Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/d0cd9905-72c5-4ff9-98df-6b0d1c12a4c1.roa
File: d0cd9905-72c5-4ff9-98df-6b0d1c12a4c1.roa (raw, json)
Hash identifier: DfeTxSSleOG2dXgizKQ6mnhiWN5j5FhCOPa1NGtwz/0=
Subject key identifier: 06:22:A7:90:DD:4B:B0:73:E2:D5:D2:A4:DD:4F:DA:00:6E:5E:00:CA
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 5D0AE7D6353B129D0A22EDBA170A78091751097E
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/d0cd9905-72c5-4ff9-98df-6b0d1c12a4c1.roa
Signing time: Mon 26 May 2025 15:21:16 +0000
ROA not before: Mon 26 May 2025 15:21:16 +0000
ROA not after: Mon 30 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc4::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5d:0a:e7:d6:35:3b:12:9d:0a:22:ed:ba:17:0a:78:09:17:51:09:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: May 26 15:21:16 2025 GMT
Not After : Jun 30 23:59:59 2025 GMT
Subject: serialNumber=5dacf685694804d26cc67d5e0b8ab5ce29b1bce4d135fd779549c3bc78aa7ed2, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:7e:f3:53:6d:bc:f0:4a:87:79:9d:db:5f:df:
25:df:8c:8f:8d:ba:33:f3:81:07:61:61:41:b8:94:
12:c3:89:1c:02:9a:44:00:42:08:8f:60:cb:f5:af:
0f:30:29:4b:e3:5c:c0:04:9b:26:f0:73:89:9b:b8:
19:f2:65:fa:52:62:eb:25:4c:85:6f:53:5d:e1:94:
90:5d:5c:11:c6:62:af:24:2e:c6:b2:9c:55:e9:15:
d9:07:a0:73:0f:de:20:62:fe:7b:4a:a6:82:9c:f1:
01:69:35:88:cd:d2:e0:cb:c9:a2:19:71:97:fb:8f:
25:a0:16:eb:17:95:f1:cf:ac:d6:c4:1c:3a:7f:9b:
94:ba:bc:9b:97:78:94:53:43:a1:3c:fc:9a:b8:c6:
db:43:dd:ba:1d:c7:6c:d6:d1:8b:80:2b:9d:71:f9:
7d:c2:92:89:db:f7:a5:5b:8c:f1:ff:dd:1a:29:01:
1d:f4:9e:7c:87:71:62:9d:3a:dd:bc:4f:13:47:72:
aa:a8:4b:77:18:c2:e6:e9:b7:ca:b0:ab:4d:dd:46:
40:0e:c3:52:37:de:de:3a:0a:f9:31:26:b0:96:3e:
c0:f9:04:a0:b4:58:76:26:c3:4b:54:01:46:b0:0d:
93:28:9e:80:3b:ad:93:81:6f:72:93:a8:f0:6f:56:
9e:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:22:A7:90:DD:4B:B0:73:E2:D5:D2:A4:DD:4F:DA:00:6E:5E:00:CA
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/d0cd9905-72c5-4ff9-98df-6b0d1c12a4c1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc4::/36
Signature Algorithm: sha256WithRSAEncryption
2a:e3:b6:29:50:a5:19:02:2b:a7:bd:58:28:0e:85:bd:05:87:
c4:98:c4:74:7a:2c:3a:8e:dc:ac:30:4b:7b:1c:18:71:57:bc:
31:b6:11:93:22:91:6d:dd:c2:68:12:2f:b2:2e:c1:0c:be:ba:
0a:c2:cd:a4:6b:a3:89:41:02:94:5b:9c:a0:05:4c:89:81:cc:
55:25:d7:25:ec:0d:da:a2:e6:4d:5e:b4:bc:1d:4d:ef:5d:18:
c4:11:a4:5c:63:26:2f:f2:53:27:4c:36:1a:22:83:c6:35:f8:
3a:45:4b:86:19:43:47:21:1f:aa:d9:e7:bf:c3:79:db:0b:4d:
1e:6d:61:38:33:01:9c:d7:0e:65:13:c5:2c:38:ef:b0:4c:59:
18:85:e2:61:2d:57:ab:1a:18:aa:54:9e:e5:f0:70:b4:e2:74:
ce:9e:d5:b0:9a:27:34:91:e1:7e:cb:4a:5a:e4:23:f5:0a:66:
64:1e:eb:38:01:b9:1b:1b:c5:12:14:04:ff:c8:43:3b:62:d9:
82:0c:fe:5d:13:24:1e:28:cc:96:47:ca:ac:ae:7a:51:30:be:
1d:4a:de:27:f2:b6:1c:21:5a:fa:e6:91:e2:6e:fb:ac:0e:ca:
07:e0:1e:86:2d:c9:86:d9:f0:91:a6:6f:19:c0:88:9e:42:26:
cd:56:f7:f2
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUXQrn1jU7Ep0KIu26Fwp4CRdRCX4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA1MjYxNTIxMTZaFw0yNTA2MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDVkYWNmNjg1Njk0ODA0ZDI2Y2M2N2Q1ZTBiOGFiNWNlMjliMWJjZTRkMTM1
ZmQ3Nzk1NDljM2JjNzhhYTdlZDIxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANN+81NtvPBKh3md21/fJd+Mj426M/OBB2FhQbiUEsOJHAKaRABCCI9gy/Wv
DzApS+NcwASbJvBziZu4GfJl+lJi6yVMhW9TXeGUkF1cEcZiryQuxrKcVekV2Qeg
cw/eIGL+e0qmgpzxAWk1iM3S4MvJohlxl/uPJaAW6xeV8c+s1sQcOn+blLq8m5d4
lFNDoTz8mrjG20Pduh3HbNbRi4ArnXH5fcKSidv3pVuM8f/dGikBHfSefIdxYp06
3bxPE0dyqqhLdxjC5um3yrCrTd1GQA7DUjfe3joK+TEmsJY+wPkEoLRYdibDS1QB
RrANkyiegDutk4FvcpOo8G9Wno8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQGIqeQ
3Uuwc+LV0qTdT9oAbl4AyjAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
ZDBjZDk5MDUtNzJjNS00ZmY5LTk4ZGYtNmIwZDFjMTJhNGMxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCABP8QA
MA0GCSqGSIb3DQEBCwUAA4IBAQAq47YpUKUZAiunvVgoDoW9BYfEmMR0eiw6jtys
MEt7HBhxV7wxthGTIpFt3cJoEi+yLsEMvroKws2ka6OJQQKUW5ygBUyJgcxVJdcl
7A3aouZNXrS8HU3vXRjEEaRcYyYv8lMnTDYaIoPGNfg6RUuGGUNHIR+q2ee/w3nb
C00ebWE4MwGc1w5lE8UsOO+wTFkYheJhLVerGhiqVJ7l8HC04nTOntWwmic0keF+
y0pa5CP1CmZkHus4AbkbG8USFAT/yEM7YtmCDP5dEyQeKMyWR8qsrnpRML4dSt4n
8rYcIVr65pHibvusDsoH4B6GLcmG2fCRpm8ZwIieQibNVvfy
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:42:26 2025 by rpki-client