Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/4318c3f0-c6a7-430c-bfad-645d9ad814d0.roa
File: 4318c3f0-c6a7-430c-bfad-645d9ad814d0.roa (raw, json)
Hash identifier: bVnn6WxjTJB+jUufXDRpIOkUFuikLa/0iXRxZM1oIzM=
Subject key identifier: 9E:22:AC:0D:03:E2:DE:5D:0D:45:66:BC:E2:EC:4B:6C:1E:F4:EF:39
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 1E452947E1548D51BA7A1E82112F2DA2D297D415
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/4318c3f0-c6a7-430c-bfad-645d9ad814d0.roa
Signing time: Mon 29 Sep 2025 15:40:00 +0000
ROA not before: Mon 29 Sep 2025 15:40:00 +0000
ROA not after: Mon 03 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc2:8000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 15:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1e:45:29:47:e1:54:8d:51:ba:7a:1e:82:11:2f:2d:a2:d2:97:d4:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Sep 29 15:40:00 2025 GMT
Not After : Nov 3 23:59:59 2025 GMT
Subject: serialNumber=e14f6f970fbf88389d575f7c164ce22e39086e51f40286726d80651fa0477d28, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:65:e1:d1:89:bd:36:ab:3e:b3:bd:8e:1f:8f:
94:00:4b:3f:1c:cc:40:e3:0d:c4:d8:6f:31:d2:63:
2c:d1:d2:93:44:13:01:10:fd:84:30:af:d4:74:eb:
aa:9c:54:30:cb:a5:93:21:e8:5a:9b:ce:b8:e1:b5:
35:db:53:8e:72:fe:cf:ad:6a:35:f3:52:15:5f:48:
28:94:a3:dd:4f:af:55:f9:21:f8:86:b2:15:49:e9:
9d:27:64:04:d2:a4:4b:cc:93:47:c9:b4:3a:99:96:
46:52:b6:2b:25:df:76:14:4f:4b:73:c2:2f:c9:b0:
37:b5:e7:ef:b8:48:a7:05:63:2d:71:2c:74:70:b3:
7d:c1:ff:8b:d3:81:18:42:72:f3:f7:f5:5e:92:92:
28:f6:a0:a6:00:e3:ee:75:74:56:22:be:29:24:85:
f7:88:a2:09:90:d5:37:28:9c:f6:c9:a9:ee:e6:02:
df:12:c1:4b:cd:1a:ea:4b:38:e6:06:f8:9d:23:eb:
4c:8d:86:13:57:25:87:bf:ee:e5:5e:c1:3d:17:67:
a3:71:67:87:2a:47:21:c5:c2:a6:60:3c:bf:3c:b1:
23:0a:de:b2:12:d1:33:b7:3f:20:42:29:ac:ec:d7:
9e:cc:f3:ff:3e:64:35:6c:77:00:32:6e:42:bc:7b:
16:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:22:AC:0D:03:E2:DE:5D:0D:45:66:BC:E2:EC:4B:6C:1E:F4:EF:39
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/4318c3f0-c6a7-430c-bfad-645d9ad814d0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc2:8000::/36
Signature Algorithm: sha256WithRSAEncryption
58:24:3e:cb:70:2d:20:1b:15:8b:c2:04:a0:ab:91:23:e7:0c:
51:da:0b:a8:6c:45:ae:4e:43:15:6a:58:f1:f8:44:5f:9c:86:
38:b3:e8:f2:92:b2:f3:7a:d6:6d:80:70:7c:9b:65:ef:ce:f3:
1b:58:e8:76:1b:a4:b2:1c:ac:72:fc:f2:37:5c:af:05:a7:bf:
57:0b:b0:ae:a4:07:71:ab:e3:8a:f7:09:9e:b5:90:6b:3a:94:
81:5e:39:f7:a2:c9:e6:8b:93:3e:d5:54:97:c6:be:89:c5:4e:
a2:38:e9:1a:63:b1:d6:d2:ef:6b:d1:8a:30:17:db:3b:9b:60:
d3:dd:0c:46:87:c1:5f:7d:9d:5a:fa:a3:0c:e6:b7:d2:4e:04:
ec:87:78:91:a8:02:e6:c0:73:3f:47:7a:8a:f7:4a:83:4e:8f:
27:d8:00:9e:88:65:15:d2:5d:c3:4b:43:c7:af:6f:a5:ab:67:
b3:27:13:4c:da:50:cb:95:fc:69:fe:d3:ae:7e:b6:07:4d:4a:
76:0c:90:76:47:17:6d:73:13:e7:75:47:8c:8c:e6:b2:b2:58:
e9:36:03:cb:a8:c7:5b:e6:90:d6:c6:01:6f:c0:9d:bb:79:fb:
36:48:3f:63:d3:02:04:a1:25:79:87:a9:04:5a:c0:14:28:ef:
f2:ac:77:b7
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUHkUpR+FUjVG6eh6CES8totKX1BUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA5MjkxNTQwMDBaFw0yNTExMDMyMzU5NTlaMHoxSTBHBgNV
BAUTQGUxNGY2Zjk3MGZiZjg4Mzg5ZDU3NWY3YzE2NGNlMjJlMzkwODZlNTFmNDAy
ODY3MjZkODA2NTFmYTA0NzdkMjgxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALhl4dGJvTarPrO9jh+PlABLPxzMQOMNxNhvMdJjLNHSk0QTARD9hDCv1HTr
qpxUMMulkyHoWpvOuOG1NdtTjnL+z61qNfNSFV9IKJSj3U+vVfkh+IayFUnpnSdk
BNKkS8yTR8m0OpmWRlK2KyXfdhRPS3PCL8mwN7Xn77hIpwVjLXEsdHCzfcH/i9OB
GEJy8/f1XpKSKPagpgDj7nV0ViK+KSSF94iiCZDVNyic9smp7uYC3xLBS80a6ks4
5gb4nSPrTI2GE1clh7/u5V7BPRdno3FnhypHIcXCpmA8vzyxIwreshLRM7c/IEIp
rOzXnszz/z5kNWx3ADJuQrx7FpUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSeIqwN
A+LeXQ1FZrzi7EtsHvTvOTAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
NDMxOGMzZjAtYzZhNy00MzBjLWJmYWQtNjQ1ZDlhZDgxNGQwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCABP8KA
MA0GCSqGSIb3DQEBCwUAA4IBAQBYJD7LcC0gGxWLwgSgq5Ej5wxR2guobEWuTkMV
aljx+ERfnIY4s+jykrLzetZtgHB8m2XvzvMbWOh2G6SyHKxy/PI3XK8Fp79XC7Cu
pAdxq+OK9wmetZBrOpSBXjn3osnmi5M+1VSXxr6JxU6iOOkaY7HW0u9r0YowF9s7
m2DT3QxGh8FffZ1a+qMM5rfSTgTsh3iRqALmwHM/R3qK90qDTo8n2ACeiGUV0l3D
S0PHr2+lq2ezJxNM2lDLlfxp/tOufrYHTUp2DJB2RxdtcxPndUeMjOaysljpNgPL
qMdb5pDWxgFvwJ27efs2SD9j0wIEoSV5h6kEWsAUKO/yrHe3
-----END CERTIFICATE-----
Generated at Mon Oct 20 01:08:51 2025 by rpki-client