
Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/4c3a78bf-d9cf-418f-8a3a-8c3e72470c1c.roa
File: 4c3a78bf-d9cf-418f-8a3a-8c3e72470c1c.roa (raw, json)
Hash identifier: OaRb6WWJ6ac8IcInT3Bd7xWTnt1k4/Ok1Toeq3bYdxc=
Subject key identifier: 44:D8:84:4D:C3:96:70:2E:93:7F:A7:52:CC:2B:FF:95:9A:26:FB:EA
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 3D5559B1161EC3BE5320144337DB3CEF00F15EDA
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/4c3a78bf-d9cf-418f-8a3a-8c3e72470c1c.roa
Signing time: Mon 29 Sep 2025 15:39:28 +0000
ROA not before: Mon 29 Sep 2025 15:39:28 +0000
ROA not after: Mon 03 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc0:840::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3d:55:59:b1:16:1e:c3:be:53:20:14:43:37:db:3c:ef:00:f1:5e:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Sep 29 15:39:28 2025 GMT
Not After : Nov 3 23:59:59 2025 GMT
Subject: serialNumber=c494e4c4c496524888db2563c78190a60f5c9c5e5b1fc34709e5232630e05c41, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:83:ca:fc:19:4d:b3:4d:0f:ba:d2:b1:bc:cb:
19:d8:ec:73:27:11:c7:da:9f:43:59:f4:6b:16:f3:
0f:40:1a:80:12:32:c7:98:3a:90:4f:f0:2e:b0:63:
6a:3d:98:db:71:eb:ec:e0:57:dc:8c:c4:3a:8d:0b:
df:7d:92:45:ae:37:ea:53:4e:e7:b4:38:cd:0d:32:
73:22:3d:f3:33:a5:f8:13:11:2a:9b:3d:b6:d4:6d:
e1:d7:b7:8e:ff:f6:e5:42:e0:1f:d1:fa:1b:60:50:
40:19:b5:7f:ec:bc:6a:64:9a:7d:7f:38:0f:71:43:
2f:52:9d:ac:5a:f4:76:f5:73:68:e5:3c:17:e9:b2:
98:76:03:03:30:ed:ad:8f:2e:bb:4c:e1:c3:7c:42:
38:23:5a:b7:f0:2e:56:d3:e3:cb:7d:a8:fe:73:b4:
ce:40:cb:15:d3:70:46:e4:c7:2e:12:8a:97:3f:bc:
5f:8c:d8:e0:22:03:ca:03:a9:7f:92:42:83:7b:ef:
80:35:d7:ae:20:c4:eb:eb:fc:78:62:c1:93:b9:91:
ff:79:d6:1d:c5:a9:32:a6:37:dc:e5:54:7d:82:f0:
93:97:db:2e:8d:fc:90:b2:9d:de:80:cc:4e:55:9e:
ab:50:68:03:98:88:f7:13:d6:96:92:e8:4e:0c:92:
1f:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:D8:84:4D:C3:96:70:2E:93:7F:A7:52:CC:2B:FF:95:9A:26:FB:EA
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/4c3a78bf-d9cf-418f-8a3a-8c3e72470c1c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc0:840::/48
Signature Algorithm: sha256WithRSAEncryption
3a:dd:6f:22:49:a2:96:fe:a1:4f:53:1a:41:61:1b:bd:c2:61:
91:c7:26:5a:7d:91:11:71:62:3f:e6:bc:5d:6d:16:d8:c9:9c:
61:8a:af:28:5d:71:fa:60:33:ad:3d:80:f3:19:69:85:d0:69:
59:6d:36:0d:f3:42:fb:aa:11:95:14:32:77:f4:32:fd:b6:4b:
22:47:c8:9d:50:b6:03:0b:02:2e:f5:80:76:78:98:94:f1:f3:
b3:84:dc:59:74:4c:79:48:87:66:78:7c:47:3f:a5:69:ee:a9:
24:11:f7:ce:38:73:47:0c:9c:54:76:88:a6:2e:b6:9f:2d:6b:
94:17:b6:6a:9d:b8:19:79:a1:a6:79:86:6e:e8:42:af:35:08:
66:0b:f3:fe:79:14:9e:a2:66:dc:80:43:c5:f1:54:d2:a2:76:
63:56:0a:2c:dd:36:aa:fd:39:5f:60:ef:cf:5a:d8:1b:e0:ef:
24:a6:f0:6e:1d:7a:85:80:f1:47:eb:d6:bb:d3:fa:e7:4f:bd:
df:57:3f:b1:7b:4f:ee:94:df:e9:58:b0:38:23:99:0b:a9:68:
f3:ac:0b:a1:71:8b:8b:bb:ed:76:0d:6d:a1:d0:6f:a5:8a:2f:
bd:41:8d:18:26:16:94:15:f0:d3:08:e1:2e:f3:ab:3d:6b:ab:
df:80:e5:7f
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUPVVZsRYew75TIBRDN9s87wDxXtowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA5MjkxNTM5MjhaFw0yNTExMDMyMzU5NTlaMHoxSTBHBgNV
BAUTQGM0OTRlNGM0YzQ5NjUyNDg4OGRiMjU2M2M3ODE5MGE2MGY1YzljNWU1YjFm
YzM0NzA5ZTUyMzI2MzBlMDVjNDExLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALCDyvwZTbNND7rSsbzLGdjscycRx9qfQ1n0axbzD0AagBIyx5g6kE/wLrBj
aj2Y23Hr7OBX3IzEOo0L332SRa436lNO57Q4zQ0ycyI98zOl+BMRKps9ttRt4de3
jv/25ULgH9H6G2BQQBm1f+y8amSafX84D3FDL1KdrFr0dvVzaOU8F+mymHYDAzDt
rY8uu0zhw3xCOCNat/AuVtPjy32o/nO0zkDLFdNwRuTHLhKKlz+8X4zY4CIDygOp
f5JCg3vvgDXXriDE6+v8eGLBk7mR/3nWHcWpMqY33OVUfYLwk5fbLo38kLKd3oDM
TlWeq1BoA5iI9xPWlpLoTgySH6UCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRE2IRN
w5ZwLpN/p1LMK/+Vmib76jAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
NGMzYTc4YmYtZDljZi00MThmLThhM2EtOGMzZTcyNDcwYzFjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACABP8AI
QDANBgkqhkiG9w0BAQsFAAOCAQEAOt1vIkmilv6hT1MaQWEbvcJhkccmWn2REXFi
P+a8XW0W2MmcYYqvKF1x+mAzrT2A8xlphdBpWW02DfNC+6oRlRQyd/Qy/bZLIkfI
nVC2AwsCLvWAdniYlPHzs4TcWXRMeUiHZnh8Rz+lae6pJBH3zjhzRwycVHaIpi62
ny1rlBe2ap24GXmhpnmGbuhCrzUIZgvz/nkUnqJm3IBDxfFU0qJ2Y1YKLN02qv05
X2Dvz1rYG+DvJKbwbh16hYDxR+vWu9P650+931c/sXtP7pTf6ViwOCOZC6lo86wL
oXGLi7vtdg1todBvpYovvUGNGCYWlBXw0wjhLvOrPWur34Dlfw==
-----END CERTIFICATE-----
Generated at Sun Oct 19 17:46:09 2025 by rpki-client