Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/542fe731-cba6-4c89-a3a4-ba48a69e246b.roa
File: 542fe731-cba6-4c89-a3a4-ba48a69e246b.roa (raw, json)
Hash identifier: 9YrBcx4WD1MThySyqw2mNIDwxZSgsp3Az+KCM2Kstfo=
Subject key identifier: 53:86:11:D0:86:61:5A:6B:B9:41:8F:48:E8:39:0A:C7:82:5B:0D:1C
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 1A12C2F9C33102387D07CBA0808973736262C47F
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/542fe731-cba6-4c89-a3a4-ba48a69e246b.roa
Signing time: Mon 29 Sep 2025 15:39:33 +0000
ROA not before: Mon 29 Sep 2025 15:39:33 +0000
ROA not after: Mon 03 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc5:8800::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1a:12:c2:f9:c3:31:02:38:7d:07:cb:a0:80:89:73:73:62:62:c4:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Sep 29 15:39:33 2025 GMT
Not After : Nov 3 23:59:59 2025 GMT
Subject: serialNumber=01f3c9f9b7660284c62f1fdcc601f1342f36d15c604642d1d7422c8c0aa62c17, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:25:8c:83:26:99:2b:ad:84:ce:d1:bb:fe:fe:
d7:47:c1:6b:49:ae:ac:4b:a4:51:f6:b8:10:50:ae:
85:3a:a6:66:7c:f6:2d:7c:80:88:c3:94:6b:15:7c:
77:f1:bc:31:42:13:3d:7c:17:f3:fa:2c:89:3c:49:
d3:ed:09:ce:58:ab:28:84:82:75:e7:ab:4f:d0:80:
d1:97:07:f4:a9:2a:56:29:f2:e7:4f:ec:17:3e:0b:
38:28:f3:dd:e0:ab:11:3b:e4:79:9f:32:a9:fd:9e:
ef:3e:5f:23:a4:65:d8:07:ef:6e:6b:90:cf:88:49:
00:b0:c4:16:93:56:0f:b6:61:ae:66:66:39:60:3a:
96:05:fd:f7:76:c5:73:9e:70:be:6e:e4:d4:fd:71:
6c:be:25:f9:a1:20:63:26:aa:0e:a7:0f:01:ad:b9:
83:ae:da:0b:9e:fd:cd:61:ff:81:86:ea:53:09:d0:
ce:c0:7d:36:93:2f:f6:7b:b8:c4:97:58:40:08:be:
f9:73:75:62:3b:60:2a:a1:ec:a0:96:b8:81:a3:bb:
d1:63:91:57:96:87:46:cd:50:8c:ad:f7:40:de:f5:
c4:61:6d:bd:b4:7c:97:02:5b:e8:4f:e3:54:2d:46:
6f:09:63:5d:5f:5f:46:51:8b:e2:9a:6b:82:87:bb:
cc:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:86:11:D0:86:61:5A:6B:B9:41:8F:48:E8:39:0A:C7:82:5B:0D:1C
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/542fe731-cba6-4c89-a3a4-ba48a69e246b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc5:8800::/40
Signature Algorithm: sha256WithRSAEncryption
20:58:73:c3:95:03:c5:26:7f:f1:5c:fd:40:fd:02:81:63:e4:
50:f3:a6:d9:d5:b4:f4:85:94:b3:27:49:03:40:1a:58:78:8d:
9e:05:f8:a3:c0:74:fa:41:7c:b1:d2:b1:3e:e6:6c:d4:b5:57:
8c:ef:04:c1:d0:73:c8:8c:8c:13:3f:c7:c9:cb:ad:4d:20:2e:
29:b9:3f:53:88:f0:4b:fa:9d:2a:6b:7c:a0:5f:3a:3f:0b:5c:
bd:bb:2e:1d:75:b0:4e:b9:45:c5:62:70:5c:11:cc:00:c3:29:
86:a9:b0:34:46:60:db:3d:00:6f:43:1c:78:91:72:46:04:1e:
c8:28:b9:6e:a1:29:78:35:5f:47:fd:d2:fe:91:1e:05:a1:64:
28:bf:dc:c7:7d:69:5c:e6:f0:46:c4:2b:29:2b:e4:30:cb:cd:
02:59:8b:36:15:4c:13:9a:01:9a:6e:78:fa:a9:40:d3:ae:b8:
95:52:a1:c3:5e:33:6c:f0:2a:55:66:b1:3e:cf:b2:9b:b0:96:
3b:ce:65:3d:6d:06:d6:7a:24:eb:12:a8:69:8f:06:60:85:90:
90:29:71:6c:cc:39:5b:a4:46:4a:25:3d:c9:d5:4b:e6:32:82:
2a:f6:0c:e2:f5:a4:9b:ce:84:6d:e9:ac:9c:8c:0f:79:c2:8a:
65:99:7f:49
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUGhLC+cMxAjh9B8uggIlzc2JixH8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA5MjkxNTM5MzNaFw0yNTExMDMyMzU5NTlaMHoxSTBHBgNV
BAUTQDAxZjNjOWY5Yjc2NjAyODRjNjJmMWZkY2M2MDFmMTM0MmYzNmQxNWM2MDQ2
NDJkMWQ3NDIyYzhjMGFhNjJjMTcxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJkljIMmmSuthM7Ru/7+10fBa0murEukUfa4EFCuhTqmZnz2LXyAiMOUaxV8
d/G8MUITPXwX8/osiTxJ0+0JzlirKISCdeerT9CA0ZcH9KkqViny50/sFz4LOCjz
3eCrETvkeZ8yqf2e7z5fI6Rl2AfvbmuQz4hJALDEFpNWD7ZhrmZmOWA6lgX993bF
c55wvm7k1P1xbL4l+aEgYyaqDqcPAa25g67aC579zWH/gYbqUwnQzsB9NpMv9nu4
xJdYQAi++XN1YjtgKqHsoJa4gaO70WORV5aHRs1QjK33QN71xGFtvbR8lwJb6E/j
VC1GbwljXV9fRlGL4pprgoe7zAsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRThhHQ
hmFaa7lBj0joOQrHglsNHDAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
NTQyZmU3MzEtY2JhNi00Yzg5LWEzYTQtYmE0OGE2OWUyNDZiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACABP8WI
MA0GCSqGSIb3DQEBCwUAA4IBAQAgWHPDlQPFJn/xXP1A/QKBY+RQ86bZ1bT0hZSz
J0kDQBpYeI2eBfijwHT6QXyx0rE+5mzUtVeM7wTB0HPIjIwTP8fJy61NIC4puT9T
iPBL+p0qa3ygXzo/C1y9uy4ddbBOuUXFYnBcEcwAwymGqbA0RmDbPQBvQxx4kXJG
BB7IKLluoSl4NV9H/dL+kR4FoWQov9zHfWlc5vBGxCspK+Qwy80CWYs2FUwTmgGa
bnj6qUDTrriVUqHDXjNs8CpVZrE+z7KbsJY7zmU9bQbWeiTrEqhpjwZghZCQKXFs
zDlbpEZKJT3J1UvmMoIq9gzi9aSbzoRt6aycjA95woplmX9J
-----END CERTIFICATE-----
Generated at Sun Oct 19 17:48:30 2025 by rpki-client