Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/1e498054-99a2-4f2b-82cb-7448499c313c.roa
File: 1e498054-99a2-4f2b-82cb-7448499c313c.roa (raw, json)
Hash identifier: A/X/2+8IMtg/fdrMhJBaGNj79tMeq+f//RSFt0VXU38=
Subject key identifier: FE:84:48:FF:89:74:EB:F6:1E:E5:62:03:E3:1E:A9:33:C3:69:30:6D
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 0A08E31973D2A41344E45FE1563DF221226E861A
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/1e498054-99a2-4f2b-82cb-7448499c313c.roa
Signing time: Mon 26 May 2025 15:21:08 +0000
ROA not before: Mon 26 May 2025 15:21:08 +0000
ROA not after: Mon 30 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Jun 2025 13:25:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0a:08:e3:19:73:d2:a4:13:44:e4:5f:e1:56:3d:f2:21:22:6e:86:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: May 26 15:21:08 2025 GMT
Not After : Jun 30 23:59:59 2025 GMT
Subject: serialNumber=b46cab66704d267f85daadbde2ca5bd85c7626e2d2b5d54f722c686f5104b62c, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:3e:d8:4b:2a:84:ce:6b:a4:26:75:22:0c:d3:
3b:cc:c8:24:6d:d5:75:e9:e9:9f:45:5e:5c:72:87:
f0:ea:88:1c:52:62:7a:68:45:03:99:74:42:4e:24:
ae:1d:61:13:c2:5f:49:da:ac:95:10:27:48:5c:db:
62:f4:fc:01:9a:93:bd:76:aa:16:d8:0a:17:0b:ed:
94:39:d4:8f:95:0f:97:79:ee:dd:2d:0e:a8:87:5f:
f3:4d:a7:39:af:97:8e:0d:a3:5a:e0:fa:44:1e:52:
08:b7:93:20:e4:69:4c:d1:53:cd:f3:67:95:82:3d:
23:36:dd:fc:6f:a3:cb:6d:60:45:44:82:e5:b4:e2:
72:a6:44:8b:6f:b3:dd:15:34:c8:25:06:6a:a1:53:
f1:85:3b:e8:f0:76:f7:ae:66:1e:45:2e:0a:1e:dc:
a3:30:96:4b:a3:cf:ac:25:80:98:9f:f1:f4:c6:9a:
24:11:f4:fb:4f:af:84:36:5a:5b:dc:82:bd:2a:fb:
28:0b:dd:ac:42:51:55:47:66:f9:6e:91:50:44:ea:
39:0e:82:d2:b0:3e:d9:33:1e:de:ee:25:97:92:f1:
9e:03:a1:49:5f:f4:12:66:ba:e2:38:5d:84:e9:34:
81:f6:aa:13:fa:d6:a9:ab:60:75:2b:3f:42:97:90:
94:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:84:48:FF:89:74:EB:F6:1E:E5:62:03:E3:1E:A9:33:C3:69:30:6D
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/1e498054-99a2-4f2b-82cb-7448499c313c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc0::/29
Signature Algorithm: sha256WithRSAEncryption
66:cf:bf:eb:a4:02:62:bf:1e:be:52:a7:59:80:65:7b:e1:fb:
b0:92:0b:83:b9:96:59:54:f5:10:c9:a7:34:ad:91:22:3b:ea:
1a:24:b4:61:65:c8:52:eb:a8:4f:4f:27:e1:82:81:f1:3e:bf:
ee:d4:3d:fe:d9:4b:01:c3:97:00:6a:e6:db:b7:f2:f5:db:6c:
2b:61:89:0d:07:9a:66:34:68:59:31:f6:f1:46:f8:4b:aa:fd:
58:6b:2a:a6:d7:85:c6:2a:0f:78:5e:d4:fd:86:94:a3:07:7d:
00:46:60:f6:50:c8:e0:23:a0:cc:99:4d:b2:f7:6e:02:5c:16:
af:51:98:04:44:e2:89:eb:67:e9:a2:5e:d7:f0:1e:f5:d5:3e:
a4:76:91:60:19:df:9b:f9:5a:65:33:40:ce:cc:4f:fa:56:23:
41:fa:0e:19:d7:1c:98:54:87:55:0d:2d:06:a3:5d:44:f0:ac:
78:35:89:dc:37:3d:9f:26:ee:4d:73:bb:3c:5d:7c:30:de:0c:
82:f9:8f:32:55:89:ef:44:c8:0b:69:0b:b9:9b:7b:74:96:60:
19:b2:e3:66:53:4f:3a:28:11:fb:fe:75:95:51:4b:25:21:5f:
19:7a:1f:fa:a3:d9:0d:04:16:11:c7:38:ef:23:0f:50:ce:8a:
3b:62:9d:2b
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgIUCgjjGXPSpBNE5F/hVj3yISJuhhowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA1MjYxNTIxMDhaFw0yNTA2MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQGI0NmNhYjY2NzA0ZDI2N2Y4NWRhYWRiZGUyY2E1YmQ4NWM3NjI2ZTJkMmI1
ZDU0ZjcyMmM2ODZmNTEwNGI2MmMxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOA+2EsqhM5rpCZ1IgzTO8zIJG3Vdenpn0VeXHKH8OqIHFJiemhFA5l0Qk4k
rh1hE8JfSdqslRAnSFzbYvT8AZqTvXaqFtgKFwvtlDnUj5UPl3nu3S0OqIdf802n
Oa+Xjg2jWuD6RB5SCLeTIORpTNFTzfNnlYI9Izbd/G+jy21gRUSC5bTicqZEi2+z
3RU0yCUGaqFT8YU76PB2965mHkUuCh7cozCWS6PPrCWAmJ/x9MaaJBH0+0+vhDZa
W9yCvSr7KAvdrEJRVUdm+W6RUETqOQ6C0rA+2TMe3u4ll5LxngOhSV/0Ema64jhd
hOk0gfaqE/rWqatgdSs/QpeQlLcCAwEAAaOCAiIwggIeMB0GA1UdDgQWBBT+hEj/
iXTr9h7lYgPjHqkzw2kwbTAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
MWU0OTgwNTQtOTlhMi00ZjJiLTgyY2ItNzQ0ODQ5OWMzMTNjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFAyABP8Aw
DQYJKoZIhvcNAQELBQADggEBAGbPv+ukAmK/Hr5Sp1mAZXvh+7CSC4O5lllU9RDJ
pzStkSI76hoktGFlyFLrqE9PJ+GCgfE+v+7UPf7ZSwHDlwBq5tu38vXbbCthiQ0H
mmY0aFkx9vFG+Euq/VhrKqbXhcYqD3he1P2GlKMHfQBGYPZQyOAjoMyZTbL3bgJc
Fq9RmARE4onrZ+miXtfwHvXVPqR2kWAZ35v5WmUzQM7MT/pWI0H6DhnXHJhUh1UN
LQajXUTwrHg1idw3PZ8m7k1zuzxdfDDeDIL5jzJVie9EyAtpC7mbe3SWYBmy42ZT
TzooEfv+dZVRSyUhXxl6H/qj2Q0EFhHHOO8jD1DOijtinSs=
-----END CERTIFICATE-----
Generated at Mon Jun 2 16:31:14 2025 by rpki-client