Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/bb926853-f3ad-4f1a-b024-12b34c55d5bc.roa
File: bb926853-f3ad-4f1a-b024-12b34c55d5bc.roa (raw, json)
Hash identifier: BNLvgHSlI0jNeUeRBRZsjNMhKQqCd9LbasUhiDYA3oQ=
Subject key identifier: DE:F1:C9:B1:49:BA:73:04:AE:A4:AA:A9:1F:E0:7E:58:93:CB:BA:0A
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 5573BBA433D9FD6C6E6C7119B1CADCA8BBB5F1EB
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/bb926853-f3ad-4f1a-b024-12b34c55d5bc.roa
Signing time: Mon 26 May 2025 15:11:01 +0000
ROA not before: Mon 26 May 2025 15:11:01 +0000
ROA not after: Mon 30 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc7:f880::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
55:73:bb:a4:33:d9:fd:6c:6e:6c:71:19:b1:ca:dc:a8:bb:b5:f1:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: May 26 15:11:01 2025 GMT
Not After : Jun 30 23:59:59 2025 GMT
Subject: serialNumber=8686be98c107d8b4c9cfc63643f13d6e54cf53f8eca85d06fddc8626dd5714ac, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:f9:2c:b0:0c:c2:03:bc:b2:63:d3:4f:b0:66:
a3:1b:82:56:9e:e9:2e:63:67:09:68:0c:32:53:c0:
b7:77:c8:08:5e:02:97:16:11:1b:6d:07:99:70:2a:
ff:5a:c9:a0:89:57:97:7e:ae:28:3f:63:51:e5:fd:
13:61:b1:f8:15:15:10:82:d3:12:13:9e:46:08:ce:
4b:c8:b2:c3:2e:4d:ec:89:73:ea:b3:7d:f2:75:83:
5f:2a:aa:01:1b:5b:9f:03:75:a4:f5:e6:f6:c2:a5:
a9:74:12:fc:e8:9f:6e:4c:03:ec:55:ed:b8:db:fb:
04:f4:50:0e:d3:22:48:12:a6:4e:37:b9:98:11:12:
fa:7d:8d:3e:98:84:21:6b:56:ee:85:3e:df:fb:25:
b5:b3:c1:8b:47:7c:97:d4:0c:b3:9c:cc:72:1a:c3:
1e:2c:d1:3f:b5:3b:2f:a1:ae:40:2f:a8:96:25:9b:
28:57:b3:3b:62:32:ec:09:dd:e9:68:26:f6:bd:16:
83:69:5c:8c:9b:2b:6b:93:3e:8c:58:1f:eb:69:ed:
a4:a2:a7:78:ab:8e:14:e4:11:50:98:0b:11:a3:84:
25:c8:06:ca:9f:4d:fa:e0:18:8c:53:bc:3b:b3:c9:
f6:6b:36:73:69:c4:e4:ef:e1:90:d4:fd:b5:f6:db:
c9:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:F1:C9:B1:49:BA:73:04:AE:A4:AA:A9:1F:E0:7E:58:93:CB:BA:0A
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/bb926853-f3ad-4f1a-b024-12b34c55d5bc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc7:f880::/48
Signature Algorithm: sha256WithRSAEncryption
79:bb:e3:b2:91:d0:56:b5:a2:58:5d:cb:1b:5d:b2:1f:44:9e:
7d:30:c8:53:39:74:df:3c:3e:39:d4:f8:b7:89:9b:d0:6e:c8:
98:88:91:3a:6a:af:5c:9f:b5:b6:94:37:76:e8:cd:5b:cd:e9:
1b:13:b1:44:a5:40:9a:2c:62:bd:7c:26:9d:16:78:fe:bf:16:
5f:0b:b0:17:27:68:ed:3b:c9:57:0b:d4:5b:9e:4f:05:1a:58:
5d:eb:1d:74:ad:05:27:57:2b:0b:96:ba:31:c4:5b:d9:d7:af:
ae:4a:dd:dc:a1:6f:7a:44:38:ed:92:ec:c2:74:b2:9d:10:c3:
fe:25:a8:7f:42:c3:8a:7a:ce:89:f6:59:60:d9:3c:aa:01:80:
65:85:d8:65:80:a3:34:ca:31:1c:73:3d:f4:f2:77:c0:44:f1:
12:2d:62:0b:fe:c0:b2:6b:9a:14:d9:6f:1e:99:75:68:99:f9:
6d:30:49:c6:2c:d8:ab:cf:de:fe:84:7b:1b:dd:b4:15:ce:7a:
34:a0:4f:45:07:ec:7d:06:f3:5b:b7:79:40:31:bd:15:dc:4e:
de:cc:af:50:2f:02:a9:b5:a2:58:04:48:fe:b1:37:fb:94:f4:
51:c8:06:60:e4:db:50:bb:7e:6c:c6:5d:51:eb:de:c5:43:00:
fe:41:cc:fa
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUVXO7pDPZ/WxubHEZscrcqLu18eswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA1MjYxNTExMDFaFw0yNTA2MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDg2ODZiZTk4YzEwN2Q4YjRjOWNmYzYzNjQzZjEzZDZlNTRjZjUzZjhlY2E4
NWQwNmZkZGM4NjI2ZGQ1NzE0YWMxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALv5LLAMwgO8smPTT7BmoxuCVp7pLmNnCWgMMlPAt3fICF4ClxYRG20HmXAq
/1rJoIlXl36uKD9jUeX9E2Gx+BUVEILTEhOeRgjOS8iywy5N7Ilz6rN98nWDXyqq
ARtbnwN1pPXm9sKlqXQS/OifbkwD7FXtuNv7BPRQDtMiSBKmTje5mBES+n2NPpiE
IWtW7oU+3/sltbPBi0d8l9QMs5zMchrDHizRP7U7L6GuQC+oliWbKFezO2Iy7And
6Wgm9r0Wg2lcjJsra5M+jFgf62ntpKKneKuOFOQRUJgLEaOEJcgGyp9N+uAYjFO8
O7PJ9ms2c2nE5O/hkNT9tfbbyUUCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTe8cmx
SbpzBK6kqqkf4H5Yk8u6CjAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
YmI5MjY4NTMtZjNhZC00ZjFhLWIwMjQtMTJiMzRjNTVkNWJjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACABP8f4
gDANBgkqhkiG9w0BAQsFAAOCAQEAebvjspHQVrWiWF3LG12yH0SefTDIUzl03zw+
OdT4t4mb0G7ImIiROmqvXJ+1tpQ3dujNW83pGxOxRKVAmixivXwmnRZ4/r8WXwuw
Fydo7TvJVwvUW55PBRpYXesddK0FJ1crC5a6McRb2devrkrd3KFvekQ47ZLswnSy
nRDD/iWof0LDinrOifZZYNk8qgGAZYXYZYCjNMoxHHM99PJ3wETxEi1iC/7Asmua
FNlvHpl1aJn5bTBJxizYq8/e/oR7G920Fc56NKBPRQfsfQbzW7d5QDG9FdxO3syv
UC8CqbWiWARI/rE3+5T0UcgGYOTbULt+bMZdUevexUMA/kHM+g==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:50:39 2025 by rpki-client