
Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/50b0c8f5-9b03-4d00-b7bc-30a253b83be3.roa
File: 50b0c8f5-9b03-4d00-b7bc-30a253b83be3.roa (raw, json)
Hash identifier: ZrhGOgERvfXEZhOLPeLuyuM8tLP8eDkJttvcGkkrON0=
Subject key identifier: EE:2E:A6:9B:00:BB:35:B0:20:AA:C8:14:E0:C6:19:50:D7:F3:9B:99
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 55C584DDD3C9CA6001B4152130876951C6476569
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/50b0c8f5-9b03-4d00-b7bc-30a253b83be3.roa
Signing time: Mon 29 Sep 2025 15:40:00 +0000
ROA not before: Mon 29 Sep 2025 15:40:00 +0000
ROA not after: Mon 03 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc7:c000::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
55:c5:84:dd:d3:c9:ca:60:01:b4:15:21:30:87:69:51:c6:47:65:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Sep 29 15:40:00 2025 GMT
Not After : Nov 3 23:59:59 2025 GMT
Subject: serialNumber=5c6535cb5a04130b195c04334cbbbd74932b1259cbf79853268e23e21b8d65ee, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:46:df:bc:7f:e8:0f:1c:8c:49:f2:c5:43:17:
92:3e:b4:37:b7:9d:f1:83:a7:9a:32:66:e0:94:84:
1b:7d:2e:0f:1b:c0:2c:64:39:1a:8e:b4:0a:f7:41:
68:c0:97:13:11:5c:d1:39:88:6c:2e:8b:3b:28:54:
23:43:28:70:ef:96:90:5e:fd:20:c1:52:99:1b:ef:
74:ea:f1:60:29:6e:6e:f3:2e:c5:4f:b1:ec:97:cd:
b9:64:31:b9:0a:46:84:46:2b:3a:fe:97:1c:6f:a0:
db:17:63:68:a1:aa:ac:58:c1:20:bb:7e:f2:d4:9b:
65:68:82:54:6c:c6:20:17:69:f6:41:1b:43:40:5a:
2c:49:19:41:00:89:0d:a9:45:08:e4:ba:3a:3a:ac:
df:71:63:1f:ef:08:e0:68:1b:f5:73:6b:46:a7:68:
0a:85:b8:3a:a8:91:cd:86:8f:31:70:dd:cd:72:ee:
41:cc:7e:d5:92:93:06:44:65:31:2c:d0:e8:d0:d1:
c1:9d:39:8b:67:27:e4:44:9f:82:58:e9:a1:fe:9c:
6a:bd:9e:db:d8:fa:66:2e:7d:38:e3:4f:a5:a4:bb:
c8:6d:9b:99:45:c9:8a:72:65:95:f2:cc:5d:30:8d:
e5:e1:b5:be:6f:b7:e7:64:7c:2a:75:0c:6e:89:25:
75:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:2E:A6:9B:00:BB:35:B0:20:AA:C8:14:E0:C6:19:50:D7:F3:9B:99
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/50b0c8f5-9b03-4d00-b7bc-30a253b83be3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc7:c000::/36
Signature Algorithm: sha256WithRSAEncryption
71:e3:f0:27:75:da:6a:d9:c5:b5:1a:74:60:e1:1e:55:01:5c:
f8:d8:79:f9:f9:19:85:c7:57:de:dd:93:3b:fd:25:1f:cb:b9:
46:35:86:65:55:2a:9a:b9:15:b8:18:c8:c0:ec:d5:fa:79:9a:
54:78:1c:c1:04:15:53:1d:98:9d:30:38:6b:84:51:91:a4:d2:
5b:55:02:4d:a8:72:72:61:22:82:4f:c1:d6:d6:e9:de:e5:c8:
38:67:8e:bc:b8:81:e5:14:21:0c:9a:9d:b4:9a:a5:8d:5d:f4:
04:3e:be:30:10:18:b5:87:3f:cf:57:cd:4c:73:67:16:de:01:
af:fd:08:d5:48:85:8a:70:2a:18:97:27:22:71:ef:3d:7b:eb:
d4:dd:2e:aa:b0:06:4b:8b:9d:e7:6c:f2:5b:bc:77:be:64:60:
61:a4:20:5f:d2:ee:2c:9a:f4:57:61:d0:a1:91:fe:3f:d6:9d:
78:26:ac:05:df:64:c5:99:d4:76:47:70:82:67:2a:fd:2b:65:
c3:dc:21:7b:ad:7e:1c:ac:aa:24:3e:34:2b:78:b7:bf:22:21:
c5:27:87:af:9a:9e:f9:31:40:59:97:e7:15:57:3d:f6:7c:33:
19:a7:9a:a9:5b:67:d8:ff:31:de:91:a7:34:de:d6:a4:2c:f5:
ac:59:64:91
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUVcWE3dPJymABtBUhMIdpUcZHZWkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA5MjkxNTQwMDBaFw0yNTExMDMyMzU5NTlaMHoxSTBHBgNV
BAUTQDVjNjUzNWNiNWEwNDEzMGIxOTVjMDQzMzRjYmJiZDc0OTMyYjEyNTljYmY3
OTg1MzI2OGUyM2UyMWI4ZDY1ZWUxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMJG37x/6A8cjEnyxUMXkj60N7ed8YOnmjJm4JSEG30uDxvALGQ5Go60CvdB
aMCXExFc0TmIbC6LOyhUI0MocO+WkF79IMFSmRvvdOrxYClubvMuxU+x7JfNuWQx
uQpGhEYrOv6XHG+g2xdjaKGqrFjBILt+8tSbZWiCVGzGIBdp9kEbQ0BaLEkZQQCJ
DalFCOS6Ojqs33FjH+8I4Ggb9XNrRqdoCoW4OqiRzYaPMXDdzXLuQcx+1ZKTBkRl
MSzQ6NDRwZ05i2cn5ESfgljpof6car2e29j6Zi59OONPpaS7yG2bmUXJinJllfLM
XTCN5eG1vm+352R8KnUMbokldd8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTuLqab
ALs1sCCqyBTgxhlQ1/ObmTAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
NTBiMGM4ZjUtOWIwMy00ZDAwLWI3YmMtMzBhMjUzYjgzYmUzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCABP8fA
MA0GCSqGSIb3DQEBCwUAA4IBAQBx4/Anddpq2cW1GnRg4R5VAVz42Hn5+RmFx1fe
3ZM7/SUfy7lGNYZlVSqauRW4GMjA7NX6eZpUeBzBBBVTHZidMDhrhFGRpNJbVQJN
qHJyYSKCT8HW1une5cg4Z468uIHlFCEMmp20mqWNXfQEPr4wEBi1hz/PV81Mc2cW
3gGv/QjVSIWKcCoYlycice89e+vU3S6qsAZLi53nbPJbvHe+ZGBhpCBf0u4smvRX
YdChkf4/1p14JqwF32TFmdR2R3CCZyr9K2XD3CF7rX4crKokPjQreLe/IiHFJ4ev
mp75MUBZl+cVVz32fDMZp5qpW2fY/zHekac03takLPWsWWSR
-----END CERTIFICATE-----
Generated at Sun Oct 19 17:46:37 2025 by rpki-client