Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/07aa2549-9eea-428d-a23d-c0e66b59cdb0.roa
File: 07aa2549-9eea-428d-a23d-c0e66b59cdb0.roa (raw, json)
Hash identifier: 8NFUdO2gmT/i4ljUuP3Z5dY7/tkGyqdpZiVc90fPwNA=
Subject key identifier: 83:9D:8F:72:92:FE:0B:8E:DE:E5:E7:25:E6:F3:81:AC:B2:4B:AD:AB
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 66ED1E6F20D1481985F705841BB534C32BDC98BE
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/07aa2549-9eea-428d-a23d-c0e66b59cdb0.roa
Signing time: Mon 29 Sep 2025 15:39:56 +0000
ROA not before: Mon 29 Sep 2025 15:39:56 +0000
ROA not after: Mon 03 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc1:8000::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 09:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
66:ed:1e:6f:20:d1:48:19:85:f7:05:84:1b:b5:34:c3:2b:dc:98:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Sep 29 15:39:56 2025 GMT
Not After : Nov 3 23:59:59 2025 GMT
Subject: serialNumber=eb82f2358d13e6a81e38551aa9cef7f0dffa8dd6dbfa6e2ea5213075f6b3b53a, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:5a:b2:5c:8b:8f:54:ec:b4:f9:40:c1:8a:86:
86:fc:f7:8b:18:01:69:ba:88:78:de:c4:d8:94:8b:
85:b9:0c:b5:d6:b3:f1:ef:c2:94:93:1a:69:f1:8f:
67:ac:bd:31:e8:a6:b1:a9:76:9c:2e:2f:97:87:78:
29:2e:5b:35:d1:3a:ad:61:79:de:56:cd:a0:e2:02:
d2:88:6f:8d:0a:75:27:03:6d:6a:30:64:dc:9a:4d:
7d:4e:13:6c:7d:0b:0e:3d:1b:6b:31:17:5f:92:04:
93:d8:fc:b7:e1:9f:20:4a:90:79:7c:24:e0:d3:01:
62:d4:41:ed:d4:34:52:1f:23:85:07:43:74:21:bc:
c2:64:96:c1:76:5d:fe:c4:89:e7:56:8d:c4:75:37:
c4:93:67:47:f1:be:dc:25:5d:ef:88:8b:86:88:09:
e7:9e:62:55:18:57:65:a7:83:c7:b2:af:5e:92:20:
59:5e:47:3e:74:b8:27:da:4b:d1:6b:3d:63:71:fb:
f6:97:0e:ba:a3:c3:e8:5b:48:16:07:d8:dd:06:6c:
e7:e3:fd:f4:9d:a8:84:05:57:78:5f:60:15:c8:2a:
64:68:96:1d:23:05:d9:2a:4b:e7:9e:72:21:02:0d:
bb:49:a0:88:c1:27:df:3f:d5:f1:90:18:7c:e8:b4:
2b:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:9D:8F:72:92:FE:0B:8E:DE:E5:E7:25:E6:F3:81:AC:B2:4B:AD:AB
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/07aa2549-9eea-428d-a23d-c0e66b59cdb0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc1:8000::/38
Signature Algorithm: sha256WithRSAEncryption
2f:46:bc:90:82:8f:fb:5c:06:f7:d5:c3:9d:8b:1f:63:9b:1f:
bf:b8:8c:83:d0:4c:cf:44:34:77:77:8e:e6:4d:6c:1a:82:d2:
bf:2d:99:89:3b:a9:0f:c0:c9:ce:c4:f5:7c:3a:cd:e6:1e:5e:
a2:bc:03:65:56:77:30:e7:7c:e2:ad:54:db:e5:6e:3f:64:d6:
a2:86:de:96:08:2a:7a:14:53:fd:ea:ea:ba:fe:e9:95:23:86:
ae:6f:0c:95:e2:b6:a7:bc:7b:06:32:40:cd:46:77:dc:c3:4b:
db:ef:7c:5c:5a:1a:51:7f:41:a2:c4:9f:71:5c:41:e3:a0:41:
6f:d8:78:2e:6a:12:11:3c:f4:9a:85:19:5b:84:bf:49:a5:b6:
af:c3:14:fb:f5:4e:61:5f:16:ba:d4:8d:8a:2f:00:7a:38:cf:
50:c5:e6:aa:c2:b7:8e:8d:98:23:4f:bc:ee:fe:6c:e8:b1:77:
b3:92:98:47:2c:cc:80:5f:ad:08:2c:48:40:d6:35:d5:5f:af:
3f:90:16:a5:1b:de:ab:6b:cf:98:d6:92:0f:09:84:95:c0:00:
ce:e0:10:11:08:c7:12:3f:0f:24:01:66:58:5b:0e:98:92:37:
db:df:c0:5f:f1:9d:04:e9:a9:07:46:2f:4e:ce:97:bb:c5:b6:
48:b7:e8:d8
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUZu0ebyDRSBmF9wWEG7U0wyvcmL4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA5MjkxNTM5NTZaFw0yNTExMDMyMzU5NTlaMHoxSTBHBgNV
BAUTQGViODJmMjM1OGQxM2U2YTgxZTM4NTUxYWE5Y2VmN2YwZGZmYThkZDZkYmZh
NmUyZWE1MjEzMDc1ZjZiM2I1M2ExLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ1aslyLj1TstPlAwYqGhvz3ixgBabqIeN7E2JSLhbkMtdaz8e/ClJMaafGP
Z6y9Meimsal2nC4vl4d4KS5bNdE6rWF53lbNoOIC0ohvjQp1JwNtajBk3JpNfU4T
bH0LDj0bazEXX5IEk9j8t+GfIEqQeXwk4NMBYtRB7dQ0Uh8jhQdDdCG8wmSWwXZd
/sSJ51aNxHU3xJNnR/G+3CVd74iLhogJ555iVRhXZaeDx7KvXpIgWV5HPnS4J9pL
0Ws9Y3H79pcOuqPD6FtIFgfY3QZs5+P99J2ohAVXeF9gFcgqZGiWHSMF2SpL555y
IQINu0mgiMEn3z/V8ZAYfOi0K7MCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSDnY9y
kv4Ljt7l5yXm84GsskutqzAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
MDdhYTI1NDktOWVlYS00MjhkLWEyM2QtYzBlNjZiNTljZGIwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAiABP8GA
MA0GCSqGSIb3DQEBCwUAA4IBAQAvRryQgo/7XAb31cOdix9jmx+/uIyD0EzPRDR3
d47mTWwagtK/LZmJO6kPwMnOxPV8Os3mHl6ivANlVncw53zirVTb5W4/ZNaiht6W
CCp6FFP96uq6/umVI4aubwyV4ranvHsGMkDNRnfcw0vb73xcWhpRf0GixJ9xXEHj
oEFv2HguahIRPPSahRlbhL9JpbavwxT79U5hXxa61I2KLwB6OM9QxeaqwreOjZgj
T7zu/mzosXezkphHLMyAX60ILEhA1jXVX68/kBalG96ra8+Y1pIPCYSVwADO4BAR
CMcSPw8kAWZYWw6Ykjfb38Bf8Z0E6akHRi9Ozpe7xbZIt+jY
-----END CERTIFICATE-----
Generated at Mon Oct 20 12:52:28 2025 by rpki-client