Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/ccefeaa3-50fd-4fb5-a0d6-682ea894c5e1.roa
File: ccefeaa3-50fd-4fb5-a0d6-682ea894c5e1.roa (raw, json)
Hash identifier: G+RPb16ko1pp0Ikk7Bi3QUtIMqHh6BkAqSA4KHgUzjM=
Subject key identifier: 5B:71:3C:62:98:67:38:08:AE:6B:A0:89:ED:A1:21:22:91:2B:74:5B
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 4A1F9A07CECCB85F7D14A23DC15DF78F6160F654
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/ccefeaa3-50fd-4fb5-a0d6-682ea894c5e1.roa
Signing time: Mon 26 May 2025 15:10:26 +0000
ROA not before: Mon 26 May 2025 15:10:26 +0000
ROA not after: Mon 30 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc7:5800::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4a:1f:9a:07:ce:cc:b8:5f:7d:14:a2:3d:c1:5d:f7:8f:61:60:f6:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: May 26 15:10:26 2025 GMT
Not After : Jun 30 23:59:59 2025 GMT
Subject: serialNumber=72c00720557a80756b9287b4e41511733b135a8f04d2dd191572f6fa7434e27b, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:55:42:11:b3:b6:88:fa:6a:f3:ac:69:8a:c6:
02:e9:1a:e1:ce:02:4c:15:3e:6d:de:fc:94:75:18:
b3:ff:2a:2b:d4:a1:99:ed:3e:1c:77:8a:71:ab:9e:
85:d5:db:f7:99:85:8d:35:14:fe:47:15:3e:9d:b4:
fc:47:20:b3:0f:5a:ea:fc:e2:d7:38:c5:cd:14:7d:
87:69:e4:a9:ee:52:b9:5c:cc:6d:da:53:9f:15:13:
92:25:09:f3:e8:81:94:0f:b9:d9:90:6e:19:ff:fb:
5b:90:f7:a5:5e:c6:1a:04:35:0a:29:c6:4d:07:3f:
82:d8:07:db:8d:3b:47:94:c3:13:1e:f7:3a:dc:49:
1a:6f:2c:6e:80:8f:b8:7c:a3:63:6b:d9:c6:95:66:
9e:43:c4:6e:a3:e3:b5:8a:2e:29:43:f9:70:e0:3a:
0b:c9:df:3f:fa:a8:a1:ca:0f:d4:32:47:40:ca:73:
e3:6a:92:bd:48:7c:e0:b6:a2:89:8a:2d:80:9f:24:
14:8f:2f:c7:c3:26:28:83:63:b8:da:d7:19:34:85:
2f:fe:87:f7:34:92:60:c2:f5:28:57:df:0d:da:cb:
b3:9b:57:ff:59:37:d1:e0:bf:de:59:ef:d8:5a:b2:
d4:fe:f5:26:00:a2:6e:2a:b4:90:60:d7:1c:4e:73:
ea:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:71:3C:62:98:67:38:08:AE:6B:A0:89:ED:A1:21:22:91:2B:74:5B
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/ccefeaa3-50fd-4fb5-a0d6-682ea894c5e1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc7:5800::/40
Signature Algorithm: sha256WithRSAEncryption
18:99:cf:e6:e9:8d:c4:3f:36:c5:f7:24:69:c4:ac:76:a2:4a:
65:41:ed:f8:05:6b:2b:46:8c:57:a0:5f:0c:0b:80:4f:61:72:
ad:f7:13:66:3e:26:29:48:ea:85:6b:37:9b:db:64:15:e6:99:
8f:a1:ae:28:d4:29:3c:92:ba:35:72:6e:56:fe:67:d7:2a:c8:
be:a3:9b:43:13:ed:1a:0a:0a:ac:ba:13:be:3b:a4:2a:22:3b:
d3:a4:d2:2d:86:d5:c9:da:88:26:2a:69:6c:c8:59:34:10:3d:
21:25:a0:67:47:dc:6f:8b:e7:b9:4b:34:74:ab:fe:75:45:c2:
29:35:d2:3d:fe:c6:59:13:61:f6:f0:e4:42:ba:69:c2:90:f7:
c5:dc:bf:d8:2a:f7:32:c0:18:b9:0b:7f:c8:b1:a4:b2:f9:ee:
33:e0:d7:24:34:47:bf:b1:19:52:42:97:75:b6:2d:cd:7a:c8:
43:a1:76:dc:d8:5e:11:ef:61:6a:b4:65:f3:fc:20:c1:56:b8:
e5:67:a4:40:46:46:3b:2e:54:d9:12:b6:00:62:fc:06:cb:ad:
62:0f:f0:59:84:19:09:33:77:d0:cc:70:96:4e:40:f8:e8:f8:
21:13:2a:00:7f:58:e6:d2:20:6b:88:82:de:02:c8:25:83:a9:
10:2b:f4:e1
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUSh+aB87MuF99FKI9wV33j2Fg9lQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA1MjYxNTEwMjZaFw0yNTA2MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDcyYzAwNzIwNTU3YTgwNzU2YjkyODdiNGU0MTUxMTczM2IxMzVhOGYwNGQy
ZGQxOTE1NzJmNmZhNzQzNGUyN2IxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMBVQhGztoj6avOsaYrGAuka4c4CTBU+bd78lHUYs/8qK9Shme0+HHeKcaue
hdXb95mFjTUU/kcVPp20/Ecgsw9a6vzi1zjFzRR9h2nkqe5SuVzMbdpTnxUTkiUJ
8+iBlA+52ZBuGf/7W5D3pV7GGgQ1CinGTQc/gtgH2407R5TDEx73OtxJGm8sboCP
uHyjY2vZxpVmnkPEbqPjtYouKUP5cOA6C8nfP/qoocoP1DJHQMpz42qSvUh84Lai
iYotgJ8kFI8vx8MmKINjuNrXGTSFL/6H9zSSYML1KFffDdrLs5tX/1k30eC/3lnv
2Fqy1P71JgCibiq0kGDXHE5z6tECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRbcTxi
mGc4CK5roIntoSEikSt0WzAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
Y2NlZmVhYTMtNTBmZC00ZmI1LWEwZDYtNjgyZWE4OTRjNWUxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACABP8dY
MA0GCSqGSIb3DQEBCwUAA4IBAQAYmc/m6Y3EPzbF9yRpxKx2okplQe34BWsrRoxX
oF8MC4BPYXKt9xNmPiYpSOqFazeb22QV5pmPoa4o1Ck8kro1cm5W/mfXKsi+o5tD
E+0aCgqsuhO+O6QqIjvTpNIthtXJ2ogmKmlsyFk0ED0hJaBnR9xvi+e5SzR0q/51
RcIpNdI9/sZZE2H28ORCumnCkPfF3L/YKvcywBi5C3/IsaSy+e4z4NckNEe/sRlS
Qpd1ti3NeshDoXbc2F4R72FqtGXz/CDBVrjlZ6RARkY7LlTZErYAYvwGy61iD/BZ
hBkJM3fQzHCWTkD46PghEyoAf1jm0iBriILeAsglg6kQK/Th
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:44:35 2025 by rpki-client