Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/bfd462bd-2e1f-485f-aa9c-e7e0c0bcb690.roa
File: bfd462bd-2e1f-485f-aa9c-e7e0c0bcb690.roa (raw, json)
Hash identifier: wVgGKhOYKpn8tedapEkzYzxDX1uj9RZIJmWVipZl/kk=
Subject key identifier: BF:69:F1:F6:02:17:90:96:8D:80:E3:BB:8F:D1:8F:E3:EA:90:30:F4
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 6B547F667D813542D2345E566F9E0AD47794F47F
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/bfd462bd-2e1f-485f-aa9c-e7e0c0bcb690.roa
Signing time: Mon 26 May 2025 15:21:21 +0000
ROA not before: Mon 26 May 2025 15:21:21 +0000
ROA not after: Mon 30 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc7:a000::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6b:54:7f:66:7d:81:35:42:d2:34:5e:56:6f:9e:0a:d4:77:94:f4:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: May 26 15:21:21 2025 GMT
Not After : Jun 30 23:59:59 2025 GMT
Subject: serialNumber=bf7fb23e5b30348d2936e5e07859ca2ae523caed12d122698da8638a95f0f1b5, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:a4:6d:67:c9:e4:23:4d:dd:d8:00:0d:6b:3a:
1f:77:89:0c:c8:03:6e:97:32:39:27:ec:71:18:ab:
08:8a:b0:3e:17:bb:eb:bf:7f:16:14:63:43:d6:c9:
7a:4e:b4:99:c1:3c:b7:8a:19:5e:d7:d1:43:5a:62:
c6:24:b4:b3:87:6b:92:fc:c6:60:dc:db:5a:0b:2d:
d3:24:7f:9d:74:3f:6d:54:d5:3e:b9:eb:0b:0b:27:
96:11:e5:d8:ee:21:59:55:b6:f9:93:06:ee:29:80:
b0:a7:b7:51:2a:d7:f6:8b:cd:78:f4:85:a8:bb:07:
05:1c:97:cc:8c:f3:16:25:b0:4e:5a:15:80:c1:c9:
88:29:fc:58:46:96:88:6f:17:3a:54:13:e4:ff:23:
9a:86:a2:29:7e:a2:3b:b5:d8:c0:4b:02:df:2c:a4:
a8:66:e6:b0:9c:d1:e8:d2:ea:b7:ad:7a:82:19:c8:
c1:3b:63:6a:b3:c0:5e:97:f3:06:36:76:ec:22:5e:
a2:42:d5:55:d1:25:e8:ab:3c:86:0e:29:7f:c9:96:
0e:1d:a5:f5:8e:90:ba:f7:ac:a7:99:5b:8c:e9:4e:
ea:4b:41:e4:0d:ff:2b:da:ca:52:77:ff:23:00:e2:
89:1f:74:87:a1:2f:79:28:9a:e4:d8:55:3e:d2:4b:
16:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:69:F1:F6:02:17:90:96:8D:80:E3:BB:8F:D1:8F:E3:EA:90:30:F4
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/bfd462bd-2e1f-485f-aa9c-e7e0c0bcb690.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc7:a000::/36
Signature Algorithm: sha256WithRSAEncryption
76:5c:99:39:6e:14:9e:dd:e4:44:24:60:a7:c2:b8:b4:25:74:
58:fc:fd:83:ab:0e:27:ad:3a:19:e8:d9:c7:81:29:95:0b:da:
5d:6a:86:3e:1c:58:46:1e:0d:46:bb:8b:da:8a:a5:b3:2d:50:
93:e0:3c:84:c1:5b:33:83:6a:33:c5:aa:77:08:ca:d5:9d:81:
32:63:86:12:01:75:3b:c4:2f:6f:a0:86:fd:6b:88:e1:a7:28:
5a:7d:ae:e5:47:07:8d:a1:2d:93:4a:72:a7:1a:4b:8a:9a:cf:
7c:c7:80:41:51:34:d1:e8:61:76:20:5e:52:5e:4a:36:d0:5b:
bd:04:c7:b9:e2:0d:8b:d5:40:8a:2b:17:52:16:fa:c1:e3:64:
6e:5c:e0:8a:bc:60:26:0b:01:b2:1e:49:6a:a3:73:da:b7:7a:
86:6c:77:a7:c3:f0:d6:b7:85:e6:ca:54:28:0d:67:9b:60:28:
12:27:a7:a4:6e:96:03:da:66:9c:62:6f:8c:21:cf:c9:d9:8b:
e6:c3:13:13:80:ea:3d:a9:b3:0b:9a:12:fd:df:91:bc:61:c7:
0b:3e:b3:28:27:f9:f2:da:59:6b:4e:75:b8:99:b6:43:2e:d7:
d8:4f:c4:01:c7:ab:fe:75:d7:a8:d6:45:fc:95:3b:55:48:95:
6c:e7:b8:79
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUa1R/Zn2BNULSNF5Wb54K1HeU9H8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA1MjYxNTIxMjFaFw0yNTA2MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQGJmN2ZiMjNlNWIzMDM0OGQyOTM2ZTVlMDc4NTljYTJhZTUyM2NhZWQxMmQx
MjI2OThkYTg2MzhhOTVmMGYxYjUxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALakbWfJ5CNN3dgADWs6H3eJDMgDbpcyOSfscRirCIqwPhe7679/FhRjQ9bJ
ek60mcE8t4oZXtfRQ1pixiS0s4drkvzGYNzbWgst0yR/nXQ/bVTVPrnrCwsnlhHl
2O4hWVW2+ZMG7imAsKe3USrX9ovNePSFqLsHBRyXzIzzFiWwTloVgMHJiCn8WEaW
iG8XOlQT5P8jmoaiKX6iO7XYwEsC3yykqGbmsJzR6NLqt616ghnIwTtjarPAXpfz
BjZ27CJeokLVVdEl6Ks8hg4pf8mWDh2l9Y6Quvesp5lbjOlO6ktB5A3/K9rKUnf/
IwDiiR90h6EveSia5NhVPtJLFukCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBS/afH2
AheQlo2A47uP0Y/j6pAw9DAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
YmZkNDYyYmQtMmUxZi00ODVmLWFhOWMtZTdlMGMwYmNiNjkwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCABP8eg
MA0GCSqGSIb3DQEBCwUAA4IBAQB2XJk5bhSe3eREJGCnwri0JXRY/P2Dqw4nrToZ
6NnHgSmVC9pdaoY+HFhGHg1Gu4vaiqWzLVCT4DyEwVszg2ozxap3CMrVnYEyY4YS
AXU7xC9voIb9a4jhpyhafa7lRweNoS2TSnKnGkuKms98x4BBUTTR6GF2IF5SXko2
0Fu9BMe54g2L1UCKKxdSFvrB42RuXOCKvGAmCwGyHklqo3Pat3qGbHenw/DWt4Xm
ylQoDWebYCgSJ6ekbpYD2macYm+MIc/J2YvmwxMTgOo9qbMLmhL935G8YccLPrMo
J/ny2llrTnW4mbZDLtfYT8QBx6v+ddeo1kX8lTtVSJVs57h5
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:45:30 2025 by rpki-client