Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/0b1379a0-a965-4871-ba33-de2086e8028e.roa
File: 0b1379a0-a965-4871-ba33-de2086e8028e.roa (raw, json)
Hash identifier: gMIJAvA8q+dJ/jIAGXAbpE5kFs84dRbcBoe1lMhzdEA=
Subject key identifier: 04:82:86:32:95:37:A0:41:4E:97:27:A4:95:B3:8A:F9:25:C5:16:FA
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 0AF68AF4ED0051DF49528AB2259D90EA826BB6A5
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/0b1379a0-a965-4871-ba33-de2086e8028e.roa
Signing time: Mon 29 Sep 2025 15:40:20 +0000
ROA not before: Mon 29 Sep 2025 15:40:20 +0000
ROA not after: Mon 03 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc7:f000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 15:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0a:f6:8a:f4:ed:00:51:df:49:52:8a:b2:25:9d:90:ea:82:6b:b6:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Sep 29 15:40:20 2025 GMT
Not After : Nov 3 23:59:59 2025 GMT
Subject: serialNumber=3731b1bd569488c56bd06ed473c17acff2dd582de13fc980ea0569d8b19a8672, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:33:86:3b:cb:ff:6b:2a:95:a4:3f:d8:6f:36:
b2:a9:5d:09:ce:ef:b7:4b:e3:9d:74:0a:20:03:a1:
db:a1:7d:a0:80:36:e8:77:ab:4a:1d:d4:37:ce:b7:
e4:49:05:83:6e:2c:8c:fb:8a:ed:e7:62:a9:a8:da:
b6:02:f0:60:59:81:5a:3a:4b:d6:ee:28:2e:18:44:
c1:df:44:94:b9:31:98:c6:76:4d:43:89:60:64:19:
c9:10:99:5e:5a:56:d0:d5:ab:76:1e:48:14:2f:09:
3a:21:41:75:15:c1:ef:f9:6f:bd:63:1d:44:3c:d5:
5a:2c:36:4e:c8:4c:21:3a:f1:6c:f0:e4:33:67:dd:
0a:df:6e:cf:30:20:82:c7:39:59:72:24:6b:48:bb:
85:c9:61:ff:df:20:d8:b8:21:98:ef:a7:a3:42:34:
d8:f5:fb:4e:dd:ba:04:fe:3c:bf:51:4d:8c:61:4d:
2d:34:fd:3d:a7:d3:34:1b:a3:e6:8e:f1:e4:67:25:
36:23:02:71:2b:1a:ef:2f:91:14:7b:5a:b3:20:96:
a5:86:6b:2a:ab:fe:f5:14:ed:06:d3:d6:66:20:08:
e8:50:81:8c:55:97:fb:9b:0f:f7:87:88:71:6d:88:
6b:b6:e5:1b:a6:0a:0e:d6:8b:11:d9:49:55:e5:43:
3d:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:82:86:32:95:37:A0:41:4E:97:27:A4:95:B3:8A:F9:25:C5:16:FA
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/0b1379a0-a965-4871-ba33-de2086e8028e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc7:f000::/36
Signature Algorithm: sha256WithRSAEncryption
92:fe:a7:15:cf:a6:30:3d:69:b2:a9:ab:b8:f5:41:45:f5:1d:
10:f1:98:9a:4b:3e:e3:b2:71:b0:f7:7a:a0:db:0f:44:f7:16:
b0:62:a9:f3:8f:c4:a2:67:48:6f:7a:d0:6e:07:58:ea:dd:45:
55:23:d6:68:ce:75:74:27:28:bf:0b:24:40:97:84:6d:8c:0f:
43:af:46:8b:f4:d0:9e:99:b0:ca:97:b8:e7:30:ef:3b:f5:df:
9b:8b:74:90:f2:ad:da:de:36:64:53:a1:3c:9b:01:63:1d:b4:
98:08:02:66:27:15:4b:65:26:c1:87:03:94:06:61:e7:66:ef:
d1:54:ed:3b:07:ec:da:43:7d:f3:76:7f:d3:2f:f7:73:ad:f1:
5f:79:6e:94:78:e1:c7:67:03:bc:d0:0a:a7:53:bd:03:38:5b:
71:53:a2:8d:8d:1b:a8:d5:13:7d:0a:27:da:d4:4f:b3:86:e2:
81:11:13:79:63:c5:b3:fb:d9:52:84:30:a6:b2:8a:69:66:5a:
49:a2:6d:c0:e9:8c:40:4f:cf:fd:74:89:73:6d:3c:df:d0:90:
6a:24:55:44:dd:1f:8d:c1:34:07:c7:a3:e6:d2:b1:ce:6f:32:
0a:0d:40:8a:7d:4f:02:10:ba:e2:d4:19:bb:ae:2a:a8:8f:b9:
f4:16:35:36
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUCvaK9O0AUd9JUoqyJZ2Q6oJrtqUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA5MjkxNTQwMjBaFw0yNTExMDMyMzU5NTlaMHoxSTBHBgNV
BAUTQDM3MzFiMWJkNTY5NDg4YzU2YmQwNmVkNDczYzE3YWNmZjJkZDU4MmRlMTNm
Yzk4MGVhMDU2OWQ4YjE5YTg2NzIxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMszhjvL/2sqlaQ/2G82sqldCc7vt0vjnXQKIAOh26F9oIA26HerSh3UN863
5EkFg24sjPuK7ediqajatgLwYFmBWjpL1u4oLhhEwd9ElLkxmMZ2TUOJYGQZyRCZ
XlpW0NWrdh5IFC8JOiFBdRXB7/lvvWMdRDzVWiw2TshMITrxbPDkM2fdCt9uzzAg
gsc5WXIka0i7hclh/98g2LghmO+no0I02PX7Tt26BP48v1FNjGFNLTT9PafTNBuj
5o7x5GclNiMCcSsa7y+RFHtasyCWpYZrKqv+9RTtBtPWZiAI6FCBjFWX+5sP94eI
cW2Ia7blG6YKDtaLEdlJVeVDPXkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQEgoYy
lTegQU6XJ6SVs4r5JcUW+jAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
MGIxMzc5YTAtYTk2NS00ODcxLWJhMzMtZGUyMDg2ZTgwMjhlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCABP8fw
MA0GCSqGSIb3DQEBCwUAA4IBAQCS/qcVz6YwPWmyqau49UFF9R0Q8ZiaSz7jsnGw
93qg2w9E9xawYqnzj8SiZ0hvetBuB1jq3UVVI9ZoznV0Jyi/CyRAl4RtjA9Dr0aL
9NCembDKl7jnMO879d+bi3SQ8q3a3jZkU6E8mwFjHbSYCAJmJxVLZSbBhwOUBmHn
Zu/RVO07B+zaQ33zdn/TL/dzrfFfeW6UeOHHZwO80AqnU70DOFtxU6KNjRuo1RN9
Cifa1E+zhuKBERN5Y8Wz+9lShDCmsoppZlpJom3A6YxAT8/9dIlzbTzf0JBqJFVE
3R+NwTQHx6Pm0rHObzIKDUCKfU8CELri1Bm7riqoj7n0FjU2
-----END CERTIFICATE-----
Generated at Sun Oct 19 22:31:15 2025 by rpki-client