Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/a972fe9b-c39f-48d1-8b19-c14cbaf16237.roa
File: a972fe9b-c39f-48d1-8b19-c14cbaf16237.roa (raw, json)
Hash identifier: IpCayyljbbAbqCsWCFWvKCTKS8X18V54AaUejjB75OM=
Subject key identifier: 1F:85:CA:24:EC:76:CA:D3:4B:B4:A8:E7:A8:DA:B8:EC:23:48:42:A6
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 3E926BE44446E1F90699D93A85FB8A0D56A65FCA
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/a972fe9b-c39f-48d1-8b19-c14cbaf16237.roa
Signing time: Mon 26 May 2025 15:21:10 +0000
ROA not before: Mon 26 May 2025 15:21:10 +0000
ROA not after: Mon 30 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc1::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3e:92:6b:e4:44:46:e1:f9:06:99:d9:3a:85:fb:8a:0d:56:a6:5f:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: May 26 15:21:10 2025 GMT
Not After : Jun 30 23:59:59 2025 GMT
Subject: serialNumber=85c7b4f6b23510345e34ed44d733bc3c1a48c51eeff1ed38e282c3b15d1e317b, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:8f:d7:26:97:46:1c:97:04:dc:f4:6e:e5:ff:
dc:78:4f:c4:94:b1:e0:57:59:95:2f:79:81:95:14:
44:13:76:20:35:b8:ce:77:c3:5f:07:e4:7a:aa:64:
f0:26:e4:a3:97:b7:f2:a2:95:c9:76:de:65:b7:72:
47:3e:78:54:f4:98:87:f4:cf:53:66:b1:22:c5:e4:
6f:52:6f:e8:bc:f9:52:f8:a1:86:30:47:a1:2b:42:
f7:41:28:11:54:02:77:f5:dc:ea:48:9f:69:18:0b:
e9:b5:af:ce:e5:94:81:eb:e6:a4:b9:93:5c:63:6a:
b9:bb:3b:ee:9c:49:96:48:0b:a7:cf:35:06:88:ff:
f8:f2:af:8a:fc:79:65:40:46:58:a7:54:c1:02:c7:
6b:c0:88:e2:84:d6:ee:69:b3:d9:b7:b3:0c:32:b3:
b8:c4:47:ad:d9:e7:1d:a1:05:3f:2f:88:4c:3a:d5:
21:ff:e3:b9:90:d4:8a:ee:9f:44:36:1b:77:29:23:
39:35:3c:63:68:c9:e6:80:77:14:64:13:f6:ab:67:
de:81:57:1b:e6:41:61:a5:5a:f6:a6:89:55:e9:41:
01:95:13:14:df:4b:bc:cb:e6:31:9d:df:7c:c1:ef:
2d:df:0a:04:3f:23:35:60:49:ac:57:4b:9a:b3:1c:
64:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:85:CA:24:EC:76:CA:D3:4B:B4:A8:E7:A8:DA:B8:EC:23:48:42:A6
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/a972fe9b-c39f-48d1-8b19-c14cbaf16237.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc1::/32
Signature Algorithm: sha256WithRSAEncryption
74:d3:66:64:11:da:06:a4:60:69:71:1d:d0:2d:7a:66:fd:99:
2f:8b:b9:b8:4b:39:0b:57:be:7d:9a:a0:69:9b:0a:a8:6c:f4:
64:06:6a:03:c7:8b:d0:56:0e:43:ac:e7:49:d3:43:1f:6b:e2:
8b:bd:6d:c7:4d:a6:e8:4a:c1:2d:b9:f3:e4:07:4f:2b:a9:5c:
1e:a9:1d:a6:dd:d2:ac:0c:76:02:6d:27:cc:92:2a:a2:7a:f2:
a3:03:92:9e:fc:33:71:fc:e3:ba:ff:80:bb:6a:ab:6a:db:e1:
dc:de:45:c4:b8:e0:13:84:58:c8:67:bf:56:29:d3:30:88:47:
01:e6:07:21:92:dd:5c:52:07:5f:9e:dc:ca:da:a2:80:29:65:
bd:47:4b:dc:0c:8d:9f:72:cb:aa:d4:ce:c9:25:94:7c:57:2c:
f3:1b:95:7d:e3:52:8a:8c:6a:83:1e:f5:ff:7a:1a:38:ee:ed:
cb:9c:ad:10:c2:f3:6d:ac:8e:8b:1b:ef:90:3f:cc:ba:9d:18:
2f:d5:11:58:77:34:d4:b6:e2:29:d8:24:04:10:ec:fb:81:4b:
73:e3:35:a8:75:fb:0c:5c:a5:09:bb:72:b6:86:57:7c:6c:ad:
be:85:6b:da:c8:7a:aa:44:42:cc:e8:97:17:aa:85:51:40:c5:
64:39:9c:88
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgIUPpJr5ERG4fkGmdk6hfuKDVamX8owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA1MjYxNTIxMTBaFw0yNTA2MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDg1YzdiNGY2YjIzNTEwMzQ1ZTM0ZWQ0NGQ3MzNiYzNjMWE0OGM1MWVlZmYx
ZWQzOGUyODJjM2IxNWQxZTMxN2IxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAI2P1yaXRhyXBNz0buX/3HhPxJSx4FdZlS95gZUURBN2IDW4znfDXwfkeqpk
8Cbko5e38qKVyXbeZbdyRz54VPSYh/TPU2axIsXkb1Jv6Lz5UvihhjBHoStC90Eo
EVQCd/Xc6kifaRgL6bWvzuWUgevmpLmTXGNqubs77pxJlkgLp881Boj/+PKvivx5
ZUBGWKdUwQLHa8CI4oTW7mmz2bezDDKzuMRHrdnnHaEFPy+ITDrVIf/juZDUiu6f
RDYbdykjOTU8Y2jJ5oB3FGQT9qtn3oFXG+ZBYaVa9qaJVelBAZUTFN9LvMvmMZ3f
fMHvLd8KBD8jNWBJrFdLmrMcZFECAwEAAaOCAiIwggIeMB0GA1UdDgQWBBQfhcok
7HbK00u0qOeo2rjsI0hCpjAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
YTk3MmZlOWItYzM5Zi00OGQxLThiMTktYzE0Y2JhZjE2MjM3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACABP8Ew
DQYJKoZIhvcNAQELBQADggEBAHTTZmQR2gakYGlxHdAtemb9mS+LubhLOQtXvn2a
oGmbCqhs9GQGagPHi9BWDkOs50nTQx9r4ou9bcdNpuhKwS258+QHTyupXB6pHabd
0qwMdgJtJ8ySKqJ68qMDkp78M3H847r/gLtqq2rb4dzeRcS44BOEWMhnv1Yp0zCI
RwHmByGS3VxSB1+e3MraooApZb1HS9wMjZ9yy6rUzskllHxXLPMblX3jUoqMaoMe
9f96Gjju7cucrRDC822sjosb75A/zLqdGC/VEVh3NNS24inYJAQQ7PuBS3PjNah1
+wxcpQm7craGV3xsrb6Fa9rIeqpEQszolxeqhVFAxWQ5nIg=
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:42:29 2025 by rpki-client