Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/542fe731-cba6-4c89-a3a4-ba48a69e246b.roa
File: 542fe731-cba6-4c89-a3a4-ba48a69e246b.roa (raw, json)
Hash identifier: xgL/got1To+rktiAEjkOA0WgnvNK+wMY6e93yqJg4d0=
Subject key identifier: 56:98:7C:36:A4:6A:F0:F2:39:6F:88:CB:23:D8:81:DD:2A:15:6E:65
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 21C55955393CCB9586AAD030310BF4723473BD8D
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/542fe731-cba6-4c89-a3a4-ba48a69e246b.roa
Signing time: Sat 05 Apr 2025 00:10:46 +0000
ROA not before: Sat 05 Apr 2025 00:10:46 +0000
ROA not after: Sat 10 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc5:8800::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 04:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
21:c5:59:55:39:3c:cb:95:86:aa:d0:30:31:0b:f4:72:34:73:bd:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Apr 5 00:10:46 2025 GMT
Not After : May 10 23:59:59 2025 GMT
Subject: CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:16:e2:ed:f9:93:53:a1:2c:29:ac:d6:3c:8c:
b1:e6:f9:1d:9d:a7:fa:37:6a:d0:81:b8:3a:c5:3d:
b6:90:cc:a7:44:b0:27:b4:59:af:1c:9e:9c:a8:a6:
1b:9d:f4:43:44:67:67:2d:97:a2:10:d9:f3:2b:0e:
d8:70:88:3d:67:fd:57:7c:9f:6c:b4:43:f1:20:b7:
8b:18:9d:8e:08:6b:0e:2a:38:1a:35:5e:f2:47:be:
98:6b:e0:1b:ea:7f:36:1b:ff:5d:01:94:d6:fe:db:
4d:55:58:96:32:0d:9a:f7:87:90:17:ed:b5:9f:72:
e0:42:41:d7:23:75:37:4c:d8:c6:1a:31:e8:da:69:
af:65:35:d0:5b:e1:c7:a2:2a:f8:99:24:35:dd:7c:
b5:ec:5d:b8:bb:dd:83:21:91:bc:87:4b:2c:47:03:
6c:6c:1e:30:68:b9:f9:75:94:62:2c:13:91:bd:83:
78:05:34:33:75:bb:fa:0e:5a:6e:a6:03:94:70:df:
fa:ae:0f:d8:fc:01:91:a9:f4:6f:5f:96:83:aa:34:
38:57:36:1e:e5:ca:06:f0:55:d0:a4:29:b9:fe:11:
6a:8a:08:45:6c:f6:06:a9:2c:19:5c:d0:e0:94:93:
c4:ea:2b:f7:f3:eb:23:30:81:46:ad:b4:94:03:4d:
a7:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:98:7C:36:A4:6A:F0:F2:39:6F:88:CB:23:D8:81:DD:2A:15:6E:65
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/542fe731-cba6-4c89-a3a4-ba48a69e246b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc5:8800::/40
Signature Algorithm: sha256WithRSAEncryption
78:44:da:ea:53:2c:e5:3d:e7:3a:cd:f5:03:9f:8b:1f:d1:03:
a3:35:15:86:e7:94:90:ef:b9:ee:31:51:a8:d2:e3:8a:60:04:
2a:fd:6c:02:8b:08:3f:87:1d:57:f1:07:19:8c:ce:12:87:dd:
87:a5:b5:98:dd:f9:bf:1c:ae:00:ea:09:74:c2:6b:d6:51:e7:
d5:ae:c9:fc:0d:bc:33:58:b2:c7:be:df:d7:0b:eb:8c:12:b3:
3d:9c:58:7f:e9:3f:73:80:99:56:c4:d1:68:9c:70:d9:91:fb:
c1:b5:71:21:ca:bd:d1:99:1c:bc:82:1c:8e:30:93:6a:dc:88:
a8:9a:eb:12:c4:d0:ae:3d:56:c3:10:8d:6c:cd:bb:9d:46:6c:
f3:0d:dd:1d:4a:81:12:d5:16:ad:9e:d2:b8:89:6b:f7:8a:f7:
59:31:da:fe:e5:11:03:12:db:27:4d:13:48:88:35:74:77:5f:
9f:0a:60:34:78:1c:1b:50:ec:40:c9:91:24:85:21:24:0f:41:
47:63:f5:b6:e0:7d:4d:27:b2:27:f9:0c:b5:3b:4e:3c:29:75:
a5:15:56:52:6a:a5:f5:d8:b1:ef:0b:6c:de:62:e7:f8:f8:c0:
66:df:ea:1d:4e:05:34:97:ef:a8:5c:1f:8f:e2:65:1e:a0:5e:
f5:1c:e7:d6
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUIcVZVTk8y5WGqtAwMQv0cjRzvY0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA0MDUwMDEwNDZaFw0yNTA1MTAyMzU5NTlaMHoxSTBHBgNV
BAUTQGYzNDNiYjYwODliYzk1YzAzOTRjZjQwZWVmNGMwNzdkYjJhNDRlZjBjNzdl
ZDI1ZGI5ZTE2NGQ4YzFmNmI3MjMxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALkW4u35k1OhLCms1jyMseb5HZ2n+jdq0IG4OsU9tpDMp0SwJ7RZrxyenKim
G530Q0RnZy2XohDZ8ysO2HCIPWf9V3yfbLRD8SC3ixidjghrDio4GjVe8ke+mGvg
G+p/Nhv/XQGU1v7bTVVYljINmveHkBfttZ9y4EJB1yN1N0zYxhox6Nppr2U10Fvh
x6Iq+JkkNd18texduLvdgyGRvIdLLEcDbGweMGi5+XWUYiwTkb2DeAU0M3W7+g5a
bqYDlHDf+q4P2PwBkan0b1+Wg6o0OFc2HuXKBvBV0KQpuf4RaooIRWz2BqksGVzQ
4JSTxOor9/PrIzCBRq20lANNp5cCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRWmHw2
pGrw8jlviMsj2IHdKhVuZTAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
NTQyZmU3MzEtY2JhNi00Yzg5LWEzYTQtYmE0OGE2OWUyNDZiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACABP8WI
MA0GCSqGSIb3DQEBCwUAA4IBAQB4RNrqUyzlPec6zfUDn4sf0QOjNRWG55SQ77nu
MVGo0uOKYAQq/WwCiwg/hx1X8QcZjM4Sh92HpbWY3fm/HK4A6gl0wmvWUefVrsn8
DbwzWLLHvt/XC+uMErM9nFh/6T9zgJlWxNFonHDZkfvBtXEhyr3RmRy8ghyOMJNq
3IiomusSxNCuPVbDEI1szbudRmzzDd0dSoES1RatntK4iWv3ivdZMdr+5REDEtsn
TRNIiDV0d1+fCmA0eBwbUOxAyZEkhSEkD0FHY/W24H1NJ7In+Qy1O048KXWlFVZS
aqX12LHvC2zeYuf4+MBm3+odTgU0l++oXB+P4mUeoF71HOfW
-----END CERTIFICATE-----
Generated at Sat Apr 5 10:52:17 2025 by rpki-client