Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/bb926853-f3ad-4f1a-b024-12b34c55d5bc.roa
File: bb926853-f3ad-4f1a-b024-12b34c55d5bc.roa (raw, json)
Hash identifier: pNuHBg5SfF0PPA4q7DatnHyuleuxZncmme3fj9MXy2k=
Subject key identifier: 08:53:83:14:AE:28:E3:7E:D6:C0:96:97:B1:40:11:17:55:A8:59:7C
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 543AEB5389AAB9D76929E0DC5272FEFFF234B4C0
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/bb926853-f3ad-4f1a-b024-12b34c55d5bc.roa
Signing time: Mon 29 Sep 2025 15:39:30 +0000
ROA not before: Mon 29 Sep 2025 15:39:30 +0000
ROA not after: Mon 03 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc7:f880::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
54:3a:eb:53:89:aa:b9:d7:69:29:e0:dc:52:72:fe:ff:f2:34:b4:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Sep 29 15:39:30 2025 GMT
Not After : Nov 3 23:59:59 2025 GMT
Subject: serialNumber=05cc076e74d815f78be9206b99df7b6bf3fba9eea2737825304f0c0d01709626, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:53:5b:64:78:06:9f:97:7b:e0:ce:f7:d5:14:
0f:f8:62:93:52:50:f4:a6:43:34:51:1b:9b:61:69:
56:1d:96:03:a5:32:b2:15:a8:f9:95:8d:bf:7a:66:
76:40:bd:f1:7f:df:90:30:00:ed:ad:c3:5d:2a:8a:
ee:6d:f7:6c:22:b4:d7:cc:42:af:5c:54:23:d4:4b:
75:a8:e5:c0:f4:78:58:e9:9b:32:cb:03:0c:60:a6:
ab:8d:f9:98:aa:11:7f:30:e5:db:e0:a4:7e:c9:f1:
48:df:c6:9a:2f:91:11:70:d7:a1:3e:7a:26:b0:3f:
ce:ba:8a:9f:15:42:9a:39:f3:40:6a:26:ba:c3:ea:
fe:33:4d:9b:63:c5:85:ac:9c:bd:19:97:95:a4:7e:
a8:d0:7e:79:a8:e9:87:93:31:a8:32:2d:0e:65:a4:
57:f0:f1:41:48:b7:68:e5:08:b1:d9:02:45:43:a4:
78:f0:5f:50:8b:00:a3:dc:b1:2f:28:ef:da:31:91:
7f:95:f9:79:dd:84:29:62:a2:9d:2e:1b:6d:8a:57:
8a:c0:df:ed:9a:24:d2:e3:b3:5b:9b:ef:16:9c:95:
9c:f6:25:b1:4d:c4:dc:fe:0e:37:fb:08:b0:a0:a6:
98:33:b2:79:6a:b8:09:f8:8f:e3:fe:fc:c2:13:2f:
1b:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:53:83:14:AE:28:E3:7E:D6:C0:96:97:B1:40:11:17:55:A8:59:7C
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/bb926853-f3ad-4f1a-b024-12b34c55d5bc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc7:f880::/48
Signature Algorithm: sha256WithRSAEncryption
9e:75:5e:8e:bb:6b:5e:16:c9:d5:2a:50:74:d4:ea:fd:3e:5e:
48:e2:03:9c:92:ee:6b:40:d7:97:f4:64:3a:22:e0:0c:bd:bb:
0a:b3:83:78:03:a0:9d:cc:f2:97:57:75:b2:ea:e9:d9:ae:4b:
d8:13:3d:fb:ca:24:dc:8c:a5:3b:3c:07:07:64:0b:98:fa:78:
7d:49:8c:9f:39:ac:b3:19:b0:ab:18:8e:cc:6d:e2:50:90:12:
25:b0:db:cf:ab:6b:89:13:c0:2b:1a:d3:92:cc:1d:ea:8f:57:
85:6a:57:fa:6f:e3:eb:f4:d3:55:eb:2f:7c:25:af:36:a6:66:
41:22:5b:c0:20:d0:ca:4f:b0:91:a7:06:f9:82:9f:b5:04:40:
51:fe:93:c1:1d:0b:8c:91:f1:4c:77:e3:9e:b2:6c:48:3c:e4:
9d:86:6f:a0:42:6e:24:97:9d:34:93:35:85:0f:89:c7:bc:d0:
a6:40:9f:a5:92:0a:5e:38:aa:b0:a7:f4:45:c0:63:8d:38:21:
e1:e0:bb:e8:ac:37:72:50:05:99:81:64:e0:0c:88:97:31:77:
8d:52:6a:5f:5f:40:15:66:d5:32:c3:b9:f6:a1:72:f8:f7:8d:
85:fd:10:1e:60:1f:eb:62:58:8e:76:fa:54:7e:4d:bd:63:2f:
d7:78:62:6b
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUVDrrU4mquddpKeDcUnL+//I0tMAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA5MjkxNTM5MzBaFw0yNTExMDMyMzU5NTlaMHoxSTBHBgNV
BAUTQDA1Y2MwNzZlNzRkODE1Zjc4YmU5MjA2Yjk5ZGY3YjZiZjNmYmE5ZWVhMjcz
NzgyNTMwNGYwYzBkMDE3MDk2MjYxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMhTW2R4Bp+Xe+DO99UUD/hik1JQ9KZDNFEbm2FpVh2WA6UyshWo+ZWNv3pm
dkC98X/fkDAA7a3DXSqK7m33bCK018xCr1xUI9RLdajlwPR4WOmbMssDDGCmq435
mKoRfzDl2+CkfsnxSN/Gmi+REXDXoT56JrA/zrqKnxVCmjnzQGomusPq/jNNm2PF
haycvRmXlaR+qNB+eajph5MxqDItDmWkV/DxQUi3aOUIsdkCRUOkePBfUIsAo9yx
Lyjv2jGRf5X5ed2EKWKinS4bbYpXisDf7Zok0uOzW5vvFpyVnPYlsU3E3P4ON/sI
sKCmmDOyeWq4CfiP4/78whMvG3UCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQIU4MU
rijjftbAlpexQBEXVahZfDAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
YmI5MjY4NTMtZjNhZC00ZjFhLWIwMjQtMTJiMzRjNTVkNWJjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACABP8f4
gDANBgkqhkiG9w0BAQsFAAOCAQEAnnVejrtrXhbJ1SpQdNTq/T5eSOIDnJLua0DX
l/RkOiLgDL27CrODeAOgnczyl1d1surp2a5L2BM9+8ok3IylOzwHB2QLmPp4fUmM
nzmssxmwqxiOzG3iUJASJbDbz6triRPAKxrTkswd6o9XhWpX+m/j6/TTVesvfCWv
NqZmQSJbwCDQyk+wkacG+YKftQRAUf6TwR0LjJHxTHfjnrJsSDzknYZvoEJuJJed
NJM1hQ+Jx7zQpkCfpZIKXjiqsKf0RcBjjTgh4eC76Kw3clAFmYFk4AyIlzF3jVJq
X19AFWbVMsO59qFy+PeNhf0QHmAf62JYjnb6VH5NvWMv13hiaw==
-----END CERTIFICATE-----
Generated at Sun Oct 19 19:54:09 2025 by rpki-client