
Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/aee0ced2-04c3-4c6b-ab68-04adfb518909.roa
File: aee0ced2-04c3-4c6b-ab68-04adfb518909.roa (raw, json)
Hash identifier: Xo9rqzu6ENmmy2LDlya0EPkBZ9AkQ0kxQn4UDc+j9aM=
Subject key identifier: D9:61:5D:D5:AB:08:5F:FD:2E:71:11:0A:A2:73:83:2F:9A:2D:78:A7
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 796C2D8B22C938C42563A04C5609E338BE6350C5
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/aee0ced2-04c3-4c6b-ab68-04adfb518909.roa
Signing time: Fri 17 Oct 2025 20:10:18 +0000
ROA not before: Fri 17 Oct 2025 20:10:18 +0000
ROA not after: Fri 21 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc7:7000::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
79:6c:2d:8b:22:c9:38:c4:25:63:a0:4c:56:09:e3:38:be:63:50:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Oct 17 20:10:18 2025 GMT
Not After : Nov 21 23:59:59 2025 GMT
Subject: serialNumber=3bab90f0f775b3ffa1ae0f7c812daa2b51b69d7a67c557ca35659e08c717d373, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:fa:7a:b7:39:74:4f:90:08:de:d4:5b:4b:2d:
72:5f:08:ad:c1:72:fc:e4:79:af:98:8d:99:63:07:
4f:ea:d6:9e:1e:15:87:58:0f:01:6a:e2:4c:4b:d7:
1d:67:3e:2a:43:e3:91:e8:c3:3c:a8:65:b0:c8:07:
b5:ed:c8:18:e0:7e:c2:7d:76:67:f9:24:a2:dd:14:
1a:41:81:bb:ec:37:5c:16:c9:2b:23:ec:87:06:12:
90:95:76:d3:be:4c:31:f3:5b:7b:e2:d0:60:3c:c1:
e1:8a:f8:af:30:2c:b7:e8:d8:ff:e0:ac:75:24:33:
90:9d:41:d3:fd:a3:61:b0:74:3c:cb:e2:69:f8:2d:
d6:77:a0:a1:a1:5c:7d:56:09:76:1e:8d:71:99:a3:
a1:92:42:a1:dc:4a:12:c7:08:b7:f6:e1:4b:38:6d:
bf:48:c4:22:5a:35:01:e2:fc:74:b4:dd:12:47:bf:
97:fb:74:4f:20:73:b9:8f:81:41:58:3f:f3:fb:5c:
17:39:02:d4:64:fa:da:44:df:22:a8:3b:a6:8f:67:
6d:74:ea:8d:fb:6e:3b:5e:b6:68:9c:1a:65:d1:91:
4d:77:c7:2f:56:82:6f:a6:f7:bf:0d:a0:40:f7:8c:
c6:c0:e3:19:62:84:1c:42:ef:b7:00:e8:4f:8d:84:
c2:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:61:5D:D5:AB:08:5F:FD:2E:71:11:0A:A2:73:83:2F:9A:2D:78:A7
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/aee0ced2-04c3-4c6b-ab68-04adfb518909.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc7:7000::/36
Signature Algorithm: sha256WithRSAEncryption
36:19:9a:9c:8b:ba:71:d6:0a:7c:a5:41:19:ca:09:2b:5e:4e:
01:55:b6:63:d6:15:e5:fb:8a:d1:22:9e:e7:e1:4f:bd:13:63:
f7:b4:88:0d:f0:09:49:0a:4e:8e:22:37:e0:60:24:43:e3:10:
1a:f7:d3:a5:3f:12:2d:ed:ca:8f:f4:8d:e5:c0:a7:59:0e:31:
eb:87:06:0c:6d:73:cf:b6:75:21:03:6a:0b:f3:cd:15:2e:7a:
7b:f7:41:77:9d:e9:d7:a2:38:31:cd:94:ac:26:99:ce:49:f7:
ac:6d:d2:dc:6b:b5:59:c7:7c:f9:2c:70:b5:4a:97:04:af:2c:
db:69:17:9f:10:9e:14:c8:b8:43:a3:c0:1a:88:54:53:47:a5:
51:dc:4c:28:99:5e:49:b0:ad:2c:27:4b:72:24:1a:c7:a2:2c:
9b:fe:3b:b1:3c:86:de:a3:b5:1a:26:bc:c7:53:44:cd:43:fc:
f1:0c:68:88:ea:5f:6b:f2:aa:1e:ce:4a:4c:12:f4:26:9c:cf:
d2:28:d5:83:d6:21:ea:73:a3:f9:77:28:af:26:80:dd:cd:9e:
e7:c4:41:8f:2d:3a:c3:59:44:d3:b0:a5:c0:02:e4:21:38:8b:
61:68:0e:b5:e6:a6:04:ce:7a:64:3f:1b:69:8b:c6:ce:ea:07:
c0:74:08:50
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUeWwtiyLJOMQlY6BMVgnjOL5jUMUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTEwMTcyMDEwMThaFw0yNTExMjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDNiYWI5MGYwZjc3NWIzZmZhMWFlMGY3YzgxMmRhYTJiNTFiNjlkN2E2N2M1
NTdjYTM1NjU5ZTA4YzcxN2QzNzMxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOX6erc5dE+QCN7UW0stcl8IrcFy/OR5r5iNmWMHT+rWnh4Vh1gPAWriTEvX
HWc+KkPjkejDPKhlsMgHte3IGOB+wn12Z/kkot0UGkGBu+w3XBbJKyPshwYSkJV2
075MMfNbe+LQYDzB4Yr4rzAst+jY/+CsdSQzkJ1B0/2jYbB0PMviafgt1negoaFc
fVYJdh6NcZmjoZJCodxKEscIt/bhSzhtv0jEIlo1AeL8dLTdEke/l/t0TyBzuY+B
QVg/8/tcFzkC1GT62kTfIqg7po9nbXTqjftuO162aJwaZdGRTXfHL1aCb6b3vw2g
QPeMxsDjGWKEHELvtwDoT42EwqcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTZYV3V
qwhf/S5xEQqic4Mvmi14pzAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
YWVlMGNlZDItMDRjMy00YzZiLWFiNjgtMDRhZGZiNTE4OTA5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCABP8dw
MA0GCSqGSIb3DQEBCwUAA4IBAQA2GZqci7px1gp8pUEZygkrXk4BVbZj1hXl+4rR
Ip7n4U+9E2P3tIgN8AlJCk6OIjfgYCRD4xAa99OlPxIt7cqP9I3lwKdZDjHrhwYM
bXPPtnUhA2oL880VLnp790F3nenXojgxzZSsJpnOSfesbdLca7VZx3z5LHC1SpcE
ryzbaRefEJ4UyLhDo8AaiFRTR6VR3EwomV5JsK0sJ0tyJBrHoiyb/juxPIbeo7Ua
JrzHU0TNQ/zxDGiI6l9r8qoezkpMEvQmnM/SKNWD1iHqc6P5dyivJoDdzZ7nxEGP
LTrDWUTTsKXAAuQhOIthaA615qYEznpkPxtpi8bO6gfAdAhQ
-----END CERTIFICATE-----
Generated at Sun Oct 19 19:57:48 2025 by rpki-client