Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/baededf2-26d8-42f7-b8bc-fbf1dc4fb03d.roa
File: baededf2-26d8-42f7-b8bc-fbf1dc4fb03d.roa (raw, json)
Hash identifier: Zo5AebdHmHuSyszlFD2rYi8qAarUgCdagwOxzFdJyOo=
Subject key identifier: E7:D3:D2:83:E7:94:A0:8B:49:2C:D0:67:C5:FA:A9:B0:8A:47:06:86
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 1B8437A0417EB066974274E659541B2E0A8C0F58
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/baededf2-26d8-42f7-b8bc-fbf1dc4fb03d.roa
Signing time: Mon 29 Sep 2025 15:40:17 +0000
ROA not before: Mon 29 Sep 2025 15:40:17 +0000
ROA not after: Mon 03 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc7:6000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 15:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1b:84:37:a0:41:7e:b0:66:97:42:74:e6:59:54:1b:2e:0a:8c:0f:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Sep 29 15:40:17 2025 GMT
Not After : Nov 3 23:59:59 2025 GMT
Subject: serialNumber=3319b768ba954999119ddd4ba5c5f08eef2e8fddc6a6a9f41885aa103fad5499, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:66:d3:39:9f:7e:a6:a2:e0:69:94:25:bf:4d:
a3:83:25:7e:50:a0:df:7e:82:60:bd:82:03:70:22:
b9:a2:cc:57:39:d3:e9:c2:52:75:57:da:fe:8b:b9:
8e:28:7a:aa:7d:67:58:c7:1e:f6:c0:bc:c1:3c:38:
e7:e2:e4:19:21:1d:79:33:99:8d:76:4a:04:1e:99:
35:59:f5:48:a5:91:0c:44:e4:fc:c7:92:ae:e2:f6:
b4:f5:3e:00:52:07:41:28:f2:a6:1e:8a:be:8f:f9:
1e:3c:9d:c7:b7:96:1f:53:b9:de:03:a3:4b:8f:42:
87:43:cc:e0:1b:c9:6c:12:75:e7:b2:b5:9e:8c:cf:
d2:cc:86:ea:d8:90:fe:7a:3c:60:e3:2e:f3:c6:60:
6b:22:38:7f:3e:c0:72:75:9a:0f:06:8c:ed:83:ca:
e0:35:8a:1c:58:69:dc:be:88:41:c3:92:81:ca:83:
cd:59:68:2d:9f:02:6a:d7:b3:67:be:cd:e4:b4:ab:
e1:4c:88:42:19:1b:f7:eb:d3:a9:ca:67:72:31:1d:
19:3d:a8:d5:86:be:38:a7:d8:01:8c:2e:21:23:9c:
37:94:b1:57:b8:44:c9:79:b9:b0:f1:4d:52:a4:38:
7d:26:d1:76:28:96:37:09:f0:af:58:f4:0e:d8:e2:
96:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:D3:D2:83:E7:94:A0:8B:49:2C:D0:67:C5:FA:A9:B0:8A:47:06:86
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/baededf2-26d8-42f7-b8bc-fbf1dc4fb03d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc7:6000::/36
Signature Algorithm: sha256WithRSAEncryption
a6:66:67:3e:31:22:8f:32:e0:08:07:32:a9:ea:8c:3e:b7:91:
89:a8:17:af:c0:aa:da:52:19:af:e1:91:f6:92:ec:b4:ce:3b:
29:27:15:3b:16:70:18:39:8e:49:23:c1:c9:79:93:62:b5:7d:
20:bf:91:f7:f2:8a:b3:9f:0c:57:4b:df:ab:0d:e8:54:d3:c2:
e5:fe:5d:d3:cf:c3:07:b2:d3:c5:bc:53:30:2f:02:e4:a1:2b:
eb:32:32:1f:ca:1f:34:d0:c5:a7:b5:d8:7d:9f:0f:00:9f:f7:
7c:05:f4:a4:44:9c:53:6f:cc:10:85:93:a7:e7:71:de:6c:00:
39:3d:f9:71:9d:ef:d4:16:e7:f7:f4:77:16:87:13:87:5d:49:
eb:f5:0f:ba:82:74:0e:b2:bf:ae:51:46:f4:0e:1c:4c:9f:ad:
fb:95:df:d7:e8:d4:eb:2b:66:fb:35:d2:e5:bc:db:f2:eb:73:
95:33:c2:83:ca:e9:a6:c3:0d:37:d9:b3:70:e0:f8:5a:1f:34:
f9:3d:1a:51:57:c3:c0:c9:55:a8:3f:33:2f:b6:2b:c4:05:ec:
6e:f0:de:ea:93:e0:31:a7:86:4e:96:a4:0f:d6:0f:7d:f0:bb:
cf:cd:43:a1:b1:fe:ed:bc:df:d8:f5:ca:f8:5a:4f:be:4c:41:
69:5e:90:ef
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUG4Q3oEF+sGaXQnTmWVQbLgqMD1gwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA5MjkxNTQwMTdaFw0yNTExMDMyMzU5NTlaMHoxSTBHBgNV
BAUTQDMzMTliNzY4YmE5NTQ5OTkxMTlkZGQ0YmE1YzVmMDhlZWYyZThmZGRjNmE2
YTlmNDE4ODVhYTEwM2ZhZDU0OTkxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK1m0zmffqai4GmUJb9No4MlflCg336CYL2CA3AiuaLMVznT6cJSdVfa/ou5
jih6qn1nWMce9sC8wTw45+LkGSEdeTOZjXZKBB6ZNVn1SKWRDETk/MeSruL2tPU+
AFIHQSjyph6Kvo/5Hjydx7eWH1O53gOjS49Ch0PM4BvJbBJ157K1nozP0syG6tiQ
/no8YOMu88ZgayI4fz7AcnWaDwaM7YPK4DWKHFhp3L6IQcOSgcqDzVloLZ8Catez
Z77N5LSr4UyIQhkb9+vTqcpncjEdGT2o1Ya+OKfYAYwuISOcN5SxV7hEyXm5sPFN
UqQ4fSbRdiiWNwnwr1j0DtjilgECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTn09KD
55Sgi0ks0GfF+qmwikcGhjAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
YmFlZGVkZjItMjZkOC00MmY3LWI4YmMtZmJmMWRjNGZiMDNkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCABP8dg
MA0GCSqGSIb3DQEBCwUAA4IBAQCmZmc+MSKPMuAIBzKp6ow+t5GJqBevwKraUhmv
4ZH2kuy0zjspJxU7FnAYOY5JI8HJeZNitX0gv5H38oqznwxXS9+rDehU08Ll/l3T
z8MHstPFvFMwLwLkoSvrMjIfyh800MWntdh9nw8An/d8BfSkRJxTb8wQhZOn53He
bAA5Pflxne/UFuf39HcWhxOHXUnr9Q+6gnQOsr+uUUb0DhxMn637ld/X6NTrK2b7
NdLlvNvy63OVM8KDyummww032bNw4PhaHzT5PRpRV8PAyVWoPzMvtivEBexu8N7q
k+Axp4ZOlqQP1g998LvPzUOhsf7tvN/Y9cr4Wk++TEFpXpDv
-----END CERTIFICATE-----
Generated at Mon Oct 20 01:09:00 2025 by rpki-client