Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/5f7a981a-824d-48e6-969a-7779a7b7a199.roa
File: 5f7a981a-824d-48e6-969a-7779a7b7a199.roa (raw, json)
Hash identifier: zH2GN0b8iGUVhes/qzuQaBeTeHrU51kwgQeMqYP6+ME=
Subject key identifier: D3:09:5B:AF:8E:AA:C9:81:6E:53:03:08:08:B6:87:F1:DE:90:6D:8D
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 12D6DC18BCCD59694D92B954549848BE820C73A6
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/5f7a981a-824d-48e6-969a-7779a7b7a199.roa
Signing time: Mon 29 Sep 2025 15:39:56 +0000
ROA not before: Mon 29 Sep 2025 15:39:56 +0000
ROA not after: Mon 03 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc7:8000::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
12:d6:dc:18:bc:cd:59:69:4d:92:b9:54:54:98:48:be:82:0c:73:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Sep 29 15:39:56 2025 GMT
Not After : Nov 3 23:59:59 2025 GMT
Subject: serialNumber=544e0c420075175116ba06f8de660c3141191727a4934ef453ad9eb82c8529a4, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:62:19:d8:dc:b2:21:06:5f:b9:b5:60:7e:98:
51:a0:7a:5b:9e:3e:65:c0:a6:df:f7:ae:76:23:50:
d9:22:6a:cd:16:97:fa:08:90:e7:5b:99:48:56:6c:
fb:42:cc:9c:71:18:d5:a4:0f:2d:16:79:f2:e7:f3:
96:c8:a0:d1:c6:19:0f:ee:9c:d8:e5:7f:7a:b0:2a:
5b:05:54:df:a7:c5:d1:60:a4:60:b7:e8:6f:5d:fa:
3b:a9:e7:72:26:33:bf:7a:1c:fa:d7:36:4f:02:4e:
85:6f:4c:6b:ef:68:51:a1:4c:0e:c0:de:63:90:01:
e6:4b:fd:07:bc:c1:68:0c:55:a3:0b:1e:ff:ab:ad:
e0:eb:7d:31:06:df:eb:c6:91:da:a2:7b:a7:06:e0:
69:30:71:f9:6b:e4:a7:50:3e:66:d5:05:4e:d1:24:
61:9f:4e:72:1b:32:9c:00:ec:a6:93:01:77:d1:b3:
36:5d:97:6e:04:e8:ba:67:28:ab:1d:88:02:b3:3d:
91:cf:d0:68:35:78:09:6f:bd:17:cc:58:9f:4c:54:
6f:3a:f8:98:32:e0:8a:15:bc:0b:da:66:ba:9b:e1:
df:cf:33:d8:5f:95:a8:f7:15:39:2a:08:d3:44:6c:
53:e7:7c:65:72:f6:66:46:d2:cb:ad:3c:33:3f:2b:
20:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:09:5B:AF:8E:AA:C9:81:6E:53:03:08:08:B6:87:F1:DE:90:6D:8D
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/5f7a981a-824d-48e6-969a-7779a7b7a199.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc7:8000::/36
Signature Algorithm: sha256WithRSAEncryption
7f:6e:64:d2:a1:87:9c:ab:e1:45:60:10:c3:9c:df:61:7d:6a:
f3:5c:bb:51:65:56:a7:13:8c:35:8c:23:28:0a:4f:b5:11:cf:
75:b3:2d:27:6c:59:e1:8b:dd:00:40:6a:e5:bb:70:2a:68:bc:
2f:14:74:fa:b8:20:12:05:6e:d8:25:95:a4:1d:65:1a:b3:87:
6e:ab:2e:46:e2:b4:eb:35:85:91:b4:f2:36:d5:66:db:d1:2b:
fc:2e:24:86:e0:51:19:65:42:dd:a9:ba:e5:75:7f:24:92:25:
19:46:ee:03:1f:bc:36:b7:68:74:5a:92:7c:41:e8:16:2c:31:
85:7d:6c:3d:cf:56:27:87:be:37:21:53:67:33:ee:6c:ca:7e:
f0:5f:96:44:55:78:25:97:8f:98:80:81:08:39:01:87:da:4b:
22:3f:37:a6:ff:57:85:78:36:c7:2e:fd:1e:d8:d1:0d:f0:1c:
ab:ee:37:36:d6:c8:ce:36:df:4c:c3:e5:7d:e9:2e:aa:96:f7:
42:9a:5b:81:6b:0c:25:b6:04:93:b9:fe:51:94:9a:d8:ec:39:
0a:ca:40:58:46:1f:27:0b:ca:23:f6:46:86:6e:8e:02:11:3b:
d6:8f:cf:e0:03:0f:63:46:59:f3:67:b5:d4:7d:90:a3:47:7b:
37:05:89:fa
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUEtbcGLzNWWlNkrlUVJhIvoIMc6YwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA5MjkxNTM5NTZaFw0yNTExMDMyMzU5NTlaMHoxSTBHBgNV
BAUTQDU0NGUwYzQyMDA3NTE3NTExNmJhMDZmOGRlNjYwYzMxNDExOTE3MjdhNDkz
NGVmNDUzYWQ5ZWI4MmM4NTI5YTQxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKpiGdjcsiEGX7m1YH6YUaB6W54+ZcCm3/eudiNQ2SJqzRaX+giQ51uZSFZs
+0LMnHEY1aQPLRZ58ufzlsig0cYZD+6c2OV/erAqWwVU36fF0WCkYLfob136O6nn
ciYzv3oc+tc2TwJOhW9Ma+9oUaFMDsDeY5AB5kv9B7zBaAxVowse/6ut4Ot9MQbf
68aR2qJ7pwbgaTBx+Wvkp1A+ZtUFTtEkYZ9OchsynADsppMBd9GzNl2XbgToumco
qx2IArM9kc/QaDV4CW+9F8xYn0xUbzr4mDLgihW8C9pmupvh388z2F+VqPcVOSoI
00RsU+d8ZXL2ZkbSy608Mz8rINkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTTCVuv
jqrJgW5TAwgItofx3pBtjTAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
NWY3YTk4MWEtODI0ZC00OGU2LTk2OWEtNzc3OWE3YjdhMTk5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCABP8eA
MA0GCSqGSIb3DQEBCwUAA4IBAQB/bmTSoYecq+FFYBDDnN9hfWrzXLtRZVanE4w1
jCMoCk+1Ec91sy0nbFnhi90AQGrlu3AqaLwvFHT6uCASBW7YJZWkHWUas4duqy5G
4rTrNYWRtPI21Wbb0Sv8LiSG4FEZZULdqbrldX8kkiUZRu4DH7w2t2h0WpJ8QegW
LDGFfWw9z1Ynh743IVNnM+5syn7wX5ZEVXgll4+YgIEIOQGH2ksiPzem/1eFeDbH
Lv0e2NEN8Byr7jc21sjONt9Mw+V96S6qlvdCmluBawwltgSTuf5RlJrY7DkKykBY
Rh8nC8oj9kaGbo4CETvWj8/gAw9jRlnzZ7XUfZCjR3s3BYn6
-----END CERTIFICATE-----
Generated at Sun Oct 19 17:48:21 2025 by rpki-client