
Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/2a82b03e-517c-4a81-96ab-2cf6049a7f3d.roa
File: 2a82b03e-517c-4a81-96ab-2cf6049a7f3d.roa (raw, json)
Hash identifier: 7DB9MfvevHCxN9BPjKuGBqh+pQ6AVT1bygsVhsBfGtE=
Subject key identifier: 9F:DC:5C:64:D8:EA:10:8A:3C:DF:A3:C0:A5:AF:0D:CB:67:E6:39:A9
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 51140DD1701395A4048FBC80095B478D9A5B811D
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/2a82b03e-517c-4a81-96ab-2cf6049a7f3d.roa
Signing time: Mon 29 Sep 2025 15:40:23 +0000
ROA not before: Mon 29 Sep 2025 15:40:23 +0000
ROA not after: Mon 03 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc3:6800::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
51:14:0d:d1:70:13:95:a4:04:8f:bc:80:09:5b:47:8d:9a:5b:81:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Sep 29 15:40:23 2025 GMT
Not After : Nov 3 23:59:59 2025 GMT
Subject: serialNumber=182c5a859fac4e004109d6afd7aa2d2ba0f0a7e1f232ba50489d090f41fc8e4a, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:61:f1:6d:5f:98:a5:82:4f:5d:b6:64:c3:ec:
3b:9e:9e:15:2b:01:6e:2f:75:06:26:85:e9:48:c5:
c8:0d:4d:b0:a5:76:79:7b:4c:04:8a:2c:0e:14:be:
cd:85:63:a7:72:c2:9a:05:6f:1a:24:49:3a:cf:f5:
74:83:a5:9a:3c:7a:d2:f8:88:e4:e6:28:e7:c5:e2:
e4:6d:51:f3:ae:77:2f:fe:08:5e:e1:54:fd:ec:0d:
7d:02:ea:90:14:5d:07:cb:e7:a5:fd:7c:f4:ce:1f:
b1:2d:6b:f6:36:b8:bf:b4:4c:3b:51:39:e9:00:c1:
87:28:ee:71:ec:aa:23:7d:b9:10:89:ae:f3:e2:2d:
95:2a:fd:08:1c:57:5d:db:fc:1b:2c:2f:4d:d7:fb:
b9:ed:4c:49:9f:e8:cc:1c:95:7a:fa:71:d7:e8:e6:
92:fc:84:8e:d1:5e:2b:d8:dc:14:8b:80:38:fe:f6:
4b:02:d1:7e:fd:9a:0d:26:69:eb:ae:54:f8:f4:63:
5c:28:b3:09:1f:20:65:27:22:70:da:71:56:0a:4f:
88:2a:6a:f0:77:1e:c8:f4:d3:fe:45:c8:ae:89:d5:
b9:53:40:4e:ea:d5:96:22:d8:fc:22:80:01:02:6c:
a5:72:58:17:ff:7e:43:ba:03:15:cc:19:22:a3:bb:
5c:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:DC:5C:64:D8:EA:10:8A:3C:DF:A3:C0:A5:AF:0D:CB:67:E6:39:A9
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/2a82b03e-517c-4a81-96ab-2cf6049a7f3d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc3:6800::/40
Signature Algorithm: sha256WithRSAEncryption
53:4b:9a:b0:ff:78:3a:0d:a7:77:72:e9:9d:62:bb:77:3a:76:
ed:fc:72:cc:62:6f:38:05:b2:90:4b:8a:21:13:68:32:52:be:
0e:a4:dd:b8:83:45:7c:49:75:f8:10:65:f9:cb:18:01:a3:9a:
bc:ea:4b:c6:16:92:94:de:dd:f1:4f:59:4d:56:a1:bf:cc:ef:
00:8f:75:b9:9e:e1:7a:f0:d1:c4:3f:17:c1:a9:78:43:1f:c4:
be:3a:f3:13:8f:4d:f0:d2:ea:59:11:35:d2:85:fc:d2:35:d2:
81:81:64:a5:0f:96:f7:e4:f4:5d:3d:18:9d:fa:27:6a:34:c3:
26:a5:9a:eb:e4:d3:87:c4:05:38:be:9d:b5:37:98:4d:d2:fc:
72:c2:87:de:7c:64:7d:a3:ff:5d:20:0d:94:bb:f8:e6:22:78:
ca:b6:66:d1:ba:ee:cc:c6:96:dd:e1:72:fb:82:5b:0d:28:7c:
db:39:bf:a4:f6:f2:c0:29:ea:81:f3:e1:b4:1e:2e:f4:dd:35:
e4:a2:49:74:a2:de:3a:29:bd:7d:9b:05:6b:8b:e6:55:db:0d:
69:e4:c8:0d:9d:ed:dc:23:53:63:ff:4c:e6:b9:40:fa:84:f1:
6b:3a:0a:33:31:ad:1b:e9:3e:a8:17:8d:63:49:6f:31:29:13:
70:79:25:bd
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUURQN0XATlaQEj7yACVtHjZpbgR0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA5MjkxNTQwMjNaFw0yNTExMDMyMzU5NTlaMHoxSTBHBgNV
BAUTQDE4MmM1YTg1OWZhYzRlMDA0MTA5ZDZhZmQ3YWEyZDJiYTBmMGE3ZTFmMjMy
YmE1MDQ4OWQwOTBmNDFmYzhlNGExLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOxh8W1fmKWCT122ZMPsO56eFSsBbi91BiaF6UjFyA1NsKV2eXtMBIosDhS+
zYVjp3LCmgVvGiRJOs/1dIOlmjx60viI5OYo58Xi5G1R8653L/4IXuFU/ewNfQLq
kBRdB8vnpf189M4fsS1r9ja4v7RMO1E56QDBhyjuceyqI325EImu8+ItlSr9CBxX
Xdv8GywvTdf7ue1MSZ/ozByVevpx1+jmkvyEjtFeK9jcFIuAOP72SwLRfv2aDSZp
665U+PRjXCizCR8gZScicNpxVgpPiCpq8HceyPTT/kXIronVuVNATurVliLY/CKA
AQJspXJYF/9+Q7oDFcwZIqO7XMcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSf3Fxk
2OoQijzfo8Clrw3LZ+Y5qTAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
MmE4MmIwM2UtNTE3Yy00YTgxLTk2YWItMmNmNjA0OWE3ZjNkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACABP8No
MA0GCSqGSIb3DQEBCwUAA4IBAQBTS5qw/3g6Dad3cumdYrt3Onbt/HLMYm84BbKQ
S4ohE2gyUr4OpN24g0V8SXX4EGX5yxgBo5q86kvGFpKU3t3xT1lNVqG/zO8Aj3W5
nuF68NHEPxfBqXhDH8S+OvMTj03w0upZETXShfzSNdKBgWSlD5b35PRdPRid+idq
NMMmpZrr5NOHxAU4vp21N5hN0vxywofefGR9o/9dIA2Uu/jmInjKtmbRuu7Mxpbd
4XL7glsNKHzbOb+k9vLAKeqB8+G0Hi703TXkokl0ot46Kb19mwVri+ZV2w1p5MgN
ne3cI1Nj/0zmuUD6hPFrOgozMa0b6T6oF41jSW8xKRNweSW9
-----END CERTIFICATE-----
Generated at Sun Oct 19 17:47:04 2025 by rpki-client