Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/c9fc58bf-3415-4839-940e-603e1b7d42f6.roa
File: c9fc58bf-3415-4839-940e-603e1b7d42f6.roa (raw, json)
Hash identifier: GM9ix05bfe3o9Y6jt22KI7gzUjJ7eaJ5vzHhKVktXeI=
Subject key identifier: C0:F1:B1:0D:0C:77:80:39:B2:2E:0D:E8:67:CC:E1:7F:16:95:0E:4A
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 500E4E10ED8DB119BA268B62281B7F6A789E6BCF
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/c9fc58bf-3415-4839-940e-603e1b7d42f6.roa
Signing time: Mon 29 Sep 2025 15:40:36 +0000
ROA not before: Mon 29 Sep 2025 15:40:36 +0000
ROA not after: Mon 03 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc7:e000::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
50:0e:4e:10:ed:8d:b1:19:ba:26:8b:62:28:1b:7f:6a:78:9e:6b:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Sep 29 15:40:36 2025 GMT
Not After : Nov 3 23:59:59 2025 GMT
Subject: serialNumber=d42bb7dfd70b544554fe8f421e3c1b97739906e59111bfa9faff68fffaf7517b, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:29:fa:5b:d4:1a:a7:7f:89:7e:31:23:f1:4d:
77:e3:82:81:bc:b1:85:a5:ec:b3:93:d8:aa:70:b1:
2e:5c:ef:c2:db:22:60:16:97:6e:0a:e0:5e:4c:ae:
30:75:69:67:ec:83:9d:64:c4:f3:7f:68:a6:46:fa:
38:54:b1:71:de:42:80:22:49:d9:ef:fb:33:f7:b0:
a6:dd:32:d5:eb:0e:79:81:89:ed:a1:57:05:f6:ac:
5f:dd:0f:ff:80:2f:f0:5a:63:4a:7d:ae:c7:71:7a:
c2:98:48:5f:3a:dc:6d:bf:b4:f2:83:9e:a6:fc:7e:
6d:b9:3d:40:3e:10:bf:b6:a0:79:d9:48:05:c3:b1:
6c:00:d5:da:79:4c:f0:0f:ca:70:e0:31:47:f0:75:
b9:9c:e8:2a:88:92:aa:32:0b:28:41:cb:9d:91:15:
ff:4b:8c:5c:15:5b:fb:be:04:02:c9:f8:80:1f:68:
f3:24:da:76:d8:6f:f6:8c:9d:61:48:2e:40:8f:62:
1f:29:c3:cd:61:4c:99:dd:30:f1:58:03:3b:bc:c9:
8b:d4:bf:7e:a2:f3:03:ee:76:ea:c1:e4:7f:b7:8c:
2f:8c:7e:a1:fe:79:28:f9:78:c7:cd:b6:bb:02:be:
c7:71:e3:48:0f:5c:0f:22:19:d4:ee:dd:71:cf:be:
c5:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:F1:B1:0D:0C:77:80:39:B2:2E:0D:E8:67:CC:E1:7F:16:95:0E:4A
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/c9fc58bf-3415-4839-940e-603e1b7d42f6.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc7:e000::/36
Signature Algorithm: sha256WithRSAEncryption
9e:aa:e7:94:15:16:c1:a3:eb:8e:ea:49:1d:80:67:cd:b6:df:
62:5a:11:d6:ad:f8:40:3f:67:72:2c:fe:e9:ef:52:3b:c9:7c:
43:2c:8c:a4:c1:5a:52:c8:c0:5b:be:95:e4:27:46:4b:8d:85:
d5:3f:23:28:f1:05:89:99:38:87:a2:23:69:9f:02:18:8c:1c:
17:e3:c9:56:e2:3c:56:85:cf:8d:2d:79:f0:f2:36:10:4c:60:
4d:3d:37:29:9d:41:ab:0c:94:fb:04:95:57:a4:09:3f:2d:cf:
1b:b0:6b:f7:e4:2f:db:ce:dc:db:0b:26:f0:79:9c:53:92:6f:
11:ee:61:0b:00:e0:6b:cc:62:2d:33:3a:d5:2a:92:20:d0:a4:
d1:d5:c0:c6:3f:4c:aa:d5:32:13:67:3a:e5:6f:37:5f:1d:74:
1e:63:13:b4:2e:95:50:75:06:27:51:a7:a8:d9:ef:86:de:1b:
74:02:50:ac:06:d0:ea:66:c8:2c:94:78:c4:51:74:35:0e:14:
4a:35:7b:cc:d7:85:34:ae:9f:d0:b6:e3:29:06:f7:f3:5b:8f:
60:67:bb:8c:ed:e8:21:e8:c1:5a:36:32:79:8c:99:ad:aa:cf:
ba:8e:89:e8:b8:da:a7:e8:ca:d9:bb:2a:97:2a:51:24:42:85:
61:60:95:d2
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUUA5OEO2NsRm6JotiKBt/aniea88wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA5MjkxNTQwMzZaFw0yNTExMDMyMzU5NTlaMHoxSTBHBgNV
BAUTQGQ0MmJiN2RmZDcwYjU0NDU1NGZlOGY0MjFlM2MxYjk3NzM5OTA2ZTU5MTEx
YmZhOWZhZmY2OGZmZmFmNzUxN2IxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMMp+lvUGqd/iX4xI/FNd+OCgbyxhaXss5PYqnCxLlzvwtsiYBaXbgrgXkyu
MHVpZ+yDnWTE839opkb6OFSxcd5CgCJJ2e/7M/ewpt0y1esOeYGJ7aFXBfasX90P
/4Av8FpjSn2ux3F6wphIXzrcbb+08oOepvx+bbk9QD4Qv7agedlIBcOxbADV2nlM
8A/KcOAxR/B1uZzoKoiSqjILKEHLnZEV/0uMXBVb+74EAsn4gB9o8yTadthv9oyd
YUguQI9iHynDzWFMmd0w8VgDO7zJi9S/fqLzA+526sHkf7eML4x+of55KPl4x822
uwK+x3HjSA9cDyIZ1O7dcc++xQMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTA8bEN
DHeAObIuDehnzOF/FpUOSjAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
YzlmYzU4YmYtMzQxNS00ODM5LTk0MGUtNjAzZTFiN2Q0MmY2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCABP8fg
MA0GCSqGSIb3DQEBCwUAA4IBAQCequeUFRbBo+uO6kkdgGfNtt9iWhHWrfhAP2dy
LP7p71I7yXxDLIykwVpSyMBbvpXkJ0ZLjYXVPyMo8QWJmTiHoiNpnwIYjBwX48lW
4jxWhc+NLXnw8jYQTGBNPTcpnUGrDJT7BJVXpAk/Lc8bsGv35C/bztzbCybweZxT
km8R7mELAOBrzGItMzrVKpIg0KTR1cDGP0yq1TITZzrlbzdfHXQeYxO0LpVQdQYn
Uaeo2e+G3ht0AlCsBtDqZsgslHjEUXQ1DhRKNXvM14U0rp/QtuMpBvfzW49gZ7uM
7egh6MFaNjJ5jJmtqs+6jonouNqn6MrZuyqXKlEkQoVhYJXS
-----END CERTIFICATE-----
Generated at Sun Oct 19 19:57:15 2025 by rpki-client