Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/874d8aa0-85dd-4eab-a13b-64fd443394da.roa
File: 874d8aa0-85dd-4eab-a13b-64fd443394da.roa (raw, json)
Hash identifier: PSYEH6rysd7RBLoYrpzm0eBOdOI40P8Y3l9cgVfH3ss=
Subject key identifier: 4A:27:14:C4:0C:10:70:3E:D4:B2:E0:B1:37:9A:AD:83:B9:6E:C1:3B
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 1C8856FB231F77AA8595946503A969A72664DE12
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/874d8aa0-85dd-4eab-a13b-64fd443394da.roa
Signing time: Mon 26 May 2025 15:10:19 +0000
ROA not before: Mon 26 May 2025 15:10:19 +0000
ROA not after: Mon 30 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc3:5800::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1c:88:56:fb:23:1f:77:aa:85:95:94:65:03:a9:69:a7:26:64:de:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: May 26 15:10:19 2025 GMT
Not After : Jun 30 23:59:59 2025 GMT
Subject: serialNumber=620a1f457f9b2b2d74135c0d4ba618eeafcf3811a3824651bfee1834ab4de532, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:c4:0b:74:c7:3a:62:a2:6e:2c:6a:8e:51:e3:
fe:43:9d:9f:ee:a3:f2:02:63:81:79:ac:ff:01:d3:
f9:9b:f7:6f:0c:7c:5b:0d:36:3e:ef:b1:05:61:c2:
f3:77:02:2a:b2:46:6c:32:22:99:13:5e:e9:d1:4b:
f9:d6:42:56:1b:f1:f4:91:3d:2d:74:17:2e:ba:f2:
20:26:61:c6:0a:da:21:6e:27:92:be:37:33:fc:ab:
2b:53:ce:d4:10:82:d8:1e:2f:53:ac:42:1e:c4:10:
4f:69:e2:65:4d:65:80:f7:86:e4:ca:11:65:b1:02:
18:21:53:41:db:91:5f:03:d9:45:3d:a8:6e:cd:93:
2f:54:cb:62:8b:f3:ca:05:be:bb:71:87:97:d4:6f:
3e:69:36:60:9d:1c:4f:61:d0:f4:3a:35:b7:41:ef:
fd:70:7a:17:d6:2a:3c:05:b2:41:d0:9f:2a:84:6c:
27:ab:84:82:b9:27:40:b5:cc:25:26:b6:21:ff:d5:
be:2f:c3:00:6e:4f:4e:f9:66:9b:3e:cd:78:78:1a:
be:a7:c5:3f:04:dd:bd:7f:3b:10:72:18:08:f8:0d:
08:c0:ba:c4:50:85:3e:c2:c2:3d:62:48:fc:e3:26:
58:91:2a:45:2c:dd:44:c8:93:96:0d:bf:f8:f5:39:
25:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:27:14:C4:0C:10:70:3E:D4:B2:E0:B1:37:9A:AD:83:B9:6E:C1:3B
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/874d8aa0-85dd-4eab-a13b-64fd443394da.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc3:5800::/40
Signature Algorithm: sha256WithRSAEncryption
72:c9:27:16:58:a6:93:a1:6b:b8:76:52:22:ee:d5:46:4e:47:
7e:f0:37:86:2d:38:7b:34:d5:26:69:48:51:01:96:55:ea:21:
ec:78:cd:51:5d:c0:28:2e:c5:3e:fd:90:e2:16:56:d6:45:4b:
80:74:8f:97:c0:da:96:8b:70:12:c8:5d:46:29:88:24:83:74:
a2:5a:85:bf:52:e5:6f:8b:7e:75:08:8a:90:c0:0c:52:e0:6a:
11:bc:2c:ab:e8:c2:eb:d3:8e:0c:7f:ac:fb:a0:33:9a:b5:24:
4c:9a:d6:40:7c:3e:01:61:0d:51:29:14:c8:7e:b5:21:a9:16:
c6:71:b2:72:c5:1d:0e:1a:e4:30:fc:d7:24:b6:ad:28:9d:64:
5d:39:72:5a:17:9e:fe:0e:f1:13:fb:d2:6a:93:e9:ef:d4:35:
5c:dc:45:e9:6d:6c:5e:b5:3c:e2:40:57:41:3e:76:b4:e6:2b:
81:d0:9a:cf:ae:3c:bc:3b:fa:0f:e3:57:a7:36:ce:b8:38:aa:
a8:33:32:bc:42:f7:b1:aa:2c:f7:1f:32:f6:07:3a:03:87:f7:
34:9e:89:ac:04:10:bd:48:95:8b:4c:bb:53:79:82:44:b2:b9:
12:25:d9:fa:f1:fa:e0:1d:a9:bc:9e:c7:83:ce:e8:5c:11:f0:
44:58:d8:47
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUHIhW+yMfd6qFlZRlA6lppyZk3hIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA1MjYxNTEwMTlaFw0yNTA2MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDYyMGExZjQ1N2Y5YjJiMmQ3NDEzNWMwZDRiYTYxOGVlYWZjZjM4MTFhMzgy
NDY1MWJmZWUxODM0YWI0ZGU1MzIxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALzEC3THOmKibixqjlHj/kOdn+6j8gJjgXms/wHT+Zv3bwx8Ww02Pu+xBWHC
83cCKrJGbDIimRNe6dFL+dZCVhvx9JE9LXQXLrryICZhxgraIW4nkr43M/yrK1PO
1BCC2B4vU6xCHsQQT2niZU1lgPeG5MoRZbECGCFTQduRXwPZRT2obs2TL1TLYovz
ygW+u3GHl9RvPmk2YJ0cT2HQ9Do1t0Hv/XB6F9YqPAWyQdCfKoRsJ6uEgrknQLXM
JSa2If/Vvi/DAG5PTvlmmz7NeHgavqfFPwTdvX87EHIYCPgNCMC6xFCFPsLCPWJI
/OMmWJEqRSzdRMiTlg2/+PU5JYMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRKJxTE
DBBwPtSy4LE3mq2DuW7BOzAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
ODc0ZDhhYTAtODVkZC00ZWFiLWExM2ItNjRmZDQ0MzM5NGRhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACABP8NY
MA0GCSqGSIb3DQEBCwUAA4IBAQByyScWWKaToWu4dlIi7tVGTkd+8DeGLTh7NNUm
aUhRAZZV6iHseM1RXcAoLsU+/ZDiFlbWRUuAdI+XwNqWi3ASyF1GKYgkg3SiWoW/
UuVvi351CIqQwAxS4GoRvCyr6MLr044Mf6z7oDOatSRMmtZAfD4BYQ1RKRTIfrUh
qRbGcbJyxR0OGuQw/Ncktq0onWRdOXJaF57+DvET+9Jqk+nv1DVc3EXpbWxetTzi
QFdBPna05iuB0JrPrjy8O/oP41enNs64OKqoMzK8Qvexqiz3HzL2BzoDh/c0noms
BBC9SJWLTLtTeYJEsrkSJdn68frgHam8nseDzuhcEfBEWNhH
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:55:59 2025 by rpki-client