Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/ebc73b73-ecf4-4aa8-ba90-88de51fde036.roa
File: ebc73b73-ecf4-4aa8-ba90-88de51fde036.roa (raw, json)
Hash identifier: RNdROGjaRevBv1Ynq5UfLizg7uAimbcHeJZHVq1q17k=
Subject key identifier: 8E:C3:1B:5A:34:E0:72:DF:FF:78:54:A2:2A:A6:4B:44:62:94:56:D2
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 01E7D81F8862B3044AA8A1F4D58C5891B27E8640
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/ebc73b73-ecf4-4aa8-ba90-88de51fde036.roa
Signing time: Mon 26 May 2025 15:20:15 +0000
ROA not before: Mon 26 May 2025 15:20:15 +0000
ROA not after: Mon 30 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc7:4800::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:e7:d8:1f:88:62:b3:04:4a:a8:a1:f4:d5:8c:58:91:b2:7e:86:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: May 26 15:20:15 2025 GMT
Not After : Jun 30 23:59:59 2025 GMT
Subject: serialNumber=b3437aed92c7ad1301f3a37b04f910aa663c5abed88b0b2dff33bb7387572462, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:21:9f:b3:81:d5:61:98:b3:2d:4f:ab:26:11:
38:f6:f3:6e:6b:51:55:37:27:42:ec:ab:9b:56:07:
3d:78:ac:33:2f:23:a4:10:3d:3a:1f:0c:f6:07:c6:
9f:1d:f1:78:1c:72:f7:55:f1:84:3d:7f:51:02:b2:
13:f4:71:d8:a3:80:85:ba:58:00:c3:9d:1f:87:be:
91:b6:a1:0b:1c:00:dc:b3:e2:14:9e:9e:a2:c8:65:
a4:58:57:8b:14:2a:26:66:f3:4c:63:2d:24:4e:fc:
46:0c:2d:71:87:10:68:12:21:20:ea:1a:5a:be:ad:
ad:fe:eb:2b:77:c0:c5:fc:45:be:bc:21:af:18:10:
96:1e:c1:8c:0e:c1:03:14:7f:23:0b:d5:f3:43:08:
8a:f8:b4:fe:c5:36:ce:67:bb:85:aa:82:ce:9e:19:
97:0e:42:c9:43:ba:1c:8b:85:9a:f1:16:49:6c:02:
90:c8:7a:6d:45:51:b0:be:64:36:6c:cb:ac:04:2c:
e1:22:da:d7:ed:ee:06:3e:9e:f7:a8:c6:08:ef:58:
0e:e1:d1:81:ce:c5:6d:af:98:5e:0c:b0:a7:d3:44:
4e:df:ee:c1:82:4a:09:d0:f3:f8:e2:82:2f:84:b8:
85:4e:fb:fa:f8:f9:1f:f4:26:65:4c:ab:15:d6:47:
24:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:C3:1B:5A:34:E0:72:DF:FF:78:54:A2:2A:A6:4B:44:62:94:56:D2
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/ebc73b73-ecf4-4aa8-ba90-88de51fde036.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc7:4800::/40
Signature Algorithm: sha256WithRSAEncryption
2c:e9:11:21:36:bc:8f:d2:0c:71:9c:99:15:f2:15:f4:eb:a7:
c9:85:38:d7:ce:c4:05:ee:12:24:f0:f5:09:c1:d8:91:d0:17:
79:43:2c:3b:0f:b8:4c:ea:3d:45:c5:70:e5:49:f7:ab:a3:98:
15:7d:3a:05:87:65:6f:5f:a9:91:17:4f:15:c8:81:90:e6:ca:
85:cb:c1:68:93:32:23:db:4b:eb:21:6d:80:db:77:9b:44:4c:
ca:46:c0:7a:14:b1:3b:5d:c2:9c:9d:77:c4:dd:da:17:d1:68:
4a:c4:0c:61:85:1b:9d:9e:09:b8:f3:db:cc:3f:c7:ff:03:44:
7c:0a:2c:00:5d:e3:0a:dc:06:ef:e0:3c:4e:2c:54:73:eb:9c:
db:ee:eb:3d:1c:ee:9e:52:25:0f:4c:58:70:0a:33:60:a6:52:
50:e9:07:19:03:a7:a1:cd:16:d5:23:14:24:8c:ed:ae:f6:93:
8d:60:8a:d5:dd:4a:93:3f:f7:80:13:9a:2d:ee:51:bb:b6:35:
6f:d6:6e:05:df:d0:2a:49:54:3a:a6:45:34:e1:9b:03:60:2c:
01:3d:ba:c3:7f:c5:1f:c2:45:18:dc:7a:ae:24:ef:b6:03:49:
48:24:7e:b9:e5:eb:3f:a7:8f:3c:8b:87:e8:82:0c:52:74:d3:
f6:ee:06:bd
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUAefYH4hiswRKqKH01YxYkbJ+hkAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA1MjYxNTIwMTVaFw0yNTA2MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQGIzNDM3YWVkOTJjN2FkMTMwMWYzYTM3YjA0ZjkxMGFhNjYzYzVhYmVkODhi
MGIyZGZmMzNiYjczODc1NzI0NjIxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJkhn7OB1WGYsy1PqyYROPbzbmtRVTcnQuyrm1YHPXisMy8jpBA9Oh8M9gfG
nx3xeBxy91XxhD1/UQKyE/Rx2KOAhbpYAMOdH4e+kbahCxwA3LPiFJ6eoshlpFhX
ixQqJmbzTGMtJE78RgwtcYcQaBIhIOoaWr6trf7rK3fAxfxFvrwhrxgQlh7BjA7B
AxR/IwvV80MIivi0/sU2zme7haqCzp4Zlw5CyUO6HIuFmvEWSWwCkMh6bUVRsL5k
NmzLrAQs4SLa1+3uBj6e96jGCO9YDuHRgc7Fba+YXgywp9NETt/uwYJKCdDz+OKC
L4S4hU77+vj5H/QmZUyrFdZHJF8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSOwxta
NOBy3/94VKIqpktEYpRW0jAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
ZWJjNzNiNzMtZWNmNC00YWE4LWJhOTAtODhkZTUxZmRlMDM2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACABP8dI
MA0GCSqGSIb3DQEBCwUAA4IBAQAs6REhNryP0gxxnJkV8hX066fJhTjXzsQF7hIk
8PUJwdiR0Bd5Qyw7D7hM6j1FxXDlSfero5gVfToFh2VvX6mRF08VyIGQ5sqFy8Fo
kzIj20vrIW2A23ebREzKRsB6FLE7XcKcnXfE3doX0WhKxAxhhRudngm489vMP8f/
A0R8CiwAXeMK3Abv4DxOLFRz65zb7us9HO6eUiUPTFhwCjNgplJQ6QcZA6ehzRbV
IxQkjO2u9pONYIrV3UqTP/eAE5ot7lG7tjVv1m4F39AqSVQ6pkU04ZsDYCwBPbrD
f8UfwkUY3HquJO+2A0lIJH655es/p488i4foggxSdNP27ga9
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:59:11 2025 by rpki-client