Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/654f1481-ba50-463b-9997-0d385dd9b0a3.roa
File: 654f1481-ba50-463b-9997-0d385dd9b0a3.roa (raw, json)
Hash identifier: Kn7306ZLZxSu+GEoTNmVhHDVqdiS/Fkp/29bn9Yyzec=
Subject key identifier: 51:49:96:35:B8:AA:C6:F3:D7:C4:94:AB:AE:62:BD:B6:34:2D:02:09
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 11DD022C19CADDD6CE92F18A9B4273C9A11FC3F2
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/654f1481-ba50-463b-9997-0d385dd9b0a3.roa
Signing time: Mon 26 May 2025 15:10:48 +0000
ROA not before: Mon 26 May 2025 15:10:48 +0000
ROA not after: Mon 30 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc0:800::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 06 Jun 2025 20:42:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
11:dd:02:2c:19:ca:dd:d6:ce:92:f1:8a:9b:42:73:c9:a1:1f:c3:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: May 26 15:10:48 2025 GMT
Not After : Jun 30 23:59:59 2025 GMT
Subject: serialNumber=12b23070060ba44affb27272b5c688d9354caf65e6d293f405f7cb8145ad245a, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:15:a5:a5:73:9f:17:90:79:f0:ef:c6:48:2c:
dc:86:18:91:ab:c7:42:f0:40:d9:53:53:ed:e6:f0:
1a:84:93:39:bc:80:29:ee:75:8a:9f:13:45:eb:5b:
da:5e:fb:d0:76:7a:b4:15:3a:eb:8f:b0:fb:4a:0b:
cf:62:e2:20:cc:b7:43:40:bb:d8:41:2a:27:c7:25:
51:b7:e5:a0:a7:58:33:e0:ad:d2:37:51:d0:0b:0b:
bd:5d:7b:ab:ec:17:8f:51:30:ee:7c:7c:44:bf:42:
9d:79:83:a3:03:80:9b:35:24:84:08:2c:48:41:ff:
a7:9b:6a:85:4b:ff:bc:49:17:ec:e1:8f:d8:14:f4:
be:e8:bc:90:55:fb:ed:9f:e0:da:01:25:e8:ca:29:
f3:9e:0b:8b:1d:71:5f:f6:22:b5:a7:e7:41:33:98:
1a:01:76:7d:78:82:94:52:98:39:8d:05:e4:55:af:
5c:e0:01:c3:cf:22:c7:e9:e6:4f:06:ac:95:e7:6b:
7b:33:98:e7:52:08:54:37:b6:ff:6a:7b:63:96:4e:
22:9d:d3:b0:19:98:c3:93:2a:68:b2:92:53:df:bc:
bc:cd:83:5d:66:ec:e9:96:15:5f:ea:b1:82:e2:da:
0a:b0:43:34:13:e3:c4:7b:3b:d2:e5:98:91:67:87:
3d:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:49:96:35:B8:AA:C6:F3:D7:C4:94:AB:AE:62:BD:B6:34:2D:02:09
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/654f1481-ba50-463b-9997-0d385dd9b0a3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc0:800::/40
Signature Algorithm: sha256WithRSAEncryption
4b:ca:29:e3:a6:6a:67:25:41:40:b4:ec:fb:2b:26:7a:bd:83:
ce:4d:43:ff:e8:a8:6d:01:a5:b5:1d:0e:6c:46:a3:b4:20:05:
e8:06:89:b0:26:f2:de:37:0b:91:79:0e:41:05:a2:24:ea:7f:
9b:ed:82:9f:65:e0:f9:e5:0d:1a:6e:3e:0b:2e:4a:56:52:1d:
86:9e:4e:70:68:c9:18:a1:b8:42:12:3b:8d:d6:99:e4:d0:b4:
42:c5:d6:40:62:f7:ca:b5:ea:1d:7f:dd:b6:16:a3:ea:e6:4e:
2d:95:6a:df:2e:17:20:19:f5:36:db:22:ad:58:10:d4:0b:8c:
7c:d0:56:ca:5c:c0:56:81:06:85:9e:c5:3b:97:0a:3f:1f:9b:
58:f8:33:bb:1c:fc:79:9d:fe:c3:de:73:7f:bc:10:62:e2:89:
c9:42:97:5b:f3:64:04:6f:1b:55:b3:a8:13:a0:b9:5b:44:63:
84:3f:7c:e5:89:ec:46:6b:c7:04:8c:06:1f:26:b1:90:0e:62:
4d:49:1a:31:35:94:ea:eb:b7:30:0d:d3:35:3b:8d:65:2f:97:
35:a1:32:8a:80:86:5c:13:a3:93:1d:f3:82:44:ea:b8:8f:a6:
e9:ce:57:b3:fb:c3:ba:aa:d4:29:56:fa:ae:72:e1:19:50:5a:
8f:89:1b:e2
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUEd0CLBnK3dbOkvGKm0JzyaEfw/IwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA1MjYxNTEwNDhaFw0yNTA2MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDEyYjIzMDcwMDYwYmE0NGFmZmIyNzI3MmI1YzY4OGQ5MzU0Y2FmNjVlNmQy
OTNmNDA1ZjdjYjgxNDVhZDI0NWExLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKwVpaVznxeQefDvxkgs3IYYkavHQvBA2VNT7ebwGoSTObyAKe51ip8TRetb
2l770HZ6tBU664+w+0oLz2LiIMy3Q0C72EEqJ8clUbfloKdYM+Ct0jdR0AsLvV17
q+wXj1Ew7nx8RL9CnXmDowOAmzUkhAgsSEH/p5tqhUv/vEkX7OGP2BT0vui8kFX7
7Z/g2gEl6Mop854Lix1xX/YitafnQTOYGgF2fXiClFKYOY0F5FWvXOABw88ix+nm
TwasledrezOY51IIVDe2/2p7Y5ZOIp3TsBmYw5MqaLKSU9+8vM2DXWbs6ZYVX+qx
guLaCrBDNBPjxHs70uWYkWeHPdsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRRSZY1
uKrG89fElKuuYr22NC0CCTAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
NjU0ZjE0ODEtYmE1MC00NjNiLTk5OTctMGQzODVkZDliMGEzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACABP8AI
MA0GCSqGSIb3DQEBCwUAA4IBAQBLyinjpmpnJUFAtOz7KyZ6vYPOTUP/6KhtAaW1
HQ5sRqO0IAXoBomwJvLeNwuReQ5BBaIk6n+b7YKfZeD55Q0abj4LLkpWUh2Gnk5w
aMkYobhCEjuN1pnk0LRCxdZAYvfKteodf922FqPq5k4tlWrfLhcgGfU22yKtWBDU
C4x80FbKXMBWgQaFnsU7lwo/H5tY+DO7HPx5nf7D3nN/vBBi4onJQpdb82QEbxtV
s6gToLlbRGOEP3zliexGa8cEjAYfJrGQDmJNSRoxNZTq67cwDdM1O41lL5c1oTKK
gIZcE6OTHfOCROq4j6bpzlez+8O6qtQpVvqucuEZUFqPiRvi
-----END CERTIFICATE-----
Generated at Fri Jun 6 03:43:07 2025 by rpki-client