Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/e8f1c1f7-8389-4faf-87c9-f4a180e7bcdc.roa
File: e8f1c1f7-8389-4faf-87c9-f4a180e7bcdc.roa (raw, json)
Hash identifier: VpHgWTZ20vUQX51sK7iUYwtbxfu+nPjM1RabB9JJVAY=
Subject key identifier: CD:BC:E3:A8:65:49:4B:99:18:E1:A1:C5:21:F0:18:14:92:25:1A:DD
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 6DA4152440EA74F9D31F016D93C2261A44F26830
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/e8f1c1f7-8389-4faf-87c9-f4a180e7bcdc.roa
Signing time: Mon 29 Sep 2025 15:40:02 +0000
ROA not before: Mon 29 Sep 2025 15:40:02 +0000
ROA not after: Mon 03 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc5:8000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6d:a4:15:24:40:ea:74:f9:d3:1f:01:6d:93:c2:26:1a:44:f2:68:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Sep 29 15:40:02 2025 GMT
Not After : Nov 3 23:59:59 2025 GMT
Subject: serialNumber=5c08e6992e98c14db73fb95c346765e3f1ac04e6f221408d3c2e7dc57cafb03e, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:d2:7d:f3:a4:38:88:8c:bd:99:7f:7e:6d:a4:
71:89:45:69:c1:39:dd:00:ac:6e:18:59:35:ba:77:
95:88:22:2d:59:72:5c:3e:38:8f:60:57:01:9a:eb:
b6:88:e6:e5:ab:8b:35:21:42:34:32:5b:d1:ff:c7:
71:dd:4f:10:a6:45:1d:24:46:b7:4f:68:c0:87:f2:
6e:32:d7:d9:d1:9a:d0:7e:82:09:d6:f7:7b:4a:08:
8f:eb:bc:0b:ba:1a:6b:d4:95:e6:31:1d:66:e7:ea:
53:3e:b1:e5:25:03:09:b0:1b:5b:62:6f:26:94:ea:
f6:af:8f:68:f5:f9:c7:1d:83:7c:61:e1:64:4f:ea:
a0:7b:e2:02:cd:3c:65:6c:21:70:d0:b2:61:c3:54:
6b:bf:03:a1:cf:d1:11:1e:ff:78:83:bc:ca:cc:1c:
0a:21:7c:36:ff:9d:8b:ae:f1:52:f2:a4:3a:dc:97:
cb:99:c4:5c:e8:97:04:5d:0f:77:08:67:a8:3f:37:
33:85:43:f6:44:75:13:12:26:28:80:9d:93:d5:9b:
36:0c:b3:73:3e:b3:e6:7d:62:d4:9c:fd:41:b0:aa:
f7:e4:10:49:6a:1f:5c:03:17:8b:ae:81:d1:50:37:
76:26:0f:68:cc:c7:67:8c:e0:35:d1:a4:bc:e8:b9:
b3:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:BC:E3:A8:65:49:4B:99:18:E1:A1:C5:21:F0:18:14:92:25:1A:DD
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/e8f1c1f7-8389-4faf-87c9-f4a180e7bcdc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc5:8000::/36
Signature Algorithm: sha256WithRSAEncryption
0b:d6:83:2a:32:e0:1d:d8:b6:d3:35:e6:94:a0:d6:ad:57:6d:
46:c6:ce:a0:a7:5b:7c:3d:ae:44:37:1f:c1:4d:48:c2:2d:f4:
be:21:d6:73:a3:8a:04:22:df:41:37:ff:de:72:a7:46:57:f6:
90:5e:84:bb:43:17:2d:12:b4:c0:37:08:d2:24:4d:06:8f:fe:
0b:04:79:87:d0:7b:4d:34:cb:40:21:bf:67:dd:52:9a:60:b4:
13:34:f6:0e:68:b5:c5:64:30:8c:ab:dd:71:41:91:d6:b6:52:
70:14:7a:94:ad:eb:90:10:95:58:4c:cf:e4:97:bc:73:29:48:
15:66:fa:11:31:5e:bf:c0:d9:09:97:76:e1:81:ac:4c:d2:f1:
a0:e6:f8:0f:03:47:83:2a:35:95:a8:fc:22:ab:bb:ad:1a:5a:
7a:82:9a:86:2c:39:5f:b5:c5:f7:0c:ce:c5:02:fa:3e:11:ff:
3b:a3:b4:e7:f7:1c:b7:31:50:b8:6c:a2:12:62:bc:dd:d4:fc:
f0:08:a3:2c:68:5e:19:79:6f:0d:d4:54:1b:6a:49:fb:21:f1:
83:95:b9:c2:24:42:df:98:85:f3:83:b5:c1:6a:4b:4c:11:4a:
80:05:b8:15:dc:39:26:6d:40:0e:50:77:60:81:13:2f:09:de:
6e:c9:54:9d
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUbaQVJEDqdPnTHwFtk8ImGkTyaDAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA5MjkxNTQwMDJaFw0yNTExMDMyMzU5NTlaMHoxSTBHBgNV
BAUTQDVjMDhlNjk5MmU5OGMxNGRiNzNmYjk1YzM0Njc2NWUzZjFhYzA0ZTZmMjIx
NDA4ZDNjMmU3ZGM1N2NhZmIwM2UxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL3SffOkOIiMvZl/fm2kcYlFacE53QCsbhhZNbp3lYgiLVlyXD44j2BXAZrr
tojm5auLNSFCNDJb0f/Hcd1PEKZFHSRGt09owIfybjLX2dGa0H6CCdb3e0oIj+u8
C7oaa9SV5jEdZufqUz6x5SUDCbAbW2JvJpTq9q+PaPX5xx2DfGHhZE/qoHviAs08
ZWwhcNCyYcNUa78Doc/RER7/eIO8yswcCiF8Nv+di67xUvKkOtyXy5nEXOiXBF0P
dwhnqD83M4VD9kR1ExImKICdk9WbNgyzcz6z5n1i1Jz9QbCq9+QQSWofXAMXi66B
0VA3diYPaMzHZ4zgNdGkvOi5s9cCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTNvOOo
ZUlLmRjhocUh8BgUkiUa3TAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
ZThmMWMxZjctODM4OS00ZmFmLTg3YzktZjRhMTgwZTdiY2RjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCABP8WA
MA0GCSqGSIb3DQEBCwUAA4IBAQAL1oMqMuAd2LbTNeaUoNatV21Gxs6gp1t8Pa5E
Nx/BTUjCLfS+IdZzo4oEIt9BN//ecqdGV/aQXoS7QxctErTANwjSJE0Gj/4LBHmH
0HtNNMtAIb9n3VKaYLQTNPYOaLXFZDCMq91xQZHWtlJwFHqUreuQEJVYTM/kl7xz
KUgVZvoRMV6/wNkJl3bhgaxM0vGg5vgPA0eDKjWVqPwiq7utGlp6gpqGLDlftcX3
DM7FAvo+Ef87o7Tn9xy3MVC4bKISYrzd1PzwCKMsaF4ZeW8N1FQbakn7IfGDlbnC
JELfmIXzg7XBaktMEUqABbgV3DkmbUAOUHdggRMvCd5uyVSd
-----END CERTIFICATE-----
Generated at Sun Oct 19 20:00:50 2025 by rpki-client