Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/6ab0b120-4886-40dd-bd1e-286dca434f7f.roa
File: 6ab0b120-4886-40dd-bd1e-286dca434f7f.roa (raw, json)
Hash identifier: 9I9sNNyWWUq4Nk60fEmYj9+hRZrAehZij0n7MkM6qGI=
Subject key identifier: 6D:81:F4:91:48:B0:02:8F:B1:CD:14:D1:B0:E9:10:5E:BF:EF:CF:1B
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 1B18007A7EBAB3290DC7298799DE4D8FBF9D99AF
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/6ab0b120-4886-40dd-bd1e-286dca434f7f.roa
Signing time: Mon 29 Sep 2025 15:39:56 +0000
ROA not before: Mon 29 Sep 2025 15:39:56 +0000
ROA not after: Mon 03 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc1:8800::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1b:18:00:7a:7e:ba:b3:29:0d:c7:29:87:99:de:4d:8f:bf:9d:99:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Sep 29 15:39:56 2025 GMT
Not After : Nov 3 23:59:59 2025 GMT
Subject: serialNumber=c916688656e3e58553d7124fc86ce2773ba03f60bc5d757ebfc8f7d3d18e9e5e, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:78:fe:45:d8:c6:23:92:93:19:43:96:80:bc:
e2:36:ae:66:89:e1:71:b1:78:42:a8:50:ab:fe:51:
86:bb:b9:43:a1:58:8f:b8:e0:8a:45:8f:bd:2c:37:
b8:3b:1c:96:97:51:24:ef:9b:60:6b:a0:cc:31:90:
58:a4:7d:5d:22:d5:d5:0f:9e:50:0a:f6:09:bc:4e:
90:e1:70:ed:a9:3a:95:0d:43:5b:12:8d:0c:5a:55:
29:a5:da:44:15:ce:d3:c6:0d:0c:b6:ce:c8:15:fa:
19:28:80:7e:53:b1:8b:cd:77:05:2f:a5:a7:9e:ff:
a7:7d:88:dd:bb:f1:94:11:1b:97:4d:a5:8b:12:3b:
05:b9:a2:d8:9e:1d:b8:e2:d3:f2:6f:a3:79:0a:68:
ef:23:5a:51:62:c0:50:58:14:2d:6e:49:91:d8:54:
a8:da:58:c0:ee:3a:5a:a6:c3:d8:68:fd:3b:09:ac:
c1:37:3f:30:7d:5d:07:08:8f:58:9c:a3:1a:e5:cd:
88:a2:66:12:87:a3:83:09:1f:3e:e0:b1:fb:d2:2b:
5a:9a:5a:8e:6a:15:1f:3b:17:cc:c9:11:57:61:e6:
65:32:2b:09:b6:c2:44:9a:04:45:df:b5:b5:1c:77:
bb:b7:a6:fa:82:10:eb:3a:59:90:cd:27:a7:c4:2b:
19:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:81:F4:91:48:B0:02:8F:B1:CD:14:D1:B0:E9:10:5E:BF:EF:CF:1B
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/6ab0b120-4886-40dd-bd1e-286dca434f7f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc1:8800::/38
Signature Algorithm: sha256WithRSAEncryption
57:29:39:e6:65:f0:b4:2a:19:31:0a:a3:94:20:fb:cb:e6:79:
4f:2d:fc:98:ac:1d:1b:27:69:10:16:d4:56:54:b5:a3:6f:29:
a1:a3:31:78:2f:1e:bc:50:ef:d3:58:2a:cd:63:c9:f0:d7:04:
82:74:78:f0:a3:c4:49:a8:ee:55:3c:cb:23:4d:96:72:12:b4:
e3:8c:83:e5:83:1b:bf:2a:4f:62:d0:a8:ae:25:80:5d:ae:00:
73:5f:15:89:5d:34:15:74:ae:8d:01:17:cb:ee:81:64:e1:05:
11:10:ad:0f:1d:87:2a:62:cb:79:30:6e:cc:45:6a:f8:d8:62:
60:1f:9c:f8:18:34:cf:94:9d:d6:95:e2:4b:1b:5e:a3:8e:cc:
5f:fa:f5:6e:a2:e9:b9:a4:6d:22:73:98:81:0a:c6:db:af:ce:
12:1e:6c:a5:0d:8a:b9:e3:4f:68:93:53:70:2b:61:1b:7f:3f:
08:6c:3b:b6:f3:9c:95:ae:b7:f1:2a:94:8a:ea:3a:58:f9:dd:
5d:9f:af:7e:de:7d:c8:2c:03:80:a5:37:d9:c6:7c:2a:b4:c7:
77:8d:36:78:da:97:98:8a:73:5a:7c:32:cc:f4:b0:39:82:3c:
0e:6c:b7:37:92:d4:7c:1e:69:08:32:13:08:5c:79:00:4c:dd:
90:2a:65:cb
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUGxgAen66sykNxymHmd5Nj7+dma8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA5MjkxNTM5NTZaFw0yNTExMDMyMzU5NTlaMHoxSTBHBgNV
BAUTQGM5MTY2ODg2NTZlM2U1ODU1M2Q3MTI0ZmM4NmNlMjc3M2JhMDNmNjBiYzVk
NzU3ZWJmYzhmN2QzZDE4ZTllNWUxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKR4/kXYxiOSkxlDloC84jauZonhcbF4QqhQq/5Rhru5Q6FYj7jgikWPvSw3
uDsclpdRJO+bYGugzDGQWKR9XSLV1Q+eUAr2CbxOkOFw7ak6lQ1DWxKNDFpVKaXa
RBXO08YNDLbOyBX6GSiAflOxi813BS+lp57/p32I3bvxlBEbl02lixI7Bbmi2J4d
uOLT8m+jeQpo7yNaUWLAUFgULW5JkdhUqNpYwO46WqbD2Gj9OwmswTc/MH1dBwiP
WJyjGuXNiKJmEoejgwkfPuCx+9IrWppajmoVHzsXzMkRV2HmZTIrCbbCRJoERd+1
tRx3u7em+oIQ6zpZkM0np8QrGQUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRtgfSR
SLACj7HNFNGw6RBev+/PGzAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
NmFiMGIxMjAtNDg4Ni00MGRkLWJkMWUtMjg2ZGNhNDM0ZjdmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAiABP8GI
MA0GCSqGSIb3DQEBCwUAA4IBAQBXKTnmZfC0KhkxCqOUIPvL5nlPLfyYrB0bJ2kQ
FtRWVLWjbymhozF4Lx68UO/TWCrNY8nw1wSCdHjwo8RJqO5VPMsjTZZyErTjjIPl
gxu/Kk9i0KiuJYBdrgBzXxWJXTQVdK6NARfL7oFk4QUREK0PHYcqYst5MG7MRWr4
2GJgH5z4GDTPlJ3WleJLG16jjsxf+vVuoum5pG0ic5iBCsbbr84SHmylDYq5409o
k1NwK2Ebfz8IbDu285yVrrfxKpSK6jpY+d1dn69+3n3ILAOApTfZxnwqtMd3jTZ4
2peYinNafDLM9LA5gjwObLc3ktR8HmkIMhMIXHkATN2QKmXL
-----END CERTIFICATE-----
Generated at Sun Oct 19 17:48:43 2025 by rpki-client