Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/d0cd9905-72c5-4ff9-98df-6b0d1c12a4c1.roa
File: d0cd9905-72c5-4ff9-98df-6b0d1c12a4c1.roa (raw, json)
Hash identifier: iko++CviK/CQxYcgqXHOanM2TW6BPpztgxgOCvdRNwQ=
Subject key identifier: BB:3C:58:8B:E8:7D:F5:81:46:87:FA:2B:D9:5C:79:99:34:40:C2:A7
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 04967CECBE077BF8570016442FBDA6F620F7B5C0
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/d0cd9905-72c5-4ff9-98df-6b0d1c12a4c1.roa
Signing time: Mon 29 Sep 2025 15:39:58 +0000
ROA not before: Mon 29 Sep 2025 15:39:58 +0000
ROA not after: Mon 03 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc4::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 15:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
04:96:7c:ec:be:07:7b:f8:57:00:16:44:2f:bd:a6:f6:20:f7:b5:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Sep 29 15:39:58 2025 GMT
Not After : Nov 3 23:59:59 2025 GMT
Subject: serialNumber=531b6d29fa3648fb04becbde799ff16ce0a37937591773e0637f4f3e46ac39f4, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:82:bd:73:1f:70:8f:63:06:d7:a9:7d:9c:2f:
87:d4:b5:04:1c:98:16:0c:85:c0:20:57:23:78:09:
66:56:e3:ca:6e:33:d8:d8:a7:90:fb:d5:35:99:3b:
0b:b8:d2:90:a3:39:79:56:a0:7a:08:41:9d:9a:98:
13:f5:7f:b0:ec:cc:39:9d:f5:84:c8:cf:f3:98:b6:
85:ec:63:df:6f:19:37:f9:2e:d6:e6:40:62:bb:7b:
9e:b4:f4:0c:c6:93:c7:71:f8:67:95:33:3f:94:a3:
90:1d:d0:15:ee:b9:bb:31:96:46:17:b9:dc:05:ba:
72:53:d0:1f:f7:ed:a5:8b:b2:c8:d2:38:8a:c2:01:
34:6f:51:07:cd:ea:e6:d5:f6:18:e3:70:48:df:45:
aa:cc:0e:4e:96:05:8c:60:63:ec:82:5f:47:b6:bf:
ea:38:2f:f7:b7:a0:4c:5b:7f:f4:46:ec:c3:77:c6:
5c:3c:cf:52:69:18:a0:84:3e:dc:ca:fd:a9:da:3e:
43:84:8b:af:db:8d:8d:8d:2b:eb:73:8e:69:d2:04:
c8:29:02:66:3c:5f:31:7d:01:50:54:96:3e:e7:59:
cf:3e:4a:cc:9f:fb:7e:21:53:94:d2:f7:69:91:ad:
cc:50:0f:96:45:73:c4:fd:04:72:4f:b3:95:68:10:
22:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:3C:58:8B:E8:7D:F5:81:46:87:FA:2B:D9:5C:79:99:34:40:C2:A7
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/d0cd9905-72c5-4ff9-98df-6b0d1c12a4c1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc4::/36
Signature Algorithm: sha256WithRSAEncryption
0a:1a:43:75:32:3d:6d:b0:8d:5d:17:37:57:ef:dd:7f:38:a8:
a4:36:c7:db:8e:7e:10:4e:29:0f:2b:26:52:29:a6:d3:8d:47:
84:99:1d:96:ea:2e:1f:d1:99:af:36:c5:28:82:d4:3e:c2:43:
85:95:3a:fd:5b:40:c4:e5:bb:eb:4c:fd:b0:d3:8c:09:21:94:
c5:72:51:7e:48:7a:fa:fc:9e:6b:ba:4e:63:53:19:74:48:22:
a8:a3:c6:15:a6:85:c6:69:74:3c:05:7b:02:74:a7:74:06:50:
01:06:be:6e:af:dc:53:50:81:a5:30:d4:45:b2:5e:af:a1:6c:
f1:da:25:fd:5c:96:8e:47:ae:59:de:5b:9c:2e:1c:1e:a6:39:
37:17:61:6b:b8:70:46:79:f2:38:e5:47:ee:46:ed:29:d1:10:
21:0b:cf:f6:68:93:07:62:d3:3f:63:41:12:4e:0f:3c:c6:ec:
a8:c9:d0:cf:78:c7:15:b2:f5:12:04:f5:07:48:33:02:fa:f9:
ba:25:ba:00:9a:0c:1b:36:a0:3a:d8:c6:75:73:f1:eb:c8:e2:
08:4c:6f:8a:45:6f:03:54:1e:15:d0:f9:6e:e1:a3:49:76:0c:
9d:59:df:7a:8b:11:d5:d0:1b:29:46:08:01:f2:09:b4:73:12:
b8:2b:b1:fa
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUBJZ87L4He/hXABZEL72m9iD3tcAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA5MjkxNTM5NThaFw0yNTExMDMyMzU5NTlaMHoxSTBHBgNV
BAUTQDUzMWI2ZDI5ZmEzNjQ4ZmIwNGJlY2JkZTc5OWZmMTZjZTBhMzc5Mzc1OTE3
NzNlMDYzN2Y0ZjNlNDZhYzM5ZjQxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANGCvXMfcI9jBtepfZwvh9S1BByYFgyFwCBXI3gJZlbjym4z2NinkPvVNZk7
C7jSkKM5eVageghBnZqYE/V/sOzMOZ31hMjP85i2hexj328ZN/ku1uZAYrt7nrT0
DMaTx3H4Z5UzP5SjkB3QFe65uzGWRhe53AW6clPQH/ftpYuyyNI4isIBNG9RB83q
5tX2GONwSN9FqswOTpYFjGBj7IJfR7a/6jgv97egTFt/9Ebsw3fGXDzPUmkYoIQ+
3Mr9qdo+Q4SLr9uNjY0r63OOadIEyCkCZjxfMX0BUFSWPudZzz5KzJ/7fiFTlNL3
aZGtzFAPlkVzxP0Eck+zlWgQIkMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBS7PFiL
6H31gUaH+ivZXHmZNEDCpzAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
ZDBjZDk5MDUtNzJjNS00ZmY5LTk4ZGYtNmIwZDFjMTJhNGMxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCABP8QA
MA0GCSqGSIb3DQEBCwUAA4IBAQAKGkN1Mj1tsI1dFzdX791/OKikNsfbjn4QTikP
KyZSKabTjUeEmR2W6i4f0ZmvNsUogtQ+wkOFlTr9W0DE5bvrTP2w04wJIZTFclF+
SHr6/J5ruk5jUxl0SCKoo8YVpoXGaXQ8BXsCdKd0BlABBr5ur9xTUIGlMNRFsl6v
oWzx2iX9XJaOR65Z3lucLhwepjk3F2FruHBGefI45UfuRu0p0RAhC8/2aJMHYtM/
Y0ESTg88xuyoydDPeMcVsvUSBPUHSDMC+vm6JboAmgwbNqA62MZ1c/HryOIITG+K
RW8DVB4V0Plu4aNJdgydWd96ixHV0BspRggB8gm0cxK4K7H6
-----END CERTIFICATE-----
Generated at Mon Oct 20 01:08:56 2025 by rpki-client