Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/336f8390-241d-4b6f-9822-91232dc553f3.roa
File: 336f8390-241d-4b6f-9822-91232dc553f3.roa (raw, json)
Hash identifier: QgskFA7WuLgQh04WH715ogC+uCAL86OWDRS/Zv+Ufc8=
Subject key identifier: 59:2D:3F:53:CC:2A:21:C8:4A:97:24:29:C3:DC:49:71:9E:24:7C:5A
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 39343CABDB1E49D252673C9B069B1BE631E4A13D
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/336f8390-241d-4b6f-9822-91232dc553f3.roa
Signing time: Mon 29 Sep 2025 15:40:16 +0000
ROA not before: Mon 29 Sep 2025 15:40:16 +0000
ROA not after: Mon 03 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc7:6800::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 15:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
39:34:3c:ab:db:1e:49:d2:52:67:3c:9b:06:9b:1b:e6:31:e4:a1:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Sep 29 15:40:16 2025 GMT
Not After : Nov 3 23:59:59 2025 GMT
Subject: serialNumber=75706d12e3c4330abfcd3347d6f2900ed984d44d0a45b3cd9d978ac52c4e75fd, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:06:05:76:26:2c:fe:1e:2f:18:2a:3c:72:be:
92:be:25:77:96:38:59:b1:9c:aa:67:aa:90:d4:f1:
f4:69:76:8c:f5:6c:71:b8:f1:8f:b0:e3:b4:dd:f5:
60:9b:c7:cf:bb:a2:f1:47:57:75:f1:71:0a:a1:5f:
ed:2b:59:1b:76:1b:48:7f:13:aa:3d:c8:b9:55:cc:
7b:b8:b2:e1:cb:4d:80:ab:4f:a5:32:4a:11:10:75:
9b:91:5c:45:17:7e:72:52:a1:8b:b6:7d:f7:19:c4:
ab:45:b8:c4:c6:9f:aa:23:02:e0:aa:96:41:8f:54:
4f:cb:b1:6f:53:91:24:60:53:ad:47:4d:05:87:5d:
72:86:58:97:3f:73:b4:67:8c:00:3b:dd:64:e3:23:
82:85:ab:86:27:64:90:0e:35:3b:d0:9a:ee:0f:26:
16:a6:00:3b:6d:e0:63:cd:bc:bc:ae:54:54:bd:21:
9b:5e:ee:54:e4:bc:e9:fe:8a:68:37:52:52:ff:31:
7e:39:c5:42:45:58:df:fd:b6:11:14:8e:e0:18:93:
ad:d5:07:4c:b8:8c:d4:6b:05:26:35:1c:e4:9e:f9:
ba:6e:23:d8:9e:33:27:3f:3b:fa:0e:63:21:83:93:
5b:60:97:a6:4f:42:fe:c3:ae:4e:1b:37:a6:03:4d:
6d:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:2D:3F:53:CC:2A:21:C8:4A:97:24:29:C3:DC:49:71:9E:24:7C:5A
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/336f8390-241d-4b6f-9822-91232dc553f3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc7:6800::/40
Signature Algorithm: sha256WithRSAEncryption
6c:4f:28:41:51:62:1c:53:f7:38:c0:83:6b:7a:72:ec:43:ed:
7c:b5:af:6f:91:70:d2:96:44:13:0d:62:42:c0:f1:24:24:55:
43:c8:ea:a3:b2:ea:36:26:46:14:01:9b:27:34:39:0e:b0:81:
70:00:6b:27:ba:8e:5a:05:8f:09:22:87:c6:c7:f4:d5:41:f3:
ff:53:3d:b3:65:6f:93:d0:40:61:f5:35:40:66:a6:80:41:c7:
79:cc:50:21:40:8e:b8:90:e6:08:4d:f5:5c:32:13:06:a4:59:
66:0e:14:b4:0d:99:33:62:8d:84:13:d8:26:5e:7d:14:a8:e3:
44:a5:f8:ab:5a:ce:a1:4c:7e:dc:4b:dd:54:44:c5:5b:03:05:
99:77:2b:11:57:36:51:e1:cc:b0:e4:9c:35:cf:7e:3c:2c:80:
07:55:84:b7:5b:f8:41:f9:3b:b4:b5:9c:cb:9a:ae:ba:0d:04:
a7:49:14:08:ce:94:b3:b2:0c:ed:bf:11:e4:ae:bc:ae:7b:a6:
8f:09:fd:7c:f6:c3:5e:9d:3c:f7:fd:18:74:0c:c0:64:f5:32:
0c:4d:6c:2c:15:aa:b1:d2:09:6f:ac:6b:e3:b7:85:21:f5:52:
ee:22:a2:45:67:44:70:6c:3d:ad:75:80:03:08:a6:b4:c4:1e:
ee:01:a5:85
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUOTQ8q9seSdJSZzybBpsb5jHkoT0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA5MjkxNTQwMTZaFw0yNTExMDMyMzU5NTlaMHoxSTBHBgNV
BAUTQDc1NzA2ZDEyZTNjNDMzMGFiZmNkMzM0N2Q2ZjI5MDBlZDk4NGQ0NGQwYTQ1
YjNjZDlkOTc4YWM1MmM0ZTc1ZmQxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPIGBXYmLP4eLxgqPHK+kr4ld5Y4WbGcqmeqkNTx9Gl2jPVscbjxj7DjtN31
YJvHz7ui8UdXdfFxCqFf7StZG3YbSH8Tqj3IuVXMe7iy4ctNgKtPpTJKERB1m5Fc
RRd+clKhi7Z99xnEq0W4xMafqiMC4KqWQY9UT8uxb1ORJGBTrUdNBYddcoZYlz9z
tGeMADvdZOMjgoWrhidkkA41O9Ca7g8mFqYAO23gY828vK5UVL0hm17uVOS86f6K
aDdSUv8xfjnFQkVY3/22ERSO4BiTrdUHTLiM1GsFJjUc5J75um4j2J4zJz87+g5j
IYOTW2CXpk9C/sOuThs3pgNNbS8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRZLT9T
zCohyEqXJCnD3ElxniR8WjAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
MzM2ZjgzOTAtMjQxZC00YjZmLTk4MjItOTEyMzJkYzU1M2YzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACABP8do
MA0GCSqGSIb3DQEBCwUAA4IBAQBsTyhBUWIcU/c4wINrenLsQ+18ta9vkXDSlkQT
DWJCwPEkJFVDyOqjsuo2JkYUAZsnNDkOsIFwAGsnuo5aBY8JIofGx/TVQfP/Uz2z
ZW+T0EBh9TVAZqaAQcd5zFAhQI64kOYITfVcMhMGpFlmDhS0DZkzYo2EE9gmXn0U
qONEpfirWs6hTH7cS91URMVbAwWZdysRVzZR4cyw5Jw1z348LIAHVYS3W/hB+Tu0
tZzLmq66DQSnSRQIzpSzsgztvxHkrryue6aPCf189sNenTz3/Rh0DMBk9TIMTWws
Faqx0glvrGvjt4Uh9VLuIqJFZ0RwbD2tdYADCKa0xB7uAaWF
-----END CERTIFICATE-----
Generated at Sun Oct 19 22:31:28 2025 by rpki-client