Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/542fe731-cba6-4c89-a3a4-ba48a69e246b.roa
File: 542fe731-cba6-4c89-a3a4-ba48a69e246b.roa (raw, json)
Hash identifier: ETRd+zHBRf5gmp5CoFa4kaNnOSsBCg6HtXTETH7LguY=
Subject key identifier: CA:59:14:EB:0D:D3:AC:7E:3B:06:55:6A:2D:11:F3:C9:1E:F2:E2:8A
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 552AA0C5CBF2718A10E1A8B1DD8728489A7F03C5
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/542fe731-cba6-4c89-a3a4-ba48a69e246b.roa
Signing time: Mon 26 May 2025 15:10:30 +0000
ROA not before: Mon 26 May 2025 15:10:30 +0000
ROA not after: Mon 30 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc5:8800::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
55:2a:a0:c5:cb:f2:71:8a:10:e1:a8:b1:dd:87:28:48:9a:7f:03:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: May 26 15:10:30 2025 GMT
Not After : Jun 30 23:59:59 2025 GMT
Subject: serialNumber=4b08222eb3fe425ac3264cf01e4259b0a89a2af1bcab78502b0195b6d026692a, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:a4:d1:57:b6:80:b0:db:1d:03:2b:4c:13:d0:
9f:56:f0:21:15:e8:c1:e9:6e:c3:22:24:1c:2b:3c:
f6:88:62:82:8d:4b:ce:0a:e1:cd:d3:af:a7:5d:74:
5e:9c:28:b0:76:16:98:6e:ef:7d:12:49:43:08:01:
3d:22:9c:08:01:fd:bc:f8:6c:df:8e:4e:53:d9:60:
c2:a4:98:d9:15:28:05:a9:40:7b:2f:90:b2:10:25:
8f:2f:2f:17:f2:95:cb:11:90:97:62:35:ee:02:3a:
64:c5:1f:d4:37:f1:b6:a7:61:57:e2:df:e5:1a:3a:
a0:14:62:69:b5:81:f5:52:25:fa:c3:a4:f6:b9:19:
ec:c4:02:35:82:17:90:0f:e1:de:0f:c3:2a:3b:8e:
32:37:fd:d1:e9:ba:ef:77:a2:87:bd:f5:19:87:96:
2e:89:ea:05:12:c4:26:9f:69:39:68:36:a8:e2:db:
f7:e9:1e:cb:54:0d:4a:21:78:13:92:ad:6d:7f:4a:
73:b2:32:5e:de:98:0f:75:49:bc:45:47:40:39:46:
e3:be:18:c3:df:1e:41:2b:4e:fb:22:2a:ad:2c:78:
bf:1d:55:39:7e:13:9d:41:84:dd:6a:55:8f:3f:c6:
90:3b:c4:44:db:1e:0d:5d:a0:5b:71:82:f0:76:cd:
ee:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:59:14:EB:0D:D3:AC:7E:3B:06:55:6A:2D:11:F3:C9:1E:F2:E2:8A
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/542fe731-cba6-4c89-a3a4-ba48a69e246b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc5:8800::/40
Signature Algorithm: sha256WithRSAEncryption
2e:90:a3:4d:04:9c:e8:5c:ca:33:6c:ca:3f:43:ba:09:bd:20:
b3:c3:4f:e5:f1:ce:a9:0a:85:19:fe:25:8f:b9:47:e2:a1:d0:
6e:ff:9c:a2:0f:8f:e5:a9:08:6b:98:76:88:c6:f9:c3:0e:e6:
7a:a9:1a:36:09:67:8d:af:0b:0d:b6:fc:7b:f5:be:23:92:fe:
37:72:7e:02:16:44:c6:9a:7c:56:f9:9c:1d:f6:85:ab:f4:77:
f5:32:58:97:84:0a:59:39:aa:2d:95:69:f8:f6:fd:74:7e:8e:
e9:ff:2e:86:d9:79:12:fd:4f:ad:1c:00:37:37:d3:a8:2a:33:
6e:1b:7d:d1:e4:2e:06:c9:4a:87:ae:8d:67:98:42:2e:7e:e6:
9e:e6:e4:e9:aa:eb:9c:8f:a0:d6:49:20:33:ee:9a:bc:6b:fc:
ea:77:df:2e:a5:97:ff:0e:2f:31:52:6a:6d:68:9a:f9:1b:b1:
78:d0:4a:7d:ec:c9:ce:9b:ef:e2:18:6d:bd:2f:ca:f4:09:cc:
32:cc:43:78:49:40:f0:7c:60:6c:38:59:15:91:ff:1b:70:89:
4d:4c:0e:ef:b4:e2:27:3e:b6:12:e8:fb:7a:59:59:19:52:ef:
c6:8c:8c:32:65:91:52:94:2c:73:d8:da:ca:ee:6a:6f:3f:7b:
19:69:7e:9b
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUVSqgxcvycYoQ4aix3YcoSJp/A8UwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA1MjYxNTEwMzBaFw0yNTA2MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDRiMDgyMjJlYjNmZTQyNWFjMzI2NGNmMDFlNDI1OWIwYTg5YTJhZjFiY2Fi
Nzg1MDJiMDE5NWI2ZDAyNjY5MmExLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANCk0Ve2gLDbHQMrTBPQn1bwIRXoweluwyIkHCs89ohigo1LzgrhzdOvp110
XpwosHYWmG7vfRJJQwgBPSKcCAH9vPhs345OU9lgwqSY2RUoBalAey+QshAljy8v
F/KVyxGQl2I17gI6ZMUf1DfxtqdhV+Lf5Ro6oBRiabWB9VIl+sOk9rkZ7MQCNYIX
kA/h3g/DKjuOMjf90em673eih731GYeWLonqBRLEJp9pOWg2qOLb9+key1QNSiF4
E5KtbX9Kc7IyXt6YD3VJvEVHQDlG474Yw98eQStO+yIqrSx4vx1VOX4TnUGE3WpV
jz/GkDvERNseDV2gW3GC8HbN7skCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTKWRTr
DdOsfjsGVWotEfPJHvLiijAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
NTQyZmU3MzEtY2JhNi00Yzg5LWEzYTQtYmE0OGE2OWUyNDZiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACABP8WI
MA0GCSqGSIb3DQEBCwUAA4IBAQAukKNNBJzoXMozbMo/Q7oJvSCzw0/l8c6pCoUZ
/iWPuUfiodBu/5yiD4/lqQhrmHaIxvnDDuZ6qRo2CWeNrwsNtvx79b4jkv43cn4C
FkTGmnxW+Zwd9oWr9Hf1MliXhApZOaotlWn49v10fo7p/y6G2XkS/U+tHAA3N9Oo
KjNuG33R5C4GyUqHro1nmEIufuae5uTpquucj6DWSSAz7pq8a/zqd98upZf/Di8x
UmptaJr5G7F40Ep97MnOm+/iGG29L8r0CcwyzEN4SUDwfGBsOFkVkf8bcIlNTA7v
tOInPrYS6Pt6WVkZUu/GjIwyZZFSlCxz2NrK7mpvP3sZaX6b
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:54:57 2025 by rpki-client