
Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/1ae9d8b2-218c-4376-936d-185032ce890b.roa
File: 1ae9d8b2-218c-4376-936d-185032ce890b.roa (raw, json)
Hash identifier: AdpLYFddv4Ft9Vtfqd8Yy+uDGq4GLDx+sWfu+0vH3yg=
Subject key identifier: D4:7E:6A:89:6A:56:2B:49:13:41:21:3B:6A:A3:E1:3E:B9:6D:B0:70
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 58A0DC4AEE50BB9B40358A1385ECD6D494B6C08A
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/1ae9d8b2-218c-4376-936d-185032ce890b.roa
Signing time: Mon 29 Sep 2025 15:39:31 +0000
ROA not before: Mon 29 Sep 2025 15:39:31 +0000
ROA not after: Mon 03 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc7:f840::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
58:a0:dc:4a:ee:50:bb:9b:40:35:8a:13:85:ec:d6:d4:94:b6:c0:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Sep 29 15:39:31 2025 GMT
Not After : Nov 3 23:59:59 2025 GMT
Subject: serialNumber=3c3c026deb51c88854e453f44bc7110494047bac4778f0762a5eee5c7f3ad26f, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:55:40:bd:54:f1:9f:68:ae:1c:ad:c4:d8:b4:
1d:64:a6:c9:92:18:c3:c7:b6:f2:fd:ec:ef:c1:5f:
dd:13:60:01:32:c9:5f:01:f9:81:d5:d2:5c:3c:2f:
b6:1a:0f:8b:11:ad:a0:d1:05:bf:e6:c4:9a:26:09:
c8:76:e0:4c:1f:2d:38:49:2d:db:07:20:e9:3d:59:
9e:c9:ed:b9:0b:14:3c:61:92:fe:ed:11:bf:de:7c:
28:cd:bb:2e:b0:00:29:0b:d0:42:5c:77:90:a4:fb:
74:fe:4a:74:36:95:4d:bc:c6:f8:e6:fa:b0:86:5b:
df:21:46:90:23:f7:b7:2e:27:12:ec:04:28:60:41:
2f:be:cf:a5:87:8b:05:ec:dd:33:7d:53:b7:f2:c8:
ef:dd:ea:47:0f:61:5c:1a:3e:47:c2:d7:97:76:b8:
1b:44:7e:6e:46:cd:a5:3e:3f:e4:b0:67:14:3c:30:
94:09:6f:c8:5a:2e:8d:d0:7c:84:ab:8e:50:db:97:
db:9f:5a:fb:01:c1:39:7d:58:18:53:ed:fd:e0:dc:
88:fe:92:39:0f:47:88:63:2d:70:31:f0:17:ea:d2:
cf:77:ba:c5:16:97:37:0a:85:f4:27:73:4d:27:6e:
33:d0:7d:a7:c9:c7:0c:d1:98:69:7a:d2:04:00:4b:
d4:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:7E:6A:89:6A:56:2B:49:13:41:21:3B:6A:A3:E1:3E:B9:6D:B0:70
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/1ae9d8b2-218c-4376-936d-185032ce890b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc7:f840::/48
Signature Algorithm: sha256WithRSAEncryption
55:52:10:72:96:e9:fb:36:82:32:55:81:ee:3e:29:ef:2f:64:
8d:0e:66:89:b8:59:92:b0:94:d1:34:4b:71:16:e1:fd:d7:08:
8a:c1:81:01:9a:15:44:c6:fd:90:81:3f:d3:d3:ef:d1:f2:7f:
31:42:ba:bd:ff:6f:ba:df:fe:1c:64:ef:7b:3c:39:62:05:b1:
86:3b:fb:75:cc:8e:30:57:c9:92:8b:0e:23:fd:aa:3b:68:eb:
8f:59:74:0e:e3:94:04:7c:61:62:0d:4d:5a:a8:8b:7f:d0:68:
66:ba:4e:68:d6:01:21:4a:39:a3:f1:08:eb:ef:70:ee:0e:5f:
6a:ff:bb:44:ce:a7:cb:c7:5c:76:a5:02:c7:7c:90:8b:ab:86:
e9:4c:b4:09:80:f1:ee:e1:c0:12:e1:bb:71:80:79:c8:f3:4a:
5b:94:7c:1d:0e:e3:9a:8b:c3:0a:b7:2d:4a:32:d8:76:e9:f9:
4f:be:d7:a7:0f:bc:2f:89:b3:47:8d:de:2f:c8:56:5f:d3:ec:
88:85:f5:16:c4:71:9e:01:16:9d:c7:cb:5f:59:80:dc:f1:4d:
8f:93:7a:33:f3:a1:74:96:d8:91:ff:f4:73:d3:46:ec:a9:18:
d1:c5:90:77:33:37:7a:42:39:a4:65:5f:62:8f:99:03:88:76:
2b:1b:fb:5c
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUWKDcSu5Qu5tANYoThezW1JS2wIowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA5MjkxNTM5MzFaFw0yNTExMDMyMzU5NTlaMHoxSTBHBgNV
BAUTQDNjM2MwMjZkZWI1MWM4ODg1NGU0NTNmNDRiYzcxMTA0OTQwNDdiYWM0Nzc4
ZjA3NjJhNWVlZTVjN2YzYWQyNmYxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMBVQL1U8Z9orhytxNi0HWSmyZIYw8e28v3s78Ff3RNgATLJXwH5gdXSXDwv
thoPixGtoNEFv+bEmiYJyHbgTB8tOEkt2wcg6T1ZnsntuQsUPGGS/u0Rv958KM27
LrAAKQvQQlx3kKT7dP5KdDaVTbzG+Ob6sIZb3yFGkCP3ty4nEuwEKGBBL77PpYeL
BezdM31Tt/LI793qRw9hXBo+R8LXl3a4G0R+bkbNpT4/5LBnFDwwlAlvyFoujdB8
hKuOUNuX259a+wHBOX1YGFPt/eDciP6SOQ9HiGMtcDHwF+rSz3e6xRaXNwqF9Cdz
TSduM9B9p8nHDNGYaXrSBABL1GMCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTUfmqJ
alYrSRNBITtqo+E+uW2wcDAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
MWFlOWQ4YjItMjE4Yy00Mzc2LTkzNmQtMTg1MDMyY2U4OTBiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACABP8f4
QDANBgkqhkiG9w0BAQsFAAOCAQEAVVIQcpbp+zaCMlWB7j4p7y9kjQ5mibhZkrCU
0TRLcRbh/dcIisGBAZoVRMb9kIE/09Pv0fJ/MUK6vf9vut/+HGTvezw5YgWxhjv7
dcyOMFfJkosOI/2qO2jrj1l0DuOUBHxhYg1NWqiLf9BoZrpOaNYBIUo5o/EI6+9w
7g5fav+7RM6ny8dcdqUCx3yQi6uG6Uy0CYDx7uHAEuG7cYB5yPNKW5R8HQ7jmovD
CrctSjLYdun5T77Xpw+8L4mzR43eL8hWX9PsiIX1FsRxngEWncfLX1mA3PFNj5N6
M/OhdJbYkf/0c9NG7KkY0cWQdzM3ekI5pGVfYo+ZA4h2Kxv7XA==
-----END CERTIFICATE-----
Generated at Sun Oct 19 17:45:53 2025 by rpki-client