Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/5a3e112d-c8b5-4a42-9b7a-a5c567b6db32.roa
File: 5a3e112d-c8b5-4a42-9b7a-a5c567b6db32.roa (raw, json)
Hash identifier: gAGb/gcr6fIF/1ygNkMRamxLEjO4mo/H5Ihadeig0O4=
Subject key identifier: D9:E7:7E:C8:CA:AF:27:C3:67:2B:C9:88:6E:F4:A0:92:71:69:6F:8A
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 26E1EE9A52473BF10E00664CCB4B69F5D89853E6
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/5a3e112d-c8b5-4a42-9b7a-a5c567b6db32.roa
Signing time: Mon 26 May 2025 15:20:17 +0000
ROA not before: Mon 26 May 2025 15:20:17 +0000
ROA not after: Mon 30 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc3:8800::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
26:e1:ee:9a:52:47:3b:f1:0e:00:66:4c:cb:4b:69:f5:d8:98:53:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: May 26 15:20:17 2025 GMT
Not After : Jun 30 23:59:59 2025 GMT
Subject: serialNumber=f527dffe26a3da6e825dc948d51d7f6b026b3b8bf69efa03df4de1b7f3709351, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:11:74:94:ea:74:72:02:20:dd:6c:34:56:5e:
3f:11:80:3b:11:9b:46:b6:ba:4c:0d:eb:e4:19:77:
44:fc:3c:a2:83:31:e0:2d:52:0a:26:2e:06:fc:2f:
9a:be:30:ff:a8:e0:f1:df:a4:5a:a6:a6:81:77:90:
1a:69:ab:da:4c:b1:92:91:02:62:32:8c:42:9c:d1:
3e:8b:ce:82:53:f8:f7:d4:ad:bb:4d:5a:a7:fe:a3:
a1:36:2b:27:31:71:94:59:55:b6:78:ce:c6:9e:69:
81:e5:4f:d1:85:dc:93:86:4f:5c:db:54:64:71:60:
17:33:52:63:e3:ab:b1:0f:9d:90:c8:b0:a1:ac:b1:
5d:65:05:5a:e9:d5:4c:a6:36:d3:8a:9d:7d:6a:c0:
b4:ce:4a:a3:8e:82:a2:d2:6d:cc:56:9d:b0:a7:45:
04:10:32:71:00:c9:04:c2:52:63:bb:01:8b:35:65:
4d:bd:94:4d:f1:6b:d6:83:8e:ae:5a:af:b0:5f:6f:
47:4f:84:40:74:6e:12:6c:38:55:f0:f5:37:0d:28:
2a:98:b6:e9:7d:6d:f4:39:bb:9d:a9:58:53:10:2c:
c3:66:11:c8:8f:d1:ee:5e:f2:ef:f1:8b:0c:e4:7f:
86:d2:38:58:6d:2c:a7:68:9d:af:89:61:55:4b:60:
36:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:E7:7E:C8:CA:AF:27:C3:67:2B:C9:88:6E:F4:A0:92:71:69:6F:8A
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/5a3e112d-c8b5-4a42-9b7a-a5c567b6db32.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc3:8800::/40
Signature Algorithm: sha256WithRSAEncryption
7f:bf:7f:d7:8a:80:03:f9:f5:01:0a:75:95:a6:98:70:a6:ba:
19:f1:4b:63:90:2d:7d:2a:b9:2f:ba:fe:d9:0d:a8:e6:32:3f:
e9:c5:1b:24:d7:ed:19:69:1c:e9:e5:9a:aa:0a:b5:e0:ab:67:
4d:38:04:cb:f3:d6:50:0f:81:6e:f4:52:f0:01:55:17:4d:40:
4e:82:d8:c1:64:0f:8b:c9:43:3a:64:c5:c0:75:bf:9a:9e:4b:
42:83:f2:68:9b:15:a9:ba:a9:de:92:81:2b:1e:77:51:ba:e1:
af:ae:7b:b8:cf:bd:6a:c2:63:71:b3:1b:ad:43:d8:dd:d7:9e:
4a:c2:0e:66:d9:1d:fe:5d:65:3d:a3:6e:64:05:d2:17:a6:ea:
cc:bf:85:a1:7d:75:6f:57:f7:36:16:9c:6e:6b:63:49:a9:e0:
a8:81:5f:b3:c0:0d:16:b7:26:c1:e5:3d:de:6d:7a:58:fe:3c:
ea:a6:e4:13:3b:30:ed:51:59:79:01:e4:fb:76:2e:0a:ea:a8:
95:68:e2:f5:a5:d4:8e:9f:36:dc:27:9e:07:4b:55:c1:c7:54:
f2:49:8f:f1:87:a0:b5:eb:a9:f2:3b:b7:5e:ca:a9:1d:64:e9:
e8:9c:59:06:1a:ee:16:5d:a8:b3:f5:b5:03:34:35:bc:71:6e:
d4:96:1f:93
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUJuHumlJHO/EOAGZMy0tp9diYU+YwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA1MjYxNTIwMTdaFw0yNTA2MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQGY1MjdkZmZlMjZhM2RhNmU4MjVkYzk0OGQ1MWQ3ZjZiMDI2YjNiOGJmNjll
ZmEwM2RmNGRlMWI3ZjM3MDkzNTExLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMIRdJTqdHICIN1sNFZePxGAOxGbRra6TA3r5Bl3RPw8ooMx4C1SCiYuBvwv
mr4w/6jg8d+kWqamgXeQGmmr2kyxkpECYjKMQpzRPovOglP499Stu01ap/6joTYr
JzFxlFlVtnjOxp5pgeVP0YXck4ZPXNtUZHFgFzNSY+OrsQ+dkMiwoayxXWUFWunV
TKY204qdfWrAtM5Ko46CotJtzFadsKdFBBAycQDJBMJSY7sBizVlTb2UTfFr1oOO
rlqvsF9vR0+EQHRuEmw4VfD1Nw0oKpi26X1t9Dm7nalYUxAsw2YRyI/R7l7y7/GL
DOR/htI4WG0sp2idr4lhVUtgNvkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTZ537I
yq8nw2cryYhu9KCScWlvijAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
NWEzZTExMmQtYzhiNS00YTQyLTliN2EtYTVjNTY3YjZkYjMyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACABP8OI
MA0GCSqGSIb3DQEBCwUAA4IBAQB/v3/XioAD+fUBCnWVpphwproZ8UtjkC19Krkv
uv7ZDajmMj/pxRsk1+0ZaRzp5ZqqCrXgq2dNOATL89ZQD4Fu9FLwAVUXTUBOgtjB
ZA+LyUM6ZMXAdb+anktCg/JomxWpuqnekoErHndRuuGvrnu4z71qwmNxsxutQ9jd
155Kwg5m2R3+XWU9o25kBdIXpurMv4WhfXVvV/c2Fpxua2NJqeCogV+zwA0WtybB
5T3ebXpY/jzqpuQTOzDtUVl5AeT7di4K6qiVaOL1pdSOnzbcJ54HS1XBx1TySY/x
h6C166nyO7deyqkdZOnonFkGGu4WXaiz9bUDNDW8cW7Ulh+T
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:44:35 2025 by rpki-client