Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/e8f1c1f7-8389-4faf-87c9-f4a180e7bcdc.roa
File: e8f1c1f7-8389-4faf-87c9-f4a180e7bcdc.roa (raw, json)
Hash identifier: O0ZrtR9ZH9JYw5KB4lGuo6e7lPIiJAX2+BZNEU4yKvM=
Subject key identifier: B6:19:6C:83:AA:0C:22:9E:57:FA:E3:B4:B2:BC:49:01:94:BA:79:17
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 49620C54BEC3CDA2959BF99EDF766ECCFE8D5B09
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/e8f1c1f7-8389-4faf-87c9-f4a180e7bcdc.roa
Signing time: Mon 26 May 2025 15:10:30 +0000
ROA not before: Mon 26 May 2025 15:10:30 +0000
ROA not after: Mon 30 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc5:8000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
49:62:0c:54:be:c3:cd:a2:95:9b:f9:9e:df:76:6e:cc:fe:8d:5b:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: May 26 15:10:30 2025 GMT
Not After : Jun 30 23:59:59 2025 GMT
Subject: serialNumber=9ebacc9ee2bb6efa2a3c06e71cebadd036584968ede09d4db1e91680407fb816, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:c0:48:29:78:87:07:48:90:81:69:c0:cb:d4:
47:73:5f:5f:29:ac:b2:7c:18:d0:12:b5:29:bf:d9:
84:2b:f2:a4:ac:2f:84:1a:31:d2:ec:97:aa:b9:7b:
2f:2b:49:ce:78:d1:7c:ff:ec:b0:9b:25:77:72:25:
3e:91:d8:79:80:d4:d2:c1:16:0e:e6:25:64:06:96:
8b:45:53:15:bb:3c:72:78:1b:eb:53:5f:34:28:58:
97:e1:24:7b:6a:b3:c0:48:ee:12:6a:cd:39:e5:80:
0e:ae:c8:d1:f2:bc:86:d8:9a:7f:e4:30:b4:b8:86:
7a:3b:bd:f7:5a:d4:5b:c4:f7:35:40:8f:3f:85:06:
6b:d0:a7:7e:cf:d7:bc:98:83:b1:4a:13:76:26:fd:
3d:67:c3:d2:cd:0f:b5:01:fd:c6:d3:49:05:23:5e:
1f:89:00:84:48:b7:b6:8e:30:c0:32:9c:70:16:b0:
ba:4f:1b:cc:1b:76:c8:9d:2d:8f:d4:6b:2f:96:89:
e0:45:ee:89:a6:c8:62:0b:d5:72:4e:ff:95:d4:8c:
96:9e:32:11:b0:b7:a2:e1:37:04:0d:b8:5b:4e:c0:
cd:f8:48:9b:be:46:d6:ab:6c:4b:11:97:2b:11:93:
7e:c5:f6:90:25:eb:74:58:a3:fd:91:0f:79:80:71:
0c:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:19:6C:83:AA:0C:22:9E:57:FA:E3:B4:B2:BC:49:01:94:BA:79:17
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/e8f1c1f7-8389-4faf-87c9-f4a180e7bcdc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc5:8000::/36
Signature Algorithm: sha256WithRSAEncryption
7a:54:17:dc:ee:91:bf:d2:bd:78:f3:a5:96:8c:94:8b:4a:4c:
cd:c7:d2:ef:b1:2b:15:b9:58:ef:e6:f5:35:8b:3d:9c:e1:7a:
25:da:eb:bc:02:5f:e5:ef:24:8d:23:7d:1b:a5:95:74:6a:8d:
c8:31:89:79:59:d5:37:73:91:73:d2:8f:d0:ca:bc:af:a5:e2:
51:07:9d:a2:7b:0b:47:0e:2f:20:9e:b5:e4:f4:68:95:89:9d:
96:72:e7:da:c8:09:56:da:10:65:67:14:e9:84:f1:43:b1:89:
b3:4f:35:28:73:13:62:f4:ed:f1:d9:9d:1a:a5:03:64:9c:fb:
bf:a7:aa:ca:be:78:22:0a:ae:99:37:42:f7:f0:b9:00:98:5a:
aa:cb:e1:16:59:bd:f8:ea:28:62:ae:de:89:3e:f3:d7:de:a7:
2e:f7:95:1a:d2:0a:13:51:7f:9d:a1:cb:59:d4:58:1a:02:41:
bb:12:c4:f4:d0:6c:2a:16:4d:b1:db:2e:e5:68:28:33:9c:fb:
b4:e0:66:ce:6d:7f:8d:c3:4a:f6:67:43:7b:b8:af:d4:f5:67:
e3:ae:45:8d:a8:24:e3:09:f6:ed:3b:dd:c3:9e:24:14:22:e2:
32:ac:ae:fa:66:ea:52:4a:de:90:9f:c6:e5:48:3c:a4:95:6a:
10:75:67:e6
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUSWIMVL7DzaKVm/me33ZuzP6NWwkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA1MjYxNTEwMzBaFw0yNTA2MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDllYmFjYzllZTJiYjZlZmEyYTNjMDZlNzFjZWJhZGQwMzY1ODQ5NjhlZGUw
OWQ0ZGIxZTkxNjgwNDA3ZmI4MTYxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK7ASCl4hwdIkIFpwMvUR3NfXymssnwY0BK1Kb/ZhCvypKwvhBox0uyXqrl7
LytJznjRfP/ssJsld3IlPpHYeYDU0sEWDuYlZAaWi0VTFbs8cngb61NfNChYl+Ek
e2qzwEjuEmrNOeWADq7I0fK8htiaf+QwtLiGeju991rUW8T3NUCPP4UGa9Cnfs/X
vJiDsUoTdib9PWfD0s0PtQH9xtNJBSNeH4kAhEi3to4wwDKccBawuk8bzBt2yJ0t
j9RrL5aJ4EXuiabIYgvVck7/ldSMlp4yEbC3ouE3BA24W07AzfhIm75G1qtsSxGX
KxGTfsX2kCXrdFij/ZEPeYBxDGkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBS2GWyD
qgwinlf647SyvEkBlLp5FzAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
ZThmMWMxZjctODM4OS00ZmFmLTg3YzktZjRhMTgwZTdiY2RjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCABP8WA
MA0GCSqGSIb3DQEBCwUAA4IBAQB6VBfc7pG/0r1486WWjJSLSkzNx9LvsSsVuVjv
5vU1iz2c4Xol2uu8Al/l7ySNI30bpZV0ao3IMYl5WdU3c5Fz0o/QyryvpeJRB52i
ewtHDi8gnrXk9GiViZ2WcufayAlW2hBlZxTphPFDsYmzTzUocxNi9O3x2Z0apQNk
nPu/p6rKvngiCq6ZN0L38LkAmFqqy+EWWb346ihirt6JPvPX3qcu95Ua0goTUX+d
octZ1FgaAkG7EsT00GwqFk2x2y7laCgznPu04GbObX+Nw0r2Z0N7uK/U9WfjrkWN
qCTjCfbtO93DniQUIuIyrK76ZupSSt6Qn8blSDyklWoQdWfm
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:52:53 2025 by rpki-client