Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/34fb5c7e-e397-4649-893b-332ddda14bd0.roa
File: 34fb5c7e-e397-4649-893b-332ddda14bd0.roa (raw, json)
Hash identifier: 8Ws2vAGppMi//MLjCPfA04wyvYmjb/voWfMdgU0NQuE=
Subject key identifier: 28:37:C5:B8:A8:EE:EC:94:79:FA:FB:96:4C:11:6C:5F:41:DE:9C:2B
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 06B678F70CF01660D15BC785485129EB1B1105CA
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/34fb5c7e-e397-4649-893b-332ddda14bd0.roa
Signing time: Mon 21 Apr 2025 18:40:04 +0000
ROA not before: Mon 21 Apr 2025 18:40:04 +0000
ROA not after: Mon 26 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc6:100::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
06:b6:78:f7:0c:f0:16:60:d1:5b:c7:85:48:51:29:eb:1b:11:05:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Apr 21 18:40:04 2025 GMT
Not After : May 26 23:59:59 2025 GMT
Subject: serialNumber=c5bffc00328118906e320b6f852f3f91c74d31082ecdc35f7241c71f36f2ec6d, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:a4:f0:e0:9a:4d:de:6a:95:4c:40:29:07:e2:
9f:e5:e7:c4:10:5f:b0:e9:24:28:36:28:6f:9b:09:
03:de:63:6f:df:84:fe:96:68:c5:6d:12:99:4c:88:
19:fa:a7:aa:4e:1b:f1:1b:8d:3f:6e:5a:93:ab:ff:
36:ea:7c:09:31:b5:72:20:a0:31:49:dd:7d:4d:4a:
30:52:bf:a3:5d:c2:06:6f:9a:73:a0:b2:c7:f7:f6:
d6:b6:4f:e1:19:32:44:50:68:e4:66:da:60:01:9e:
ed:82:54:9e:2a:43:af:1f:9f:f6:d1:2b:63:0c:17:
78:ce:43:e3:4e:04:da:44:e0:9b:4f:7d:2a:a5:1f:
49:af:38:73:b3:60:67:0b:38:40:d7:31:74:63:09:
06:1e:f1:87:dd:d4:07:f0:59:e3:3b:b7:48:88:b0:
be:d3:5d:fd:e3:48:05:a3:86:11:a5:c1:31:9a:12:
cc:e7:18:04:84:a9:78:19:10:a2:8b:f2:fe:46:e7:
59:98:a9:31:52:2c:b0:53:8a:d8:31:be:05:53:77:
7b:cd:16:87:69:9e:f1:c8:10:82:0b:17:a5:e0:92:
21:88:dc:c9:31:c9:bc:39:ca:c8:67:6d:22:39:84:
28:e0:78:6d:83:15:bd:25:49:cc:9a:49:b7:1d:aa:
48:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:37:C5:B8:A8:EE:EC:94:79:FA:FB:96:4C:11:6C:5F:41:DE:9C:2B
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/34fb5c7e-e397-4649-893b-332ddda14bd0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc6:100::/48
Signature Algorithm: sha256WithRSAEncryption
2f:eb:87:b5:71:37:30:ea:36:8b:02:80:81:c1:c9:5d:ce:4f:
7a:2c:fd:5c:9c:06:ec:82:8e:2d:92:f8:f0:72:c5:ca:dc:68:
d4:4b:db:15:1d:dd:4b:1e:a9:76:36:5f:94:1b:18:f9:bd:00:
7b:dd:9d:5d:74:2a:cb:dc:da:f0:5d:12:a8:92:94:7c:1c:97:
0e:88:6f:48:8d:fc:26:c8:96:22:bd:05:d3:22:5d:24:4f:83:
d0:40:52:4d:08:9b:87:ae:b9:92:83:e9:17:13:d9:49:ff:b0:
4c:f7:96:73:b9:f0:9e:ae:57:cf:19:85:61:6b:0b:82:61:2a:
46:1b:01:58:92:13:02:3d:a5:11:a1:d9:ab:76:51:91:6e:97:
94:9f:8a:52:d4:a3:93:d5:60:a9:f7:27:a8:6e:3b:0a:37:2f:
95:f4:11:11:37:50:50:1e:06:4e:d2:7a:c0:b5:e8:40:5d:21:
49:1d:ae:ec:d5:79:3c:fc:42:c6:18:94:bc:5d:9b:05:37:33:
11:3c:c5:86:3b:a3:20:3a:e7:e5:ed:35:3b:27:2a:15:54:82:
cd:6f:4f:72:3f:51:24:e4:1e:02:a1:ad:98:19:e9:39:ec:2c:
90:60:bd:fa:26:1d:6d:f1:31:cf:c9:59:9b:16:20:6d:95:78:
02:f5:91:3c
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUBrZ49wzwFmDRW8eFSFEp6xsRBcowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA0MjExODQwMDRaFw0yNTA1MjYyMzU5NTlaMHoxSTBHBgNV
BAUTQGM1YmZmYzAwMzI4MTE4OTA2ZTMyMGI2Zjg1MmYzZjkxYzc0ZDMxMDgyZWNk
YzM1ZjcyNDFjNzFmMzZmMmVjNmQxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALak8OCaTd5qlUxAKQfin+XnxBBfsOkkKDYob5sJA95jb9+E/pZoxW0SmUyI
Gfqnqk4b8RuNP25ak6v/Nup8CTG1ciCgMUndfU1KMFK/o13CBm+ac6Cyx/f21rZP
4RkyRFBo5GbaYAGe7YJUnipDrx+f9tErYwwXeM5D404E2kTgm099KqUfSa84c7Ng
Zws4QNcxdGMJBh7xh93UB/BZ4zu3SIiwvtNd/eNIBaOGEaXBMZoSzOcYBISpeBkQ
oovy/kbnWZipMVIssFOK2DG+BVN3e80Wh2me8cgQggsXpeCSIYjcyTHJvDnKyGdt
IjmEKOB4bYMVvSVJzJpJtx2qSFUCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQoN8W4
qO7slHn6+5ZMEWxfQd6cKzAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
MzRmYjVjN2UtZTM5Ny00NjQ5LTg5M2ItMzMyZGRkYTE0YmQwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACABP8YB
ADANBgkqhkiG9w0BAQsFAAOCAQEAL+uHtXE3MOo2iwKAgcHJXc5Peiz9XJwG7IKO
LZL48HLFytxo1EvbFR3dSx6pdjZflBsY+b0Ae92dXXQqy9za8F0SqJKUfByXDohv
SI38JsiWIr0F0yJdJE+D0EBSTQibh665koPpFxPZSf+wTPeWc7nwnq5XzxmFYWsL
gmEqRhsBWJITAj2lEaHZq3ZRkW6XlJ+KUtSjk9VgqfcnqG47CjcvlfQRETdQUB4G
TtJ6wLXoQF0hSR2u7NV5PPxCxhiUvF2bBTczETzFhjujIDrn5e01OycqFVSCzW9P
cj9RJOQeAqGtmBnpOewskGC9+iYdbfExz8lZmxYgbZV4AvWRPA==
-----END CERTIFICATE-----
Generated at Sat Apr 26 14:46:00 2025 by rpki-client