Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/42a75e81-4259-49a6-bdf2-3b7976817e78.roa
File: 42a75e81-4259-49a6-bdf2-3b7976817e78.roa (raw, json)
Hash identifier: rPwbHXh9MNqE6700W4VjP9LYVrUySDnn/hJq5sK0UdM=
Subject key identifier: F8:99:29:C5:16:BA:BB:12:66:BF:8F:33:A2:F9:F3:36:C1:3C:1F:3C
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 58FC8C3A8D09C4251A59DF4365285CFDA76B4D34
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/42a75e81-4259-49a6-bdf2-3b7976817e78.roa
Signing time: Mon 26 May 2025 15:10:19 +0000
ROA not before: Mon 26 May 2025 15:10:19 +0000
ROA not after: Mon 30 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc3:5000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 19:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
58:fc:8c:3a:8d:09:c4:25:1a:59:df:43:65:28:5c:fd:a7:6b:4d:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: May 26 15:10:19 2025 GMT
Not After : Jun 30 23:59:59 2025 GMT
Subject: serialNumber=2af9de4f54b793d4beffa6537c7bdf095c426332c08c4fedb611a6f8b7dcd784, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f9:20:3a:7e:72:34:7b:34:7b:a7:28:97:e0:56:
5f:fd:38:ea:61:e8:17:70:ce:f6:d5:57:87:e8:92:
cc:4e:a0:83:ad:0f:24:59:1c:a3:48:01:fa:08:8a:
90:5e:b0:4e:95:50:be:97:fb:05:0d:a2:93:55:13:
0b:02:7b:c4:61:45:0b:6b:9a:84:ad:9f:d2:b8:b7:
a7:25:b2:9c:f1:08:aa:4e:f5:a8:53:90:dd:41:34:
05:15:3a:61:d5:55:80:1f:f7:bd:0c:e7:e0:c0:b7:
b6:0d:97:fb:ee:3f:39:5c:02:3a:92:bb:70:de:b9:
df:f7:7e:38:cf:53:40:0b:67:9f:bb:07:32:2b:b5:
b1:97:43:36:15:5d:09:36:05:98:97:0e:87:7f:ac:
eb:04:0a:70:5b:a9:8a:b4:b4:d4:7c:00:10:b7:76:
b1:f9:cc:ea:cb:7f:92:04:8b:52:06:5e:22:07:d7:
05:8f:65:47:53:16:b4:cc:7b:b2:9c:a2:9a:6b:8c:
19:cb:03:d0:26:f4:2a:fb:10:65:f8:b8:17:5f:f6:
0d:72:2a:28:f8:34:b2:0a:c0:fd:07:90:cb:95:8a:
5f:91:bf:96:c9:cc:07:7c:1b:13:08:74:25:ea:07:
95:8c:af:10:fa:e6:26:ca:dd:57:c6:af:b8:0e:5c:
c7:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:99:29:C5:16:BA:BB:12:66:BF:8F:33:A2:F9:F3:36:C1:3C:1F:3C
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/42a75e81-4259-49a6-bdf2-3b7976817e78.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc3:5000::/36
Signature Algorithm: sha256WithRSAEncryption
8e:25:82:38:4a:75:d9:7a:e1:cc:57:83:80:67:ce:e4:83:e5:
b9:8b:72:c0:a1:fd:c0:ff:cb:b0:71:f3:e4:d7:12:90:a7:42:
3a:fd:ab:20:1c:89:51:b6:3d:47:42:ea:7b:df:87:c4:ee:4a:
b1:41:fe:df:a7:e7:c9:43:c4:8a:51:52:8f:be:55:39:8d:1c:
53:8a:4e:ce:7d:18:7e:53:e6:ba:34:46:ff:2c:10:de:a7:3d:
86:57:d7:7a:4a:4c:de:a9:8d:55:e2:ab:57:17:7d:4e:d1:0c:
b4:ba:d2:94:62:76:fe:a7:8c:0e:97:84:22:65:85:5a:6b:9a:
9a:cb:ec:75:fb:6a:1b:ad:33:8e:bc:d9:ba:b8:56:32:28:c3:
06:2e:26:08:c9:6e:5e:30:9e:c5:48:c5:88:2c:6c:91:e4:34:
29:e0:4f:11:e2:7c:b9:af:92:44:b1:0c:d1:28:85:f5:fc:f4:
8d:39:d4:50:e2:ef:40:54:fb:2a:63:ad:e0:f3:f5:ff:cd:87:
b5:5d:a2:05:02:66:5c:34:68:78:ff:79:7f:eb:04:53:9c:e1:
d5:b5:1a:da:7f:86:1b:26:c9:0e:8c:b5:b8:0e:30:fd:2d:21:
1e:44:ba:10:9f:19:30:e7:b1:6a:25:b9:c4:e6:70:b2:1e:8d:
a6:b5:db:d2
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUWPyMOo0JxCUaWd9DZShc/adrTTQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA1MjYxNTEwMTlaFw0yNTA2MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDJhZjlkZTRmNTRiNzkzZDRiZWZmYTY1MzdjN2JkZjA5NWM0MjYzMzJjMDhj
NGZlZGI2MTFhNmY4YjdkY2Q3ODQxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPkgOn5yNHs0e6col+BWX/046mHoF3DO9tVXh+iSzE6gg60PJFkco0gB+giK
kF6wTpVQvpf7BQ2ik1UTCwJ7xGFFC2uahK2f0ri3pyWynPEIqk71qFOQ3UE0BRU6
YdVVgB/3vQzn4MC3tg2X++4/OVwCOpK7cN653/d+OM9TQAtnn7sHMiu1sZdDNhVd
CTYFmJcOh3+s6wQKcFupirS01HwAELd2sfnM6st/kgSLUgZeIgfXBY9lR1MWtMx7
spyimmuMGcsD0Cb0KvsQZfi4F1/2DXIqKPg0sgrA/QeQy5WKX5G/lsnMB3wbEwh0
JeoHlYyvEPrmJsrdV8avuA5cxxMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBT4mSnF
Frq7Ema/jzOi+fM2wTwfPDAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
NDJhNzVlODEtNDI1OS00OWE2LWJkZjItM2I3OTc2ODE3ZTc4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCABP8NQ
MA0GCSqGSIb3DQEBCwUAA4IBAQCOJYI4SnXZeuHMV4OAZ87kg+W5i3LAof3A/8uw
cfPk1xKQp0I6/asgHIlRtj1HQup734fE7kqxQf7fp+fJQ8SKUVKPvlU5jRxTik7O
fRh+U+a6NEb/LBDepz2GV9d6SkzeqY1V4qtXF31O0Qy0utKUYnb+p4wOl4QiZYVa
a5qay+x1+2obrTOOvNm6uFYyKMMGLiYIyW5eMJ7FSMWILGyR5DQp4E8R4ny5r5JE
sQzRKIX1/PSNOdRQ4u9AVPsqY63g8/X/zYe1XaIFAmZcNGh4/3l/6wRTnOHVtRra
f4YbJskOjLW4DjD9LSEeRLoQnxkw57FqJbnE5nCyHo2mtdvS
-----END CERTIFICATE-----
Generated at Sat Jun 14 23:17:40 2025 by rpki-client