Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/2b3faf28-e8b7-4e39-99e4-e3cb6577dafb.roa
File: 2b3faf28-e8b7-4e39-99e4-e3cb6577dafb.roa (raw, json)
Hash identifier: qc8G65HesMC7T85jB+yI28kMJlR+TNlUYuGZ9pW6BL8=
Subject key identifier: F1:4C:23:35:24:DB:B7:14:5F:CE:96:AB:42:EF:38:F9:2E:85:1A:A9
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 162A59D89A30E81AC91BB90C37CDDA7ABF5CA412
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/2b3faf28-e8b7-4e39-99e4-e3cb6577dafb.roa
Signing time: Mon 26 May 2025 15:21:15 +0000
ROA not before: Mon 26 May 2025 15:21:15 +0000
ROA not after: Mon 30 Jun 2025 23:59:59 +0000
asID: 14618
IP address blocks: 2001:3fc4::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 19:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
16:2a:59:d8:9a:30:e8:1a:c9:1b:b9:0c:37:cd:da:7a:bf:5c:a4:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: May 26 15:21:15 2025 GMT
Not After : Jun 30 23:59:59 2025 GMT
Subject: serialNumber=891a4d1bb161359249ac479e85a3ff661f5b81f181062756ab90cf2d3a3f4f33, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:b8:d1:4f:35:0d:63:16:ac:0c:86:dd:34:fb:
dc:9c:e9:fb:bf:91:56:b5:66:a1:a1:46:e2:88:6b:
e4:33:09:f5:56:8c:dc:de:ae:9c:60:a1:2c:31:f3:
d6:4b:ed:93:ff:4f:a5:2a:7e:04:34:d3:73:6c:f6:
c8:83:60:66:a3:dd:a8:cd:9d:6b:bb:35:81:4f:ef:
56:ce:8b:2d:15:d7:f4:c8:4d:51:a7:eb:fb:31:72:
a7:87:a7:56:ba:25:1b:74:ab:5d:52:73:50:d4:b2:
d1:86:16:5c:bb:5f:a2:a1:26:59:40:85:8f:ea:9f:
73:a0:1f:91:8d:4e:f7:c2:3d:be:1b:bc:a7:70:56:
87:0a:28:61:67:9a:ae:96:f8:96:85:1b:05:71:43:
0d:ee:4b:43:97:71:26:66:37:79:ad:b7:bf:e4:36:
e4:a5:c9:b4:3c:2d:07:09:e3:44:9a:a4:79:10:02:
36:26:d0:b7:20:6b:95:ff:cb:87:a2:b7:bb:93:6d:
ac:e3:b5:d5:21:df:d5:eb:ff:07:f3:11:19:64:6e:
ea:e2:ef:3c:18:d6:d1:3f:b1:77:98:7f:7c:06:f9:
4e:4b:c1:96:26:54:26:e7:58:0b:d1:80:c3:60:04:
f7:20:7f:f8:f3:9c:7e:cb:79:40:76:7b:93:f8:6f:
05:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:4C:23:35:24:DB:B7:14:5F:CE:96:AB:42:EF:38:F9:2E:85:1A:A9
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/2b3faf28-e8b7-4e39-99e4-e3cb6577dafb.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc4::/36
Signature Algorithm: sha256WithRSAEncryption
37:8b:bf:9d:75:81:dc:13:a7:8b:27:e3:8a:6f:6d:ea:fb:53:
c4:99:ad:63:d8:c5:01:69:6b:53:bf:d4:70:71:f9:b1:85:03:
ce:2a:80:21:02:8a:96:21:14:7f:4a:a5:e5:40:e9:cb:6f:ca:
1b:f9:da:cb:cf:c9:4a:a1:fa:73:92:77:53:19:6d:00:4f:20:
28:77:dd:da:b9:86:cd:3b:8f:c2:a8:73:b5:67:91:c4:47:95:
bb:37:34:2f:2c:4f:71:05:a3:f5:c8:58:02:fe:cd:18:d5:e4:
ec:0c:da:3d:ac:bb:42:39:38:32:f2:35:a1:e7:dc:9a:db:10:
2b:84:56:9f:1b:fc:b4:db:64:69:17:5b:43:ec:5a:e2:d6:fa:
22:50:15:71:2c:e1:8d:69:33:19:df:d1:9f:db:0d:51:1c:f6:
85:b9:fb:f6:9a:e8:ce:f7:92:41:27:72:30:88:70:ae:9a:c2:
fe:16:27:87:56:c2:20:bc:bb:89:44:35:1c:d6:77:53:90:02:
56:69:4d:2a:64:fe:45:28:a1:6e:06:8b:bd:e7:7a:be:b7:e6:
e3:c6:4b:d0:99:bc:ab:3e:66:02:76:12:b1:84:5d:ac:26:bf:
dd:a3:c4:15:2a:9d:67:c4:a7:84:da:d2:2e:97:a7:e4:33:bf:
28:d7:58:17
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUFipZ2Jow6BrJG7kMN83aer9cpBIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA1MjYxNTIxMTVaFw0yNTA2MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDg5MWE0ZDFiYjE2MTM1OTI0OWFjNDc5ZTg1YTNmZjY2MWY1YjgxZjE4MTA2
Mjc1NmFiOTBjZjJkM2EzZjRmMzMxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMS40U81DWMWrAyG3TT73Jzp+7+RVrVmoaFG4ohr5DMJ9VaM3N6unGChLDHz
1kvtk/9PpSp+BDTTc2z2yINgZqPdqM2da7s1gU/vVs6LLRXX9MhNUafr+zFyp4en
VrolG3SrXVJzUNSy0YYWXLtfoqEmWUCFj+qfc6AfkY1O98I9vhu8p3BWhwooYWea
rpb4loUbBXFDDe5LQ5dxJmY3ea23v+Q25KXJtDwtBwnjRJqkeRACNibQtyBrlf/L
h6K3u5NtrOO11SHf1ev/B/MRGWRu6uLvPBjW0T+xd5h/fAb5TkvBliZUJudYC9GA
w2AE9yB/+POcfst5QHZ7k/hvBckCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTxTCM1
JNu3FF/OlqtC7zj5LoUaqTAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
MmIzZmFmMjgtZThiNy00ZTM5LTk5ZTQtZTNjYjY1NzdkYWZiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCABP8QA
MA0GCSqGSIb3DQEBCwUAA4IBAQA3i7+ddYHcE6eLJ+OKb23q+1PEma1j2MUBaWtT
v9RwcfmxhQPOKoAhAoqWIRR/SqXlQOnLb8ob+drLz8lKofpzkndTGW0ATyAod93a
uYbNO4/CqHO1Z5HER5W7NzQvLE9xBaP1yFgC/s0Y1eTsDNo9rLtCOTgy8jWh59ya
2xArhFafG/y022RpF1tD7Fri1voiUBVxLOGNaTMZ39Gf2w1RHPaFufv2mujO95JB
J3IwiHCumsL+FieHVsIgvLuJRDUc1ndTkAJWaU0qZP5FKKFuBou953q+t+bjxkvQ
mbyrPmYCdhKxhF2sJr/do8QVKp1nxKeE2tIul6fkM78o11gX
-----END CERTIFICATE-----
Generated at Sat Jun 14 23:39:32 2025 by rpki-client