
Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/ea65bcc4-9fce-4b6f-a493-4a17ef1306cf.roa
File: ea65bcc4-9fce-4b6f-a493-4a17ef1306cf.roa (raw, json)
Hash identifier: 4ChtuGTP5suT4n0lA+pvuDiqCWh0OuBpaFJnQsk7pFw=
Subject key identifier: 0A:05:CD:32:E5:DE:04:DF:3F:E7:C4:81:F0:9B:81:45:E6:9E:85:6A
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 2488679D6E78F78227A23F0FA2F7A92F301BE6CC
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/ea65bcc4-9fce-4b6f-a493-4a17ef1306cf.roa
Signing time: Mon 29 Sep 2025 15:40:23 +0000
ROA not before: Mon 29 Sep 2025 15:40:23 +0000
ROA not after: Mon 03 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc7:1000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
24:88:67:9d:6e:78:f7:82:27:a2:3f:0f:a2:f7:a9:2f:30:1b:e6:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Sep 29 15:40:23 2025 GMT
Not After : Nov 3 23:59:59 2025 GMT
Subject: serialNumber=75e342533b10fbc219a43ea9b0d159f76bf08b7394ad1e31543ff996da77a111, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:d7:fa:88:4e:6b:00:0c:a4:68:35:c1:2b:7f:
69:50:5e:d5:93:2c:c5:95:1c:41:33:0e:be:ed:7b:
5a:56:4b:f0:eb:fd:ee:cb:02:1a:b9:fe:7a:41:75:
bb:6b:9b:ad:c7:8d:15:bf:01:14:7f:03:1c:32:c8:
35:1e:ad:fe:60:ea:61:7d:b9:d0:c8:0e:96:1f:09:
d2:be:8d:89:91:5f:8f:24:69:e4:33:47:e7:72:be:
e2:7d:ed:7c:2b:ae:fd:27:cc:32:27:27:03:c7:82:
e1:f9:eb:47:0a:fa:d8:cc:b4:e8:77:be:ba:01:cd:
34:aa:cb:a5:d5:f8:a1:a7:89:d5:31:d5:41:95:76:
70:b5:a6:21:9e:3c:08:c6:54:1d:3b:83:ad:8f:ba:
83:03:90:ac:3d:b0:37:f4:cf:65:2f:fa:cc:76:6a:
48:63:3b:be:2e:0b:0c:d0:32:86:01:dd:f6:5e:e9:
a6:9e:fd:f1:34:ec:24:cc:f1:75:10:c1:d5:96:23:
ee:86:c2:2b:7e:91:4d:9a:3d:46:6b:4f:2c:13:b9:
b4:d3:f6:d6:4a:77:91:0e:19:f8:35:e5:a9:c6:1b:
c9:17:c0:f2:c8:bc:30:ff:3a:2f:35:f9:50:c6:c0:
b8:e6:6d:37:bf:f5:72:42:39:80:cc:2a:d3:80:bc:
4f:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:05:CD:32:E5:DE:04:DF:3F:E7:C4:81:F0:9B:81:45:E6:9E:85:6A
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/ea65bcc4-9fce-4b6f-a493-4a17ef1306cf.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc7:1000::/36
Signature Algorithm: sha256WithRSAEncryption
04:40:10:d4:76:5a:07:c8:96:f8:a5:ed:6e:10:3e:36:b1:57:
35:7f:f6:f3:99:bc:e9:19:e2:5d:21:0c:27:bf:48:01:28:27:
5c:79:3d:40:e6:fa:70:55:ce:54:1a:6d:77:3b:3f:4e:3e:98:
2f:26:ab:37:c4:fc:a8:16:98:64:9e:41:7b:9c:09:0d:08:da:
11:63:7c:83:e1:87:a0:60:81:f5:ea:b3:73:09:fe:6b:5f:d4:
5d:25:1d:e9:75:14:6e:83:c1:45:b9:01:dd:67:7b:57:30:71:
51:c2:a0:40:db:92:6b:6f:1d:c0:18:6a:64:65:28:cb:a5:d9:
94:53:96:66:3b:67:ac:ad:d4:9e:40:e9:81:14:b8:63:6d:8b:
2b:27:a2:fa:76:01:01:9e:e9:4a:55:5a:53:aa:bc:b1:41:66:
2f:60:09:2b:38:de:db:e9:12:80:e4:29:aa:4c:09:e1:f9:8a:
9f:2d:48:24:e2:d7:a1:b9:a3:2d:ed:61:79:e6:98:65:88:18:
48:53:30:ea:55:ee:cb:1e:03:df:57:c9:85:26:bf:0e:38:2b:
48:08:50:bf:ef:93:02:e7:ec:91:24:cb:0a:44:ae:c4:13:4a:
63:03:68:96:db:99:3b:b1:70:ab:65:bb:d8:6d:03:b4:4b:bb:
45:5d:db:19
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUJIhnnW5494Inoj8PovepLzAb5swwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA5MjkxNTQwMjNaFw0yNTExMDMyMzU5NTlaMHoxSTBHBgNV
BAUTQDc1ZTM0MjUzM2IxMGZiYzIxOWE0M2VhOWIwZDE1OWY3NmJmMDhiNzM5NGFk
MWUzMTU0M2ZmOTk2ZGE3N2ExMTExLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALvX+ohOawAMpGg1wSt/aVBe1ZMsxZUcQTMOvu17WlZL8Ov97ssCGrn+ekF1
u2ubrceNFb8BFH8DHDLINR6t/mDqYX250MgOlh8J0r6NiZFfjyRp5DNH53K+4n3t
fCuu/SfMMicnA8eC4fnrRwr62My06He+ugHNNKrLpdX4oaeJ1THVQZV2cLWmIZ48
CMZUHTuDrY+6gwOQrD2wN/TPZS/6zHZqSGM7vi4LDNAyhgHd9l7ppp798TTsJMzx
dRDB1ZYj7obCK36RTZo9RmtPLBO5tNP21kp3kQ4Z+DXlqcYbyRfA8si8MP86LzX5
UMbAuOZtN7/1ckI5gMwq04C8T50CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQKBc0y
5d4E3z/nxIHwm4FF5p6FajAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
ZWE2NWJjYzQtOWZjZS00YjZmLWE0OTMtNGExN2VmMTMwNmNmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCABP8cQ
MA0GCSqGSIb3DQEBCwUAA4IBAQAEQBDUdloHyJb4pe1uED42sVc1f/bzmbzpGeJd
IQwnv0gBKCdceT1A5vpwVc5UGm13Oz9OPpgvJqs3xPyoFphknkF7nAkNCNoRY3yD
4YegYIH16rNzCf5rX9RdJR3pdRRug8FFuQHdZ3tXMHFRwqBA25Jrbx3AGGpkZSjL
pdmUU5ZmO2esrdSeQOmBFLhjbYsrJ6L6dgEBnulKVVpTqryxQWYvYAkrON7b6RKA
5CmqTAnh+YqfLUgk4tehuaMt7WF55phliBhIUzDqVe7LHgPfV8mFJr8OOCtICFC/
75MC5+yRJMsKRK7EE0pjA2iW25k7sXCrZbvYbQO0S7tFXdsZ
-----END CERTIFICATE-----
Generated at Sun Oct 19 17:46:28 2025 by rpki-client