Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/d0cd9905-72c5-4ff9-98df-6b0d1c12a4c1.roa
File: d0cd9905-72c5-4ff9-98df-6b0d1c12a4c1.roa (raw, json)
Hash identifier: JXDx0yRyef3zeVeq9CTQBO52IzbP/dVM/eQxMlUUl7Q=
Subject key identifier: 13:A0:66:5E:F7:16:09:F5:AB:1B:94:2E:AE:01:DB:F5:48:4C:88:1A
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 2AC38DC1AA99F521FB7CBD145F4E02965155CD3B
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/d0cd9905-72c5-4ff9-98df-6b0d1c12a4c1.roa
Signing time: Sat 05 Apr 2025 00:20:38 +0000
ROA not before: Sat 05 Apr 2025 00:20:38 +0000
ROA not after: Sat 10 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc4::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2a:c3:8d:c1:aa:99:f5:21:fb:7c:bd:14:5f:4e:02:96:51:55:cd:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Apr 5 00:20:38 2025 GMT
Not After : May 10 23:59:59 2025 GMT
Subject: serialNumber=17f38645706d0c8696e03576b75b857332c661209f6a1129d79176b0af711749, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:f2:02:51:3b:47:c3:01:d7:81:0b:25:f2:bf:
1a:66:b3:e2:bc:ae:81:27:70:92:7f:3d:be:72:c4:
1c:4c:0a:e7:7f:80:8c:d4:5e:b8:82:6d:dd:67:e5:
c2:cf:4a:2a:4c:d9:92:30:63:67:f4:fe:fe:1c:2e:
4c:1a:bc:32:25:71:66:16:d9:75:bc:d3:f2:06:e7:
f6:e4:4b:cb:f6:8a:ba:df:6e:2e:5f:da:2a:cb:56:
c7:db:0d:07:25:e6:58:41:99:93:1b:76:a1:1b:7b:
ee:e4:0c:2d:05:28:3f:e3:74:4d:19:12:9f:1c:db:
4b:81:d0:91:5e:60:05:14:f1:26:1c:75:f7:52:77:
7e:f8:94:4b:71:71:49:3b:41:d2:ed:37:32:c6:59:
24:76:73:5f:4e:68:57:61:53:e9:3d:f0:e1:48:0a:
40:a4:67:c1:76:be:31:50:48:7a:3d:28:6b:39:99:
42:2d:b5:25:e2:c9:82:e5:c4:b6:5b:5b:83:0f:08:
7d:a6:5b:90:52:50:fc:fe:e2:2a:07:9c:ff:47:41:
9e:36:44:9e:2c:36:af:bf:c2:57:b4:2a:fe:4c:7f:
d8:37:d9:cf:9e:9e:93:b9:b1:90:2f:20:48:8b:5b:
53:91:45:2b:5d:6d:15:23:a3:c8:03:3e:6a:45:85:
0d:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:A0:66:5E:F7:16:09:F5:AB:1B:94:2E:AE:01:DB:F5:48:4C:88:1A
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/d0cd9905-72c5-4ff9-98df-6b0d1c12a4c1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc4::/36
Signature Algorithm: sha256WithRSAEncryption
74:65:2c:69:f9:84:b1:c3:c3:91:12:7d:5d:b8:f7:46:dd:e4:
de:be:ab:04:6c:d7:e9:5f:28:9e:5b:81:e1:c5:5a:bf:4c:0e:
d6:31:6c:34:23:b7:19:dd:a3:d2:41:fd:b6:d6:3b:d3:c7:25:
67:85:77:f7:78:5c:cf:c6:7c:d6:f3:ff:41:3b:89:8d:62:c7:
39:00:15:96:7c:ad:ab:76:cc:1c:af:92:1d:d5:63:de:8e:41:
a9:b2:db:7f:e6:85:70:b5:9d:3b:36:3b:1f:f6:80:0d:5a:e2:
4a:e6:80:0e:c0:a7:36:81:b9:ed:ba:a7:c1:af:e3:d1:28:99:
e5:b4:86:8f:cc:c8:14:a9:8d:5e:52:fe:19:d9:4d:a0:89:2e:
5a:5a:f7:6e:83:26:61:24:17:e2:de:8c:8e:66:a2:63:e3:e3:
fa:be:c3:ad:e0:15:09:26:19:6a:3c:64:d9:69:b1:fd:5e:7b:
18:20:32:f8:31:fd:8c:16:50:24:d9:4c:98:42:93:ce:aa:55:
07:74:32:de:ef:bf:6c:18:80:96:e1:1c:59:51:e9:9c:f5:5d:
a0:db:85:d9:ad:d0:b9:b4:b7:65:eb:a6:f8:bc:6a:12:f6:46:
90:6d:8f:89:14:ec:cf:30:af:81:bb:24:d7:35:6b:30:f3:a0:
16:71:3e:50
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUKsONwaqZ9SH7fL0UX04CllFVzTswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA0MDUwMDIwMzhaFw0yNTA1MTAyMzU5NTlaMHoxSTBHBgNV
BAUTQDE3ZjM4NjQ1NzA2ZDBjODY5NmUwMzU3NmI3NWI4NTczMzJjNjYxMjA5ZjZh
MTEyOWQ3OTE3NmIwYWY3MTE3NDkxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL3yAlE7R8MB14ELJfK/Gmaz4ryugSdwkn89vnLEHEwK53+AjNReuIJt3Wfl
ws9KKkzZkjBjZ/T+/hwuTBq8MiVxZhbZdbzT8gbn9uRLy/aKut9uLl/aKstWx9sN
ByXmWEGZkxt2oRt77uQMLQUoP+N0TRkSnxzbS4HQkV5gBRTxJhx191J3fviUS3Fx
STtB0u03MsZZJHZzX05oV2FT6T3w4UgKQKRnwXa+MVBIej0oazmZQi21JeLJguXE
tltbgw8IfaZbkFJQ/P7iKgec/0dBnjZEniw2r7/CV7Qq/kx/2DfZz56ek7mxkC8g
SItbU5FFK11tFSOjyAM+akWFDWMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQToGZe
9xYJ9asblC6uAdv1SEyIGjAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
ZDBjZDk5MDUtNzJjNS00ZmY5LTk4ZGYtNmIwZDFjMTJhNGMxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCABP8QA
MA0GCSqGSIb3DQEBCwUAA4IBAQB0ZSxp+YSxw8OREn1duPdG3eTevqsEbNfpXyie
W4HhxVq/TA7WMWw0I7cZ3aPSQf221jvTxyVnhXf3eFzPxnzW8/9BO4mNYsc5ABWW
fK2rdswcr5Id1WPejkGpstt/5oVwtZ07Njsf9oANWuJK5oAOwKc2gbntuqfBr+PR
KJnltIaPzMgUqY1eUv4Z2U2giS5aWvdugyZhJBfi3oyOZqJj4+P6vsOt4BUJJhlq
PGTZabH9XnsYIDL4Mf2MFlAk2UyYQpPOqlUHdDLe779sGICW4RxZUemc9V2g24XZ
rdC5tLdl66b4vGoS9kaQbY+JFOzPMK+BuyTXNWsw86AWcT5Q
-----END CERTIFICATE-----
Generated at Sat Apr 26 14:44:21 2025 by rpki-client