Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/42a75e81-4259-49a6-bdf2-3b7976817e78.roa
File: 42a75e81-4259-49a6-bdf2-3b7976817e78.roa (raw, json)
Hash identifier: /rB7TucEctiBxDM/2y2Z8i4d+o3soGVh6WjRyt1w6xs=
Subject key identifier: 6F:E8:73:B5:5C:CA:90:A2:E9:AA:13:33:D8:19:6A:79:99:13:1B:9A
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 14CBDA7CDD2377578D2D701FDAC3A4F0996AB1D7
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/42a75e81-4259-49a6-bdf2-3b7976817e78.roa
Signing time: Sat 05 Apr 2025 00:10:34 +0000
ROA not before: Sat 05 Apr 2025 00:10:34 +0000
ROA not after: Sat 10 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc3:5000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 04:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
14:cb:da:7c:dd:23:77:57:8d:2d:70:1f:da:c3:a4:f0:99:6a:b1:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Apr 5 00:10:34 2025 GMT
Not After : May 10 23:59:59 2025 GMT
Subject: CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:53:eb:be:41:17:4e:c1:3c:09:c8:75:8a:ad:
c6:37:94:3c:fc:53:07:b9:65:71:45:8c:d0:f1:76:
93:3c:b2:bd:e8:a9:72:91:7c:92:49:16:46:64:68:
c3:64:46:0b:4c:87:07:86:cc:1a:a9:38:3f:ef:b7:
90:25:e0:42:bf:38:29:ea:0e:36:09:48:6d:75:ea:
81:c8:be:c0:16:dd:11:63:09:76:19:bc:e5:a5:e9:
71:b5:29:02:26:14:c2:ab:f7:74:d2:2a:79:fb:37:
d2:56:e5:46:ea:2d:31:21:31:94:e0:be:30:88:32:
b4:05:95:27:4f:09:e0:0c:5b:8c:e5:64:b8:61:ac:
af:ea:4c:7a:cb:87:34:28:12:98:27:fc:3b:89:e3:
76:29:fc:a9:93:80:d0:29:3c:fc:ca:0c:54:0e:28:
ae:4c:b4:cf:12:f0:d4:13:8e:51:93:ef:c1:a6:1b:
98:00:8e:66:ef:73:55:06:a7:26:2a:7b:25:98:91:
93:7b:62:87:f9:33:63:69:67:9c:90:4f:29:95:e8:
dd:2f:3f:c6:ac:b0:5d:ae:23:17:a0:69:8c:6d:be:
ba:24:c1:af:7e:1b:06:08:86:e3:48:43:6b:51:99:
c7:7c:64:5e:68:ed:1c:45:45:18:3f:02:27:36:07:
b8:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:E8:73:B5:5C:CA:90:A2:E9:AA:13:33:D8:19:6A:79:99:13:1B:9A
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/42a75e81-4259-49a6-bdf2-3b7976817e78.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc3:5000::/36
Signature Algorithm: sha256WithRSAEncryption
63:dc:c5:bb:07:4c:74:7b:b5:24:cf:0a:79:0b:56:fd:c6:c7:
c9:93:c6:2a:d5:a3:ae:40:f4:bf:06:7e:f6:eb:89:ef:cc:04:
4e:45:a0:e1:52:90:ac:ad:8c:89:d1:40:0a:8f:bb:42:6e:d4:
71:0a:d3:e0:ac:1f:a6:f2:57:80:a6:53:d7:20:d9:f0:9d:3c:
66:49:d6:b9:43:19:fb:f6:87:f6:c0:cb:7f:54:24:01:d9:e7:
d5:27:56:fa:3b:a7:66:ad:c9:d9:97:7e:9a:42:b3:ea:9c:09:
cc:1f:ec:99:a4:74:2b:f2:25:29:d0:7e:2d:fd:18:03:2d:d4:
86:a7:be:83:40:bc:e6:cd:37:d9:98:a2:89:bd:9a:7e:76:53:
e6:bd:95:33:3d:d1:2a:8c:18:9d:c0:31:ff:78:3c:9d:c9:58:
93:5c:0d:86:ba:49:b8:f3:02:42:18:c9:6a:d4:8c:13:bc:e6:
fe:aa:d4:2a:8c:65:e2:3b:e2:55:8d:7a:ed:2f:e7:89:eb:07:
d1:99:52:fd:dc:a1:4f:6f:55:91:a4:56:86:a1:14:82:77:9e:
a0:52:bb:03:2a:b2:a6:6e:e5:ec:aa:4d:ba:fc:9d:21:b7:0b:
39:fc:91:4c:d9:f9:29:cb:ba:d3:c7:71:93:0b:39:24:14:42:
51:35:d1:9c
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUFMvafN0jd1eNLXAf2sOk8JlqsdcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA0MDUwMDEwMzRaFw0yNTA1MTAyMzU5NTlaMHoxSTBHBgNV
BAUTQGQ5MTk1ZTYyZjBjNDFiOTdiZjZjNDJkOGFkMDIwMTAxYWEwMTQ4NWVmNjk5
OGNjYjhiNGM0NmVhNTYzOGM5YWIxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMNT675BF07BPAnIdYqtxjeUPPxTB7llcUWM0PF2kzyyveipcpF8kkkWRmRo
w2RGC0yHB4bMGqk4P++3kCXgQr84KeoONglIbXXqgci+wBbdEWMJdhm85aXpcbUp
AiYUwqv3dNIqefs30lblRuotMSExlOC+MIgytAWVJ08J4AxbjOVkuGGsr+pMesuH
NCgSmCf8O4njdin8qZOA0Ck8/MoMVA4orky0zxLw1BOOUZPvwaYbmACOZu9zVQan
Jip7JZiRk3tih/kzY2lnnJBPKZXo3S8/xqywXa4jF6BpjG2+uiTBr34bBgiG40hD
a1GZx3xkXmjtHEVFGD8CJzYHuGECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRv6HO1
XMqQoumqEzPYGWp5mRMbmjAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
NDJhNzVlODEtNDI1OS00OWE2LWJkZjItM2I3OTc2ODE3ZTc4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCABP8NQ
MA0GCSqGSIb3DQEBCwUAA4IBAQBj3MW7B0x0e7Ukzwp5C1b9xsfJk8Yq1aOuQPS/
Bn7264nvzARORaDhUpCsrYyJ0UAKj7tCbtRxCtPgrB+m8leAplPXINnwnTxmSda5
Qxn79of2wMt/VCQB2efVJ1b6O6dmrcnZl36aQrPqnAnMH+yZpHQr8iUp0H4t/RgD
LdSGp76DQLzmzTfZmKKJvZp+dlPmvZUzPdEqjBidwDH/eDydyViTXA2Gukm48wJC
GMlq1IwTvOb+qtQqjGXiO+JVjXrtL+eJ6wfRmVL93KFPb1WRpFaGoRSCd56gUrsD
KrKmbuXsqk26/J0htws5/JFM2fkpy7rTx3GTCzkkFEJRNdGc
-----END CERTIFICATE-----
Generated at Sat Apr 5 10:52:14 2025 by rpki-client