Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/640762f4-b911-441a-995b-675a2c1eb24d.roa
File: 640762f4-b911-441a-995b-675a2c1eb24d.roa (raw, json)
Hash identifier: ODajJBX49RKq1m5xtnumVBl3psYbvlhQSNAdWTXI+EU=
Subject key identifier: 0F:5F:B4:28:A9:D9:74:32:6F:23:C0:E8:BE:99:32:42:BB:D1:11:FF
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 2E33A0C6286D9430CF00F89AA6810B324E0E9466
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/640762f4-b911-441a-995b-675a2c1eb24d.roa
Signing time: Mon 29 Sep 2025 15:39:26 +0000
ROA not before: Mon 29 Sep 2025 15:39:26 +0000
ROA not after: Mon 03 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc7:2000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 15:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2e:33:a0:c6:28:6d:94:30:cf:00:f8:9a:a6:81:0b:32:4e:0e:94:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Sep 29 15:39:26 2025 GMT
Not After : Nov 3 23:59:59 2025 GMT
Subject: serialNumber=a881c2299cbf4023bd00e5cb9db73df650ae860e11b9a811beff267cef41d871, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:bd:13:57:8f:25:7f:8f:28:c7:58:8f:d9:24:
da:df:c8:b4:49:30:01:07:0e:7d:41:f4:15:16:25:
b9:6b:a9:13:bb:64:6a:ad:bd:9f:a6:e6:4d:3f:4d:
be:83:6e:29:27:00:a9:cf:b6:a4:ff:50:b7:aa:d8:
24:6f:87:55:4d:5c:02:50:20:a6:5a:c5:e4:f6:d0:
34:56:5f:a7:a8:4e:f8:c4:96:5c:d1:63:3e:bb:3a:
f8:28:b8:fb:45:28:eb:ae:53:d8:b7:21:71:e1:35:
36:5e:a3:d2:aa:da:d4:6e:df:c8:e5:11:40:97:c0:
67:d4:f9:26:bb:e2:8d:ef:75:ac:15:1e:4b:e7:bd:
2d:cc:18:92:90:37:62:86:0a:e7:2f:98:41:b5:18:
28:73:0a:06:b2:7e:75:45:f4:99:cd:86:3b:80:ed:
36:d8:e9:89:d5:0a:cb:3d:17:fd:65:66:74:2c:41:
c0:0a:83:29:68:5a:e4:3f:0d:ae:a9:e2:49:4f:48:
9d:0c:2d:d1:a9:f8:bd:a2:81:75:42:c7:32:2a:4c:
f9:66:6a:c7:c2:6c:88:81:1f:27:0e:12:26:07:3e:
16:9e:d1:fe:9f:d3:00:33:10:72:48:b3:5c:8d:ef:
9f:3e:69:e0:80:1f:69:6e:15:7e:97:89:be:d3:19:
f9:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:5F:B4:28:A9:D9:74:32:6F:23:C0:E8:BE:99:32:42:BB:D1:11:FF
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/640762f4-b911-441a-995b-675a2c1eb24d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc7:2000::/36
Signature Algorithm: sha256WithRSAEncryption
63:55:31:e7:25:83:f5:a7:f3:7d:16:86:17:1e:be:d7:58:5f:
60:3d:72:34:0d:db:ee:52:4a:d6:25:aa:d9:42:c0:56:21:e1:
64:b3:31:69:e2:44:87:60:00:b9:68:82:4d:ce:e5:02:3d:cc:
2f:a3:40:c9:a2:25:12:d2:b3:fb:1c:69:38:94:b6:a2:bb:0d:
1a:0d:60:1a:9a:24:69:2a:8f:f4:36:8f:63:9d:6f:8b:68:2b:
79:c4:cc:a4:7d:94:a4:c7:df:66:6a:41:bd:97:b0:95:ac:de:
34:ea:da:f5:f0:3b:96:77:85:50:82:ee:dd:69:24:90:97:82:
c9:b5:d4:e9:84:02:82:d5:5a:b8:e3:44:bc:cc:4c:6d:31:68:
28:9c:ad:9a:00:39:3a:8f:4a:d9:ee:ac:59:ad:8f:4f:e6:09:
f6:f9:6c:52:9b:af:15:62:5e:21:4f:bc:04:b5:01:80:19:4d:
69:f2:50:4d:0f:6d:0b:0a:15:be:f8:96:eb:0f:83:1c:8b:c1:
e6:db:4d:6a:5e:d5:16:0d:e8:ab:42:3a:92:8e:81:f4:51:b0:
32:0a:dd:91:82:14:67:c2:9e:39:7b:cc:1d:fb:f3:7b:01:f4:
c4:38:8b:3d:ca:4f:d7:62:4e:2b:b2:04:dc:63:f5:fc:f4:c4:
0b:2d:b5:ec
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIULjOgxihtlDDPAPiapoELMk4OlGYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA5MjkxNTM5MjZaFw0yNTExMDMyMzU5NTlaMHoxSTBHBgNV
BAUTQGE4ODFjMjI5OWNiZjQwMjNiZDAwZTVjYjlkYjczZGY2NTBhZTg2MGUxMWI5
YTgxMWJlZmYyNjdjZWY0MWQ4NzExLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOS9E1ePJX+PKMdYj9kk2t/ItEkwAQcOfUH0FRYluWupE7tkaq29n6bmTT9N
voNuKScAqc+2pP9Qt6rYJG+HVU1cAlAgplrF5PbQNFZfp6hO+MSWXNFjPrs6+Ci4
+0Uo665T2LchceE1Nl6j0qra1G7fyOURQJfAZ9T5Jrvije91rBUeS+e9LcwYkpA3
YoYK5y+YQbUYKHMKBrJ+dUX0mc2GO4DtNtjpidUKyz0X/WVmdCxBwAqDKWha5D8N
rqniSU9InQwt0an4vaKBdULHMipM+WZqx8JsiIEfJw4SJgc+Fp7R/p/TADMQckiz
XI3vnz5p4IAfaW4VfpeJvtMZ+SsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQPX7Qo
qdl0Mm8jwOi+mTJCu9ER/zAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
NjQwNzYyZjQtYjkxMS00NDFhLTk5NWItNjc1YTJjMWViMjRkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCABP8cg
MA0GCSqGSIb3DQEBCwUAA4IBAQBjVTHnJYP1p/N9FoYXHr7XWF9gPXI0DdvuUkrW
JarZQsBWIeFkszFp4kSHYAC5aIJNzuUCPcwvo0DJoiUS0rP7HGk4lLaiuw0aDWAa
miRpKo/0No9jnW+LaCt5xMykfZSkx99makG9l7CVrN406tr18DuWd4VQgu7daSSQ
l4LJtdTphAKC1Vq440S8zExtMWgonK2aADk6j0rZ7qxZrY9P5gn2+WxSm68VYl4h
T7wEtQGAGU1p8lBND20LChW++JbrD4Mci8Hm201qXtUWDeirQjqSjoH0UbAyCt2R
ghRnwp45e8wd+/N7AfTEOIs9yk/XYk4rsgTcY/X89MQLLbXs
-----END CERTIFICATE-----
Generated at Sun Oct 19 22:30:51 2025 by rpki-client