Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/2a82b03e-517c-4a81-96ab-2cf6049a7f3d.roa
File: 2a82b03e-517c-4a81-96ab-2cf6049a7f3d.roa (raw, json)
Hash identifier: f6xWFEHqoncEk5fNR7YnP+Xewb7nhANNeCGCvjr/qkQ=
Subject key identifier: C6:4D:28:42:C0:04:16:34:F7:B7:22:25:E2:A7:0E:4F:EC:57:30:5F
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 252FDD1B7796E4D500C9EBF6A6705C0066EADF2F
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/2a82b03e-517c-4a81-96ab-2cf6049a7f3d.roa
Signing time: Sat 05 Apr 2025 00:21:14 +0000
ROA not before: Sat 05 Apr 2025 00:21:14 +0000
ROA not after: Sat 10 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc3:6800::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 04:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
25:2f:dd:1b:77:96:e4:d5:00:c9:eb:f6:a6:70:5c:00:66:ea:df:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Apr 5 00:21:14 2025 GMT
Not After : May 10 23:59:59 2025 GMT
Subject: CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:e1:aa:47:43:fe:c0:9b:56:a8:19:0a:18:c6:
a5:b5:46:40:b5:5d:0f:d8:44:06:2f:0f:bb:fa:99:
45:fb:3e:0c:8d:76:07:93:c0:2e:c5:f7:92:36:05:
b5:a8:55:ed:88:bb:5a:1d:a3:b1:7a:95:13:45:3e:
10:43:a7:db:b2:16:bc:ba:b9:4e:2e:ca:a6:0a:7d:
01:0f:ee:87:5f:b1:f4:42:c6:ea:08:11:82:65:22:
09:30:df:d1:88:c7:93:cd:f7:0b:13:f7:41:cc:a3:
a8:a3:f6:71:b2:3b:cb:d0:c4:8c:45:46:da:61:a9:
8c:23:d7:a0:69:2c:7b:5c:53:e9:3e:8f:99:1d:b9:
6b:fd:61:df:26:1e:c0:9b:f5:84:6a:e1:14:88:c3:
a8:72:a4:76:ec:6e:20:ae:d8:4a:5f:d9:0f:11:99:
ed:53:ce:2f:44:94:01:07:8c:61:00:e6:b7:ae:1b:
95:1a:5c:e6:2e:df:14:a1:98:f5:b6:b2:18:08:04:
1d:29:39:8b:08:5b:ca:cf:cf:67:16:0a:da:92:26:
fe:d4:4f:a7:ec:25:7b:9d:00:91:5f:29:37:c3:dc:
3b:0c:e6:a9:66:88:3d:1f:96:4e:e3:24:d2:2f:68:
6f:69:02:a2:99:4d:57:4f:1f:1c:4b:64:17:25:9a:
8b:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:4D:28:42:C0:04:16:34:F7:B7:22:25:E2:A7:0E:4F:EC:57:30:5F
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/2a82b03e-517c-4a81-96ab-2cf6049a7f3d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc3:6800::/40
Signature Algorithm: sha256WithRSAEncryption
46:e1:f8:92:cc:b3:bf:84:2f:65:17:d5:d3:ab:64:72:a9:96:
3f:ff:50:07:53:6e:4b:5a:78:fe:9b:2b:1d:2a:61:38:31:f7:
4f:db:74:bc:d7:a3:b9:d1:54:5a:45:83:e1:65:09:8b:29:0c:
72:e2:66:bb:7a:07:55:33:cd:bd:27:c0:73:9f:15:fd:3b:5d:
b1:10:0d:2f:da:86:6c:a5:78:37:6f:52:78:42:8f:16:f0:52:
e9:25:f5:64:1f:8c:b0:cc:3e:16:cf:29:7b:59:4b:0d:c6:5e:
7e:58:d7:1e:e6:ae:45:00:67:ec:02:03:01:54:33:75:7d:0a:
04:55:53:55:af:96:65:19:7b:66:a0:8a:d0:e6:09:b3:27:de:
03:96:89:b8:7a:e6:49:b5:66:c6:14:9a:19:07:9f:99:8b:8b:
1b:93:79:8e:f6:b2:14:f3:8e:cc:4a:ea:d1:36:b8:01:33:9c:
49:a0:ac:a1:25:e0:d7:10:e0:24:31:1e:0d:9e:4b:ab:2e:d5:
ab:30:7a:cd:a6:45:7b:b8:ae:84:c2:ed:8d:34:ec:16:3b:03:
aa:1e:cb:c8:81:e8:9e:95:48:85:f9:b9:2c:3b:3a:e6:de:41:
4b:ac:07:37:f5:87:8e:0c:ac:3f:37:ea:1b:ca:da:f0:0e:d9:
0d:47:a1:ac
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUJS/dG3eW5NUAyev2pnBcAGbq3y8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA0MDUwMDIxMTRaFw0yNTA1MTAyMzU5NTlaMHoxSTBHBgNV
BAUTQGZjMDA2OTM3MTYzODQ2OGRkYjRlNGYxN2UzZDcyOTZhNWVmOGVjY2NlY2Jk
N2UxMDgxMWI3MWQ3ZDAxMzc1M2QxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK/hqkdD/sCbVqgZChjGpbVGQLVdD9hEBi8Pu/qZRfs+DI12B5PALsX3kjYF
tahV7Yi7Wh2jsXqVE0U+EEOn27IWvLq5Ti7Kpgp9AQ/uh1+x9ELG6ggRgmUiCTDf
0YjHk833CxP3QcyjqKP2cbI7y9DEjEVG2mGpjCPXoGkse1xT6T6PmR25a/1h3yYe
wJv1hGrhFIjDqHKkduxuIK7YSl/ZDxGZ7VPOL0SUAQeMYQDmt64blRpc5i7fFKGY
9bayGAgEHSk5iwhbys/PZxYK2pIm/tRPp+wle50AkV8pN8PcOwzmqWaIPR+WTuMk
0i9ob2kCoplNV08fHEtkFyWai0cCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTGTShC
wAQWNPe3IiXipw5P7FcwXzAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
MmE4MmIwM2UtNTE3Yy00YTgxLTk2YWItMmNmNjA0OWE3ZjNkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACABP8No
MA0GCSqGSIb3DQEBCwUAA4IBAQBG4fiSzLO/hC9lF9XTq2RyqZY//1AHU25LWnj+
mysdKmE4MfdP23S816O50VRaRYPhZQmLKQxy4ma7egdVM829J8BznxX9O12xEA0v
2oZspXg3b1J4Qo8W8FLpJfVkH4ywzD4Wzyl7WUsNxl5+WNce5q5FAGfsAgMBVDN1
fQoEVVNVr5ZlGXtmoIrQ5gmzJ94Dlom4euZJtWbGFJoZB5+Zi4sbk3mO9rIU847M
SurRNrgBM5xJoKyhJeDXEOAkMR4NnkurLtWrMHrNpkV7uK6Ewu2NNOwWOwOqHsvI
geielUiF+bksOzrm3kFLrAc39YeODKw/N+obytrwDtkNR6Gs
-----END CERTIFICATE-----
Generated at Sat Apr 5 12:07:20 2025 by rpki-client