Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/34fb5c7e-e397-4649-893b-332ddda14bd0.roa
File: 34fb5c7e-e397-4649-893b-332ddda14bd0.roa (raw, json)
Hash identifier: 0ZlegZ7WcD9Gk2EoihNq7Z0eW8LLXlRUTZEWePGBfVI=
Subject key identifier: 27:8E:2A:E1:74:51:EC:DC:52:E9:71:B8:BA:CC:CA:2B:D0:1A:08:1C
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 7D028F363EAAEF3D1B54D107AA37C8BD8684960C
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/34fb5c7e-e397-4649-893b-332ddda14bd0.roa
Signing time: Fri 16 May 2025 17:40:03 +0000
ROA not before: Fri 16 May 2025 17:40:03 +0000
ROA not after: Fri 20 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc6:100::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Jun 2025 14:25:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7d:02:8f:36:3e:aa:ef:3d:1b:54:d1:07:aa:37:c8:bd:86:84:96:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: May 16 17:40:03 2025 GMT
Not After : Jun 20 23:59:59 2025 GMT
Subject: serialNumber=b15fb41cc04975e19de66db52fc786df1985f62e3f12e95595af88a927313f23, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:00:a1:1f:96:d7:19:20:88:1d:58:03:32:c1:
59:ed:07:ce:3b:3c:c7:5d:80:47:e0:db:d5:9c:2f:
67:04:dc:4e:7e:dd:75:92:43:34:bc:1f:b4:ee:d3:
fb:63:22:5b:e4:85:87:84:47:06:da:3a:21:a0:a1:
b2:75:5b:23:f9:bf:62:6d:8e:bf:dc:9a:a6:93:1a:
0e:3e:67:d9:54:b1:48:9c:4a:93:0e:7e:00:08:68:
a2:df:3f:dd:8d:17:4a:c7:ec:cf:ed:b9:1f:05:48:
17:6b:bf:b2:57:d0:7c:48:ac:28:55:7e:aa:b7:99:
d3:1f:fe:47:31:fd:f4:d1:9c:b3:56:1a:d7:53:dd:
5b:3e:50:93:c9:e9:1b:dc:fc:c4:1b:67:64:c0:4d:
11:8f:18:c3:c1:2d:f5:96:8c:2e:27:42:be:ec:b8:
70:dc:2c:0a:b6:c7:e7:aa:05:1e:d1:1b:27:85:57:
91:bd:aa:f1:77:fa:61:3a:11:35:ea:5e:df:dc:01:
21:6d:c9:f4:ae:07:11:e9:14:55:d8:61:e0:bc:c3:
cb:65:32:9f:69:13:e4:04:f6:3a:92:7d:06:63:d0:
0c:bb:13:e9:e4:7b:aa:a3:4f:52:ed:00:ab:3c:b2:
94:45:7b:9e:53:90:7d:5d:68:ae:f0:db:ff:d1:f3:
2b:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:8E:2A:E1:74:51:EC:DC:52:E9:71:B8:BA:CC:CA:2B:D0:1A:08:1C
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/34fb5c7e-e397-4649-893b-332ddda14bd0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc6:100::/48
Signature Algorithm: sha256WithRSAEncryption
32:3b:f1:ca:07:02:83:cd:78:c6:d3:3e:13:02:e4:09:e2:b3:
b8:49:f8:12:66:ce:f3:d1:1d:9f:d2:f0:bc:cb:a7:d5:a6:2c:
6a:1d:bf:d1:37:23:74:5a:31:62:79:e1:ae:1b:5b:f8:2b:63:
de:9f:d2:74:e5:47:82:f5:7e:17:fc:19:6d:1e:c6:22:7c:95:
44:6a:6a:1c:35:e4:68:ec:51:06:85:e6:d6:4d:09:a1:ab:60:
0f:44:36:86:4a:22:13:7f:16:ba:3f:d4:90:bb:d5:31:5f:55:
28:59:00:08:95:10:b3:70:7b:d2:ab:c0:b6:dd:a7:a5:0a:8e:
bc:c2:1b:e6:d8:c9:19:5e:e2:20:a7:84:85:cf:46:6b:15:7a:
a2:70:e1:5e:e0:91:23:67:17:d8:62:f6:7f:c3:a5:67:44:18:
32:0a:39:42:57:af:9a:55:95:1d:71:59:97:7a:67:ac:40:39:
4e:ab:9a:73:6d:c3:42:62:0b:3c:2a:9d:39:46:a6:76:77:44:
03:9c:72:5f:d8:5e:02:ab:e4:8e:6f:fb:5d:f5:76:72:bc:73:
7c:ac:cc:1a:87:de:a2:3a:9e:e1:cb:58:01:41:be:8a:08:ab:
8e:1e:9b:02:2f:30:18:bd:52:8f:50:45:8d:91:49:76:18:01:
b7:19:79:df
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUfQKPNj6q7z0bVNEHqjfIvYaElgwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA1MTYxNzQwMDNaFw0yNTA2MjAyMzU5NTlaMHoxSTBHBgNV
BAUTQGIxNWZiNDFjYzA0OTc1ZTE5ZGU2NmRiNTJmYzc4NmRmMTk4NWY2MmUzZjEy
ZTk1NTk1YWY4OGE5MjczMTNmMjMxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMAAoR+W1xkgiB1YAzLBWe0Hzjs8x12AR+Db1ZwvZwTcTn7ddZJDNLwftO7T
+2MiW+SFh4RHBto6IaChsnVbI/m/Ym2Ov9yappMaDj5n2VSxSJxKkw5+AAhoot8/
3Y0XSsfsz+25HwVIF2u/slfQfEisKFV+qreZ0x/+RzH99NGcs1Ya11PdWz5Qk8np
G9z8xBtnZMBNEY8Yw8Et9ZaMLidCvuy4cNwsCrbH56oFHtEbJ4VXkb2q8Xf6YToR
Nepe39wBIW3J9K4HEekUVdhh4LzDy2Uyn2kT5AT2OpJ9BmPQDLsT6eR7qqNPUu0A
qzyylEV7nlOQfV1orvDb/9HzK58CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQnjirh
dFHs3FLpcbi6zMor0BoIHDAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
MzRmYjVjN2UtZTM5Ny00NjQ5LTg5M2ItMzMyZGRkYTE0YmQwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACABP8YB
ADANBgkqhkiG9w0BAQsFAAOCAQEAMjvxygcCg814xtM+EwLkCeKzuEn4EmbO89Ed
n9LwvMun1aYsah2/0TcjdFoxYnnhrhtb+Ctj3p/SdOVHgvV+F/wZbR7GInyVRGpq
HDXkaOxRBoXm1k0JoatgD0Q2hkoiE38Wuj/UkLvVMV9VKFkACJUQs3B70qvAtt2n
pQqOvMIb5tjJGV7iIKeEhc9GaxV6onDhXuCRI2cX2GL2f8OlZ0QYMgo5QlevmlWV
HXFZl3pnrEA5Tquac23DQmILPCqdOUamdndEA5xyX9heAqvkjm/7XfV2crxzfKzM
Gofeojqe4ctYAUG+igirjh6bAi8wGL1Sj1BFjZFJdhgBtxl53w==
-----END CERTIFICATE-----
Generated at Mon Jun 2 16:31:22 2025 by rpki-client