
Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/bb6731f4-6cec-4564-8c6d-9e46397fac5a.roa
File: bb6731f4-6cec-4564-8c6d-9e46397fac5a.roa (raw, json)
Hash identifier: RtWmQ+7kl+zTBGi+BaUqwMaP9nfF+GMvs7IM40uwoxI=
Subject key identifier: 75:24:8B:E7:79:58:F4:D6:FB:FA:80:30:10:21:41:E3:D5:39:98:52
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 7308C7F1EA990C355EA4F891876CEB9EB3C12B0A
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/bb6731f4-6cec-4564-8c6d-9e46397fac5a.roa
Signing time: Mon 29 Sep 2025 15:40:18 +0000
ROA not before: Mon 29 Sep 2025 15:40:18 +0000
ROA not after: Mon 03 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc3:2000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
73:08:c7:f1:ea:99:0c:35:5e:a4:f8:91:87:6c:eb:9e:b3:c1:2b:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Sep 29 15:40:18 2025 GMT
Not After : Nov 3 23:59:59 2025 GMT
Subject: serialNumber=4856954626c65257b4a62805dc07efa636aab0e19c9dddcb13aed00f943f1c00, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:92:46:d5:62:80:c7:62:bb:4b:f9:ac:53:b3:
48:ed:1f:cb:3b:fa:e3:94:fb:16:e7:cd:91:3a:82:
96:70:eb:93:c5:1d:99:0d:06:b8:a5:d1:b4:ca:ef:
25:78:78:eb:39:99:b3:03:8b:7d:e7:d9:c7:48:f7:
11:4f:39:ce:92:90:79:f1:d6:c2:10:5c:85:c6:dc:
79:a9:4f:4f:85:be:01:d8:8a:57:e3:f9:c2:cb:1f:
f3:7f:f9:98:18:1e:ac:e2:b4:c2:41:5e:6e:a1:81:
a6:5d:5b:f9:dc:9a:0b:9d:80:3d:f7:f6:25:fc:d6:
1d:ee:26:8f:f1:86:3f:40:07:e3:7c:83:14:12:60:
3a:97:59:40:61:67:76:20:33:22:ed:5d:92:74:18:
f0:6e:85:50:21:db:7d:03:e5:da:2e:6e:91:2b:72:
58:9c:8e:9a:7e:30:8b:fc:84:f1:21:37:4d:df:f4:
c5:ed:80:fe:3e:c4:04:c4:dc:b8:88:75:83:9e:cc:
92:25:ae:ce:db:c4:e5:4f:23:10:03:69:05:c4:62:
be:26:0d:b1:82:86:b6:76:e8:73:16:fc:55:0a:96:
3f:cb:75:e2:0d:42:46:34:80:0a:d4:f0:98:5f:6c:
b5:53:68:ed:aa:cf:c1:24:67:00:06:b6:85:ba:cb:
c2:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:24:8B:E7:79:58:F4:D6:FB:FA:80:30:10:21:41:E3:D5:39:98:52
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/bb6731f4-6cec-4564-8c6d-9e46397fac5a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc3:2000::/36
Signature Algorithm: sha256WithRSAEncryption
99:47:08:60:05:be:8c:85:d1:17:37:fb:a2:a6:a9:c9:f3:8e:
a6:34:07:44:90:b1:95:84:e7:7d:7c:53:24:6b:42:aa:66:bb:
55:73:9d:e7:9b:d8:b1:83:3c:25:6f:94:67:a6:8d:32:17:e4:
4a:4a:9f:fd:da:a4:db:9b:bd:30:fa:98:97:cb:e9:ce:ef:7a:
ef:94:9c:a6:ee:ca:1b:32:65:7a:09:04:a0:bf:15:fc:99:c6:
0d:a4:36:20:53:ff:b2:15:71:c6:5f:0e:37:93:3f:09:49:d1:
c8:0c:a1:67:60:c5:8d:b8:4b:30:88:85:19:9c:91:f5:77:2a:
74:16:d3:42:c9:e4:0a:d8:d3:9a:4d:ae:7c:48:df:c7:91:60:
59:43:45:26:c1:28:4f:3e:76:68:e8:89:25:82:84:d6:62:be:
08:d9:50:95:00:92:00:8a:9a:3e:6c:4b:a3:ec:f7:f4:07:3a:
e8:c9:60:1d:01:7a:91:a5:8c:f2:b1:81:fe:8b:86:70:4e:12:
22:4f:d1:a5:ef:94:e1:74:43:1e:2d:20:90:8f:ed:fe:a7:16:
a1:bd:1d:6b:90:1c:d8:ca:0e:aa:f1:26:e5:d6:25:dc:fd:6f:
5e:32:7f:b2:aa:71:0a:8d:01:e2:50:84:68:38:27:4f:ad:9b:
a5:e3:25:20
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUcwjH8eqZDDVepPiRh2zrnrPBKwowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA5MjkxNTQwMThaFw0yNTExMDMyMzU5NTlaMHoxSTBHBgNV
BAUTQDQ4NTY5NTQ2MjZjNjUyNTdiNGE2MjgwNWRjMDdlZmE2MzZhYWIwZTE5Yzlk
ZGRjYjEzYWVkMDBmOTQzZjFjMDAxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK2SRtVigMdiu0v5rFOzSO0fyzv645T7FufNkTqClnDrk8UdmQ0GuKXRtMrv
JXh46zmZswOLfefZx0j3EU85zpKQefHWwhBchcbcealPT4W+AdiKV+P5wssf83/5
mBgerOK0wkFebqGBpl1b+dyaC52APff2JfzWHe4mj/GGP0AH43yDFBJgOpdZQGFn
diAzIu1dknQY8G6FUCHbfQPl2i5ukStyWJyOmn4wi/yE8SE3Td/0xe2A/j7EBMTc
uIh1g57MkiWuztvE5U8jEANpBcRiviYNsYKGtnbocxb8VQqWP8t14g1CRjSACtTw
mF9stVNo7arPwSRnAAa2hbrLws8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBR1JIvn
eVj01vv6gDAQIUHj1TmYUjAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
YmI2NzMxZjQtNmNlYy00NTY0LThjNmQtOWU0NjM5N2ZhYzVhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCABP8Mg
MA0GCSqGSIb3DQEBCwUAA4IBAQCZRwhgBb6MhdEXN/uipqnJ846mNAdEkLGVhOd9
fFMka0KqZrtVc53nm9ixgzwlb5Rnpo0yF+RKSp/92qTbm70w+piXy+nO73rvlJym
7sobMmV6CQSgvxX8mcYNpDYgU/+yFXHGXw43kz8JSdHIDKFnYMWNuEswiIUZnJH1
dyp0FtNCyeQK2NOaTa58SN/HkWBZQ0UmwShPPnZo6IklgoTWYr4I2VCVAJIAipo+
bEuj7Pf0BzroyWAdAXqRpYzysYH+i4ZwThIiT9Gl75ThdEMeLSCQj+3+pxahvR1r
kBzYyg6q8Sbl1iXc/W9eMn+yqnEKjQHiUIRoOCdPrZul4yUg
-----END CERTIFICATE-----
Generated at Sun Oct 19 17:46:18 2025 by rpki-client