Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/4723f2a2-88af-42fa-b700-a780f4cd2903.roa
File: 4723f2a2-88af-42fa-b700-a780f4cd2903.roa (raw, json)
Hash identifier: fFnuC6nOb6xDqHNvSPCKC9DWwmssDBwbrbKrqcSx/9s=
Subject key identifier: CD:FD:1B:0A:40:60:04:94:44:36:F7:43:E3:AA:A3:7E:28:E0:2B:C6
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 0FC06D05F9F629475D631E412ADE0929E9DD14F4
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/4723f2a2-88af-42fa-b700-a780f4cd2903.roa
Signing time: Mon 26 May 2025 15:20:49 +0000
ROA not before: Mon 26 May 2025 15:20:49 +0000
ROA not after: Mon 30 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc3:a000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0f:c0:6d:05:f9:f6:29:47:5d:63:1e:41:2a:de:09:29:e9:dd:14:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: May 26 15:20:49 2025 GMT
Not After : Jun 30 23:59:59 2025 GMT
Subject: serialNumber=d353e1a1971dbf19987bcb23ed78337a5a7b9ce942f965e9a82a4989c738b4aa, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:9b:b0:a6:95:d5:a0:75:c8:ea:de:79:07:3a:
b6:1b:fc:68:e0:5a:61:2d:dd:7b:23:29:45:dc:a8:
05:d4:60:11:d4:d9:fa:e8:1c:e8:bb:5f:76:25:9c:
33:11:aa:67:0b:35:52:e3:8b:c5:2e:0b:83:df:46:
14:5c:e4:75:2b:b9:93:eb:fb:8f:10:af:07:ea:b4:
b8:c0:b5:5e:ea:89:8f:29:88:6a:db:1c:05:0d:74:
98:3f:93:e6:b1:9a:0d:21:0f:d5:6b:f2:e9:c7:63:
db:7d:b1:fb:9e:6a:3b:b3:10:b5:3d:71:56:18:62:
0c:17:90:fd:59:b2:ea:b3:9a:87:19:8f:2a:b3:9e:
5c:b2:01:68:49:1d:e8:77:3b:d2:5e:8f:79:06:9b:
03:f7:ed:f1:49:ab:a9:ad:23:cf:42:39:1f:5b:d7:
7d:cf:31:91:7e:fb:47:69:9c:48:3e:13:4f:ac:ab:
55:58:f2:f1:8d:0b:85:0d:2a:94:b0:95:f7:da:3f:
5e:c5:38:06:cf:75:c0:80:d9:5c:bd:a7:7c:35:1e:
aa:57:ac:9a:89:51:89:e6:c1:f8:4f:fb:30:b9:f5:
f8:b8:5e:ff:8e:c0:79:57:06:e7:5b:80:a7:6c:03:
2d:9b:22:64:78:7b:00:8e:26:a8:30:5e:4b:10:7c:
db:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:FD:1B:0A:40:60:04:94:44:36:F7:43:E3:AA:A3:7E:28:E0:2B:C6
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/4723f2a2-88af-42fa-b700-a780f4cd2903.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc3:a000::/36
Signature Algorithm: sha256WithRSAEncryption
46:5d:99:d5:5c:0e:d9:b8:63:d1:73:6a:66:4a:8b:4f:ac:4b:
44:1f:9d:4d:34:3d:ee:76:68:b3:75:81:3a:01:2d:01:d0:63:
ce:45:a4:c6:65:38:71:ff:cd:61:be:f1:8c:7b:91:8e:91:a9:
c2:a6:7d:f8:0e:f1:31:e3:be:ed:1a:05:35:f2:1c:0f:ba:30:
79:b0:e0:a7:41:e1:90:a7:fc:48:dd:d9:ee:61:54:16:e7:99:
0c:4b:6e:de:0c:64:3d:f9:73:d0:cd:0f:58:71:86:ae:aa:dd:
a1:f8:c1:e8:c2:3f:b5:bd:dd:c1:74:af:ca:57:8e:91:e0:05:
9d:e5:10:d1:bb:90:f4:4c:fb:8c:35:27:ee:a7:e2:10:cd:4a:
c5:ee:1a:81:15:fb:24:b6:db:cf:24:3f:3e:35:08:9b:2e:60:
b8:fb:87:b9:7c:ec:4d:f5:27:6b:95:49:0c:67:d4:6f:4b:e8:
09:60:6b:2d:c7:df:f9:d4:84:4c:40:3c:94:64:8b:3d:87:c7:
da:ea:c5:83:f2:98:86:4c:d2:b8:da:3e:7a:cc:78:1e:34:0d:
7e:f8:fd:73:7b:82:cd:88:2d:6e:77:9d:de:93:0e:b9:cc:84:
8a:65:03:46:03:0f:fe:41:fe:c5:8f:d1:ea:66:93:83:5b:b0:
90:ca:25:b5
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUD8BtBfn2KUddYx5BKt4JKendFPQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA1MjYxNTIwNDlaFw0yNTA2MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQGQzNTNlMWExOTcxZGJmMTk5ODdiY2IyM2VkNzgzMzdhNWE3YjljZTk0MmY5
NjVlOWE4MmE0OTg5YzczOGI0YWExLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJebsKaV1aB1yOreeQc6thv8aOBaYS3deyMpRdyoBdRgEdTZ+ugc6LtfdiWc
MxGqZws1UuOLxS4Lg99GFFzkdSu5k+v7jxCvB+q0uMC1XuqJjymIatscBQ10mD+T
5rGaDSEP1Wvy6cdj232x+55qO7MQtT1xVhhiDBeQ/Vmy6rOahxmPKrOeXLIBaEkd
6Hc70l6PeQabA/ft8Umrqa0jz0I5H1vXfc8xkX77R2mcSD4TT6yrVVjy8Y0LhQ0q
lLCV99o/XsU4Bs91wIDZXL2nfDUeqlesmolRiebB+E/7MLn1+Lhe/47AeVcG51uA
p2wDLZsiZHh7AI4mqDBeSxB82zUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTN/RsK
QGAElEQ290PjqqN+KOArxjAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
NDcyM2YyYTItODhhZi00MmZhLWI3MDAtYTc4MGY0Y2QyOTAzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCABP8Og
MA0GCSqGSIb3DQEBCwUAA4IBAQBGXZnVXA7ZuGPRc2pmSotPrEtEH51NND3udmiz
dYE6AS0B0GPORaTGZThx/81hvvGMe5GOkanCpn34DvEx477tGgU18hwPujB5sOCn
QeGQp/xI3dnuYVQW55kMS27eDGQ9+XPQzQ9YcYauqt2h+MHowj+1vd3BdK/KV46R
4AWd5RDRu5D0TPuMNSfup+IQzUrF7hqBFfskttvPJD8+NQibLmC4+4e5fOxN9Sdr
lUkMZ9RvS+gJYGstx9/51IRMQDyUZIs9h8fa6sWD8piGTNK42j56zHgeNA1++P1z
e4LNiC1ud53ekw65zISKZQNGAw/+Qf7Fj9HqZpODW7CQyiW1
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:58:02 2025 by rpki-client