Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/215a2c9b-4dc1-48db-846e-de75149ba3ec.roa
File: 215a2c9b-4dc1-48db-846e-de75149ba3ec.roa (raw, json)
Hash identifier: UMVjySZGwmSkWrfdKX5NbKdUfiuPKxTCssZcvVYjtcA=
Subject key identifier: DF:E0:C6:FE:07:F8:24:1A:9D:89:00:6F:5A:B8:D8:F3:8E:68:8E:10
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 7B46D4C4C0AEA7EDEB5457CD0AD50758C8DF975E
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/215a2c9b-4dc1-48db-846e-de75149ba3ec.roa
Signing time: Mon 29 Sep 2025 15:40:01 +0000
ROA not before: Mon 29 Sep 2025 15:40:01 +0000
ROA not after: Mon 03 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc2::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 09:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7b:46:d4:c4:c0:ae:a7:ed:eb:54:57:cd:0a:d5:07:58:c8:df:97:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Sep 29 15:40:01 2025 GMT
Not After : Nov 3 23:59:59 2025 GMT
Subject: serialNumber=bbf21326315fea5dedd4a27bd2dca814e180259ab20640440b7abde7a35c8018, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:c5:69:e5:08:c6:a5:01:90:6e:d4:d8:fa:02:
a6:7d:d8:12:ee:05:47:af:6a:da:2c:4e:05:04:4f:
ea:ef:8e:c4:c4:27:82:9c:17:b6:eb:ea:92:9e:24:
dd:3e:c7:7f:7f:15:75:a0:bf:ed:ba:a9:01:1f:7a:
a4:dc:44:95:e1:2e:bf:4e:74:83:87:c9:38:cf:c0:
27:26:ae:f5:c9:a6:7d:c3:4a:0c:50:01:26:12:7e:
4c:02:3f:6d:8a:de:96:43:13:0d:e6:f0:44:49:fc:
be:03:f2:47:42:bc:75:84:f9:01:fb:91:23:cc:3e:
6b:52:c1:ef:f2:5b:fe:c4:95:09:32:0e:07:01:9b:
cc:c8:46:22:b4:71:46:1f:87:6b:3d:95:ad:07:fa:
0d:50:e6:43:58:ef:46:16:01:20:87:43:ef:8a:b5:
a8:f6:11:c7:02:c3:fb:41:78:33:ca:63:a3:3f:68:
46:34:00:76:37:8a:74:a3:57:0e:dc:f8:3f:3a:6f:
ef:20:37:46:95:55:44:a8:c5:7b:aa:87:d1:3c:06:
93:a3:96:8b:0c:3c:11:38:40:cd:36:6d:e9:93:d6:
e1:ac:f8:01:67:9e:9a:da:17:fb:a1:17:84:81:59:
1b:ad:96:2e:d3:5e:42:b2:5a:f6:be:f8:43:c6:b7:
66:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:E0:C6:FE:07:F8:24:1A:9D:89:00:6F:5A:B8:D8:F3:8E:68:8E:10
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/215a2c9b-4dc1-48db-846e-de75149ba3ec.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc2::/32
Signature Algorithm: sha256WithRSAEncryption
06:81:e7:79:d7:f1:f9:13:37:e5:7e:b4:1e:f2:0f:9f:19:86:
b3:5b:16:32:0f:1d:6d:79:f2:82:d3:69:c7:f5:52:82:ba:a8:
3e:39:6e:92:eb:4d:72:2e:72:7d:af:30:ce:cb:0b:03:e9:62:
81:ba:e5:c6:95:7c:5b:ed:df:a5:61:bd:77:28:e1:a7:05:00:
7c:e0:40:07:33:00:20:2a:13:e0:99:90:f7:5a:13:a5:97:49:
72:68:53:87:df:16:79:74:fd:46:1e:04:41:c9:ba:c3:c1:84:
b4:9a:8b:45:7d:01:07:0d:2c:2d:a5:e2:b9:84:8a:7e:05:ee:
a6:86:d1:84:8b:8a:63:91:da:d2:db:09:f8:22:d7:55:76:6e:
a1:1a:a0:df:cb:17:dc:da:e5:7b:63:0d:97:7f:2f:29:38:04:
b9:25:3a:8e:ff:42:fa:35:aa:c2:7b:b3:77:5d:c3:50:64:f4:
b3:36:1e:43:ea:a2:20:12:1e:86:12:45:2b:47:84:20:3d:06:
e3:19:10:fe:67:3e:20:5b:a2:0a:33:bd:3a:95:de:93:4e:ed:
07:05:8e:4d:a7:8b:14:56:8e:07:eb:c5:14:a9:13:65:63:25:
dd:63:25:69:ba:59:b6:b1:55:05:db:92:3d:8c:a1:7f:7c:75:
8e:45:0f:72
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgIUe0bUxMCup+3rVFfNCtUHWMjfl14wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA5MjkxNTQwMDFaFw0yNTExMDMyMzU5NTlaMHoxSTBHBgNV
BAUTQGJiZjIxMzI2MzE1ZmVhNWRlZGQ0YTI3YmQyZGNhODE0ZTE4MDI1OWFiMjA2
NDA0NDBiN2FiZGU3YTM1YzgwMTgxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ3FaeUIxqUBkG7U2PoCpn3YEu4FR69q2ixOBQRP6u+OxMQngpwXtuvqkp4k
3T7Hf38VdaC/7bqpAR96pNxEleEuv050g4fJOM/AJyau9cmmfcNKDFABJhJ+TAI/
bYrelkMTDebwREn8vgPyR0K8dYT5AfuRI8w+a1LB7/Jb/sSVCTIOBwGbzMhGIrRx
Rh+Haz2VrQf6DVDmQ1jvRhYBIIdD74q1qPYRxwLD+0F4M8pjoz9oRjQAdjeKdKNX
Dtz4Pzpv7yA3RpVVRKjFe6qH0TwGk6OWiww8EThAzTZt6ZPW4az4AWeemtoX+6EX
hIFZG62WLtNeQrJa9r74Q8a3Zm0CAwEAAaOCAiIwggIeMB0GA1UdDgQWBBTf4Mb+
B/gkGp2JAG9auNjzjmiOEDAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
MjE1YTJjOWItNGRjMS00OGRiLTg0NmUtZGU3NTE0OWJhM2VjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACABP8Iw
DQYJKoZIhvcNAQELBQADggEBAAaB53nX8fkTN+V+tB7yD58ZhrNbFjIPHW158oLT
acf1UoK6qD45bpLrTXIucn2vMM7LCwPpYoG65caVfFvt36VhvXco4acFAHzgQAcz
ACAqE+CZkPdaE6WXSXJoU4ffFnl0/UYeBEHJusPBhLSai0V9AQcNLC2l4rmEin4F
7qaG0YSLimOR2tLbCfgi11V2bqEaoN/LF9za5XtjDZd/Lyk4BLklOo7/Qvo1qsJ7
s3ddw1Bk9LM2HkPqoiASHoYSRStHhCA9BuMZEP5nPiBbogozvTqV3pNO7QcFjk2n
ixRWjgfrxRSpE2VjJd1jJWm6WbaxVQXbkj2MoX98dY5FD3I=
-----END CERTIFICATE-----
Generated at Mon Oct 20 12:52:22 2025 by rpki-client