Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/00793623-9ed7-44a4-9c2d-b3ff0668aeb2.roa
File: 00793623-9ed7-44a4-9c2d-b3ff0668aeb2.roa (raw, json)
Hash identifier: hWL5oyPBHNNetCHNhyqe9cX9jOyoOqB9XYUqEboTzn4=
Subject key identifier: 3D:76:12:A8:F8:DB:CB:A3:F3:9F:92:D7:91:64:8D:D1:A9:16:45:7C
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 71988B7C1C12FE0923B96CA8F82E15622B59710D
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/00793623-9ed7-44a4-9c2d-b3ff0668aeb2.roa
Signing time: Mon 29 Sep 2025 15:40:24 +0000
ROA not before: Mon 29 Sep 2025 15:40:24 +0000
ROA not after: Mon 03 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc3:6000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
71:98:8b:7c:1c:12:fe:09:23:b9:6c:a8:f8:2e:15:62:2b:59:71:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Sep 29 15:40:24 2025 GMT
Not After : Nov 3 23:59:59 2025 GMT
Subject: serialNumber=08a3d1398cf1135a0e639baf576bde2d35ae35d899c2bdd2645e55bcb6d92824, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:c7:0d:73:2c:80:17:2f:9b:71:b9:1b:40:cc:
15:c7:18:6c:cd:fc:bb:6a:b5:26:42:3a:e9:95:f5:
c1:e3:3b:00:db:42:9b:f7:6e:41:e9:a9:56:40:91:
ac:62:3f:2c:b0:31:9c:a4:53:71:36:f1:3f:65:16:
a1:89:8e:d2:e0:fa:73:52:6a:19:1f:82:f9:d4:e1:
cd:cf:05:a0:bb:64:04:00:e3:64:60:88:b7:73:3d:
a1:b3:38:cf:83:37:63:2b:79:08:22:d4:14:d9:6d:
8f:a2:de:37:c1:6a:6e:3d:3e:f8:58:ed:ac:42:c7:
ba:66:5c:8b:59:9a:6c:94:1f:63:fa:b2:27:85:8b:
43:be:74:8f:4d:a9:fb:7b:51:71:2e:68:62:9a:c3:
0d:16:f7:70:0c:ad:b5:33:e7:88:72:f1:70:35:83:
dc:e7:77:99:c0:a6:15:8b:4b:9f:8c:fd:07:0c:81:
6d:81:b4:6c:9e:f6:15:7d:23:ea:05:78:74:f4:a6:
c3:2d:12:0d:8e:6d:52:b4:ac:33:6c:ec:f9:60:68:
e0:e1:c0:be:69:07:6d:f0:77:08:c6:a7:db:05:dc:
f7:82:ad:f2:17:92:f1:f0:55:1d:30:f0:18:bb:7d:
68:0d:36:03:c5:a6:b8:ef:4c:8a:a5:6b:43:5b:40:
12:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:76:12:A8:F8:DB:CB:A3:F3:9F:92:D7:91:64:8D:D1:A9:16:45:7C
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/00793623-9ed7-44a4-9c2d-b3ff0668aeb2.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc3:6000::/36
Signature Algorithm: sha256WithRSAEncryption
2d:46:58:b5:85:6e:c5:6d:dc:58:cb:b4:b8:92:93:14:1a:a3:
32:0f:25:3b:07:87:25:3d:78:04:22:fa:fc:0d:97:58:b8:2d:
db:6d:27:7b:46:c8:fa:5f:9f:70:20:ff:07:bc:dd:ba:df:bf:
80:62:54:e8:97:e7:31:6c:15:2f:ad:e1:da:e9:20:42:49:34:
4d:c1:a5:b8:01:5f:d7:94:7a:16:b3:dc:98:1a:73:25:c1:07:
70:a2:a4:96:9a:67:db:48:56:32:c2:5f:9c:bc:a9:d5:3f:4c:
98:a3:98:04:10:cf:13:35:70:5a:4f:78:5b:fd:a5:b9:f9:81:
ff:52:fe:d4:bb:1c:6f:56:9d:a6:d5:2c:41:7f:92:a3:39:a5:
4e:5a:19:cd:ad:b1:e7:b4:c3:76:79:03:c6:53:9c:c7:86:a8:
92:5e:df:fe:33:24:f6:f4:ac:ab:9a:98:61:1d:40:6e:ee:f1:
7f:e6:6f:d9:36:55:ff:15:e9:25:f6:f9:81:98:74:51:d1:7f:
6c:16:e0:6d:01:00:97:ff:7a:2f:46:c6:cc:ca:f5:02:2a:cd:
fe:e0:1c:2b:53:28:c1:c5:be:8f:e8:a8:66:bd:2f:68:b5:84:
e9:3b:3e:38:2b:bd:4e:91:a6:78:88:cb:07:7b:9f:13:d8:9a:
ae:b2:9b:02
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUcZiLfBwS/gkjuWyo+C4VYitZcQ0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA5MjkxNTQwMjRaFw0yNTExMDMyMzU5NTlaMHoxSTBHBgNV
BAUTQDA4YTNkMTM5OGNmMTEzNWEwZTYzOWJhZjU3NmJkZTJkMzVhZTM1ZDg5OWMy
YmRkMjY0NWU1NWJjYjZkOTI4MjQxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAO3HDXMsgBcvm3G5G0DMFccYbM38u2q1JkI66ZX1weM7ANtCm/duQempVkCR
rGI/LLAxnKRTcTbxP2UWoYmO0uD6c1JqGR+C+dThzc8FoLtkBADjZGCIt3M9obM4
z4M3Yyt5CCLUFNltj6LeN8Fqbj0++FjtrELHumZci1mabJQfY/qyJ4WLQ750j02p
+3tRcS5oYprDDRb3cAyttTPniHLxcDWD3Od3mcCmFYtLn4z9BwyBbYG0bJ72FX0j
6gV4dPSmwy0SDY5tUrSsM2zs+WBo4OHAvmkHbfB3CMan2wXc94Kt8heS8fBVHTDw
GLt9aA02A8WmuO9MiqVrQ1tAEl8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQ9dhKo
+NvLo/OfkteRZI3RqRZFfDAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
MDA3OTM2MjMtOWVkNy00NGE0LTljMmQtYjNmZjA2NjhhZWIyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCABP8Ng
MA0GCSqGSIb3DQEBCwUAA4IBAQAtRli1hW7FbdxYy7S4kpMUGqMyDyU7B4clPXgE
Ivr8DZdYuC3bbSd7Rsj6X59wIP8HvN2637+AYlTol+cxbBUvreHa6SBCSTRNwaW4
AV/XlHoWs9yYGnMlwQdwoqSWmmfbSFYywl+cvKnVP0yYo5gEEM8TNXBaT3hb/aW5
+YH/Uv7UuxxvVp2m1SxBf5KjOaVOWhnNrbHntMN2eQPGU5zHhqiSXt/+MyT29Kyr
mphhHUBu7vF/5m/ZNlX/Fekl9vmBmHRR0X9sFuBtAQCX/3ovRsbMyvUCKs3+4Bwr
UyjBxb6P6KhmvS9otYTpOz44K71OkaZ4iMsHe58T2JquspsC
-----END CERTIFICATE-----
Generated at Sun Oct 19 19:54:30 2025 by rpki-client