Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/8208c1b9-c235-4019-8ac2-a56c3cd1c2b0.roa
File: 8208c1b9-c235-4019-8ac2-a56c3cd1c2b0.roa (raw, json)
Hash identifier: XzIZr8Q8CLuudR3gNMULz/KLBM8dspy9kp49lSwlJiU=
Subject key identifier: CB:BA:C9:90:3F:9D:BA:1B:D7:69:9B:BA:43:EF:95:94:63:11:37:A0
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 5FA84C28806019A4810BDBF6825C6B1D2B645099
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/8208c1b9-c235-4019-8ac2-a56c3cd1c2b0.roa
Signing time: Mon 26 May 2025 15:11:04 +0000
ROA not before: Mon 26 May 2025 15:11:04 +0000
ROA not after: Mon 30 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc7:2840::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5f:a8:4c:28:80:60:19:a4:81:0b:db:f6:82:5c:6b:1d:2b:64:50:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: May 26 15:11:04 2025 GMT
Not After : Jun 30 23:59:59 2025 GMT
Subject: serialNumber=7aefcdba5d4b20af6e7ed2f427b025ce83519ba3213dac2002341a5c9078cb40, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:95:79:2a:65:35:1e:69:ce:90:d5:4f:2d:74:
b9:09:61:35:ea:6c:e4:25:37:bb:6a:61:d9:30:7e:
90:44:49:d4:02:39:dc:f0:92:3d:bf:b5:67:22:47:
90:b1:2c:9c:96:27:58:0f:81:df:1b:c7:9a:6d:94:
26:30:5d:d8:c7:b0:c3:87:94:0f:97:e9:99:cf:ee:
84:28:ae:aa:2f:bc:37:f4:43:66:18:b2:cd:8b:b4:
3a:2f:8f:67:7d:07:a3:0b:3e:74:2f:aa:67:43:a8:
4f:27:96:a7:b3:ca:a8:ec:d1:33:72:9d:26:87:33:
e4:41:17:67:ac:74:48:ca:7c:b1:62:df:40:4f:da:
19:a1:db:92:0d:41:65:1a:e1:6d:66:f7:cf:36:ca:
29:62:54:9b:7d:9a:e0:e8:ac:ce:ac:57:3b:a8:84:
36:be:dd:7b:cd:1a:69:09:e2:62:36:1c:5a:c2:94:
e1:99:a1:ca:10:c8:e2:f1:20:a3:85:9a:2e:a8:3b:
82:27:f8:b0:f7:44:4c:d2:4a:59:9f:a1:d5:91:9c:
c7:45:f1:52:a9:c2:6f:45:fb:55:70:41:47:a5:0f:
27:44:c2:e7:a2:ad:20:e4:86:90:02:e9:82:1a:5e:
65:c3:53:49:bd:e7:10:b9:b0:2e:a2:7f:8b:c8:0a:
75:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:BA:C9:90:3F:9D:BA:1B:D7:69:9B:BA:43:EF:95:94:63:11:37:A0
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/8208c1b9-c235-4019-8ac2-a56c3cd1c2b0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc7:2840::/48
Signature Algorithm: sha256WithRSAEncryption
90:03:28:fa:18:20:e2:c9:99:b7:91:4a:37:34:36:ec:f0:6d:
f7:01:d8:fc:f1:0e:56:b0:51:11:4b:34:d7:58:95:a6:1e:6c:
fe:0d:af:0e:17:6e:e7:3a:1a:e1:5c:9e:67:b1:5a:e7:51:cb:
69:6b:16:71:bc:0d:2c:04:12:d5:2f:de:bf:83:85:6a:77:d6:
92:58:24:2f:d4:1c:27:7c:c7:a1:1e:3f:e0:87:76:8b:65:29:
a0:53:52:ef:00:f4:c2:76:0a:7c:56:9a:8d:ba:5d:9e:0a:78:
55:9a:67:86:8e:7a:e6:98:a5:59:f2:82:d5:4d:d3:76:57:bf:
97:02:d0:ca:97:ea:ab:f2:50:0e:68:a3:17:11:3f:55:e5:20:
cd:66:c0:6d:49:44:da:69:68:0f:6d:e5:05:f9:e3:db:71:80:
5d:82:a8:f1:27:6a:d5:9f:db:7c:77:87:b0:d0:64:16:72:7a:
99:8b:3c:d6:2c:f7:a4:c0:95:b2:3a:1a:ad:32:5e:58:1a:2c:
6d:92:fa:e6:d6:59:cd:e6:19:52:29:75:09:16:3e:bb:6d:32:
71:f8:63:a3:6f:2f:1b:90:f6:ea:9f:e6:e8:c7:1f:6b:72:76:
c9:71:62:48:ee:7c:42:12:e5:bd:5b:6e:8c:66:fc:ab:03:ca:
bc:5a:8b:9e
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUX6hMKIBgGaSBC9v2glxrHStkUJkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA1MjYxNTExMDRaFw0yNTA2MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDdhZWZjZGJhNWQ0YjIwYWY2ZTdlZDJmNDI3YjAyNWNlODM1MTliYTMyMTNk
YWMyMDAyMzQxYTVjOTA3OGNiNDAxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL6VeSplNR5pzpDVTy10uQlhNeps5CU3u2ph2TB+kERJ1AI53PCSPb+1ZyJH
kLEsnJYnWA+B3xvHmm2UJjBd2Meww4eUD5fpmc/uhCiuqi+8N/RDZhiyzYu0Oi+P
Z30Hows+dC+qZ0OoTyeWp7PKqOzRM3KdJocz5EEXZ6x0SMp8sWLfQE/aGaHbkg1B
ZRrhbWb3zzbKKWJUm32a4OiszqxXO6iENr7de80aaQniYjYcWsKU4ZmhyhDI4vEg
o4WaLqg7gif4sPdETNJKWZ+h1ZGcx0XxUqnCb0X7VXBBR6UPJ0TC56KtIOSGkALp
ghpeZcNTSb3nELmwLqJ/i8gKdUcCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTLusmQ
P526G9dpm7pD75WUYxE3oDAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
ODIwOGMxYjktYzIzNS00MDE5LThhYzItYTU2YzNjZDFjMmIwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACABP8co
QDANBgkqhkiG9w0BAQsFAAOCAQEAkAMo+hgg4smZt5FKNzQ27PBt9wHY/PEOVrBR
EUs011iVph5s/g2vDhdu5zoa4VyeZ7Fa51HLaWsWcbwNLAQS1S/ev4OFanfWklgk
L9QcJ3zHoR4/4Id2i2UpoFNS7wD0wnYKfFaajbpdngp4VZpnho565pilWfKC1U3T
dle/lwLQypfqq/JQDmijFxE/VeUgzWbAbUlE2mloD23lBfnj23GAXYKo8Sdq1Z/b
fHeHsNBkFnJ6mYs81iz3pMCVsjoarTJeWBosbZL65tZZzeYZUil1CRY+u20ycfhj
o28vG5D26p/m6Mcfa3J2yXFiSO58QhLlvVtujGb8qwPKvFqLng==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:49:34 2025 by rpki-client