
Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/7146d24a-48dc-45b1-ac1b-2a6c2d7b7b19.roa
File: 7146d24a-48dc-45b1-ac1b-2a6c2d7b7b19.roa (raw, json)
Hash identifier: sWR9MfBevGK+Zn7fOA2p8hEM6MtHeeUMLnj43u2Lu+g=
Subject key identifier: C9:0F:95:0E:0C:FA:3F:F8:47:94:C3:7E:F6:4E:DE:C8:3D:23:37:47
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 061B9F2DF30F7C51E35C181CACC30EC15471A7E6
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/7146d24a-48dc-45b1-ac1b-2a6c2d7b7b19.roa
Signing time: Mon 29 Sep 2025 15:40:13 +0000
ROA not before: Mon 29 Sep 2025 15:40:13 +0000
ROA not after: Mon 03 Nov 2025 23:59:59 +0000
asID: 14618
IP address blocks: 2001:3fc3:800::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
06:1b:9f:2d:f3:0f:7c:51:e3:5c:18:1c:ac:c3:0e:c1:54:71:a7:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Sep 29 15:40:13 2025 GMT
Not After : Nov 3 23:59:59 2025 GMT
Subject: serialNumber=5bc667c8668505574ea98cfc24bb9e3fcdab9c0fb693a5cddd318361f2780de8, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:64:22:b4:8a:69:70:1b:17:2c:51:ae:78:07:
b9:81:2e:b3:55:8e:6c:02:25:e7:72:1e:f5:2e:82:
ac:a1:63:ba:89:ee:26:ad:fc:da:70:63:82:d4:a0:
b0:1c:7b:03:4e:8d:26:32:72:d7:98:a1:4a:4a:b0:
d3:54:0d:d3:6c:92:4b:8b:ad:90:34:4f:02:a6:e5:
7e:b1:6a:4b:dc:a7:20:79:c5:e4:1d:0c:d0:b9:94:
2b:85:8a:a8:52:ca:4f:bf:27:73:35:c4:34:33:95:
85:1f:9b:d1:5f:0b:24:6f:f2:9c:4a:77:0d:de:ed:
5e:42:ee:59:5b:af:65:de:96:b9:da:8a:f2:f1:02:
e8:de:19:06:40:d4:7f:21:cc:54:08:e1:8e:a4:3d:
e3:3a:eb:0d:07:af:08:39:11:4c:f3:d4:19:62:9e:
c3:f5:a1:44:79:f7:5e:e9:ba:5d:17:ed:18:67:1e:
d2:e9:16:7d:f4:20:1d:55:69:01:f7:4d:e0:bb:75:
8c:11:2b:c3:f6:4e:bc:39:a0:c0:e3:25:b3:b9:99:
c1:f6:91:7c:1e:58:22:0f:c3:53:07:15:19:a4:8e:
f0:82:c1:88:1d:08:c9:54:55:e0:6e:4a:1a:b3:c6:
41:8c:50:dd:1b:47:49:e8:68:2e:d2:29:6f:5e:e5:
a2:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:0F:95:0E:0C:FA:3F:F8:47:94:C3:7E:F6:4E:DE:C8:3D:23:37:47
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/7146d24a-48dc-45b1-ac1b-2a6c2d7b7b19.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc3:800::/40
Signature Algorithm: sha256WithRSAEncryption
56:fd:45:c7:3e:82:b4:b5:2e:ce:36:63:12:7f:a4:6e:18:0f:
8e:5b:02:56:ff:06:bb:10:ad:ab:19:81:44:6d:af:d7:5a:5a:
26:b4:f5:2f:4b:07:05:d1:5d:94:ec:d9:3f:29:7e:61:dd:17:
b2:13:a6:55:66:25:c1:35:c9:29:b0:2c:65:96:da:4a:69:be:
3e:87:f8:75:a0:0e:e8:a6:de:30:5d:8f:32:6f:1e:9a:d0:7c:
94:5a:bc:bb:c0:16:df:03:3d:58:0b:96:91:69:3f:3d:c8:a1:
e5:a2:fd:7c:9f:33:0c:09:72:80:bb:04:20:a2:d9:37:c3:48:
c7:f3:83:f8:2c:83:66:4c:2c:30:78:44:93:76:b2:09:e5:81:
ea:27:4a:97:0f:9d:54:6c:0b:a4:ff:f9:2f:0f:73:93:da:b9:
0c:8f:45:6f:f7:8b:f1:94:7c:3b:eb:43:2b:e1:f1:5d:c1:5e:
40:cb:cd:33:7f:36:ee:f5:11:28:e3:f9:21:0f:ba:c5:e2:cf:
a2:46:ad:da:a6:77:4b:6d:a8:29:90:15:a4:88:1a:52:b7:a6:
ab:4c:4a:50:f2:b3:67:fe:f0:5c:7d:ed:ed:28:57:1c:54:99:
e6:dc:ff:f7:5b:39:06:6c:e0:9c:93:a9:bc:10:a0:b4:61:69:
dc:47:71:a6
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUBhufLfMPfFHjXBgcrMMOwVRxp+YwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA5MjkxNTQwMTNaFw0yNTExMDMyMzU5NTlaMHoxSTBHBgNV
BAUTQDViYzY2N2M4NjY4NTA1NTc0ZWE5OGNmYzI0YmI5ZTNmY2RhYjljMGZiNjkz
YTVjZGRkMzE4MzYxZjI3ODBkZTgxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM1kIrSKaXAbFyxRrngHuYEus1WObAIl53Ie9S6CrKFjuonuJq382nBjgtSg
sBx7A06NJjJy15ihSkqw01QN02ySS4utkDRPAqblfrFqS9ynIHnF5B0M0LmUK4WK
qFLKT78nczXENDOVhR+b0V8LJG/ynEp3Dd7tXkLuWVuvZd6WudqK8vEC6N4ZBkDU
fyHMVAjhjqQ94zrrDQevCDkRTPPUGWKew/WhRHn3Xum6XRftGGce0ukWffQgHVVp
AfdN4Lt1jBErw/ZOvDmgwOMls7mZwfaRfB5YIg/DUwcVGaSO8ILBiB0IyVRV4G5K
GrPGQYxQ3RtHSehoLtIpb17lorECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTJD5UO
DPo/+EeUw372Tt7IPSM3RzAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
NzE0NmQyNGEtNDhkYy00NWIxLWFjMWItMmE2YzJkN2I3YjE5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACABP8MI
MA0GCSqGSIb3DQEBCwUAA4IBAQBW/UXHPoK0tS7ONmMSf6RuGA+OWwJW/wa7EK2r
GYFEba/XWlomtPUvSwcF0V2U7Nk/KX5h3ReyE6ZVZiXBNckpsCxlltpKab4+h/h1
oA7opt4wXY8ybx6a0HyUWry7wBbfAz1YC5aRaT89yKHlov18nzMMCXKAuwQgotk3
w0jH84P4LINmTCwweESTdrIJ5YHqJ0qXD51UbAuk//kvD3OT2rkMj0Vv94vxlHw7
60Mr4fFdwV5Ay80zfzbu9REo4/khD7rF4s+iRq3apndLbagpkBWkiBpSt6arTEpQ
8rNn/vBcfe3tKFccVJnm3P/3WzkGbOCck6m8EKC0YWncR3Gm
-----END CERTIFICATE-----
Generated at Sun Oct 19 17:46:31 2025 by rpki-client