Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/78ea1ce2-8d09-441d-ad92-848a5871e58b.roa
File: 78ea1ce2-8d09-441d-ad92-848a5871e58b.roa (raw, json)
Hash identifier: 2PMnlUuBF/AKnQe+jYRzyZAvU2x/hixvDfjChZg6v/g=
Subject key identifier: DD:DB:38:22:D9:5C:B8:CA:E9:88:E3:6C:D1:41:76:A3:EA:98:1B:4A
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 7DD8240D761F489052C7B781ACE96CCAACCAE681
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/78ea1ce2-8d09-441d-ad92-848a5871e58b.roa
Signing time: Mon 26 May 2025 15:21:25 +0000
ROA not before: Mon 26 May 2025 15:21:25 +0000
ROA not after: Mon 30 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc3::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7d:d8:24:0d:76:1f:48:90:52:c7:b7:81:ac:e9:6c:ca:ac:ca:e6:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: May 26 15:21:25 2025 GMT
Not After : Jun 30 23:59:59 2025 GMT
Subject: serialNumber=20bf337cf9182c4842db81fe1803ba598880bb2d0d5baca2dbf091904ddf6e65, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:35:14:48:72:e1:06:eb:17:32:7c:f5:be:3b:
05:37:4c:c5:8f:a8:23:29:ab:46:ed:4c:26:30:38:
62:44:bf:41:25:cf:13:04:92:9d:1a:f7:dd:3c:e1:
ea:ff:ab:b4:83:cf:72:27:35:94:6b:5a:48:c7:c4:
c1:c6:32:5b:33:59:b2:c5:e3:29:9a:2c:05:7d:84:
5c:2d:56:81:3d:06:da:ed:33:c9:d5:11:e7:4b:3d:
59:5c:e3:4c:a8:e5:16:1d:fa:4e:ae:92:57:72:da:
f2:d0:62:bb:81:3a:cc:72:6d:87:72:32:70:d6:7a:
a6:28:fd:99:99:62:fa:98:27:ef:31:dd:54:ef:a2:
13:65:22:01:83:2d:8b:6a:86:f8:68:ba:73:2e:7e:
07:a3:84:98:25:09:d7:d9:59:0c:cf:7e:61:a1:25:
69:04:75:84:ae:56:b4:ec:66:52:8a:2e:90:3b:55:
d5:1c:b8:5f:47:ff:b0:e8:1e:43:d4:04:ad:a6:c5:
15:27:73:d0:f9:7e:32:80:a0:9a:e8:12:73:09:b5:
be:2c:a9:62:30:a9:1b:83:1d:05:82:b9:d3:e2:ef:
b4:9a:54:61:99:e2:f8:ab:94:80:f5:bd:31:ac:9a:
b3:30:15:27:cd:a7:ae:83:a0:bb:30:3a:62:e2:1c:
84:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:DB:38:22:D9:5C:B8:CA:E9:88:E3:6C:D1:41:76:A3:EA:98:1B:4A
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/78ea1ce2-8d09-441d-ad92-848a5871e58b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc3::/36
Signature Algorithm: sha256WithRSAEncryption
8e:05:31:01:d6:6c:22:5e:4c:5e:cf:fa:7b:0e:aa:5c:f8:e0:
e8:74:52:2f:ed:e2:f3:f0:2b:92:f3:54:21:f1:00:d8:b8:67:
51:d3:7f:33:c9:94:37:bb:39:fe:f2:1a:b5:55:1c:02:da:11:
66:81:24:67:30:05:99:36:f4:9d:f1:25:1d:10:12:4b:2c:92:
d0:28:8a:0f:a9:c1:68:31:6e:75:90:53:01:69:57:29:fb:65:
6d:16:f2:ca:85:5f:20:66:4c:4a:44:6d:bc:eb:14:b3:3f:cf:
da:3b:61:67:22:42:59:85:75:82:20:34:b0:e8:75:aa:be:c7:
6a:90:0f:6a:32:a6:b9:49:db:4e:7a:93:1a:8a:af:92:e2:b9:
11:23:6a:41:e6:44:4c:6c:43:46:a8:14:ba:75:24:fc:e9:ec:
7e:85:4c:72:70:2d:56:d1:24:e9:d6:c8:d7:3e:79:35:6e:d4:
34:d7:3e:82:64:b6:99:b8:78:fb:16:0b:26:8b:39:47:4e:73:
ab:8c:ab:0f:70:66:32:44:35:c5:64:d0:36:7b:17:b3:54:f1:
08:dd:18:46:b0:89:af:a0:3c:61:93:ef:85:7a:c1:59:35:4b:
c5:d1:40:68:a9:d9:38:a8:0b:ca:c5:73:50:1e:dc:fe:97:50:
d4:59:de:b8
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUfdgkDXYfSJBSx7eBrOlsyqzK5oEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA1MjYxNTIxMjVaFw0yNTA2MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDIwYmYzMzdjZjkxODJjNDg0MmRiODFmZTE4MDNiYTU5ODg4MGJiMmQwZDVi
YWNhMmRiZjA5MTkwNGRkZjZlNjUxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK41FEhy4QbrFzJ89b47BTdMxY+oIymrRu1MJjA4YkS/QSXPEwSSnRr33Tzh
6v+rtIPPcic1lGtaSMfEwcYyWzNZssXjKZosBX2EXC1WgT0G2u0zydUR50s9WVzj
TKjlFh36Tq6SV3La8tBiu4E6zHJth3IycNZ6pij9mZli+pgn7zHdVO+iE2UiAYMt
i2qG+Gi6cy5+B6OEmCUJ19lZDM9+YaElaQR1hK5WtOxmUooukDtV1Ry4X0f/sOge
Q9QErabFFSdz0Pl+MoCgmugScwm1viypYjCpG4MdBYK50+LvtJpUYZni+KuUgPW9
MayaszAVJ82nroOguzA6YuIchOsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTd2zgi
2Vy4yumI42zRQXaj6pgbSjAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
NzhlYTFjZTItOGQwOS00NDFkLWFkOTItODQ4YTU4NzFlNThiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCABP8MA
MA0GCSqGSIb3DQEBCwUAA4IBAQCOBTEB1mwiXkxez/p7Dqpc+ODodFIv7eLz8CuS
81Qh8QDYuGdR038zyZQ3uzn+8hq1VRwC2hFmgSRnMAWZNvSd8SUdEBJLLJLQKIoP
qcFoMW51kFMBaVcp+2VtFvLKhV8gZkxKRG286xSzP8/aO2FnIkJZhXWCIDSw6HWq
vsdqkA9qMqa5SdtOepMaiq+S4rkRI2pB5kRMbENGqBS6dST86ex+hUxycC1W0STp
1sjXPnk1btQ01z6CZLaZuHj7FgsmizlHTnOrjKsPcGYyRDXFZNA2exezVPEI3RhG
sImvoDxhk++FesFZNUvF0UBoqdk4qAvKxXNQHtz+l1DUWd64
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:52:49 2025 by rpki-client