Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/5980baf0-35fe-4ca7-b869-04bb2e738b8d.roa
File: 5980baf0-35fe-4ca7-b869-04bb2e738b8d.roa (raw, json)
Hash identifier: 7rM6fdOhq/096CHCv0EKgxiNuFtfeGK2/EJyFng9CXY=
Subject key identifier: 77:24:90:F3:94:10:66:6B:C1:45:7F:3C:C0:50:12:A7:21:D1:E5:CC
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 5DFA826A580E6561268399FB0C40848E722FA44B
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/5980baf0-35fe-4ca7-b869-04bb2e738b8d.roa
Signing time: Mon 26 May 2025 15:11:03 +0000
ROA not before: Mon 26 May 2025 15:11:03 +0000
ROA not after: Mon 30 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc0:8c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5d:fa:82:6a:58:0e:65:61:26:83:99:fb:0c:40:84:8e:72:2f:a4:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: May 26 15:11:03 2025 GMT
Not After : Jun 30 23:59:59 2025 GMT
Subject: serialNumber=0df6b377db1d0b291f7603bc823a3cf2f40060a8906d33fac7c8858700e05020, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:e3:8d:12:61:12:05:94:a8:8d:98:24:59:ea:
a4:32:d5:4c:41:e2:0e:f8:21:b5:2b:1e:39:88:7d:
79:29:0e:9e:d3:16:82:2e:7f:83:da:b8:43:f4:89:
ac:70:89:98:b1:c8:3b:1c:70:ef:02:e9:bc:74:cf:
a0:e2:6c:55:ea:21:a8:68:3b:1f:a5:1e:4b:7a:6b:
59:4a:48:82:1f:76:aa:fc:66:03:23:59:a9:f7:33:
15:1e:2a:8d:cf:35:42:60:e7:61:94:44:a7:ce:34:
fe:0c:a3:e6:15:c5:ff:da:c2:7d:01:d0:ba:a5:c2:
99:48:ba:e4:0c:a7:bc:ee:1d:db:3f:c3:7b:7e:c2:
48:64:e0:fb:5e:1b:8c:73:f0:00:cc:c0:7c:d4:f9:
29:7e:45:8c:94:88:6d:62:db:56:cc:0c:a8:b4:ab:
ae:8d:78:be:d0:e8:03:37:67:cb:68:39:2b:00:11:
e7:ce:d4:66:44:d1:17:ad:9b:af:4f:d5:a5:fb:69:
a8:d2:d5:b1:75:de:d1:98:ad:6c:18:ff:7f:51:e1:
f3:97:2d:85:13:f9:8c:bf:fe:4a:67:79:f0:08:f0:
32:8c:61:53:9a:a4:d1:c4:6c:7d:10:c4:f2:d2:07:
8a:0a:1d:6b:da:06:51:31:9d:6b:cc:e0:42:0f:e7:
59:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:24:90:F3:94:10:66:6B:C1:45:7F:3C:C0:50:12:A7:21:D1:E5:CC
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/5980baf0-35fe-4ca7-b869-04bb2e738b8d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc0:8c0::/48
Signature Algorithm: sha256WithRSAEncryption
3f:23:55:45:d7:21:7c:08:82:6f:1c:20:5b:48:40:39:ff:a0:
33:e7:c3:4e:fb:2a:9b:24:e3:4b:06:82:a7:1e:5e:d1:ff:5f:
2e:79:13:79:0e:d8:27:3b:bb:fd:51:60:79:f0:f8:ae:16:fd:
7e:45:ed:c5:c1:69:ad:98:e9:13:61:4b:9f:99:2b:2a:a9:44:
ec:e0:6e:65:7e:c3:3e:74:1a:10:5d:90:a2:d0:68:69:88:b0:
73:ae:05:a5:fd:c6:88:0c:8b:bb:c6:fe:d0:5f:79:fb:28:a4:
0c:58:13:9e:49:da:9d:1e:99:23:fc:55:23:04:ac:a5:49:f6:
9d:3a:75:77:f2:cb:b0:40:c7:56:bc:df:de:b5:2a:10:34:6c:
fe:24:ab:d9:08:69:40:00:83:91:bd:6f:74:20:22:6f:26:d6:
3f:7d:36:59:6f:85:fa:ba:d9:fb:60:6c:99:9d:ee:78:63:52:
94:2a:2b:70:e9:d4:5c:6b:5b:d2:d2:f8:95:0b:14:e7:0e:96:
21:17:e2:d1:f8:44:5b:fa:19:4d:93:1c:83:83:b5:5d:52:1f:
90:a4:48:59:a2:ab:91:7c:94:d5:63:2f:b4:a6:ba:57:2b:17:
8c:88:6b:df:e4:8f:66:19:91:b9:29:6d:24:b1:ae:96:9d:dd:
ec:b7:18:91
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUXfqCalgOZWEmg5n7DECEjnIvpEswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA1MjYxNTExMDNaFw0yNTA2MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDBkZjZiMzc3ZGIxZDBiMjkxZjc2MDNiYzgyM2EzY2YyZjQwMDYwYTg5MDZk
MzNmYWM3Yzg4NTg3MDBlMDUwMjAxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPPjjRJhEgWUqI2YJFnqpDLVTEHiDvghtSseOYh9eSkOntMWgi5/g9q4Q/SJ
rHCJmLHIOxxw7wLpvHTPoOJsVeohqGg7H6UeS3prWUpIgh92qvxmAyNZqfczFR4q
jc81QmDnYZREp840/gyj5hXF/9rCfQHQuqXCmUi65AynvO4d2z/De37CSGTg+14b
jHPwAMzAfNT5KX5FjJSIbWLbVswMqLSrro14vtDoAzdny2g5KwAR587UZkTRF62b
r0/VpftpqNLVsXXe0ZitbBj/f1Hh85cthRP5jL/+Smd58AjwMoxhU5qk0cRsfRDE
8tIHigoda9oGUTGda8zgQg/nWXUCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBR3JJDz
lBBma8FFfzzAUBKnIdHlzDAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
NTk4MGJhZjAtMzVmZS00Y2E3LWI4NjktMDRiYjJlNzM4YjhkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACABP8AI
wDANBgkqhkiG9w0BAQsFAAOCAQEAPyNVRdchfAiCbxwgW0hAOf+gM+fDTvsqmyTj
SwaCpx5e0f9fLnkTeQ7YJzu7/VFgefD4rhb9fkXtxcFprZjpE2FLn5krKqlE7OBu
ZX7DPnQaEF2QotBoaYiwc64Fpf3GiAyLu8b+0F95+yikDFgTnknanR6ZI/xVIwSs
pUn2nTp1d/LLsEDHVrzf3rUqEDRs/iSr2QhpQACDkb1vdCAibybWP302WW+F+rrZ
+2BsmZ3ueGNSlCorcOnUXGtb0tL4lQsU5w6WIRfi0fhEW/oZTZMcg4O1XVIfkKRI
WaKrkXyU1WMvtKa6VysXjIhr3+SPZhmRuSltJLGulp3d7LcYkQ==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:43:18 2025 by rpki-client