
Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/3e9ca5f6-88cd-4fa7-8ab6-a2d678013349.roa
File: 3e9ca5f6-88cd-4fa7-8ab6-a2d678013349.roa (raw, json)
Hash identifier: plhr50Dt+PpzpxPWmaT9akh4H7ha1MldEW83KpnuiQ4=
Subject key identifier: 32:E0:F6:2B:9D:1C:91:A1:D9:99:CC:F0:A1:BA:F4:B4:89:2B:83:56
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 50EACAAE7C17727EF6E40A4A45999E5B95D7C6D2
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/3e9ca5f6-88cd-4fa7-8ab6-a2d678013349.roa
Signing time: Mon 29 Sep 2025 15:39:27 +0000
ROA not before: Mon 29 Sep 2025 15:39:27 +0000
ROA not after: Mon 03 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc7:2800::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
50:ea:ca:ae:7c:17:72:7e:f6:e4:0a:4a:45:99:9e:5b:95:d7:c6:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Sep 29 15:39:27 2025 GMT
Not After : Nov 3 23:59:59 2025 GMT
Subject: serialNumber=a85ada74e2184d68ba38bb4c17bc91838e7b8eb521c264b9cdc4920f98f3f7ac, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:9c:bf:29:61:dd:dd:06:70:39:ab:35:ca:7a:
f9:a6:d0:6d:31:d7:51:a5:30:2d:97:44:ca:eb:a7:
4c:95:2b:86:5c:7e:56:43:12:aa:ac:0c:aa:80:a2:
a8:12:7e:0d:06:09:b1:da:f4:c6:aa:77:a2:15:8a:
1e:e2:2d:31:20:2a:bd:ab:7c:20:32:da:2c:9b:54:
24:c1:37:8e:93:29:de:bf:62:29:7c:5c:b3:4f:c3:
89:47:3e:7d:66:18:ff:1d:b1:c9:8f:7f:67:d9:50:
48:80:65:b2:b8:f0:b1:4a:0e:a8:ea:d5:06:ff:4d:
17:82:f2:86:f4:a6:cf:13:65:d2:81:65:42:65:00:
4a:4f:86:9c:78:4e:88:d0:3d:4d:82:69:a8:a4:8e:
f9:f7:81:d9:31:a0:61:a6:56:24:df:ce:f7:e3:90:
92:85:3f:26:f9:a5:bf:89:d4:b8:d8:01:35:aa:63:
54:5d:24:22:1c:e7:65:11:c3:b3:81:39:4c:c4:9f:
d6:6c:3a:05:7d:00:2d:99:90:f5:dd:73:99:5c:47:
62:d1:bc:a5:6b:25:35:8e:8c:18:13:5d:7e:9d:b5:
29:67:8b:44:87:e8:06:77:a2:13:3c:5d:42:04:bc:
dd:15:1a:24:ae:84:4e:a6:97:64:34:d3:f3:32:33:
6b:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:E0:F6:2B:9D:1C:91:A1:D9:99:CC:F0:A1:BA:F4:B4:89:2B:83:56
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/3e9ca5f6-88cd-4fa7-8ab6-a2d678013349.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc7:2800::/40
Signature Algorithm: sha256WithRSAEncryption
58:65:14:ea:ce:2f:68:c5:75:43:45:fa:0a:b0:ff:70:16:b2:
9a:d7:db:0a:30:4b:e0:a1:e9:5d:d8:39:69:8f:61:5d:8e:20:
ad:06:04:c5:4b:2c:1b:84:28:4d:44:61:56:73:dd:0a:4b:37:
be:a0:e2:54:a6:93:e9:86:05:7c:44:8e:58:8a:64:81:a6:51:
ff:05:23:b5:2d:32:06:5e:70:5b:02:fb:e8:d0:e4:48:9e:de:
4f:2c:eb:12:92:eb:c2:d3:bc:3d:7a:f6:2c:b4:44:eb:ca:d1:
e4:68:29:cd:6d:bb:0e:77:32:b1:7f:82:75:f0:00:26:61:8a:
01:da:e7:eb:60:9b:5c:a2:5e:f8:9e:6c:b2:62:28:bc:6c:10:
b0:25:9c:35:f3:30:6f:fa:50:8e:38:a0:01:8c:4d:50:33:b6:
2f:25:34:61:7a:6f:67:76:41:bd:84:2d:de:33:9b:df:76:42:
2c:06:bf:97:d5:86:ad:51:0e:82:34:ed:67:09:c2:b8:9b:72:
73:2a:27:2d:0d:38:c5:40:eb:26:0d:11:98:15:c5:10:f5:4e:
d7:1f:60:da:e1:ab:07:5a:df:09:9d:a4:8e:8f:95:ba:8a:5b:
51:ce:76:10:ce:52:79:03:28:27:be:ca:18:e7:15:31:f4:c8:
94:5d:d5:a4
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUUOrKrnwXcn725ApKRZmeW5XXxtIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA5MjkxNTM5MjdaFw0yNTExMDMyMzU5NTlaMHoxSTBHBgNV
BAUTQGE4NWFkYTc0ZTIxODRkNjhiYTM4YmI0YzE3YmM5MTgzOGU3YjhlYjUyMWMy
NjRiOWNkYzQ5MjBmOThmM2Y3YWMxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALOcvylh3d0GcDmrNcp6+abQbTHXUaUwLZdEyuunTJUrhlx+VkMSqqwMqoCi
qBJ+DQYJsdr0xqp3ohWKHuItMSAqvat8IDLaLJtUJME3jpMp3r9iKXxcs0/DiUc+
fWYY/x2xyY9/Z9lQSIBlsrjwsUoOqOrVBv9NF4LyhvSmzxNl0oFlQmUASk+GnHhO
iNA9TYJpqKSO+feB2TGgYaZWJN/O9+OQkoU/Jvmlv4nUuNgBNapjVF0kIhznZRHD
s4E5TMSf1mw6BX0ALZmQ9d1zmVxHYtG8pWslNY6MGBNdfp21KWeLRIfoBneiEzxd
QgS83RUaJK6ETqaXZDTT8zIzawECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQy4PYr
nRyRodmZzPChuvS0iSuDVjAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
M2U5Y2E1ZjYtODhjZC00ZmE3LThhYjYtYTJkNjc4MDEzMzQ5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACABP8co
MA0GCSqGSIb3DQEBCwUAA4IBAQBYZRTqzi9oxXVDRfoKsP9wFrKa19sKMEvgoeld
2Dlpj2FdjiCtBgTFSywbhChNRGFWc90KSze+oOJUppPphgV8RI5YimSBplH/BSO1
LTIGXnBbAvvo0ORInt5PLOsSkuvC07w9evYstETrytHkaCnNbbsOdzKxf4J18AAm
YYoB2ufrYJtcol74nmyyYii8bBCwJZw18zBv+lCOOKABjE1QM7YvJTRhem9ndkG9
hC3eM5vfdkIsBr+X1YatUQ6CNO1nCcK4m3JzKictDTjFQOsmDRGYFcUQ9U7XH2Da
4asHWt8JnaSOj5W6iltRznYQzlJ5AygnvsoY5xUx9MiUXdWk
-----END CERTIFICATE-----
Generated at Sun Oct 19 17:47:05 2025 by rpki-client