Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/5f56f4ae-d187-4a43-b0c2-afd02c09dd64.roa
File: 5f56f4ae-d187-4a43-b0c2-afd02c09dd64.roa (raw, json)
Hash identifier: HZX/WDRb8l3tzV6vXveqJgoUmVD18nJ5Eq5o3lNfrwk=
Subject key identifier: AD:92:27:8E:E0:23:C7:C7:26:E2:97:13:BE:E7:C9:11:61:B5:1D:53
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 76CEE8D25172AABD614D150B80776C4ABADF08FE
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/5f56f4ae-d187-4a43-b0c2-afd02c09dd64.roa
Signing time: Mon 21 Apr 2025 18:40:05 +0000
ROA not before: Mon 21 Apr 2025 18:40:05 +0000
ROA not after: Mon 26 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc6:100::/44 maxlen: 44
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
76:ce:e8:d2:51:72:aa:bd:61:4d:15:0b:80:77:6c:4a:ba:df:08:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Apr 21 18:40:05 2025 GMT
Not After : May 26 23:59:59 2025 GMT
Subject: serialNumber=c1e4967da34a582876c69406a95b8f025853588e10ec111305fbe69d85d6a5c2, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:74:01:26:ad:d2:89:74:9a:26:e2:be:71:c1:
e6:0b:4c:d4:6d:aa:29:e6:93:7e:99:fd:3e:fc:e5:
85:0b:21:fd:d4:d3:97:64:ac:b9:20:bc:62:a1:3b:
db:da:ca:8e:ce:45:a8:ef:0e:72:a1:3d:a4:70:33:
2e:46:39:d0:aa:0f:41:31:cc:f8:78:27:96:72:d7:
ff:21:29:82:27:8f:00:35:cc:a4:57:1a:d6:72:2d:
02:46:98:10:25:f5:a5:eb:b4:fc:10:69:4b:30:03:
94:31:87:84:2e:91:ae:db:43:fd:e2:59:45:28:2e:
e1:44:a4:a7:79:53:c9:a4:76:44:40:b5:87:d8:13:
29:a5:77:76:50:8d:df:cb:f7:e9:11:7e:17:05:e7:
1e:bf:af:63:56:d3:04:93:a5:4f:6b:78:79:f0:94:
b8:1c:eb:05:e3:86:d6:49:9c:3f:3c:0f:81:73:a0:
fa:1f:76:82:03:03:d1:6e:a8:95:01:c8:a6:d8:0b:
07:99:85:19:41:05:9b:40:fc:b9:0b:a5:58:ae:a9:
0d:49:8a:dd:96:45:38:af:05:21:e2:e4:94:7d:11:
6d:e8:56:f3:ba:97:2a:e8:dd:d4:52:54:c3:5b:6b:
50:53:a2:c6:ae:c3:8a:5f:f8:87:ec:fb:54:de:2f:
6d:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:92:27:8E:E0:23:C7:C7:26:E2:97:13:BE:E7:C9:11:61:B5:1D:53
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/5f56f4ae-d187-4a43-b0c2-afd02c09dd64.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc6:100::/44
Signature Algorithm: sha256WithRSAEncryption
31:3e:0b:e1:ac:29:e3:7a:5f:12:2b:8d:84:0f:29:65:dc:07:
a5:3e:18:f6:bc:79:9c:42:af:4c:eb:bd:61:db:80:2b:3f:b1:
4d:b2:98:e5:10:a4:32:c3:18:26:2e:db:b6:73:30:40:3c:77:
76:ba:46:20:54:64:c1:da:b6:f8:f7:8e:29:78:d4:c4:9e:ba:
62:36:4a:96:6f:dd:2b:d1:c9:2a:e6:bc:db:72:9c:02:3e:78:
83:b8:68:16:14:6b:36:4b:fe:59:d6:1a:a2:60:60:42:65:ef:
2d:25:5f:c4:10:25:a0:ea:e5:9c:ce:05:af:8c:83:71:f4:f1:
85:2f:b9:90:22:bf:cc:58:8c:4a:fb:07:45:fd:bc:29:65:57:
9a:11:20:24:ad:f2:63:b9:47:d4:67:1a:0f:3b:89:0a:1f:22:
86:8c:84:46:6a:14:56:ec:6f:21:16:c0:3d:80:9d:58:94:09:
28:4c:c8:21:49:4e:fb:a5:8c:ec:b3:6d:ac:37:a7:ce:c3:39:
5d:36:5a:ee:36:22:73:b3:38:ad:e2:f1:3f:9a:cc:41:f8:8b:
81:9b:8c:a7:18:df:80:d6:00:04:99:b1:92:9d:80:08:10:78:
79:d2:53:6d:93:67:fd:f5:bd:ed:af:6e:29:b8:f1:76:de:16:
57:f7:47:89
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUds7o0lFyqr1hTRULgHdsSrrfCP4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA0MjExODQwMDVaFw0yNTA1MjYyMzU5NTlaMHoxSTBHBgNV
BAUTQGMxZTQ5NjdkYTM0YTU4Mjg3NmM2OTQwNmE5NWI4ZjAyNTg1MzU4OGUxMGVj
MTExMzA1ZmJlNjlkODVkNmE1YzIxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPN0ASat0ol0mibivnHB5gtM1G2qKeaTfpn9PvzlhQsh/dTTl2SsuSC8YqE7
29rKjs5FqO8OcqE9pHAzLkY50KoPQTHM+HgnlnLX/yEpgiePADXMpFca1nItAkaY
ECX1peu0/BBpSzADlDGHhC6RrttD/eJZRSgu4USkp3lTyaR2REC1h9gTKaV3dlCN
38v36RF+FwXnHr+vY1bTBJOlT2t4efCUuBzrBeOG1kmcPzwPgXOg+h92ggMD0W6o
lQHIptgLB5mFGUEFm0D8uQulWK6pDUmK3ZZFOK8FIeLklH0RbehW87qXKujd1FJU
w1trUFOixq7Dil/4h+z7VN4vbfECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBStkieO
4CPHxybilxO+58kRYbUdUzAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
NWY1NmY0YWUtZDE4Ny00YTQzLWIwYzItYWZkMDJjMDlkZDY0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHBCABP8YB
ADANBgkqhkiG9w0BAQsFAAOCAQEAMT4L4awp43pfEiuNhA8pZdwHpT4Y9rx5nEKv
TOu9YduAKz+xTbKY5RCkMsMYJi7btnMwQDx3drpGIFRkwdq2+PeOKXjUxJ66YjZK
lm/dK9HJKua823KcAj54g7hoFhRrNkv+WdYaomBgQmXvLSVfxBAloOrlnM4Fr4yD
cfTxhS+5kCK/zFiMSvsHRf28KWVXmhEgJK3yY7lH1GcaDzuJCh8ihoyERmoUVuxv
IRbAPYCdWJQJKEzIIUlO+6WM7LNtrDenzsM5XTZa7jYic7M4reLxP5rMQfiLgZuM
pxjfgNYABJmxkp2ACBB4edJTbZNn/fW97a9uKbjxdt4WV/dHiQ==
-----END CERTIFICATE-----
Generated at Sat Apr 26 12:49:01 2025 by rpki-client