Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/8d33474a-7193-4fb1-90e2-82106a40b461.roa
File: 8d33474a-7193-4fb1-90e2-82106a40b461.roa (raw, json)
Hash identifier: pWQIRetcpmSM1O6g6lED5XchJvQmUGhfvDWjrOmDYp4=
Subject key identifier: 9C:9D:9C:95:D4:2E:80:64:B5:1D:A4:0E:AE:C5:E3:38:3A:7F:EC:B1
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 35EAF7F33CA99E4A6B08335CC0DDDFF7AA192EF1
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/8d33474a-7193-4fb1-90e2-82106a40b461.roa
Signing time: Sat 05 Apr 2025 00:21:05 +0000
ROA not before: Sat 05 Apr 2025 00:21:05 +0000
ROA not after: Sat 10 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc3:2800::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 04:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
35:ea:f7:f3:3c:a9:9e:4a:6b:08:33:5c:c0:dd:df:f7:aa:19:2e:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Apr 5 00:21:05 2025 GMT
Not After : May 10 23:59:59 2025 GMT
Subject: CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:0e:dd:c7:f6:49:23:85:5d:3e:8b:f5:f5:8e:
5c:90:cf:18:e2:ae:16:30:9b:e7:4d:c5:d6:80:81:
86:1f:8e:0b:95:4a:07:2e:97:0e:bd:f6:7b:26:45:
c6:9c:0a:ea:34:85:5d:69:67:36:37:fe:db:d3:fc:
00:b0:bb:4c:fa:de:96:1c:9d:a0:4e:8f:0e:48:04:
45:3d:e5:49:96:56:ab:b4:6b:0a:2a:bb:e6:82:57:
aa:b7:66:5a:22:34:3b:ca:72:7c:6a:f0:f5:8a:d9:
af:f4:02:81:3d:ce:b0:e1:e6:ba:0c:e8:70:1c:d2:
58:a9:2a:75:5c:85:a0:5c:cb:6a:fc:1d:0c:aa:e6:
59:91:5b:7c:9c:c0:4d:be:60:85:c9:32:ff:9e:cc:
cd:4c:e1:23:94:dd:7f:a5:e2:1e:0a:e9:b5:27:a8:
16:12:76:19:ab:ab:4d:64:9e:f1:a8:b5:cf:44:4b:
6c:b9:66:7f:fa:7e:06:7a:0f:15:0b:55:14:44:9e:
10:11:33:a2:34:d2:d5:c8:9d:97:c1:bf:6c:c3:bb:
e6:73:08:38:56:f7:e6:b6:00:a8:0f:0f:66:a2:79:
f8:c4:81:34:8a:4b:9c:0f:f8:92:c0:80:dc:88:b0:
0d:bc:fc:58:16:40:68:05:27:ee:9c:95:3f:ef:64:
2c:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:9D:9C:95:D4:2E:80:64:B5:1D:A4:0E:AE:C5:E3:38:3A:7F:EC:B1
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/8d33474a-7193-4fb1-90e2-82106a40b461.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc3:2800::/40
Signature Algorithm: sha256WithRSAEncryption
43:0b:08:e0:21:41:f5:5d:88:6f:f6:b4:88:fc:d5:04:01:51:
95:5b:29:4b:d9:17:e3:1f:98:16:9b:52:7a:98:6e:60:c1:a3:
0a:0e:6c:bf:38:7b:fe:ff:11:2b:2c:e8:5a:b0:88:7f:fa:71:
fb:8f:34:a7:1b:93:3b:47:0d:83:e0:f9:bd:e6:f6:ec:a3:e5:
88:14:a8:e4:34:35:f0:33:8b:c2:a4:21:59:72:35:4d:d8:a7:
06:69:ea:d7:6b:df:57:3a:7e:2d:68:78:0a:05:3a:6c:97:bd:
d9:ef:74:0f:a4:35:3e:f4:d8:ed:49:d9:45:30:33:4d:ea:47:
f3:91:77:76:73:5f:fc:2a:85:cb:04:f9:c6:46:fa:9b:2e:d0:
51:2f:c0:ee:d2:dc:63:4f:42:f3:74:df:a3:fe:94:e2:7b:61:
3d:90:79:2a:a2:e2:33:9f:d9:8b:22:a6:40:ad:52:58:59:11:
6e:93:09:9e:05:38:4b:73:52:5f:5a:f0:1c:03:6c:d4:fd:28:
0f:89:fe:01:74:0e:da:38:51:42:f4:e1:03:7f:fc:a7:a5:03:
b1:c4:41:04:d1:be:2b:d6:2f:c4:07:5d:90:ee:1d:00:4d:bd:
24:ca:b2:04:a8:fe:e2:97:36:e8:5a:d5:42:27:d9:72:ba:b7:
d3:77:50:4c
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUNer38zypnkprCDNcwN3f96oZLvEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA0MDUwMDIxMDVaFw0yNTA1MTAyMzU5NTlaMHoxSTBHBgNV
BAUTQDc2YWVhN2U4NzI0M2VlZDY0YmY0NTcxY2UyM2I2ZmMzMmUzOTdhZDkyNmJj
MmJlMzIyYzE3MzZiZjcyNTU1MTQxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALgO3cf2SSOFXT6L9fWOXJDPGOKuFjCb503F1oCBhh+OC5VKBy6XDr32eyZF
xpwK6jSFXWlnNjf+29P8ALC7TPrelhydoE6PDkgERT3lSZZWq7RrCiq75oJXqrdm
WiI0O8pyfGrw9YrZr/QCgT3OsOHmugzocBzSWKkqdVyFoFzLavwdDKrmWZFbfJzA
Tb5ghcky/57MzUzhI5Tdf6XiHgrptSeoFhJ2GaurTWSe8ai1z0RLbLlmf/p+BnoP
FQtVFESeEBEzojTS1cidl8G/bMO75nMIOFb35rYAqA8PZqJ5+MSBNIpLnA/4ksCA
3IiwDbz8WBZAaAUn7pyVP+9kLIMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBScnZyV
1C6AZLUdpA6uxeM4On/ssTAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
OGQzMzQ3NGEtNzE5My00ZmIxLTkwZTItODIxMDZhNDBiNDYxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACABP8Mo
MA0GCSqGSIb3DQEBCwUAA4IBAQBDCwjgIUH1XYhv9rSI/NUEAVGVWylL2RfjH5gW
m1J6mG5gwaMKDmy/OHv+/xErLOhasIh/+nH7jzSnG5M7Rw2D4Pm95vbso+WIFKjk
NDXwM4vCpCFZcjVN2KcGaerXa99XOn4taHgKBTpsl73Z73QPpDU+9NjtSdlFMDNN
6kfzkXd2c1/8KoXLBPnGRvqbLtBRL8Du0txjT0LzdN+j/pTie2E9kHkqouIzn9mL
IqZArVJYWRFukwmeBThLc1JfWvAcA2zU/SgPif4BdA7aOFFC9OEDf/ynpQOxxEEE
0b4r1i/EB12Q7h0ATb0kyrIEqP7ilzboWtVCJ9lyurfTd1BM
-----END CERTIFICATE-----
Generated at Sat Apr 5 11:03:20 2025 by rpki-client