Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/a027acd6-b75f-42ce-9bfb-ac426d92b141.roa
File: a027acd6-b75f-42ce-9bfb-ac426d92b141.roa (raw, json)
Hash identifier: hgedS1A6aCB8Dv+xTmh/bUQ1CaRP44TbtSdNshcACZM=
Subject key identifier: 4E:12:42:37:76:2F:3F:BE:17:F8:C9:CE:24:8E:73:E4:8B:06:4B:ED
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 01B19C32F5BB4D6ED81D83642E379989A69D99FD
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/a027acd6-b75f-42ce-9bfb-ac426d92b141.roa
Signing time: Mon 29 Sep 2025 15:40:35 +0000
ROA not before: Mon 29 Sep 2025 15:40:35 +0000
ROA not after: Mon 03 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc3:4000::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:b1:9c:32:f5:bb:4d:6e:d8:1d:83:64:2e:37:99:89:a6:9d:99:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Sep 29 15:40:35 2025 GMT
Not After : Nov 3 23:59:59 2025 GMT
Subject: serialNumber=9fcf096778b51f5e5b4cd7ccdffdf66f08158e02bcd8fa498702fe0c09492986, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:79:7c:14:f9:7d:49:19:c7:a9:68:c5:21:ad:
5f:7b:a0:fd:a4:ea:63:28:13:f1:4b:c7:56:a1:e5:
07:aa:04:a5:ed:b9:a2:3d:58:7a:1f:52:30:7a:8e:
ec:bb:71:75:ce:d2:aa:1f:39:22:cf:dc:50:5c:65:
07:94:fe:9c:4b:a9:6f:ef:db:15:68:05:20:70:06:
7e:bd:0d:6f:84:a1:0d:c3:d2:e7:48:95:ed:9b:71:
85:9d:99:0e:61:9a:dd:f0:78:9e:01:48:ca:62:5b:
99:01:25:3b:41:ca:0c:5a:dc:77:d9:16:78:13:f9:
47:ff:fb:a9:97:6a:e9:ed:77:ce:c6:c0:c7:ee:75:
57:18:ce:cb:3d:62:e7:e7:cb:57:64:dd:3c:7d:b3:
71:98:07:a5:85:dd:6d:3d:f9:c4:09:d4:b2:ad:bb:
9a:50:2b:7b:c5:1a:20:5d:58:85:b5:7c:ee:aa:da:
b3:9a:c5:d0:4d:53:64:43:ce:dd:23:b3:eb:57:11:
a5:25:07:ea:a0:67:77:80:2a:03:61:82:82:6b:fd:
20:fc:f2:7c:80:7f:48:3d:c5:57:30:6a:73:18:a4:
c3:a2:9c:31:4d:2c:60:fb:45:d2:88:fd:75:65:61:
82:74:8d:f2:93:03:63:78:ea:a9:1f:78:33:d8:57:
7d:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:12:42:37:76:2F:3F:BE:17:F8:C9:CE:24:8E:73:E4:8B:06:4B:ED
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/a027acd6-b75f-42ce-9bfb-ac426d92b141.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc3:4000::/36
Signature Algorithm: sha256WithRSAEncryption
48:be:6a:55:21:9b:d5:d5:e6:d1:62:f7:9b:0c:4c:1e:b7:dd:
99:c1:69:39:78:61:34:13:d1:35:5d:98:01:9c:e9:09:a8:e9:
1b:e6:ba:93:63:91:ea:57:4f:23:82:7e:df:8a:39:e6:43:33:
b8:de:c2:a2:63:68:ca:20:cc:d2:3f:26:7d:92:69:1e:94:07:
3d:7d:89:ea:3a:26:a9:ee:fd:4b:ff:4b:7d:b1:ee:b9:16:71:
00:6b:25:3b:9e:f1:4a:b5:b9:f3:26:4f:26:bd:1e:0c:49:bf:
4b:60:c4:e1:33:2e:c2:e8:40:2e:d2:9f:29:73:0a:a7:cd:7a:
90:14:bf:7e:22:24:af:7b:e9:e4:5d:49:39:34:a8:57:e1:b0:
48:f4:d9:e1:5a:fd:19:3f:2a:8f:35:16:17:79:19:e9:09:4b:
51:53:7a:8e:f3:86:41:20:ae:ef:36:9b:54:8b:bf:9e:bd:ea:
41:1d:cd:01:7f:3e:b1:de:88:c1:10:ea:cc:e3:1e:7f:3b:ab:
39:39:53:13:fa:91:70:85:63:18:f2:48:9d:2c:42:61:7e:cf:
85:35:ed:d8:e1:42:f5:1d:0b:f0:0f:ff:3f:26:7f:33:5b:57:
7b:9e:e5:20:39:a8:16:59:3c:7e:43:75:63:a4:de:a0:56:40:
ed:70:24:bf
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUAbGcMvW7TW7YHYNkLjeZiaadmf0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA5MjkxNTQwMzVaFw0yNTExMDMyMzU5NTlaMHoxSTBHBgNV
BAUTQDlmY2YwOTY3NzhiNTFmNWU1YjRjZDdjY2RmZmRmNjZmMDgxNThlMDJiY2Q4
ZmE0OTg3MDJmZTBjMDk0OTI5ODYxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJt5fBT5fUkZx6loxSGtX3ug/aTqYygT8UvHVqHlB6oEpe25oj1Yeh9SMHqO
7Ltxdc7Sqh85Is/cUFxlB5T+nEupb+/bFWgFIHAGfr0Nb4ShDcPS50iV7ZtxhZ2Z
DmGa3fB4ngFIymJbmQElO0HKDFrcd9kWeBP5R//7qZdq6e13zsbAx+51VxjOyz1i
5+fLV2TdPH2zcZgHpYXdbT35xAnUsq27mlAre8UaIF1YhbV87qras5rF0E1TZEPO
3SOz61cRpSUH6qBnd4AqA2GCgmv9IPzyfIB/SD3FVzBqcxikw6KcMU0sYPtF0oj9
dWVhgnSN8pMDY3jqqR94M9hXfacCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBROEkI3
di8/vhf4yc4kjnPkiwZL7TAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
YTAyN2FjZDYtYjc1Zi00MmNlLTliZmItYWM0MjZkOTJiMTQxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCABP8NA
MA0GCSqGSIb3DQEBCwUAA4IBAQBIvmpVIZvV1ebRYvebDEwet92ZwWk5eGE0E9E1
XZgBnOkJqOkb5rqTY5HqV08jgn7fijnmQzO43sKiY2jKIMzSPyZ9kmkelAc9fYnq
Oiap7v1L/0t9se65FnEAayU7nvFKtbnzJk8mvR4MSb9LYMThMy7C6EAu0p8pcwqn
zXqQFL9+IiSve+nkXUk5NKhX4bBI9NnhWv0ZPyqPNRYXeRnpCUtRU3qO84ZBIK7v
NptUi7+evepBHc0Bfz6x3ojBEOrM4x5/O6s5OVMT+pFwhWMY8kidLEJhfs+FNe3Y
4UL1HQvwD/8/Jn8zW1d7nuUgOagWWTx+Q3VjpN6gVkDtcCS/
-----END CERTIFICATE-----
Generated at Sun Oct 19 19:54:42 2025 by rpki-client