Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/9623dcba-6a97-4717-ac77-dd16d3c33f78.roa
File: 9623dcba-6a97-4717-ac77-dd16d3c33f78.roa (raw, json)
Hash identifier: 6az5wheI3Ht9MKOOEzgMQ0PbAnIW3DB/NaQ+mzGj3aY=
Subject key identifier: 8F:27:DA:BA:A9:39:38:03:E9:05:AF:EC:83:27:1E:C8:66:A0:10:3D
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 7296366E4AA6FF91CB1B783350C9BF1E680260C5
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/9623dcba-6a97-4717-ac77-dd16d3c33f78.roa
Signing time: Sat 05 Apr 2025 00:20:47 +0000
ROA not before: Sat 05 Apr 2025 00:20:47 +0000
ROA not after: Sat 10 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc5::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 04:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
72:96:36:6e:4a:a6:ff:91:cb:1b:78:33:50:c9:bf:1e:68:02:60:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Apr 5 00:20:47 2025 GMT
Not After : May 10 23:59:59 2025 GMT
Subject: CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:89:bb:74:34:32:a2:37:e2:21:32:f9:78:6e:
59:5e:f6:66:24:61:55:b5:ea:97:22:e7:b1:06:ed:
66:cd:3c:2f:33:ce:6f:57:32:9e:b0:da:9e:7a:a1:
ad:ea:ac:f7:74:b8:4c:83:67:84:32:d3:25:e4:2c:
6e:e5:86:01:83:4d:74:b3:8d:85:ce:3e:89:1f:ee:
66:0e:86:ce:2b:d3:8e:b6:44:e2:81:0f:1b:fa:a2:
00:7a:e0:ca:31:2d:b2:9b:68:7a:9b:c5:2e:73:93:
9f:01:8c:7e:56:ce:55:5c:09:e2:d4:65:d9:e8:fc:
5d:3c:ba:bd:8b:92:cb:0d:10:aa:e2:39:ef:9b:9c:
cf:28:1e:67:23:16:e4:64:6a:39:d9:bb:87:f0:e7:
78:3c:75:df:6e:94:34:21:4f:4a:ca:ec:a0:5c:41:
3d:cf:c2:0d:77:b7:35:1f:fe:92:0a:0e:82:f4:2e:
dd:d6:27:fb:8b:54:f9:46:0d:98:28:8b:f9:41:ed:
69:53:d0:90:fa:da:12:2e:1f:c8:28:02:83:96:a7:
14:8c:54:cc:79:ca:75:38:9e:db:d7:1c:af:04:9c:
0b:60:4c:18:5d:4d:b3:52:aa:94:7a:aa:91:52:2c:
fe:a3:e3:96:fc:2d:5d:4a:78:5c:46:95:36:e5:56:
75:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:27:DA:BA:A9:39:38:03:E9:05:AF:EC:83:27:1E:C8:66:A0:10:3D
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/9623dcba-6a97-4717-ac77-dd16d3c33f78.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc5::/36
Signature Algorithm: sha256WithRSAEncryption
97:07:92:3e:08:22:ac:ac:eb:1b:4f:bc:e0:b8:30:bf:db:24:
cd:39:c4:43:bf:88:ea:01:5b:54:80:46:7c:9a:c6:8c:0c:5f:
18:8d:9d:a7:e9:f5:65:c4:61:c2:80:77:9d:34:92:07:f0:60:
49:89:ef:ea:55:fa:e7:e6:e3:fd:5a:e3:01:c5:7b:2b:53:51:
af:7d:3d:cf:43:ef:5c:28:40:14:3f:d8:b5:c4:15:b2:88:83:
41:62:8b:2d:c0:8e:fb:1c:24:12:10:c7:39:e6:73:d0:c9:03:
5c:c9:06:78:fd:6e:b1:36:b0:b7:40:bb:d9:44:ad:8e:ad:8f:
be:99:e3:9c:49:cf:ef:97:61:ea:fa:7d:c9:e3:2a:03:c2:8d:
da:19:a0:c8:f7:26:9d:a3:bf:b8:a4:fe:80:9f:fb:21:45:17:
59:7a:2c:00:c1:48:31:4a:1e:3a:02:32:95:0f:21:25:9c:47:
c8:8d:30:45:b1:eb:88:f7:27:ae:46:95:3f:db:bf:14:a0:f5:
44:89:73:05:22:3d:ce:c4:77:e5:e8:12:6f:86:f0:ea:95:4b:
3f:42:40:b5:a5:32:9f:6b:f3:d9:3b:48:c5:4f:27:98:26:61:
3a:67:ec:3a:20:2d:3f:e6:be:bf:25:5f:48:f1:e5:e6:77:31:
4d:37:ef:49
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUcpY2bkqm/5HLG3gzUMm/HmgCYMUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA0MDUwMDIwNDdaFw0yNTA1MTAyMzU5NTlaMHoxSTBHBgNV
BAUTQDg3MGViZDJlOThjZTQ0OGY4YjU2YmY0MGVmOGNjODAzZjZmNzJlYjc5N2Fi
NjZjMjc1ODViNmYwYTkxZjQ0YjExLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALeJu3Q0MqI34iEy+XhuWV72ZiRhVbXqlyLnsQbtZs08LzPOb1cynrDannqh
reqs93S4TINnhDLTJeQsbuWGAYNNdLONhc4+iR/uZg6GzivTjrZE4oEPG/qiAHrg
yjEtsptoepvFLnOTnwGMflbOVVwJ4tRl2ej8XTy6vYuSyw0QquI575uczygeZyMW
5GRqOdm7h/DneDx1326UNCFPSsrsoFxBPc/CDXe3NR/+kgoOgvQu3dYn+4tU+UYN
mCiL+UHtaVPQkPraEi4fyCgCg5anFIxUzHnKdTie29ccrwScC2BMGF1Ns1KqlHqq
kVIs/qPjlvwtXUp4XEaVNuVWdacCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSPJ9q6
qTk4A+kFr+yDJx7IZqAQPTAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
OTYyM2RjYmEtNmE5Ny00NzE3LWFjNzctZGQxNmQzYzMzZjc4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCABP8UA
MA0GCSqGSIb3DQEBCwUAA4IBAQCXB5I+CCKsrOsbT7zguDC/2yTNOcRDv4jqAVtU
gEZ8msaMDF8YjZ2n6fVlxGHCgHedNJIH8GBJie/qVfrn5uP9WuMBxXsrU1GvfT3P
Q+9cKEAUP9i1xBWyiINBYostwI77HCQSEMc55nPQyQNcyQZ4/W6xNrC3QLvZRK2O
rY++meOcSc/vl2Hq+n3J4yoDwo3aGaDI9yado7+4pP6An/shRRdZeiwAwUgxSh46
AjKVDyElnEfIjTBFseuI9yeuRpU/278UoPVEiXMFIj3OxHfl6BJvhvDqlUs/QkC1
pTKfa/PZO0jFTyeYJmE6Z+w6IC0/5r6/JV9I8eXmdzFNN+9J
-----END CERTIFICATE-----
Generated at Sat Apr 5 10:52:04 2025 by rpki-client