
Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/1d757286-8eda-42c2-aecf-19a8c013dc64.roa
File: 1d757286-8eda-42c2-aecf-19a8c013dc64.roa (raw, json)
Hash identifier: CL9a3MbsYWyqyVK+YqdgpOc9OSAZq7ULf1mp5+6dyPs=
Subject key identifier: FF:78:77:6C:F0:F5:8A:89:A9:B2:47:68:75:C2:7B:65:F9:26:A8:71
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 56AC9FA754037E9B898A542AD395EE7317DF9C83
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/1d757286-8eda-42c2-aecf-19a8c013dc64.roa
Signing time: Mon 29 Sep 2025 15:39:52 +0000
ROA not before: Mon 29 Sep 2025 15:39:52 +0000
ROA not after: Mon 03 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc1:8400::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
56:ac:9f:a7:54:03:7e:9b:89:8a:54:2a:d3:95:ee:73:17:df:9c:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Sep 29 15:39:52 2025 GMT
Not After : Nov 3 23:59:59 2025 GMT
Subject: serialNumber=36386043b3a624420e4785e59e9d6c8616d42775fb13d43a21da1d129d9cd31c, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:b4:6c:64:89:9a:a1:2a:d8:b7:72:dd:31:d1:
b7:c8:2a:f9:7e:d6:90:b9:5d:99:24:40:b9:54:59:
83:09:95:81:54:6b:8a:64:cf:af:0e:58:60:f8:17:
58:da:51:11:b5:9a:b4:90:2a:28:d3:b0:eb:39:bd:
44:60:ef:51:4a:fa:34:2b:00:b9:f1:d6:a2:2b:2e:
65:ab:2a:9b:99:ba:2f:c9:4d:56:b3:d5:1b:55:31:
43:75:46:4a:ab:05:95:e3:6a:75:1d:9d:b7:ac:9f:
20:b0:bb:04:c6:3a:ce:01:7d:c3:3c:bf:c2:f7:2d:
71:bb:78:08:e7:f7:84:6d:d2:ec:b2:9d:3e:70:67:
11:1b:dd:5f:84:37:bf:59:ff:ce:13:c2:bf:39:1d:
4a:55:58:1c:e6:b9:d9:b7:e8:89:ee:1b:d4:15:98:
44:c3:53:3f:6a:19:dd:26:27:b4:e1:0b:57:94:aa:
12:9a:f4:ff:58:e5:e5:a8:b1:e5:4c:e6:69:6c:ef:
68:bc:b5:a5:ce:d4:18:bf:68:70:32:13:4a:69:ef:
26:67:2c:81:07:eb:8d:89:e5:d1:67:1a:1a:df:a3:
f5:ba:9a:9f:d8:14:50:c7:23:43:af:7b:fc:d8:b1:
ac:34:9d:e7:6c:1a:8e:97:80:2c:0f:b1:16:b5:1d:
39:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:78:77:6C:F0:F5:8A:89:A9:B2:47:68:75:C2:7B:65:F9:26:A8:71
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/1d757286-8eda-42c2-aecf-19a8c013dc64.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc1:8400::/38
Signature Algorithm: sha256WithRSAEncryption
6e:08:22:cc:ce:f1:f6:0f:55:00:d7:e7:d0:d6:16:1d:d5:56:
7f:9e:06:80:b1:3f:4d:52:59:41:7a:7b:88:ee:1c:fb:92:34:
7e:2a:a3:0a:49:55:cf:aa:1b:04:1e:4a:34:c8:82:28:4f:78:
b9:f5:01:3c:da:f3:7b:e6:e9:50:a9:5f:ae:88:e8:a9:b0:df:
78:99:bf:32:52:b6:92:1b:a0:64:b5:68:71:a0:cf:32:f8:cf:
e5:94:3b:75:14:3b:a6:84:d9:77:5a:38:54:15:08:13:9b:5c:
e0:02:9e:5b:c3:16:c1:65:a2:a5:4e:48:5f:60:56:68:d6:6c:
50:58:1a:84:08:dc:3d:ce:31:33:d6:88:b6:56:83:6d:90:bf:
d4:85:11:7e:d9:30:83:36:23:83:69:99:71:ff:f4:65:20:40:
37:bb:13:6d:9e:1b:e1:c7:43:03:e0:b7:b5:0e:68:6c:bd:9d:
0f:ce:64:99:33:84:53:60:4a:63:b1:fa:70:d3:36:ca:ef:12:
93:63:34:40:c1:fa:1a:fc:69:91:02:38:b2:6c:db:01:5c:0a:
c3:87:83:6a:3c:2d:17:26:a3:a2:f5:47:44:16:35:75:63:42:
d8:d8:d4:2c:cc:51:2a:60:15:6b:fc:1e:f0:af:00:fa:ab:53:
4b:ea:e5:05
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUVqyfp1QDfpuJilQq05XucxffnIMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA5MjkxNTM5NTJaFw0yNTExMDMyMzU5NTlaMHoxSTBHBgNV
BAUTQDM2Mzg2MDQzYjNhNjI0NDIwZTQ3ODVlNTllOWQ2Yzg2MTZkNDI3NzVmYjEz
ZDQzYTIxZGExZDEyOWQ5Y2QzMWMxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMa0bGSJmqEq2Ldy3THRt8gq+X7WkLldmSRAuVRZgwmVgVRrimTPrw5YYPgX
WNpREbWatJAqKNOw6zm9RGDvUUr6NCsAufHWoisuZasqm5m6L8lNVrPVG1UxQ3VG
SqsFleNqdR2dt6yfILC7BMY6zgF9wzy/wvctcbt4COf3hG3S7LKdPnBnERvdX4Q3
v1n/zhPCvzkdSlVYHOa52bfoie4b1BWYRMNTP2oZ3SYntOELV5SqEpr0/1jl5aix
5UzmaWzvaLy1pc7UGL9ocDITSmnvJmcsgQfrjYnl0WcaGt+j9bqan9gUUMcjQ697
/NixrDSd52wajpeALA+xFrUdOYkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBT/eHds
8PWKiamyR2h1wntl+SaocTAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
MWQ3NTcyODYtOGVkYS00MmMyLWFlY2YtMTlhOGMwMTNkYzY0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAiABP8GE
MA0GCSqGSIb3DQEBCwUAA4IBAQBuCCLMzvH2D1UA1+fQ1hYd1VZ/ngaAsT9NUllB
enuI7hz7kjR+KqMKSVXPqhsEHko0yIIoT3i59QE82vN75ulQqV+uiOipsN94mb8y
UraSG6BktWhxoM8y+M/llDt1FDumhNl3WjhUFQgTm1zgAp5bwxbBZaKlTkhfYFZo
1mxQWBqECNw9zjEz1oi2VoNtkL/UhRF+2TCDNiODaZlx//RlIEA3uxNtnhvhx0MD
4Le1DmhsvZ0PzmSZM4RTYEpjsfpw0zbK7xKTYzRAwfoa/GmRAjiybNsBXArDh4Nq
PC0XJqOi9UdEFjV1Y0LY2NQszFEqYBVr/B7wrwD6q1NL6uUF
-----END CERTIFICATE-----
Generated at Sun Oct 19 17:45:26 2025 by rpki-client