
Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/eff6a3a5-b241-438e-ac29-04afb84fc11c.roa
File: eff6a3a5-b241-438e-ac29-04afb84fc11c.roa (raw, json)
Hash identifier: pfZCeOx3b/NVcuVKS5jH9qA0ASbFJEdWDYzmgm72TMA=
Subject key identifier: 6C:CA:E9:10:17:16:9C:FE:BF:29:14:38:BD:17:38:50:F0:BC:06:B7
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 5397C68B0B9CFA69C4302970F202E6896088657E
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/eff6a3a5-b241-438e-ac29-04afb84fc11c.roa
Signing time: Sat 27 Sep 2025 00:53:07 +0000
ROA not before: Sat 27 Sep 2025 00:53:07 +0000
ROA not after: Sat 01 Nov 2025 23:59:59 +0000
asID: 14618
IP address blocks: 2001:3fc5:9800::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
53:97:c6:8b:0b:9c:fa:69:c4:30:29:70:f2:02:e6:89:60:88:65:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Sep 27 00:53:07 2025 GMT
Not After : Nov 1 23:59:59 2025 GMT
Subject: serialNumber=d15246085a9e6081e72781f46557ec0959c86e632d6f186d4831b93a7a8eb514, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:a4:42:b5:08:e8:23:58:e6:6b:20:86:f9:d9:
b8:3e:31:8b:77:5f:18:4c:06:68:c5:31:ab:d2:97:
ef:5b:71:5b:ed:29:bd:be:cb:df:f5:09:15:6e:2d:
c8:1c:40:d3:b0:66:16:d0:6b:1b:ff:04:9c:36:09:
c5:9f:85:c8:f9:78:f2:89:e3:12:8e:6b:27:0c:b5:
dc:67:ee:a9:07:6a:9a:af:ff:76:91:ef:11:e3:41:
88:e9:57:24:0d:82:e2:b0:c9:b5:a4:2d:f2:bf:09:
41:36:ef:32:c9:37:c5:79:48:0d:f2:e6:f1:f5:c4:
77:db:fb:73:52:88:9a:fe:ea:30:23:90:0b:fb:40:
46:a8:af:29:d5:d9:6b:a7:10:9c:38:23:aa:d2:f1:
b3:ca:4c:43:4e:23:97:53:bf:74:c4:7e:fd:48:12:
e8:41:9f:f3:04:0d:02:c5:86:ac:22:a9:2a:a0:29:
1c:76:62:1b:d1:7c:1f:31:fe:98:23:ad:f7:55:32:
fc:ae:74:30:8a:e5:d2:73:d0:51:1a:fc:b6:27:d4:
c0:d6:73:fe:c0:2f:14:8c:a7:c7:b6:b9:61:03:c4:
ac:6a:63:98:c1:af:9f:c4:c4:7b:45:a9:6a:1b:9e:
d1:84:01:d8:ed:45:3e:2e:83:0b:d6:0d:3c:29:22:
2d:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:CA:E9:10:17:16:9C:FE:BF:29:14:38:BD:17:38:50:F0:BC:06:B7
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/eff6a3a5-b241-438e-ac29-04afb84fc11c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc5:9800::/40
Signature Algorithm: sha256WithRSAEncryption
2a:df:c4:e3:2d:02:f4:e1:66:5e:aa:6f:2e:9f:1f:76:bf:da:
59:ed:15:1e:1a:56:f9:04:3a:10:6e:be:3c:a4:09:1a:04:a5:
86:d7:57:73:c3:f5:02:f1:87:d5:ac:9a:51:dd:68:f9:80:47:
f3:8f:66:05:28:be:d2:db:70:1c:78:67:f0:84:c5:16:f6:82:
3d:1b:04:a0:25:2b:d5:a9:ef:5b:a3:c5:b4:cf:05:fd:fc:4e:
7b:92:f7:4f:bc:af:cf:94:6c:78:31:d1:a1:c0:b7:88:2c:f4:
ec:11:b1:c9:de:5c:3d:8f:1c:98:84:81:1c:1d:72:a0:91:d3:
6c:c1:29:ae:aa:b7:ad:f5:65:c3:91:4e:8f:7e:2d:a5:a7:d4:
30:e0:ab:b2:78:4b:f1:a7:a6:0f:40:57:7b:f9:d2:7e:dc:3b:
37:d7:58:a7:79:59:b8:62:40:2d:51:76:87:90:d5:95:0c:72:
02:31:3d:b1:95:b6:f4:30:d1:6b:e5:17:84:48:ac:e7:41:cd:
3f:7c:0c:38:76:fd:e6:bb:c1:83:b1:74:78:ad:03:53:c9:dd:
c5:38:88:32:28:84:cb:32:c8:0d:e2:4e:f1:85:60:de:6d:8f:
8d:20:e8:d7:4d:d0:62:4e:43:d2:3a:55:2b:b3:1f:be:63:41:
b4:5d:7a:06
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUU5fGiwuc+mnEMClw8gLmiWCIZX4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA5MjcwMDUzMDdaFw0yNTExMDEyMzU5NTlaMHoxSTBHBgNV
BAUTQGQxNTI0NjA4NWE5ZTYwODFlNzI3ODFmNDY1NTdlYzA5NTljODZlNjMyZDZm
MTg2ZDQ4MzFiOTNhN2E4ZWI1MTQxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKmkQrUI6CNY5msghvnZuD4xi3dfGEwGaMUxq9KX71txW+0pvb7L3/UJFW4t
yBxA07BmFtBrG/8EnDYJxZ+FyPl48onjEo5rJwy13GfuqQdqmq//dpHvEeNBiOlX
JA2C4rDJtaQt8r8JQTbvMsk3xXlIDfLm8fXEd9v7c1KImv7qMCOQC/tARqivKdXZ
a6cQnDgjqtLxs8pMQ04jl1O/dMR+/UgS6EGf8wQNAsWGrCKpKqApHHZiG9F8HzH+
mCOt91Uy/K50MIrl0nPQURr8tifUwNZz/sAvFIynx7a5YQPErGpjmMGvn8TEe0Wp
ahue0YQB2O1FPi6DC9YNPCkiLS8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRsyukQ
Fxac/r8pFDi9FzhQ8LwGtzAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
ZWZmNmEzYTUtYjI0MS00MzhlLWFjMjktMDRhZmI4NGZjMTFjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACABP8WY
MA0GCSqGSIb3DQEBCwUAA4IBAQAq38TjLQL04WZeqm8unx92v9pZ7RUeGlb5BDoQ
br48pAkaBKWG11dzw/UC8YfVrJpR3Wj5gEfzj2YFKL7S23AceGfwhMUW9oI9GwSg
JSvVqe9bo8W0zwX9/E57kvdPvK/PlGx4MdGhwLeILPTsEbHJ3lw9jxyYhIEcHXKg
kdNswSmuqret9WXDkU6Pfi2lp9Qw4KuyeEvxp6YPQFd7+dJ+3Ds311ineVm4YkAt
UXaHkNWVDHICMT2xlbb0MNFr5ReESKznQc0/fAw4dv3mu8GDsXR4rQNTyd3FOIgy
KITLMsgN4k7xhWDebY+NIOjXTdBiTkPSOlUrsx++Y0G0XXoG
-----END CERTIFICATE-----
Generated at Sun Oct 19 19:57:47 2025 by rpki-client