
Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/5a3e112d-c8b5-4a42-9b7a-a5c567b6db32.roa
File: 5a3e112d-c8b5-4a42-9b7a-a5c567b6db32.roa (raw, json)
Hash identifier: F9XZFFH2Z6YoNLzKhNfyw7+HLjFR7Le/FhS3cBtV9C0=
Subject key identifier: 5A:C7:C2:F0:38:19:06:62:C9:10:8B:EC:70:20:E9:25:D1:14:2E:F2
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 2C26830E841048A6F156E118A9CFFD573F7144F1
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/5a3e112d-c8b5-4a42-9b7a-a5c567b6db32.roa
Signing time: Mon 29 Sep 2025 15:40:21 +0000
ROA not before: Mon 29 Sep 2025 15:40:21 +0000
ROA not after: Mon 03 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc3:8800::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2c:26:83:0e:84:10:48:a6:f1:56:e1:18:a9:cf:fd:57:3f:71:44:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Sep 29 15:40:21 2025 GMT
Not After : Nov 3 23:59:59 2025 GMT
Subject: serialNumber=d3944717d7ce2a79fb67982208a143b6f7f43bd67150f5414b8a800c56e30b0e, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:fc:bd:40:6a:2c:42:c0:28:1f:59:04:f3:25:
8b:3d:09:23:1b:ba:40:11:42:4d:0d:e9:b6:78:b0:
79:c0:88:e1:b2:b2:4b:d8:48:91:42:1e:a9:5d:b9:
83:51:fc:dc:4b:c3:3e:6d:ec:05:bb:eb:25:e7:f8:
a8:b4:6f:0e:e1:36:d8:cf:dd:79:fd:70:52:7d:5b:
7b:8f:d4:07:13:60:dc:99:fb:f4:f7:7d:18:3d:0c:
b6:f1:95:d0:13:48:40:80:07:a5:fe:2c:eb:09:1b:
65:82:40:20:f1:9e:f4:87:12:24:6b:c8:ee:1c:df:
f7:aa:46:81:04:ea:b9:8a:a3:5e:02:33:47:c0:02:
40:f2:20:59:42:2f:6f:26:ec:67:13:76:56:6a:fb:
ca:e3:b2:8c:75:a8:4e:88:18:f1:87:95:31:80:66:
ab:ed:4a:c7:60:4f:d8:d4:aa:cb:00:8e:4b:a2:b7:
0b:bc:bd:12:0c:92:1f:86:01:ad:90:6e:5f:86:af:
f0:64:21:2b:10:0c:4c:3b:6e:e9:3d:56:a5:1a:f3:
e2:4b:15:54:49:27:6b:bb:05:eb:bc:8c:87:11:13:
08:e7:b1:4b:cd:7b:40:4e:e5:26:1e:b2:35:97:d9:
ff:6b:e3:a1:9a:85:87:71:f3:af:6a:03:f8:41:60:
01:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:C7:C2:F0:38:19:06:62:C9:10:8B:EC:70:20:E9:25:D1:14:2E:F2
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/5a3e112d-c8b5-4a42-9b7a-a5c567b6db32.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc3:8800::/40
Signature Algorithm: sha256WithRSAEncryption
a5:35:30:1b:47:2d:d1:59:9e:0c:50:45:94:d2:b1:3e:44:c6:
1d:a6:70:7d:ff:50:f1:61:11:23:e4:8d:06:d6:d0:3f:b6:5c:
9e:e4:ed:3a:92:29:8c:d7:7d:23:b9:15:6d:d2:e6:be:6c:87:
6f:32:bf:59:ab:e5:9e:69:64:be:10:a1:43:9b:6b:10:93:b2:
5f:87:3d:bd:b6:16:2b:ed:b1:b2:54:d5:2b:64:03:58:fc:be:
10:fa:a4:17:e0:ea:24:c5:ad:97:c1:cb:90:b4:6c:36:8a:f0:
49:6f:b9:ee:2f:af:6c:6d:d8:d5:f2:b8:f2:0d:5d:c6:55:7b:
b7:06:4d:f8:31:7b:92:65:fa:74:46:7e:18:75:c7:ba:07:9e:
d5:61:ff:94:96:17:76:6d:bc:94:07:5d:0e:5a:f9:f9:40:e3:
6f:1b:2b:ab:87:f9:a8:09:ab:ac:cf:17:cc:11:b8:07:6a:02:
ad:0c:11:c9:eb:d9:3c:02:52:f2:6c:5a:c7:68:9e:f5:a6:47:
9a:2b:a2:de:7b:65:3f:ec:c8:54:62:76:7d:f6:46:df:c9:f5:
7c:3f:d0:c6:fe:d8:d2:14:3e:08:ec:3e:89:7b:d6:bd:6b:85:
9c:6f:4c:25:95:b9:f7:46:34:8c:2a:8a:96:e7:37:24:48:d4:
d5:12:c6:c4
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIULCaDDoQQSKbxVuEYqc/9Vz9xRPEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA5MjkxNTQwMjFaFw0yNTExMDMyMzU5NTlaMHoxSTBHBgNV
BAUTQGQzOTQ0NzE3ZDdjZTJhNzlmYjY3OTgyMjA4YTE0M2I2ZjdmNDNiZDY3MTUw
ZjU0MTRiOGE4MDBjNTZlMzBiMGUxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOz8vUBqLELAKB9ZBPMliz0JIxu6QBFCTQ3ptniwecCI4bKyS9hIkUIeqV25
g1H83EvDPm3sBbvrJef4qLRvDuE22M/def1wUn1be4/UBxNg3Jn79Pd9GD0MtvGV
0BNIQIAHpf4s6wkbZYJAIPGe9IcSJGvI7hzf96pGgQTquYqjXgIzR8ACQPIgWUIv
bybsZxN2Vmr7yuOyjHWoTogY8YeVMYBmq+1Kx2BP2NSqywCOS6K3C7y9EgySH4YB
rZBuX4av8GQhKxAMTDtu6T1WpRrz4ksVVEkna7sF67yMhxETCOexS817QE7lJh6y
NZfZ/2vjoZqFh3Hzr2oD+EFgAXUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRax8Lw
OBkGYskQi+xwIOkl0RQu8jAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
NWEzZTExMmQtYzhiNS00YTQyLTliN2EtYTVjNTY3YjZkYjMyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACABP8OI
MA0GCSqGSIb3DQEBCwUAA4IBAQClNTAbRy3RWZ4MUEWU0rE+RMYdpnB9/1DxYREj
5I0G1tA/tlye5O06kimM130juRVt0ua+bIdvMr9Zq+WeaWS+EKFDm2sQk7Jfhz29
thYr7bGyVNUrZANY/L4Q+qQX4Ookxa2XwcuQtGw2ivBJb7nuL69sbdjV8rjyDV3G
VXu3Bk34MXuSZfp0Rn4Ydce6B57VYf+Ulhd2bbyUB10OWvn5QONvGyurh/moCaus
zxfMEbgHagKtDBHJ69k8AlLybFrHaJ71pkeaK6Lee2U/7MhUYnZ99kbfyfV8P9DG
/tjSFD4I7D6Je9a9a4Wcb0wllbn3RjSMKoqW5zckSNTVEsbE
-----END CERTIFICATE-----
Generated at Sun Oct 19 17:47:03 2025 by rpki-client