Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/a972fe9b-c39f-48d1-8b19-c14cbaf16237.roa
File: a972fe9b-c39f-48d1-8b19-c14cbaf16237.roa (raw, json)
Hash identifier: fJF0zmkrrT97Sf0RpdRHolyTXAsGvv7kZCY8s45CTuA=
Subject key identifier: 4E:C5:E9:DA:58:1C:56:E4:07:B9:0C:AB:5C:39:93:86:E1:9A:83:AF
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 4A297057B538A4A4F35D775A1E4BCFFC8C41B140
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/a972fe9b-c39f-48d1-8b19-c14cbaf16237.roa
Signing time: Mon 29 Sep 2025 15:39:54 +0000
ROA not before: Mon 29 Sep 2025 15:39:54 +0000
ROA not after: Mon 03 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc1::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 15:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4a:29:70:57:b5:38:a4:a4:f3:5d:77:5a:1e:4b:cf:fc:8c:41:b1:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Sep 29 15:39:54 2025 GMT
Not After : Nov 3 23:59:59 2025 GMT
Subject: serialNumber=f2d05d702c89faedec6b34a762304936ccd42d68b4a31395e99618963d985060, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:64:28:97:30:4f:74:54:38:a6:0c:4d:ce:fb:
af:fa:bb:2e:5d:ee:a0:19:2c:d3:99:45:a9:25:b4:
8a:a0:85:4e:41:62:dd:ab:af:e6:a4:e4:ae:ac:17:
bf:9e:62:81:19:64:08:a8:81:ae:b4:16:0c:02:ac:
e6:9f:d2:95:b8:2b:4d:5f:5d:4b:e3:83:48:41:97:
6c:5f:1f:65:fa:7a:78:85:35:db:2a:6e:1d:e7:57:
51:a0:ee:dc:bc:41:0d:89:d3:0f:98:00:54:65:16:
a1:ce:fd:c2:b3:54:42:fb:3f:5e:12:5c:cf:a8:31:
1a:06:ff:45:8b:cc:7d:22:e3:57:aa:a1:e8:71:14:
ac:bd:fa:3a:81:6d:95:a5:76:41:cf:b8:40:12:1d:
0f:f7:3d:8a:6e:92:d9:db:2d:18:05:c1:e3:2b:1f:
b7:07:9a:65:ac:34:dd:39:68:f6:ac:5e:00:bd:70:
3f:6d:48:2b:76:ee:2e:91:b4:3e:57:db:a9:f6:cb:
08:cd:95:91:fd:df:07:ca:21:7b:6f:7d:09:b9:a2:
11:11:5c:d4:2e:70:74:54:2d:c3:b2:85:92:a2:9b:
f7:7f:ff:43:d9:12:b3:5f:c0:49:0a:f3:2d:6c:f6:
85:d1:9f:20:1a:f1:b7:33:ae:ce:c8:3c:11:60:44:
d0:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:C5:E9:DA:58:1C:56:E4:07:B9:0C:AB:5C:39:93:86:E1:9A:83:AF
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/a972fe9b-c39f-48d1-8b19-c14cbaf16237.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc1::/32
Signature Algorithm: sha256WithRSAEncryption
5e:bc:2d:0c:14:a2:6f:6f:e4:93:9e:69:92:6f:aa:c4:ed:0b:
28:68:99:28:81:9b:17:ca:1e:97:33:2e:26:35:ba:ec:98:3c:
35:74:a1:6c:01:47:3a:56:2f:08:5f:4c:95:9b:0d:4d:6a:f3:
45:4b:73:14:ae:a7:3c:11:17:65:d5:8a:83:63:78:65:0a:19:
16:26:df:8b:f9:6f:8f:f7:ba:c3:c8:12:49:de:54:45:eb:dc:
d5:fe:ef:9d:ab:26:31:e6:b2:7b:01:b3:20:f2:0a:d0:0d:ed:
32:fd:bc:0e:a6:4f:9a:fb:36:17:ed:3e:a7:72:8c:26:a9:d2:
68:65:14:60:e3:1e:df:a7:88:19:51:f0:a9:66:b9:6f:31:55:
e0:e5:ab:93:20:f7:8b:40:33:f0:f0:d9:ae:a9:b0:ab:ec:8b:
59:1c:04:a7:b4:a2:78:72:af:54:0f:2e:d0:92:6d:94:3f:99:
ed:66:0b:e1:6b:68:b3:97:0c:60:b4:60:3a:fc:9b:3e:d5:1b:
2b:f7:95:59:e1:d5:1d:03:9f:94:ec:bf:92:06:0d:66:1f:5d:
dc:a4:f6:dd:53:48:19:28:db:a4:c8:90:ff:20:3b:ab:07:c8:
04:1d:77:5f:0e:3b:21:32:ed:f0:f4:37:22:e5:9a:3f:86:42:
e7:82:36:c3
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgIUSilwV7U4pKTzXXdaHkvP/IxBsUAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA5MjkxNTM5NTRaFw0yNTExMDMyMzU5NTlaMHoxSTBHBgNV
BAUTQGYyZDA1ZDcwMmM4OWZhZWRlYzZiMzRhNzYyMzA0OTM2Y2NkNDJkNjhiNGEz
MTM5NWU5OTYxODk2M2Q5ODUwNjAxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJFkKJcwT3RUOKYMTc77r/q7Ll3uoBks05lFqSW0iqCFTkFi3auv5qTkrqwX
v55igRlkCKiBrrQWDAKs5p/SlbgrTV9dS+ODSEGXbF8fZfp6eIU12ypuHedXUaDu
3LxBDYnTD5gAVGUWoc79wrNUQvs/XhJcz6gxGgb/RYvMfSLjV6qh6HEUrL36OoFt
laV2Qc+4QBIdD/c9im6S2dstGAXB4ysftweaZaw03Tlo9qxeAL1wP21IK3buLpG0
PlfbqfbLCM2Vkf3fB8ohe299CbmiERFc1C5wdFQtw7KFkqKb93//Q9kSs1/ASQrz
LWz2hdGfIBrxtzOuzsg8EWBE0KUCAwEAAaOCAiIwggIeMB0GA1UdDgQWBBROxena
WBxW5Ae5DKtcOZOG4ZqDrzAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
YTk3MmZlOWItYzM5Zi00OGQxLThiMTktYzE0Y2JhZjE2MjM3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACABP8Ew
DQYJKoZIhvcNAQELBQADggEBAF68LQwUom9v5JOeaZJvqsTtCyhomSiBmxfKHpcz
LiY1uuyYPDV0oWwBRzpWLwhfTJWbDU1q80VLcxSupzwRF2XVioNjeGUKGRYm34v5
b4/3usPIEkneVEXr3NX+752rJjHmsnsBsyDyCtAN7TL9vA6mT5r7NhftPqdyjCap
0mhlFGDjHt+niBlR8KlmuW8xVeDlq5Mg94tAM/Dw2a6psKvsi1kcBKe0onhyr1QP
LtCSbZQ/me1mC+FraLOXDGC0YDr8mz7VGyv3lVnh1R0Dn5Tsv5IGDWYfXdyk9t1T
SBko26TIkP8gO6sHyAQdd18OOyEy7fD0NyLlmj+GQueCNsM=
-----END CERTIFICATE-----
Generated at Mon Oct 20 01:09:03 2025 by rpki-client