
Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/d0c16247-cad2-4748-8340-6fe2e6d8ce6f.roa
File: d0c16247-cad2-4748-8340-6fe2e6d8ce6f.roa (raw, json)
Hash identifier: 6CrINj7hebjQ7EmhoAsWKdnK3YDK73UiK1qa1di3MWA=
Subject key identifier: 1D:41:FA:28:5E:DC:A9:32:4A:B6:FC:64:80:CE:EA:27:34:C6:86:5F
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 4F4428E51949C662FCDF496C52FD60FA96046878
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/d0c16247-cad2-4748-8340-6fe2e6d8ce6f.roa
Signing time: Mon 29 Sep 2025 15:40:15 +0000
ROA not before: Mon 29 Sep 2025 15:40:15 +0000
ROA not after: Mon 03 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc3:800::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4f:44:28:e5:19:49:c6:62:fc:df:49:6c:52:fd:60:fa:96:04:68:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Sep 29 15:40:15 2025 GMT
Not After : Nov 3 23:59:59 2025 GMT
Subject: serialNumber=c3210099c1c910f7e8975cf3907eaaf027d5a8db21eea4ea6bec21acba4b9b1b, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:92:dc:9c:f9:6c:29:bd:b8:b3:b2:a4:14:5c:
e8:af:13:35:bb:dc:c4:9a:b5:0f:a5:b9:b6:f4:31:
de:ab:4d:43:89:e7:61:80:4f:d5:f5:19:e1:33:5c:
ec:9f:13:a8:1a:5c:3a:83:9f:c0:14:61:06:20:6c:
4c:c7:fd:8a:c1:c2:5c:63:d2:92:e8:60:e9:5a:85:
70:52:00:bb:be:04:df:48:27:4d:68:41:bf:11:40:
c9:40:2f:29:74:40:db:9c:68:c0:c8:4d:3b:52:bb:
b8:4f:9d:f4:c1:ae:fc:f3:93:6e:37:e2:9a:d3:09:
62:b0:b0:58:60:c5:46:e8:29:52:dd:a7:4b:5f:0b:
6e:4c:da:9d:0f:a0:8d:aa:df:e3:1e:e5:29:75:e0:
2e:0a:46:b0:15:f8:7e:af:ad:b5:93:7e:8e:22:a2:
ea:09:e2:fb:14:a9:28:cb:95:70:86:0b:02:f1:28:
66:ee:3f:00:e9:09:55:e7:6c:a2:81:02:74:4e:3a:
05:0a:16:14:9e:c5:e6:5e:48:63:4f:0c:91:2a:22:
4d:6b:73:2a:bb:dd:3f:62:cf:e0:54:1b:6c:f3:05:
37:3b:e9:a4:2e:99:11:b6:e3:73:dc:15:5d:ba:54:
03:88:9f:61:02:55:d3:15:61:b3:aa:0f:1f:9c:04:
ba:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:41:FA:28:5E:DC:A9:32:4A:B6:FC:64:80:CE:EA:27:34:C6:86:5F
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/d0c16247-cad2-4748-8340-6fe2e6d8ce6f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc3:800::/40
Signature Algorithm: sha256WithRSAEncryption
0e:74:ba:ec:5a:68:99:5a:a2:1e:32:07:5a:3c:e5:7f:05:60:
52:2e:31:f7:5e:83:e6:89:bd:cc:c2:d5:9c:fb:18:ea:90:71:
05:7a:05:8e:64:29:ac:38:bc:ad:4d:a2:0b:ab:60:7e:63:b2:
46:0c:21:3d:16:4e:f3:89:40:44:59:80:04:09:e6:64:30:77:
9f:11:6e:3d:ca:1f:be:d2:3f:e6:9e:11:0b:e2:60:01:17:84:
ef:f5:3f:8f:86:6d:c5:8b:c0:05:f2:9c:60:8e:85:81:03:74:
28:f4:c7:12:44:17:7e:d0:b3:20:6a:41:b8:0b:31:90:eb:31:
48:53:a3:31:5c:a2:b9:aa:53:c2:f9:ef:91:b9:bb:3f:71:47:
d4:46:02:ec:e1:d2:36:be:61:12:fd:c6:46:8f:40:c9:12:11:
1f:67:0a:82:dd:0b:d5:e7:f8:59:d4:8d:f4:d6:6c:68:cf:34:
ac:e0:79:b5:0d:5f:6a:54:9d:94:05:c9:68:0d:92:c7:6a:4c:
1f:3c:12:b8:57:35:19:90:c1:0b:f1:86:c1:ae:40:94:06:4e:
bd:8c:ce:b9:df:24:77:a8:41:6d:f9:90:0e:f9:6e:07:e9:17:
23:ea:51:a9:ab:2c:8d:1d:56:ec:55:e3:99:96:c2:1e:8c:db:
96:eb:54:5a
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUT0Qo5RlJxmL830lsUv1g+pYEaHgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA5MjkxNTQwMTVaFw0yNTExMDMyMzU5NTlaMHoxSTBHBgNV
BAUTQGMzMjEwMDk5YzFjOTEwZjdlODk3NWNmMzkwN2VhYWYwMjdkNWE4ZGIyMWVl
YTRlYTZiZWMyMWFjYmE0YjliMWIxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALSS3Jz5bCm9uLOypBRc6K8TNbvcxJq1D6W5tvQx3qtNQ4nnYYBP1fUZ4TNc
7J8TqBpcOoOfwBRhBiBsTMf9isHCXGPSkuhg6VqFcFIAu74E30gnTWhBvxFAyUAv
KXRA25xowMhNO1K7uE+d9MGu/POTbjfimtMJYrCwWGDFRugpUt2nS18LbkzanQ+g
jarf4x7lKXXgLgpGsBX4fq+ttZN+jiKi6gni+xSpKMuVcIYLAvEoZu4/AOkJVeds
ooECdE46BQoWFJ7F5l5IY08MkSoiTWtzKrvdP2LP4FQbbPMFNzvppC6ZEbbjc9wV
XbpUA4ifYQJV0xVhs6oPH5wEuvMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQdQfoo
XtypMkq2/GSAzuonNMaGXzAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
ZDBjMTYyNDctY2FkMi00NzQ4LTgzNDAtNmZlMmU2ZDhjZTZmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACABP8MI
MA0GCSqGSIb3DQEBCwUAA4IBAQAOdLrsWmiZWqIeMgdaPOV/BWBSLjH3XoPmib3M
wtWc+xjqkHEFegWOZCmsOLytTaILq2B+Y7JGDCE9Fk7ziUBEWYAECeZkMHefEW49
yh++0j/mnhEL4mABF4Tv9T+Phm3Fi8AF8pxgjoWBA3Qo9McSRBd+0LMgakG4CzGQ
6zFIU6MxXKK5qlPC+e+Rubs/cUfURgLs4dI2vmES/cZGj0DJEhEfZwqC3QvV5/hZ
1I301mxozzSs4Hm1DV9qVJ2UBcloDZLHakwfPBK4VzUZkMEL8YbBrkCUBk69jM65
3yR3qEFt+ZAO+W4H6Rcj6lGpqyyNHVbsVeOZlsIejNuW61Ra
-----END CERTIFICATE-----
Generated at Sun Oct 19 19:57:35 2025 by rpki-client