GMT
Not After : Jun 30 23:59:59 2025 GMT
Subject: serialNumber=9288e007ee4f36e874c8d3282fe65a9b896087132869bec56a71839c35fb57ba, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f6:62:6a:7b:fe:86:01:8b:3e:b3:da:62:e2:3d:
2e:89:58:08:43:8f:a9:d1:ba:0f:f8:de:e2:9d:de:
f1:de:fe:2b:51:f0:39:4a:97:36:37:77:e6:9a:bf:
f8:de:67:33:73:af:67:69:9b:aa:08:38:d9:ae:3a:
de:00:09:7f:d3:12:94:94:de:db:76:e0:db:82:de:
83:d2:d0:6f:a8:21:20:56:64:29:2c:e5:82:99:e3:
85:84:ae:fc:02:e7:4b:cc:35:94:9c:29:63:00:94:
39:37:73:f9:ca:c2:b1:fb:eb:2e:c9:ba:02:f7:9d:
db:71:a9:24:60:4e:10:ad:de:89:cd:9b:9f:73:7c:
b1:67:d8:89:88:3e:ea:8c:74:ee:76:e0:0d:3b:55:
7d:2b:f3:7b:c0:83:6b:30:4c:63:bc:79:c4:83:8b:
0c:a4:f6:2b:fb:71:55:0a:7c:bc:ab:e8:1d:24:dc:
15:2b:fe:4b:68:03:7e:31:b9:b5:5d:6a:8f:bc:90:
c6:ba:9b:a9:fd:3e:a7:60:c2:ad:31:c0:e4:4e:dd:
44:7a:aa:7a:08:e6:ad:81:2d:aa:91:db:79:4e:6b:
33:87:d3:03:82:67:fa:e6:8e:8a:ca:d8:08:03:bd:
92:94:29:2a:97:9c:8f:cf:11:97:e7:19:16:d9:f8:
b3:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:5B:16:84:C7:9E:DE:A8:EF:A6:4F:C5:C1:CA:CB:E7:C8:22:7B:8F
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/2743eb54-0e16-4048-a058-1bc32c140fc6.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc7:b840::/46
Signature Algorithm: sha256WithRSAEncryption
1f:07:e6:99:6c:c0:ba:9f:60:d8:ad:4e:bc:61:c1:a7:2c:06:
30:8f:7f:1e:2c:f2:d1:51:53:09:57:8b:cb:36:bc:81:4e:f9:
37:40:73:60:6b:cc:44:4b:4d:81:d4:ec:d0:5e:0c:c3:55:30:
bc:51:eb:8a:8b:9b:ee:9d:6e:63:bc:e9:d7:a3:40:f5:e8:48:
69:8e:34:ab:11:26:80:fc:0a:6e:b0:f4:ed:00:40:ac:e3:e2:
53:d2:31:c8:7d:21:8d:43:14:c4:71:f8:f1:7d:7e:e6:25:c3:
e9:03:79:3e:01:a5:c5:3c:f6:b7:21:fa:55:ca:8f:2a:a2:8d:
61:4c:f2:aa:84:69:ac:28:26:1d:98:de:7c:e3:dc:b3:c1:50:
3c:b2:87:44:a5:f0:1a:79:55:a6:f5:ca:8c:03:2b:e7:45:5f:
49:76:e2:e8:9c:30:44:58:5f:1f:8b:1d:d1:1e:e9:6d:ea:3b:
4f:ca:9c:cf:3f:ac:fb:9e:5f:6e:a0:00:ae:8d:d5:54:9d:9b:
92:60:7c:b9:24:40:38:fe:e0:f6:1d:23:8b:3e:00:68:9d:22:
02:c4:2d:86:c6:a3:fd:4d:b8:42:d1:92:97:8e:4c:5c:bf:36:
c8:40:0a:59:89:82:3f:a5:f8:a6:80:be:ce:16:0c:26:75:99:
a7:f2:74:2d
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUJJSgicGcJ84Hz6th/F7sdnIHXJcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA1MjYxNTEwMjBaFw0yNTA2MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDkyODhlMDA3ZWU0ZjM2ZTg3NGM4ZDMyODJmZTY1YTliODk2MDg3MTMyODY5
YmVjNTZhNzE4MzljMzVmYjU3YmExLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPZianv+hgGLPrPaYuI9LolYCEOPqdG6D/je4p3e8d7+K1HwOUqXNjd35pq/
+N5nM3OvZ2mbqgg42a463gAJf9MSlJTe23bg24Leg9LQb6ghIFZkKSzlgpnjhYSu
/ALnS8w1lJwpYwCUOTdz+crCsfvrLsm6Aved23GpJGBOEK3eic2bn3N8sWfYiYg+
6ox07nbgDTtVfSvze8CDazBMY7x5xIOLDKT2K/txVQp8vKvoHSTcFSv+S2gDfjG5
tV1qj7yQxrqbqf0+p2DCrTHA5E7dRHqqegjmrYEtqpHbeU5rM4fTA4Jn+uaOisrY
CAO9kpQpKpecj88Rl+cZFtn4s5UCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTvWxaE
x57eqO+mT8XBysvnyCJ7jzAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
Mjc0M2ViNTQtMGUxNi00MDQ4LWEwNTgtMWJjMzJjMTQwZmM2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAiABP8e4
QDANBgkqhkiG9w0BAQsFAAOCAQEAHwfmmWzAup9g2K1OvGHBpywGMI9/Hizy0VFT
CVeLyza8gU75N0BzYGvMREtNgdTs0F4Mw1UwvFHrioub7p1uY7zp16NA9ehIaY40
qxEmgPwKbrD07QBArOPiU9IxyH0hjUMUxHH48X1+5iXD6QN5PgGlxTz2tyH6VcqP
KqKNYUzyqoRprCgmHZjefOPcs8FQPLKHRKXwGnlVpvXKjAMr50VfSXbi6JwwRFhf
H4sd0R7pbeo7T8qczz+s+55fbqAAro3VVJ2bkmB8uSRAOP7g9h0jiz4AaJ0iAsQt
hsaj/U24QtGSl45MXL82yEAKWYmCP6X4poC+zhYMJnWZp/J0LQ==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:53:53 2025 by rpki-client