Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/336f8390-241d-4b6f-9822-91232dc553f3.roa
File: 336f8390-241d-4b6f-9822-91232dc553f3.roa (raw, json)
Hash identifier: a1bJ8w97lQuoX/AVov2DZhYruVYpERhB5rOs685mw1I=
Subject key identifier: 47:69:2D:76:50:3B:1B:66:74:72:98:71:9A:E7:8A:35:44:06:28:0E
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 288363C900E7328ECF811A71B3747881B744D485
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/336f8390-241d-4b6f-9822-91232dc553f3.roa
Signing time: Mon 26 May 2025 15:20:09 +0000
ROA not before: Mon 26 May 2025 15:20:09 +0000
ROA not after: Mon 30 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc7:6800::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 06 Jun 2025 20:42:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
28:83:63:c9:00:e7:32:8e:cf:81:1a:71:b3:74:78:81:b7:44:d4:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: May 26 15:20:09 2025 GMT
Not After : Jun 30 23:59:59 2025 GMT
Subject: serialNumber=3238101b9104124fc1b968ee81dfe29b52c618436a8fdc698ad41578c1d5e9b6, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:1c:fe:72:93:32:38:79:9b:84:73:b9:fe:56:
6f:2a:d0:e8:31:94:b6:1e:f9:1d:4d:c7:3e:26:2e:
87:78:34:5d:c9:e7:bb:aa:36:c0:57:fa:eb:b8:d3:
b0:e1:e6:c7:f7:fa:d0:fc:5e:12:81:af:10:25:5d:
cc:49:85:82:e5:fa:43:22:ff:69:a1:47:78:e8:60:
75:78:df:56:53:74:c4:fb:49:8f:76:34:c6:32:5b:
cc:20:9f:68:c9:3c:fc:e6:51:09:99:4c:00:8a:6c:
b2:bd:47:d6:41:2b:04:37:c4:64:fc:c5:0b:c8:fc:
c2:21:54:bf:c2:c2:48:aa:70:6a:ab:fe:30:49:cf:
67:e9:96:46:1a:f3:7b:9a:84:d5:3c:52:59:12:d0:
d0:16:03:d3:e1:dd:ce:cb:81:6f:7f:60:65:9f:95:
8b:35:f8:a5:df:0c:9d:ef:76:d8:71:e1:59:03:91:
c2:74:1f:c6:e3:9c:5e:4a:67:47:10:ed:6f:04:d7:
95:8f:12:87:8f:3d:3a:8d:31:9c:50:3c:2e:6b:ef:
1a:ef:a8:96:4a:3c:4f:9a:43:38:61:a0:b1:d4:ec:
81:e6:48:f5:70:8a:97:9d:32:99:37:fb:24:fd:b7:
e3:23:df:02:8f:60:dc:54:44:34:23:83:2f:d9:13:
44:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:69:2D:76:50:3B:1B:66:74:72:98:71:9A:E7:8A:35:44:06:28:0E
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/336f8390-241d-4b6f-9822-91232dc553f3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc7:6800::/40
Signature Algorithm: sha256WithRSAEncryption
44:0a:c7:61:5a:6a:e9:bc:b0:47:50:7c:84:72:f7:db:3c:86:
71:4b:fa:0c:fc:89:3d:28:56:4c:46:53:66:90:fb:83:6c:91:
8e:d8:d4:3a:77:59:a1:84:e0:23:e7:ff:d3:54:d1:ca:d8:88:
66:21:d1:9c:fd:db:f8:fe:c8:b2:e7:e8:ed:c6:64:0e:43:3d:
88:28:4d:b8:bb:0d:f4:af:3d:fe:18:a7:11:00:55:85:0e:88:
3d:a2:88:5f:97:bf:e3:de:e7:84:51:9f:05:dd:1a:3d:a9:db:
c8:90:1c:98:00:51:ca:8c:93:fb:2f:b5:21:91:fc:f2:f6:4f:
13:f5:2d:f8:e9:37:2d:bc:85:42:f6:ee:18:12:f1:7e:44:5c:
9f:ef:dc:d9:2b:78:ba:31:6e:1f:8d:53:bc:61:e0:24:41:17:
27:62:60:a2:dd:3e:7c:e9:86:cd:42:2a:48:ca:a9:ad:c6:16:
25:93:5d:b8:d1:ce:c9:7a:9a:55:73:99:16:ae:5d:96:8d:76:
a1:77:3e:b7:55:a4:0b:45:1d:02:88:74:37:d6:28:3e:9e:19:
66:a7:f5:ab:fd:5d:77:18:e2:70:30:0b:39:e6:2d:1b:24:b8:
7d:92:72:58:ff:7e:24:8d:52:5c:0c:15:33:ca:36:e7:97:0c:
2e:d4:13:02
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUKINjyQDnMo7PgRpxs3R4gbdE1IUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA1MjYxNTIwMDlaFw0yNTA2MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDMyMzgxMDFiOTEwNDEyNGZjMWI5NjhlZTgxZGZlMjliNTJjNjE4NDM2YThm
ZGM2OThhZDQxNTc4YzFkNWU5YjYxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALUc/nKTMjh5m4Rzuf5WbyrQ6DGUth75HU3HPiYuh3g0Xcnnu6o2wFf667jT
sOHmx/f60PxeEoGvECVdzEmFguX6QyL/aaFHeOhgdXjfVlN0xPtJj3Y0xjJbzCCf
aMk8/OZRCZlMAIpssr1H1kErBDfEZPzFC8j8wiFUv8LCSKpwaqv+MEnPZ+mWRhrz
e5qE1TxSWRLQ0BYD0+HdzsuBb39gZZ+VizX4pd8Mne922HHhWQORwnQfxuOcXkpn
RxDtbwTXlY8Sh489Oo0xnFA8LmvvGu+olko8T5pDOGGgsdTsgeZI9XCKl50ymTf7
JP234yPfAo9g3FRENCODL9kTRPUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRHaS12
UDsbZnRymHGa54o1RAYoDjAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
MzM2ZjgzOTAtMjQxZC00YjZmLTk4MjItOTEyMzJkYzU1M2YzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACABP8do
MA0GCSqGSIb3DQEBCwUAA4IBAQBECsdhWmrpvLBHUHyEcvfbPIZxS/oM/Ik9KFZM
RlNmkPuDbJGO2NQ6d1mhhOAj5//TVNHK2IhmIdGc/dv4/siy5+jtxmQOQz2IKE24
uw30rz3+GKcRAFWFDog9oohfl7/j3ueEUZ8F3Ro9qdvIkByYAFHKjJP7L7Uhkfzy
9k8T9S346TctvIVC9u4YEvF+RFyf79zZK3i6MW4fjVO8YeAkQRcnYmCi3T586YbN
QipIyqmtxhYlk1240c7JeppVc5kWrl2WjXahdz63VaQLRR0CiHQ31ig+nhlmp/Wr
/V13GOJwMAs55i0bJLh9knJY/34kjVJcDBUzyjbnlwwu1BMC
-----END CERTIFICATE-----
Generated at Fri Jun 6 03:36:20 2025 by rpki-client