Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/a027acd6-b75f-42ce-9bfb-ac426d92b141.roa
File: a027acd6-b75f-42ce-9bfb-ac426d92b141.roa (raw, json)
Hash identifier: H7i/vuw2vfTwkwtT63FXZOQvh+62glVpOdIwzXvrt/4=
Subject key identifier: 34:73:D7:D1:CE:79:8D:BE:CF:54:58:FB:C2:FA:22:40:0C:B1:B5:D0
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 2F173982942FDE10A6FC64393CE1EF453115B98F
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/a027acd6-b75f-42ce-9bfb-ac426d92b141.roa
Signing time: Mon 26 May 2025 15:20:50 +0000
ROA not before: Mon 26 May 2025 15:20:50 +0000
ROA not after: Mon 30 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc3:4000::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2f:17:39:82:94:2f:de:10:a6:fc:64:39:3c:e1:ef:45:31:15:b9:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: May 26 15:20:50 2025 GMT
Not After : Jun 30 23:59:59 2025 GMT
Subject: serialNumber=6d8848c54ad97d904a7b06853ebc91806158a577a95e0b2ef0761908a00fea22, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:74:f0:4d:1c:d1:61:61:b4:ac:bb:da:7b:9c:
aa:40:53:f6:7a:95:73:0d:13:78:c7:3a:99:a2:12:
05:7a:1c:c8:4b:0e:33:66:33:e7:5d:29:0b:8a:a9:
94:79:f4:dc:f7:4c:29:79:a3:f6:7a:7b:ca:f9:16:
45:34:ec:75:7b:7d:4e:00:72:f9:9f:87:73:a0:80:
41:e5:28:42:f7:00:43:fa:a3:3a:cd:57:f1:02:ec:
37:d5:f4:52:70:42:b8:b3:9e:0d:ce:8b:33:62:0c:
ed:15:cb:71:44:c0:33:e6:dc:4b:4c:c7:e3:bb:0e:
80:ee:dd:b8:56:06:77:df:bc:ad:45:0c:13:2f:30:
e7:5c:b5:51:93:3c:d4:e0:41:a5:52:02:22:0e:5e:
f0:0e:dc:a8:60:18:13:2a:1f:ec:d8:f2:95:27:17:
ea:10:d6:71:41:18:ec:7a:9c:50:44:d2:42:ea:41:
34:b7:5a:60:f7:e0:bd:08:98:b2:ab:ff:f4:c5:b6:
47:d3:06:48:14:76:41:f6:41:d3:6e:f6:d6:96:f6:
08:65:18:7a:a9:2f:1f:4b:b1:0c:6f:d2:99:19:f9:
89:8c:f3:14:90:25:4e:9f:09:0d:7d:b2:9c:d0:ad:
4a:3b:cb:c9:e3:01:93:aa:b6:bb:8b:aa:6a:cf:37:
f5:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:73:D7:D1:CE:79:8D:BE:CF:54:58:FB:C2:FA:22:40:0C:B1:B5:D0
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/a027acd6-b75f-42ce-9bfb-ac426d92b141.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc3:4000::/36
Signature Algorithm: sha256WithRSAEncryption
46:6f:66:16:6f:63:11:0c:b6:f1:6a:30:dd:9f:df:47:57:6c:
93:5c:50:08:74:d9:ff:a0:02:7d:e2:29:e5:e2:4a:11:2a:c1:
6d:62:8d:c7:ea:f2:03:1c:a7:a2:44:0c:84:b9:e2:08:7c:d7:
50:68:9e:41:02:95:88:ec:c6:20:fe:e5:ad:e6:a4:6a:ca:5c:
62:47:36:5e:16:06:3a:03:1d:dc:a8:09:f2:d0:d9:b2:b5:b7:
96:64:1c:4f:eb:f0:7d:2c:7e:bb:8e:05:ff:d2:39:b0:51:6b:
d8:5b:61:f8:b9:48:9c:fc:93:90:3d:6a:0b:0e:34:89:64:9b:
3b:3b:c2:a6:ee:dd:45:ea:77:a0:40:f0:0c:9f:c3:c4:81:8a:
83:74:a5:0b:24:bd:62:b3:02:84:da:2e:3a:fe:b2:a3:2a:cc:
8f:41:a3:a3:76:c7:21:36:e8:1a:3b:93:e7:47:ef:84:ae:22:
a4:17:e3:b8:68:45:f0:af:9d:3c:b4:03:39:d3:b1:e3:87:30:
3d:40:6e:7a:c5:f8:e8:d5:7e:9c:07:c5:40:25:cd:c4:b2:3c:
39:c9:de:ca:82:79:e8:24:35:44:8d:34:a0:4e:df:46:08:d0:
db:a4:ec:e7:05:0a:06:8f:4e:e4:6e:40:7a:1e:23:fb:2f:c6:
63:6a:56:08
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIULxc5gpQv3hCm/GQ5POHvRTEVuY8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA1MjYxNTIwNTBaFw0yNTA2MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDZkODg0OGM1NGFkOTdkOTA0YTdiMDY4NTNlYmM5MTgwNjE1OGE1NzdhOTVl
MGIyZWYwNzYxOTA4YTAwZmVhMjIxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKl08E0c0WFhtKy72nucqkBT9nqVcw0TeMc6maISBXocyEsOM2Yz510pC4qp
lHn03PdMKXmj9np7yvkWRTTsdXt9TgBy+Z+Hc6CAQeUoQvcAQ/qjOs1X8QLsN9X0
UnBCuLOeDc6LM2IM7RXLcUTAM+bcS0zH47sOgO7duFYGd9+8rUUMEy8w51y1UZM8
1OBBpVICIg5e8A7cqGAYEyof7NjylScX6hDWcUEY7HqcUETSQupBNLdaYPfgvQiY
sqv/9MW2R9MGSBR2QfZB02721pb2CGUYeqkvH0uxDG/SmRn5iYzzFJAlTp8JDX2y
nNCtSjvLyeMBk6q2u4uqas839c8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQ0c9fR
znmNvs9UWPvC+iJADLG10DAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
YTAyN2FjZDYtYjc1Zi00MmNlLTliZmItYWM0MjZkOTJiMTQxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCABP8NA
MA0GCSqGSIb3DQEBCwUAA4IBAQBGb2YWb2MRDLbxajDdn99HV2yTXFAIdNn/oAJ9
4inl4koRKsFtYo3H6vIDHKeiRAyEueIIfNdQaJ5BApWI7MYg/uWt5qRqylxiRzZe
FgY6Ax3cqAny0NmytbeWZBxP6/B9LH67jgX/0jmwUWvYW2H4uUic/JOQPWoLDjSJ
ZJs7O8Km7t1F6negQPAMn8PEgYqDdKULJL1iswKE2i46/rKjKsyPQaOjdschNuga
O5PnR++EriKkF+O4aEXwr508tAM507HjhzA9QG56xfjo1X6cB8VAJc3Esjw5yd7K
gnnoJDVEjTSgTt9GCNDbpOznBQoGj07kbkB6HiP7L8ZjalYI
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:52:52 2025 by rpki-client