Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/5f56f4ae-d187-4a43-b0c2-afd02c09dd64.roa
File: 5f56f4ae-d187-4a43-b0c2-afd02c09dd64.roa (raw, json)
Hash identifier: XbyGfSk7fPXOikjxmG7bJeTC7tLEvkwBUFemHE1JmLE=
Subject key identifier: 41:AA:64:97:BB:53:ED:9E:C6:A2:86:88:4F:40:06:7C:DC:CC:8F:FD
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 46028DC765D8D5B7481D2AC3FB06BE8F80AA3B93
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/5f56f4ae-d187-4a43-b0c2-afd02c09dd64.roa
Signing time: Fri 16 May 2025 17:40:06 +0000
ROA not before: Fri 16 May 2025 17:40:06 +0000
ROA not after: Fri 20 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc6:100::/44 maxlen: 44
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Jun 2025 13:25:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
46:02:8d:c7:65:d8:d5:b7:48:1d:2a:c3:fb:06:be:8f:80:aa:3b:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: May 16 17:40:06 2025 GMT
Not After : Jun 20 23:59:59 2025 GMT
Subject: serialNumber=f60ced66a0ffd3dea706e39c37cec1643b0bcf7d4a144c538f0e533f0a53f843, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:70:a1:e1:78:ad:72:70:35:54:39:84:95:4d:
e1:07:12:7b:d9:78:31:33:17:89:67:b6:55:7b:dd:
6d:e1:2b:39:a4:9b:00:6f:1d:16:a6:c9:59:7c:2a:
83:92:ce:3c:e1:64:d4:4e:cb:07:d5:70:aa:cf:86:
33:a3:c1:e9:4b:a9:34:40:b7:2d:cd:e4:1e:b8:5a:
c1:5d:30:71:02:93:db:3b:08:f5:c3:a9:7d:be:74:
19:0f:81:75:ec:e1:c3:cd:4f:43:cd:6a:04:98:c5:
65:a7:15:20:7a:0c:34:8f:8b:8f:39:2f:20:be:d6:
c2:84:dd:b4:41:86:44:c5:15:17:40:8c:d0:b2:9c:
c9:8e:38:b2:44:18:37:f1:cf:b0:b1:ba:58:ea:16:
32:54:7b:d6:38:a2:e3:cb:9d:55:d7:f1:d3:ee:d3:
6f:40:f4:e3:95:1b:5b:fa:a3:6d:c1:ed:d5:e9:27:
6c:2a:02:83:67:c3:29:a8:c9:11:dc:b3:8d:ea:45:
ed:1a:2a:28:99:37:40:14:ab:d5:b1:e3:18:d4:78:
24:02:86:b3:12:d0:dc:36:d4:d3:8d:b8:13:24:48:
0a:6e:3c:8f:e8:f1:b2:0b:e7:2f:92:4f:43:c3:b0:
3a:ba:87:96:fe:e5:04:a4:e7:d8:55:52:9a:b4:c2:
60:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:AA:64:97:BB:53:ED:9E:C6:A2:86:88:4F:40:06:7C:DC:CC:8F:FD
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/5f56f4ae-d187-4a43-b0c2-afd02c09dd64.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc6:100::/44
Signature Algorithm: sha256WithRSAEncryption
0a:8b:d7:ab:4a:34:4b:ec:95:4d:30:80:bc:31:f7:2a:22:65:
c3:c6:6f:1a:d1:ff:78:a9:bb:87:7e:a8:74:cf:01:bc:37:c3:
63:a6:59:37:79:97:90:0e:20:fc:27:48:80:2b:a7:03:d7:0e:
c3:37:48:ff:8b:c1:db:d6:57:81:ff:fd:65:10:18:a0:22:3a:
4a:1d:3f:8b:62:4a:53:48:49:94:b3:a5:9a:6b:98:31:04:14:
76:79:c9:2b:a3:02:3d:a9:e7:cb:80:4a:90:ca:6d:a4:64:21:
b7:19:a6:91:f9:67:99:3d:cd:b7:ad:18:1f:eb:c8:87:8a:ae:
65:b0:a0:8d:af:d6:51:fe:33:80:b5:4f:3a:e6:f9:97:80:20:
b0:2b:26:97:f3:31:e0:ce:84:97:a6:36:d3:2f:84:12:9a:fb:
01:bf:96:2f:c1:ad:ea:2d:ae:07:b1:50:fb:c3:4b:df:a6:72:
bb:c3:87:a8:dc:0e:45:bf:5b:e2:dc:43:43:78:2b:2d:35:94:
34:38:e8:0e:0c:87:6f:51:a2:dd:f5:29:f3:56:28:a9:53:1e:
85:a1:83:5e:33:95:5d:79:38:4a:57:de:66:14:51:14:95:37:
5a:5d:b7:18:9b:71:f6:40:db:d7:b8:03:ac:13:d3:2e:1b:43:
69:9d:04:92
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIURgKNx2XY1bdIHSrD+wa+j4CqO5MwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA1MTYxNzQwMDZaFw0yNTA2MjAyMzU5NTlaMHoxSTBHBgNV
BAUTQGY2MGNlZDY2YTBmZmQzZGVhNzA2ZTM5YzM3Y2VjMTY0M2IwYmNmN2Q0YTE0
NGM1MzhmMGU1MzNmMGE1M2Y4NDMxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL9woeF4rXJwNVQ5hJVN4QcSe9l4MTMXiWe2VXvdbeErOaSbAG8dFqbJWXwq
g5LOPOFk1E7LB9Vwqs+GM6PB6UupNEC3Lc3kHrhawV0wcQKT2zsI9cOpfb50GQ+B
dezhw81PQ81qBJjFZacVIHoMNI+LjzkvIL7WwoTdtEGGRMUVF0CM0LKcyY44skQY
N/HPsLG6WOoWMlR71jii48udVdfx0+7Tb0D045UbW/qjbcHt1eknbCoCg2fDKajJ
EdyzjepF7RoqKJk3QBSr1bHjGNR4JAKGsxLQ3DbU0424EyRICm48j+jxsgvnL5JP
Q8OwOrqHlv7lBKTn2FVSmrTCYJsCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRBqmSX
u1PtnsaihohPQAZ83MyP/TAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
NWY1NmY0YWUtZDE4Ny00YTQzLWIwYzItYWZkMDJjMDlkZDY0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHBCABP8YB
ADANBgkqhkiG9w0BAQsFAAOCAQEACovXq0o0S+yVTTCAvDH3KiJlw8ZvGtH/eKm7
h36odM8BvDfDY6ZZN3mXkA4g/CdIgCunA9cOwzdI/4vB29ZXgf/9ZRAYoCI6Sh0/
i2JKU0hJlLOlmmuYMQQUdnnJK6MCPanny4BKkMptpGQhtxmmkflnmT3Nt60YH+vI
h4quZbCgja/WUf4zgLVPOub5l4AgsCsml/Mx4M6El6Y20y+EEpr7Ab+WL8Gt6i2u
B7FQ+8NL36Zyu8OHqNwORb9b4txDQ3grLTWUNDjoDgyHb1Gi3fUp81YoqVMehaGD
XjOVXXk4SlfeZhRRFJU3Wl23GJtx9kDb17gDrBPTLhtDaZ0Ekg==
-----END CERTIFICATE-----
Generated at Mon Jun 2 16:29:52 2025 by rpki-client