Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/5f56f4ae-d187-4a43-b0c2-afd02c09dd64.roa
File: 5f56f4ae-d187-4a43-b0c2-afd02c09dd64.roa (raw, json)
Hash identifier: X+h+2lorNdbFtQrFIfK1bjKt25CfruXxEzrjGVgKL6E=
Subject key identifier: EE:F0:A3:49:9C:49:2A:34:0D:C2:37:80:6D:B1:CA:41:4D:60:87:88
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 12ED4A29D9776FD6108F5CB297920EC65BCBCFFF
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/5f56f4ae-d187-4a43-b0c2-afd02c09dd64.roa
Signing time: Fri 17 Oct 2025 20:10:17 +0000
ROA not before: Fri 17 Oct 2025 20:10:17 +0000
ROA not after: Fri 21 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc6:100::/44 maxlen: 44
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
12:ed:4a:29:d9:77:6f:d6:10:8f:5c:b2:97:92:0e:c6:5b:cb:cf:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Oct 17 20:10:17 2025 GMT
Not After : Nov 21 23:59:59 2025 GMT
Subject: serialNumber=8a784192af332d2fc7e9b42119a1c71408df499ce2bccfa27ecb37a404fa726d, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:b2:d2:e4:26:46:5a:73:7e:04:d4:59:cd:c5:
ee:e0:e9:4a:91:94:c4:17:a4:e0:26:da:11:a3:18:
9c:16:0f:bb:34:b6:41:97:04:37:6e:dc:ed:a7:02:
68:cd:b3:aa:e1:29:b6:95:3e:1c:33:9c:10:01:df:
3a:26:8d:c1:cd:48:8a:5b:b4:d2:16:19:60:d9:ea:
55:48:f8:1a:e2:63:f6:6f:fa:17:44:a2:1f:2f:bd:
b4:68:eb:d4:93:39:5d:a2:89:dd:ee:10:97:42:c4:
ca:48:d6:33:f0:db:64:3d:cf:53:0a:aa:e3:ae:8b:
dd:41:0c:9c:ec:54:56:07:49:37:e4:9b:40:8d:1d:
33:76:20:9a:ec:6b:9f:08:d2:b2:39:d4:a3:17:f0:
06:e0:17:00:d4:41:1a:7f:d0:bf:1e:ba:a3:0a:69:
90:bd:bd:0f:53:2d:0a:b4:d6:04:9c:9e:b5:df:bc:
ff:2d:93:ea:a5:34:f3:15:65:c8:2f:fc:5d:27:72:
08:0e:1e:53:07:9b:08:cf:5a:e4:27:77:84:ed:5e:
bc:db:18:2b:83:ee:9f:9b:cf:1b:3f:a7:c7:c4:8a:
c8:25:bd:98:95:26:90:0a:15:b6:c6:08:ba:b4:71:
97:fc:82:92:75:67:c5:ac:37:b3:d3:20:79:04:97:
95:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:F0:A3:49:9C:49:2A:34:0D:C2:37:80:6D:B1:CA:41:4D:60:87:88
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/5f56f4ae-d187-4a43-b0c2-afd02c09dd64.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc6:100::/44
Signature Algorithm: sha256WithRSAEncryption
35:f6:92:fe:e8:4b:c1:5d:1e:7e:b6:75:cb:b8:86:e0:ae:78:
96:f7:90:72:3d:1d:89:2c:0c:35:62:10:88:fa:6f:10:8d:17:
a6:08:a0:31:ef:c5:f9:cb:65:0d:13:4b:10:4a:49:06:4f:2d:
99:83:f2:29:f2:d6:e1:29:27:41:d9:9e:79:6d:3a:8f:0b:5e:
da:2e:0a:44:c5:d0:db:db:db:65:04:0e:20:59:81:25:10:9e:
d3:7c:57:67:eb:30:19:c1:1c:04:da:d7:10:72:93:da:82:3e:
86:12:df:8e:bf:84:5c:e9:db:84:10:3d:57:8d:b3:c3:29:01:
7e:18:fa:95:69:87:28:4a:bb:0a:96:bb:9f:3e:fd:86:69:f5:
d2:11:45:52:f9:13:f1:d0:b8:23:ef:8a:1c:28:92:5b:e1:94:
9c:f6:2a:b5:8f:c9:af:47:67:6d:4b:3e:45:c9:ab:ee:45:e5:
86:04:92:77:1b:78:f2:98:c1:94:5d:4c:0f:33:4b:28:3d:7b:
9f:0f:e7:37:e9:37:d4:93:7a:20:7d:91:d8:10:8f:b9:4f:ca:
7f:e2:d5:68:d3:3d:88:7e:d4:d1:55:18:4a:a6:14:ea:12:6f:
63:6c:1f:39:ab:e5:90:38:2f:a9:89:71:2b:fb:82:82:d3:fe:
1a:2d:4e:db
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUEu1KKdl3b9YQj1yyl5IOxlvLz/8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTEwMTcyMDEwMTdaFw0yNTExMjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDhhNzg0MTkyYWYzMzJkMmZjN2U5YjQyMTE5YTFjNzE0MDhkZjQ5OWNlMmJj
Y2ZhMjdlY2IzN2E0MDRmYTcyNmQxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK+y0uQmRlpzfgTUWc3F7uDpSpGUxBek4CbaEaMYnBYPuzS2QZcEN27c7acC
aM2zquEptpU+HDOcEAHfOiaNwc1Iilu00hYZYNnqVUj4GuJj9m/6F0SiHy+9tGjr
1JM5XaKJ3e4Ql0LEykjWM/DbZD3PUwqq466L3UEMnOxUVgdJN+SbQI0dM3Ygmuxr
nwjSsjnUoxfwBuAXANRBGn/Qvx66owppkL29D1MtCrTWBJyetd+8/y2T6qU08xVl
yC/8XSdyCA4eUwebCM9a5Cd3hO1evNsYK4Pun5vPGz+nx8SKyCW9mJUmkAoVtsYI
urRxl/yCknVnxaw3s9MgeQSXlVMCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTu8KNJ
nEkqNA3CN4BtscpBTWCHiDAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
NWY1NmY0YWUtZDE4Ny00YTQzLWIwYzItYWZkMDJjMDlkZDY0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHBCABP8YB
ADANBgkqhkiG9w0BAQsFAAOCAQEANfaS/uhLwV0efrZ1y7iG4K54lveQcj0diSwM
NWIQiPpvEI0XpgigMe/F+ctlDRNLEEpJBk8tmYPyKfLW4SknQdmeeW06jwte2i4K
RMXQ29vbZQQOIFmBJRCe03xXZ+swGcEcBNrXEHKT2oI+hhLfjr+EXOnbhBA9V42z
wykBfhj6lWmHKEq7Cpa7nz79hmn10hFFUvkT8dC4I++KHCiSW+GUnPYqtY/Jr0dn
bUs+Rcmr7kXlhgSSdxt48pjBlF1MDzNLKD17nw/nN+k31JN6IH2R2BCPuU/Kf+LV
aNM9iH7U0VUYSqYU6hJvY2wfOavlkDgvqYlxK/uCgtP+Gi1O2w==
-----END CERTIFICATE-----
Generated at Sun Oct 19 20:00:42 2025 by rpki-client