Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/13e0b0a3-49b4-4990-a108-1beddb3a18bc.roa
File: 13e0b0a3-49b4-4990-a108-1beddb3a18bc.roa (raw, json)
Hash identifier: hQR9mCu0tKmni6gKJUCUN7KH5AQu7h9vRw84KBQ7FQQ=
Subject key identifier: 7D:E5:66:18:9F:F6:24:C0:A9:09:2B:BA:AF:20:FD:5E:09:ED:73:1C
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 3F4838D6C8ABDF5FA9B2E97336E93F470ADDCF56
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/13e0b0a3-49b4-4990-a108-1beddb3a18bc.roa
Signing time: Mon 29 Sep 2025 15:39:26 +0000
ROA not before: Mon 29 Sep 2025 15:39:26 +0000
ROA not after: Mon 03 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc7:28c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3f:48:38:d6:c8:ab:df:5f:a9:b2:e9:73:36:e9:3f:47:0a:dd:cf:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Sep 29 15:39:26 2025 GMT
Not After : Nov 3 23:59:59 2025 GMT
Subject: serialNumber=55c8aed8d1ad79e91559e5c65962a92cadeafe61d632f7a95151d4d85f464d3f, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:27:cb:74:69:44:16:33:74:47:f0:b0:93:48:
93:71:8c:4a:82:43:19:cd:b9:a0:49:11:53:a8:8e:
3c:98:e3:84:e4:84:1e:72:0b:51:88:a0:79:94:0e:
82:8b:c3:98:88:90:c3:1f:3e:31:a6:28:0b:f0:64:
5c:a2:e4:0f:df:db:8e:47:0b:34:d4:78:cf:4d:57:
98:3f:09:f0:0f:22:d2:92:83:c7:99:9c:fd:e6:51:
2d:4e:f4:12:67:72:95:c6:11:de:8d:d6:09:d0:4c:
2d:50:5f:d3:39:db:7a:78:5d:29:c5:dc:c8:54:78:
f7:47:c3:b9:5f:b9:58:e2:ef:f1:cf:f5:f0:91:04:
25:fb:17:cf:15:91:72:e1:0a:f0:30:e1:db:4a:2b:
30:e7:4b:9f:98:30:4a:37:b4:7d:fc:f5:95:aa:39:
27:c4:c3:07:31:d4:9d:cc:e6:d8:23:6e:ad:f2:bc:
cc:94:ca:b8:a6:3b:9b:26:d4:83:16:8a:29:e1:58:
ca:86:50:f2:86:1b:d3:e7:2b:72:81:cb:75:91:d9:
0b:b0:fc:cd:3c:29:96:0b:3c:e5:1c:dd:8f:9a:92:
c8:40:7e:e9:8d:02:5f:2b:a2:0b:2f:79:4f:e5:dc:
ae:ef:f4:9d:24:4d:22:5d:b8:dd:05:b4:ec:fb:8b:
6e:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:E5:66:18:9F:F6:24:C0:A9:09:2B:BA:AF:20:FD:5E:09:ED:73:1C
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/13e0b0a3-49b4-4990-a108-1beddb3a18bc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc7:28c0::/48
Signature Algorithm: sha256WithRSAEncryption
99:f5:1b:e6:e5:6f:0d:bb:17:6a:ce:d5:72:2c:d4:b0:9c:20:
a3:a5:b2:88:a2:08:ad:fa:2e:e6:fe:db:ae:e2:41:75:e1:88:
63:6b:01:4c:59:a7:70:f1:47:34:de:75:db:79:34:ea:73:f9:
af:dc:21:4b:bd:7a:44:10:93:45:7f:d1:e4:c0:58:1f:32:e9:
30:2c:2a:bd:d2:d6:0e:fa:55:e0:dd:52:e0:63:c3:5a:c4:7c:
a2:4e:3e:a8:8f:41:f4:cf:3e:e6:e5:19:25:2d:5b:74:56:87:
91:d8:04:32:b5:b7:f1:62:9e:6f:8b:64:e6:03:31:07:69:a2:
e4:0a:a2:c3:65:f2:62:1d:03:3c:3a:2f:86:b4:32:29:56:68:
fc:db:af:ca:98:62:1e:a3:59:8e:3d:7a:4f:a4:5d:2f:5c:ee:
36:d2:c6:1f:c1:7d:9a:18:e5:be:e2:ce:df:5f:b0:df:47:40:
b0:7d:43:81:0a:b7:3f:99:5d:13:10:eb:15:fa:52:11:9a:bd:
38:e1:cd:63:5c:0b:94:28:2d:ed:67:7e:c4:d9:99:11:ae:4e:
a8:ed:e6:67:fc:9d:84:8d:c2:f1:3c:c1:37:22:b7:ec:d6:71:
d5:84:dd:22:17:90:bd:0b:28:e2:3c:95:41:2e:c5:e3:68:66:
ad:e9:fa:3f
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUP0g41sir31+psulzNuk/Rwrdz1YwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA5MjkxNTM5MjZaFw0yNTExMDMyMzU5NTlaMHoxSTBHBgNV
BAUTQDU1YzhhZWQ4ZDFhZDc5ZTkxNTU5ZTVjNjU5NjJhOTJjYWRlYWZlNjFkNjMy
ZjdhOTUxNTFkNGQ4NWY0NjRkM2YxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMgny3RpRBYzdEfwsJNIk3GMSoJDGc25oEkRU6iOPJjjhOSEHnILUYigeZQO
govDmIiQwx8+MaYoC/BkXKLkD9/bjkcLNNR4z01XmD8J8A8i0pKDx5mc/eZRLU70
EmdylcYR3o3WCdBMLVBf0znbenhdKcXcyFR490fDuV+5WOLv8c/18JEEJfsXzxWR
cuEK8DDh20orMOdLn5gwSje0ffz1lao5J8TDBzHUnczm2CNurfK8zJTKuKY7mybU
gxaKKeFYyoZQ8oYb0+crcoHLdZHZC7D8zTwplgs85Rzdj5qSyEB+6Y0CXyuiCy95
T+Xcru/0nSRNIl243QW07PuLbrECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBR95WYY
n/YkwKkJK7qvIP1eCe1zHDAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
MTNlMGIwYTMtNDliNC00OTkwLWExMDgtMWJlZGRiM2ExOGJjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACABP8co
wDANBgkqhkiG9w0BAQsFAAOCAQEAmfUb5uVvDbsXas7VcizUsJwgo6WyiKIIrfou
5v7bruJBdeGIY2sBTFmncPFHNN5123k06nP5r9whS716RBCTRX/R5MBYHzLpMCwq
vdLWDvpV4N1S4GPDWsR8ok4+qI9B9M8+5uUZJS1bdFaHkdgEMrW38WKeb4tk5gMx
B2mi5Aqiw2XyYh0DPDovhrQyKVZo/NuvyphiHqNZjj16T6RdL1zuNtLGH8F9mhjl
vuLO31+w30dAsH1DgQq3P5ldExDrFfpSEZq9OOHNY1wLlCgt7Wd+xNmZEa5OqO3m
Z/ydhI3C8TzBNyK37NZx1YTdIheQvQso4jyVQS7F42hmren6Pw==
-----END CERTIFICATE-----
Generated at Sun Oct 19 19:54:40 2025 by rpki-client