Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/b128bc8d-b462-4700-9503-592938317487.roa
File: b128bc8d-b462-4700-9503-592938317487.roa (raw, json)
Hash identifier: IxWLvKjAfebHrgLbS9EczfABVAekjQNCCgF3ZPDgwEI=
Subject key identifier: FE:4D:A5:29:E0:00:65:6C:C0:92:AB:1D:EB:E5:5E:E0:21:C1:3C:5E
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 160726A963F3E15E1E8C19DE0E7324DF338FA71C
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/b128bc8d-b462-4700-9503-592938317487.roa
Signing time: Mon 29 Sep 2025 15:39:24 +0000
ROA not before: Mon 29 Sep 2025 15:39:24 +0000
ROA not after: Mon 03 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc0:880::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 20:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
16:07:26:a9:63:f3:e1:5e:1e:8c:19:de:0e:73:24:df:33:8f:a7:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Sep 29 15:39:24 2025 GMT
Not After : Nov 3 23:59:59 2025 GMT
Subject: serialNumber=7a9c8d4e8541e09aa67096c001a0f4a3ecfacb22f6b0673dbd3d48338afc8146, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:b2:4a:d9:04:33:17:52:cc:68:33:0a:c1:86:
04:bf:c3:14:d4:d7:43:a6:d5:95:a9:08:34:7f:d5:
c9:65:a3:f5:3e:a2:f0:9a:46:99:5a:c8:53:8d:04:
a4:fb:9b:28:70:19:ba:c4:bb:82:bc:b2:94:29:7b:
58:77:4f:3a:49:db:ee:bd:1a:7b:d2:b2:5f:47:b7:
ce:0d:f9:05:09:31:00:60:3d:76:de:fe:40:85:c4:
aa:ac:be:ad:c3:c6:d2:76:5e:e9:3c:0d:0f:f9:aa:
f0:13:ef:e2:ee:32:0e:d8:c6:50:22:20:cb:85:84:
ba:6c:32:fe:7e:a7:d2:16:76:97:db:c2:00:79:86:
57:8f:e7:fc:06:7a:b4:79:26:01:24:4d:51:2c:5e:
a3:8e:bc:f8:21:fb:fe:dc:f7:d6:02:8d:bd:01:f7:
c1:96:ce:25:c4:dd:16:c6:2a:11:b5:a7:f8:a9:f7:
b3:7e:ce:09:23:47:aa:de:36:9d:36:cd:3a:7c:4e:
e1:8d:b7:f8:29:b7:04:86:4d:e9:6e:cb:91:05:2f:
e5:01:53:fe:88:3c:31:86:5a:3d:11:1e:26:d0:0a:
e4:be:1a:01:3e:d7:5b:ba:ee:84:f3:49:cf:27:bd:
86:d8:de:44:ff:e2:40:2b:8f:0b:6f:dc:62:92:76:
58:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:4D:A5:29:E0:00:65:6C:C0:92:AB:1D:EB:E5:5E:E0:21:C1:3C:5E
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/b128bc8d-b462-4700-9503-592938317487.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc0:880::/48
Signature Algorithm: sha256WithRSAEncryption
a1:54:90:a4:a1:69:8b:4d:a3:bc:55:ef:9c:3c:f6:cd:b0:a9:
82:f2:68:4d:46:83:42:7b:f7:d0:b7:94:55:cb:b1:0d:ae:6f:
09:8f:65:85:ab:eb:3a:f1:53:1b:c2:3c:96:cc:df:f3:b6:c4:
a0:fc:16:89:3f:8e:92:18:58:f0:f2:8e:b0:5d:5c:b6:f9:95:
07:7c:76:49:23:dd:0a:b5:55:c4:5b:7c:2a:e1:62:d0:27:87:
e9:62:fc:b1:2d:45:f5:e5:5c:7f:cd:44:ae:b3:d1:08:2d:5c:
b9:a6:1e:0b:05:9e:56:12:2a:dc:04:f2:95:64:67:46:e4:5b:
c8:6e:e1:3c:81:b1:6b:b3:4e:3a:91:0b:c1:ee:cf:f1:0a:0c:
80:8c:55:b9:7b:57:86:ab:1f:9c:42:e7:52:ad:72:01:38:c2:
39:aa:99:20:fd:2f:f9:79:f6:76:d4:e6:51:0a:80:5f:51:30:
7b:d6:7b:a8:e6:af:8f:aa:bb:11:e4:92:7a:e1:2e:de:19:14:
e2:28:30:b1:49:bf:13:97:72:ec:9d:bd:31:19:70:bb:1e:2c:
bb:e1:27:5b:ee:00:72:1e:a3:ff:dc:35:da:bf:2f:1a:27:48:
06:74:c0:45:a8:e6:da:0b:12:2f:aa:d3:8b:44:a4:b0:c8:75:
a2:6b:97:f2
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUFgcmqWPz4V4ejBneDnMk3zOPpxwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA5MjkxNTM5MjRaFw0yNTExMDMyMzU5NTlaMHoxSTBHBgNV
BAUTQDdhOWM4ZDRlODU0MWUwOWFhNjcwOTZjMDAxYTBmNGEzZWNmYWNiMjJmNmIw
NjczZGJkM2Q0ODMzOGFmYzgxNDYxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAI+yStkEMxdSzGgzCsGGBL/DFNTXQ6bVlakINH/VyWWj9T6i8JpGmVrIU40E
pPubKHAZusS7gryylCl7WHdPOknb7r0ae9KyX0e3zg35BQkxAGA9dt7+QIXEqqy+
rcPG0nZe6TwND/mq8BPv4u4yDtjGUCIgy4WEumwy/n6n0hZ2l9vCAHmGV4/n/AZ6
tHkmASRNUSxeo468+CH7/tz31gKNvQH3wZbOJcTdFsYqEbWn+Kn3s37OCSNHqt42
nTbNOnxO4Y23+Cm3BIZN6W7LkQUv5QFT/og8MYZaPREeJtAK5L4aAT7XW7ruhPNJ
zye9htjeRP/iQCuPC2/cYpJ2WOsCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBT+TaUp
4ABlbMCSqx3r5V7gIcE8XjAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
YjEyOGJjOGQtYjQ2Mi00NzAwLTk1MDMtNTkyOTM4MzE3NDg3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACABP8AI
gDANBgkqhkiG9w0BAQsFAAOCAQEAoVSQpKFpi02jvFXvnDz2zbCpgvJoTUaDQnv3
0LeUVcuxDa5vCY9lhavrOvFTG8I8lszf87bEoPwWiT+OkhhY8PKOsF1ctvmVB3x2
SSPdCrVVxFt8KuFi0CeH6WL8sS1F9eVcf81ErrPRCC1cuaYeCwWeVhIq3ATylWRn
RuRbyG7hPIGxa7NOOpELwe7P8QoMgIxVuXtXhqsfnELnUq1yATjCOaqZIP0v+Xn2
dtTmUQqAX1Ewe9Z7qOavj6q7EeSSeuEu3hkU4igwsUm/E5dy7J29MRlwux4su+En
W+4Ach6j/9w12r8vGidIBnTARajm2gsSL6rTi0SksMh1omuX8g==
-----END CERTIFICATE-----
Generated at Mon Oct 20 06:38:29 2025 by rpki-client