Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/1f7b2e34-a041-4b12-a5b0-5af0d6f43b9a.roa
File: 1f7b2e34-a041-4b12-a5b0-5af0d6f43b9a.roa (raw, json)
Hash identifier: 5HzUttUSX/HkAGV0NAiCLJ3E3h+Zqpgi5yOhCDr+RC0=
Subject key identifier: 80:67:AB:FF:14:31:6F:16:8D:70:38:97:5A:25:C1:EA:C3:9C:1C:05
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 50935D8FCF108969F312492EE7E7190A12DF15A7
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/1f7b2e34-a041-4b12-a5b0-5af0d6f43b9a.roa
Signing time: Mon 29 Sep 2025 15:39:55 +0000
ROA not before: Mon 29 Sep 2025 15:39:55 +0000
ROA not after: Mon 03 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc1:8c00::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 15:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
50:93:5d:8f:cf:10:89:69:f3:12:49:2e:e7:e7:19:0a:12:df:15:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Sep 29 15:39:55 2025 GMT
Not After : Nov 3 23:59:59 2025 GMT
Subject: serialNumber=43ba1431a44c7e8c8adc604e40c62935913c8f75eb3c8eaef297fee45771ff74, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:0d:59:27:17:9d:47:8e:5c:72:6f:13:e0:8a:
44:31:e9:64:98:bb:cb:d2:65:00:42:d3:b7:d6:1f:
a7:90:2e:eb:3a:b6:65:8d:18:a3:f2:f0:e4:b8:54:
b3:a2:6e:06:86:64:a4:f0:2f:8a:87:d3:b1:14:2e:
50:4b:8b:a1:c4:d6:d5:67:f0:83:ad:24:63:87:b5:
b6:08:b3:36:c8:78:7a:b0:58:4b:a6:15:2f:78:f1:
49:b5:2d:a5:c8:2d:8a:fb:39:a8:95:55:fd:c8:26:
ff:a2:0f:6d:42:42:d7:79:05:88:43:4a:c1:12:fc:
ee:81:a9:20:14:3b:90:51:7f:64:d0:97:8d:f7:a1:
f1:3e:c9:b7:6a:82:3f:c2:f0:f3:57:7d:98:eb:57:
e6:bc:e4:8e:83:de:44:30:07:c0:42:de:83:6d:b9:
f7:5b:50:e3:1e:36:9d:a5:e2:1f:ba:95:ff:f6:77:
33:59:d1:f9:ff:74:e1:26:2e:4f:80:78:d3:bd:f2:
de:13:b0:4c:d9:09:aa:0b:2c:34:63:d4:2f:d9:d3:
54:16:1c:79:89:de:e5:70:60:6c:22:06:fb:19:3a:
78:26:a4:4a:e4:96:07:48:3c:cd:3a:37:7d:73:d3:
22:4e:f6:34:eb:a3:7e:bc:76:0b:9e:fa:e6:e0:b5:
83:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:67:AB:FF:14:31:6F:16:8D:70:38:97:5A:25:C1:EA:C3:9C:1C:05
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/1f7b2e34-a041-4b12-a5b0-5af0d6f43b9a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc1:8c00::/38
Signature Algorithm: sha256WithRSAEncryption
2e:9a:44:53:2b:cb:28:7d:64:9e:72:ad:74:7d:6e:2c:47:a6:
0f:d5:e7:b1:52:22:b8:78:98:2a:c7:8f:db:ba:0d:d0:b1:45:
e7:e0:90:32:11:7e:f1:94:7d:e7:75:77:a2:cd:b1:07:10:e9:
bf:ca:d5:a1:17:db:08:93:bb:01:a5:33:4d:1d:de:69:70:ad:
86:fc:c7:f2:f5:b9:e9:25:c0:8e:40:d6:fe:33:4f:aa:fd:fa:
bc:30:f1:3e:59:70:d4:39:68:f7:63:8d:96:71:ef:63:70:77:
c1:38:2e:62:db:4e:a2:4f:23:1e:a6:0e:8d:fd:5d:a3:8d:36:
b1:2d:91:e6:0e:a9:58:cb:84:f7:d9:e9:83:b2:90:b3:65:49:
11:36:1e:02:13:cd:12:e4:8d:28:f2:99:c2:24:e1:40:49:24:
54:66:f6:f8:18:38:90:02:6d:96:a8:7d:1b:4f:f7:92:df:64:
e9:45:9a:e1:db:3d:2b:83:7b:ff:8e:a2:e9:7c:f5:22:f6:bb:
40:78:1d:c3:09:c6:3d:ad:be:fd:2d:18:5e:27:f1:50:71:20:
f2:72:b3:bd:8f:7c:a1:bb:d9:ca:67:eb:9f:1a:60:e0:23:50:
9b:9f:95:f8:f8:27:f1:7e:e0:fe:94:c2:9e:64:39:2c:a9:46:
cb:88:50:b7
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUUJNdj88QiWnzEkku5+cZChLfFacwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA5MjkxNTM5NTVaFw0yNTExMDMyMzU5NTlaMHoxSTBHBgNV
BAUTQDQzYmExNDMxYTQ0YzdlOGM4YWRjNjA0ZTQwYzYyOTM1OTEzYzhmNzVlYjNj
OGVhZWYyOTdmZWU0NTc3MWZmNzQxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJENWScXnUeOXHJvE+CKRDHpZJi7y9JlAELTt9Yfp5Au6zq2ZY0Yo/Lw5LhU
s6JuBoZkpPAviofTsRQuUEuLocTW1Wfwg60kY4e1tgizNsh4erBYS6YVL3jxSbUt
pcgtivs5qJVV/cgm/6IPbUJC13kFiENKwRL87oGpIBQ7kFF/ZNCXjfeh8T7Jt2qC
P8Lw81d9mOtX5rzkjoPeRDAHwELeg22591tQ4x42naXiH7qV//Z3M1nR+f904SYu
T4B4073y3hOwTNkJqgssNGPUL9nTVBYceYne5XBgbCIG+xk6eCakSuSWB0g8zTo3
fXPTIk72NOujfrx2C5765uC1g20CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSAZ6v/
FDFvFo1wOJdaJcHqw5wcBTAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
MWY3YjJlMzQtYTA0MS00YjEyLWE1YjAtNWFmMGQ2ZjQzYjlhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAiABP8GM
MA0GCSqGSIb3DQEBCwUAA4IBAQAumkRTK8sofWSecq10fW4sR6YP1eexUiK4eJgq
x4/bug3QsUXn4JAyEX7xlH3ndXeizbEHEOm/ytWhF9sIk7sBpTNNHd5pcK2G/Mfy
9bnpJcCOQNb+M0+q/fq8MPE+WXDUOWj3Y42Wce9jcHfBOC5i206iTyMepg6N/V2j
jTaxLZHmDqlYy4T32emDspCzZUkRNh4CE80S5I0o8pnCJOFASSRUZvb4GDiQAm2W
qH0bT/eS32TpRZrh2z0rg3v/jqLpfPUi9rtAeB3DCcY9rb79LRheJ/FQcSDycrO9
j3yhu9nKZ+ufGmDgI1Cbn5X4+CfxfuD+lMKeZDksqUbLiFC3
-----END CERTIFICATE-----
Generated at Mon Oct 20 01:08:47 2025 by rpki-client