Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/c70179f2-6d6a-4082-9c0e-863ea2322937.roa
File: c70179f2-6d6a-4082-9c0e-863ea2322937.roa (raw, json)
Hash identifier: PorgCxPrSA2OjdS3xHsjmZ327c1mnxmuJfOTn0izXQA=
Subject key identifier: 5F:09:AF:BB:7E:DA:CA:B5:17:9F:F5:4A:64:D6:FA:DD:42:CE:90:6D
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 69868293C18B0E2839ABB4A8EBC640818A66F5A7
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/c70179f2-6d6a-4082-9c0e-863ea2322937.roa
Signing time: Sat 27 Sep 2025 00:53:13 +0000
ROA not before: Sat 27 Sep 2025 00:53:13 +0000
ROA not after: Sat 01 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc7:4000::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
69:86:82:93:c1:8b:0e:28:39:ab:b4:a8:eb:c6:40:81:8a:66:f5:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Sep 27 00:53:13 2025 GMT
Not After : Nov 1 23:59:59 2025 GMT
Subject: serialNumber=2c70c2b204d3903109c1e5b18381c2f29e4252756bc1a3ff3433b25971c14018, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:10:87:ca:d6:b7:09:5a:75:03:29:e2:3b:44:
cc:6a:5e:5c:2a:9f:f8:5f:1a:9d:8c:38:9d:44:f0:
e5:41:cc:51:e6:df:f8:c4:12:02:53:5a:8d:f5:9c:
da:9b:15:8a:02:6c:46:2f:21:27:9d:0f:75:ed:cf:
ac:18:13:a9:20:b6:49:91:ec:82:e0:54:c2:9a:39:
d3:22:01:1f:5e:72:d9:b5:54:10:7c:3c:fa:08:65:
9c:5d:13:59:a8:c3:f5:50:bf:cd:87:f3:d3:f3:c4:
44:0e:a8:d0:0c:a7:a3:96:a7:c5:83:a4:ac:f5:42:
bc:fa:13:de:b5:52:38:0a:03:d3:6e:00:da:21:72:
f6:27:17:ee:d6:97:ac:15:36:e2:70:6e:88:fc:68:
c3:fc:ac:82:1b:39:f8:41:ad:c7:db:40:c3:5e:b6:
0a:7c:26:a1:47:8c:06:ba:5b:3e:70:73:fd:55:4a:
1b:a5:f7:ae:30:0c:38:5b:63:00:ef:6c:71:5c:3e:
fb:1c:b5:9f:64:b0:07:ae:2f:f1:77:29:60:fd:0d:
3b:77:fc:ec:e3:01:f3:be:69:d8:13:f5:24:af:d0:
13:bb:e7:26:5d:0c:11:6b:ac:81:5f:0f:05:c9:8c:
24:e8:88:46:16:04:47:37:75:dc:9b:63:00:28:ce:
4e:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:09:AF:BB:7E:DA:CA:B5:17:9F:F5:4A:64:D6:FA:DD:42:CE:90:6D
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/c70179f2-6d6a-4082-9c0e-863ea2322937.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc7:4000::/36
Signature Algorithm: sha256WithRSAEncryption
13:31:8f:fa:7d:b7:4e:e3:24:8f:19:61:88:30:ea:e0:21:95:
3d:9f:26:38:3c:9e:fa:b6:98:cd:36:67:26:fe:f4:a3:57:d9:
6f:f3:80:86:c9:f8:47:e6:63:ed:4f:d5:41:88:96:e0:59:39:
ee:38:c9:8f:76:dc:d6:bb:42:aa:af:0d:f5:d8:82:98:72:29:
e4:83:77:16:0f:1d:b4:76:9f:08:19:28:24:aa:57:4c:ce:96:
e5:0c:37:7f:1b:6e:7c:6a:01:14:dc:41:22:9f:29:7f:fd:67:
7a:7b:d7:5b:9d:85:30:53:15:fb:c4:ac:48:3e:b6:b1:86:db:
2d:ed:2b:02:2b:8c:cb:77:9e:3a:f9:f3:02:2c:e2:10:0e:bf:
b3:d9:22:dd:33:fe:15:9e:b4:3e:ea:ab:f4:4a:bc:29:5b:da:
01:ce:9a:12:49:14:68:bc:99:28:e5:4a:93:87:0c:d3:05:df:
19:ca:b4:75:40:9c:de:72:01:cc:36:5a:18:1f:df:9a:d8:81:
89:32:b0:f6:48:f0:bb:fb:09:36:8d:6b:35:8c:ce:f5:b3:6a:
dc:1d:44:e3:78:d7:e7:4a:84:4c:9c:96:dc:fb:d9:a6:22:30:
bd:29:e4:b1:03:c1:76:fe:95:ba:2e:a7:ec:2d:32:cf:18:c7:
aa:0a:b6:01
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUaYaCk8GLDig5q7So68ZAgYpm9acwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA5MjcwMDUzMTNaFw0yNTExMDEyMzU5NTlaMHoxSTBHBgNV
BAUTQDJjNzBjMmIyMDRkMzkwMzEwOWMxZTViMTgzODFjMmYyOWU0MjUyNzU2YmMx
YTNmZjM0MzNiMjU5NzFjMTQwMTgxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ8Qh8rWtwladQMp4jtEzGpeXCqf+F8anYw4nUTw5UHMUebf+MQSAlNajfWc
2psVigJsRi8hJ50Pde3PrBgTqSC2SZHsguBUwpo50yIBH15y2bVUEHw8+ghlnF0T
WajD9VC/zYfz0/PERA6o0Ayno5anxYOkrPVCvPoT3rVSOAoD024A2iFy9icX7taX
rBU24nBuiPxow/ysghs5+EGtx9tAw162CnwmoUeMBrpbPnBz/VVKG6X3rjAMOFtj
AO9scVw++xy1n2SwB64v8XcpYP0NO3f87OMB875p2BP1JK/QE7vnJl0MEWusgV8P
BcmMJOiIRhYERzd13JtjACjOTnkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRfCa+7
ftrKtRef9Upk1vrdQs6QbTAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
YzcwMTc5ZjItNmQ2YS00MDgyLTljMGUtODYzZWEyMzIyOTM3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCABP8dA
MA0GCSqGSIb3DQEBCwUAA4IBAQATMY/6fbdO4ySPGWGIMOrgIZU9nyY4PJ76tpjN
Nmcm/vSjV9lv84CGyfhH5mPtT9VBiJbgWTnuOMmPdtzWu0Kqrw312IKYcinkg3cW
Dx20dp8IGSgkqldMzpblDDd/G258agEU3EEinyl//Wd6e9dbnYUwUxX7xKxIPrax
htst7SsCK4zLd546+fMCLOIQDr+z2SLdM/4VnrQ+6qv0SrwpW9oBzpoSSRRovJko
5UqThwzTBd8ZyrR1QJzecgHMNloYH9+a2IGJMrD2SPC7+wk2jWs1jM71s2rcHUTj
eNfnSoRMnJbc+9mmIjC9KeSxA8F2/pW6LqfsLTLPGMeqCrYB
-----END CERTIFICATE-----
Generated at Sun Oct 19 17:48:40 2025 by rpki-client