Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/50f59e85-50ab-4b5a-9119-096ba93f86f2.roa
File: 50f59e85-50ab-4b5a-9119-096ba93f86f2.roa (raw, json)
Hash identifier: q2CGQcjtahqCl7qj41zeFxTGtR9Xxs8Lemkr3pvLX+0=
Subject key identifier: A0:45:51:CF:37:0A:23:BC:D4:2B:F9:75:84:2F:77:74:82:9D:B7:1F
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 082C1DAC283C7EAF4355350AF4323330FAFC02C8
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/50f59e85-50ab-4b5a-9119-096ba93f86f2.roa
Signing time: Mon 26 May 2025 15:20:55 +0000
ROA not before: Mon 26 May 2025 15:20:55 +0000
ROA not after: Mon 30 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc3:1000::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
08:2c:1d:ac:28:3c:7e:af:43:55:35:0a:f4:32:33:30:fa:fc:02:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: May 26 15:20:55 2025 GMT
Not After : Jun 30 23:59:59 2025 GMT
Subject: serialNumber=f52ce03938c600c01821f77d2084a9312ccf8e77107d6873962a56fae80a05de, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:87:b9:be:e3:96:9b:de:27:73:61:19:76:f9:
ca:ec:84:64:f1:f1:09:12:fe:13:5b:88:13:84:4d:
bb:4e:ab:da:a0:56:52:ed:b1:83:55:f1:6c:7b:e8:
7c:24:16:87:b8:ec:2a:59:e0:89:2f:b8:db:dc:06:
1b:58:a7:d1:58:47:0a:34:3c:cc:3c:25:0b:0f:8d:
8b:fb:e7:8e:1c:ae:ab:d3:ea:d0:c8:0e:dd:70:cc:
1d:04:43:bf:d5:bb:69:e7:04:bd:26:0d:bc:68:da:
13:4b:ed:d8:8d:49:e4:2c:15:60:45:02:e4:c3:2c:
e6:21:da:0e:7b:38:bc:2e:1c:4d:f1:1c:a7:68:5f:
6b:4f:16:1d:57:cc:b3:a6:bc:f6:8d:a9:fe:73:3a:
99:e6:32:d7:91:f7:3a:94:95:2d:7e:3e:d0:2c:14:
1b:fa:af:e3:77:08:23:d3:f5:d0:bc:64:e4:f4:40:
24:7a:ff:46:8a:35:5f:c3:08:d3:56:bb:7c:65:32:
16:38:0e:8f:1f:39:d3:cf:bb:8d:86:5b:01:8c:ec:
69:73:49:a9:1a:05:9f:58:ae:5a:fa:47:2e:27:b7:
b0:34:31:83:d0:8f:d6:3c:98:cd:ac:a7:8e:00:97:
e8:24:de:33:15:52:63:cb:90:c0:01:87:0a:cf:90:
f3:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:45:51:CF:37:0A:23:BC:D4:2B:F9:75:84:2F:77:74:82:9D:B7:1F
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/50f59e85-50ab-4b5a-9119-096ba93f86f2.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc3:1000::/36
Signature Algorithm: sha256WithRSAEncryption
34:4e:02:3a:8e:70:7c:fd:6a:bc:51:4e:d0:06:9a:25:84:1d:
1f:03:df:7a:51:f9:c7:e9:0e:92:34:e8:70:e5:0a:02:ad:cb:
f1:5b:c7:ee:90:17:c6:77:5b:b8:0c:b2:01:67:46:df:36:95:
ff:28:d7:0d:b9:36:b6:0d:fe:c2:1f:6c:14:7e:73:d1:59:c3:
f8:27:b6:18:df:7c:70:08:ba:d0:7e:0b:21:9c:8a:ed:1f:de:
e9:f9:97:0d:c7:3e:67:93:41:fc:78:f5:26:68:7c:03:38:46:
d6:e9:04:d5:72:9c:e8:e6:2f:7b:be:7a:a6:04:b8:c8:57:29:
7b:82:ae:be:db:f6:9f:2a:b6:ec:6c:18:c3:6f:4f:dd:ea:1d:
b4:79:bf:5f:df:19:4e:c3:57:9e:ba:7d:a3:03:8e:76:c4:a0:
57:6d:7b:af:0b:0b:ac:de:15:6e:ce:65:ab:ab:b8:ba:f2:5b:
40:0f:af:40:fd:8e:61:e1:bd:0f:39:b3:a5:f3:81:a6:3c:1b:
ec:e3:4c:ce:4a:ee:dc:62:4a:f9:8d:70:7b:83:c4:df:ba:d7:
94:29:f9:a1:45:57:d8:92:f1:cc:1f:ca:ae:10:95:de:84:35:
82:cb:30:c0:ad:7c:f3:0a:2e:f4:6e:f2:cc:65:a1:02:6b:40:
c2:87:ae:b0
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUCCwdrCg8fq9DVTUK9DIzMPr8AsgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA1MjYxNTIwNTVaFw0yNTA2MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQGY1MmNlMDM5MzhjNjAwYzAxODIxZjc3ZDIwODRhOTMxMmNjZjhlNzcxMDdk
Njg3Mzk2MmE1NmZhZTgwYTA1ZGUxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL2Hub7jlpveJ3NhGXb5yuyEZPHxCRL+E1uIE4RNu06r2qBWUu2xg1XxbHvo
fCQWh7jsKlngiS+429wGG1in0VhHCjQ8zDwlCw+Ni/vnjhyuq9Pq0MgO3XDMHQRD
v9W7aecEvSYNvGjaE0vt2I1J5CwVYEUC5MMs5iHaDns4vC4cTfEcp2hfa08WHVfM
s6a89o2p/nM6meYy15H3OpSVLX4+0CwUG/qv43cII9P10Lxk5PRAJHr/Roo1X8MI
01a7fGUyFjgOjx8508+7jYZbAYzsaXNJqRoFn1iuWvpHLie3sDQxg9CP1jyYzayn
jgCX6CTeMxVSY8uQwAGHCs+Q88sCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSgRVHP
NwojvNQr+XWEL3d0gp23HzAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
NTBmNTllODUtNTBhYi00YjVhLTkxMTktMDk2YmE5M2Y4NmYyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCABP8MQ
MA0GCSqGSIb3DQEBCwUAA4IBAQA0TgI6jnB8/Wq8UU7QBpolhB0fA996UfnH6Q6S
NOhw5QoCrcvxW8fukBfGd1u4DLIBZ0bfNpX/KNcNuTa2Df7CH2wUfnPRWcP4J7YY
33xwCLrQfgshnIrtH97p+ZcNxz5nk0H8ePUmaHwDOEbW6QTVcpzo5i97vnqmBLjI
Vyl7gq6+2/afKrbsbBjDb0/d6h20eb9f3xlOw1eeun2jA452xKBXbXuvCwus3hVu
zmWrq7i68ltAD69A/Y5h4b0PObOl84GmPBvs40zOSu7cYkr5jXB7g8TfuteUKfmh
RVfYkvHMH8quEJXehDWCyzDArXzzCi70bvLMZaECa0DCh66w
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:49:39 2025 by rpki-client