Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/f4581009-959f-4805-904e-a85043ac559b.roa
File: f4581009-959f-4805-904e-a85043ac559b.roa (raw, json)
Hash identifier: 6hHKB7lKMJx7Id/BXvwZQP3wy+P98oJ2Nrid3o1BzH4=
Subject key identifier: 53:22:F6:20:86:FE:9D:D4:FB:9A:BD:B2:0D:8E:4B:FD:15:2E:FF:30
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 525940A4DB4698CC4D0258C1CD8734F184DED5C0
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/f4581009-959f-4805-904e-a85043ac559b.roa
Signing time: Mon 29 Sep 2025 15:40:25 +0000
ROA not before: Mon 29 Sep 2025 15:40:25 +0000
ROA not after: Mon 03 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc3:a800::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 15:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
52:59:40:a4:db:46:98:cc:4d:02:58:c1:cd:87:34:f1:84:de:d5:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Sep 29 15:40:25 2025 GMT
Not After : Nov 3 23:59:59 2025 GMT
Subject: serialNumber=cb4677be20a234f76b601e51089a43edf72956ee48122bbd091fd5b5f7876d79, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:af:60:94:d0:a5:06:1d:3e:a2:20:e6:94:63:
ac:81:22:9c:ed:f7:5f:00:08:9b:3e:d1:c8:38:c1:
6e:8a:a7:91:fc:32:92:1f:2f:d0:af:c4:26:0a:46:
b1:11:e5:e7:fd:2f:ae:cd:d7:36:6c:c3:7a:81:39:
51:f4:11:32:9e:1c:98:18:c6:e6:8e:12:aa:0e:24:
37:50:39:3e:e8:ed:12:54:54:ff:4c:ef:bc:7c:ef:
61:9f:9b:84:64:b9:7f:4b:0a:11:d8:86:ba:9b:37:
38:65:ed:de:16:c2:c2:e0:15:b2:8e:98:56:73:ae:
2c:3a:9d:ec:b1:41:47:7f:be:d6:62:0d:f4:e4:2a:
43:d2:5f:22:83:10:68:85:c1:dd:6a:0b:83:0a:2e:
1b:0d:83:5e:21:5f:20:58:ef:e0:08:cf:5e:29:fb:
5a:40:0e:81:ea:2a:f7:0c:4e:cc:fa:3e:f3:3b:dd:
8a:06:75:1e:f0:95:8a:1c:15:54:4c:be:b5:bb:b1:
5d:5f:75:cb:18:7f:f3:87:2a:af:54:cf:d7:6c:5e:
35:a8:84:4f:f5:9b:03:6b:8a:74:0c:66:c2:b8:39:
81:40:e6:6e:55:59:27:95:1a:3f:56:15:76:5c:14:
2d:23:b9:9c:83:3f:30:a3:56:c4:7f:b7:ea:7e:be:
80:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:22:F6:20:86:FE:9D:D4:FB:9A:BD:B2:0D:8E:4B:FD:15:2E:FF:30
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/f4581009-959f-4805-904e-a85043ac559b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc3:a800::/40
Signature Algorithm: sha256WithRSAEncryption
87:04:55:34:13:3f:93:fb:1c:2e:d6:cb:12:56:88:49:f1:b4:
60:20:0a:67:97:1a:61:d5:ba:73:3e:89:12:97:a8:4f:ce:c9:
86:19:77:08:c5:4d:00:1d:28:6c:5c:d4:7c:a1:2d:97:47:38:
8a:2f:a2:b0:63:96:09:9e:35:d8:4d:62:fb:15:ae:3b:f8:d4:
83:c5:b5:ac:1b:f4:05:69:53:c2:a9:f1:bd:0e:11:b6:a3:47:
99:3f:81:1b:1f:28:44:cd:8c:5f:97:7c:fb:09:1f:c1:c9:f4:
04:0d:80:43:39:07:c8:8d:e2:95:82:32:8f:ac:50:3d:c9:48:
c6:90:4b:fa:88:94:5b:5c:1c:2f:be:4c:47:91:3a:00:d9:c3:
5b:73:29:6a:58:86:3d:5a:0d:31:aa:21:ac:15:78:8b:33:46:
a6:8a:44:42:a9:5b:63:60:d9:0f:ef:cc:5f:a3:1d:97:45:48:
07:a1:72:48:dd:ee:0b:b5:ce:c7:d4:f1:1d:89:8c:9b:dd:c3:
76:3a:aa:b4:a0:b2:2e:6a:c2:bf:29:9d:60:1f:e4:fc:c3:37:
61:f9:3d:8b:56:b1:76:3f:7b:a8:76:b9:b1:66:87:1b:35:4e:
88:5f:88:bf:d0:89:e3:64:ca:a1:9f:bb:b5:96:fb:23:b8:1f:
a9:f3:1c:d1
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUUllApNtGmMxNAljBzYc08YTe1cAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA5MjkxNTQwMjVaFw0yNTExMDMyMzU5NTlaMHoxSTBHBgNV
BAUTQGNiNDY3N2JlMjBhMjM0Zjc2YjYwMWU1MTA4OWE0M2VkZjcyOTU2ZWU0ODEy
MmJiZDA5MWZkNWI1Zjc4NzZkNzkxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOmvYJTQpQYdPqIg5pRjrIEinO33XwAImz7RyDjBboqnkfwykh8v0K/EJgpG
sRHl5/0vrs3XNmzDeoE5UfQRMp4cmBjG5o4Sqg4kN1A5PujtElRU/0zvvHzvYZ+b
hGS5f0sKEdiGups3OGXt3hbCwuAVso6YVnOuLDqd7LFBR3++1mIN9OQqQ9JfIoMQ
aIXB3WoLgwouGw2DXiFfIFjv4AjPXin7WkAOgeoq9wxOzPo+8zvdigZ1HvCVihwV
VEy+tbuxXV91yxh/84cqr1TP12xeNaiET/WbA2uKdAxmwrg5gUDmblVZJ5UaP1YV
dlwULSO5nIM/MKNWxH+36n6+gMMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRTIvYg
hv6d1PuavbINjkv9FS7/MDAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
ZjQ1ODEwMDktOTU5Zi00ODA1LTkwNGUtYTg1MDQzYWM1NTliLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACABP8Oo
MA0GCSqGSIb3DQEBCwUAA4IBAQCHBFU0Ez+T+xwu1ssSVohJ8bRgIApnlxph1bpz
PokSl6hPzsmGGXcIxU0AHShsXNR8oS2XRziKL6KwY5YJnjXYTWL7Fa47+NSDxbWs
G/QFaVPCqfG9DhG2o0eZP4EbHyhEzYxfl3z7CR/ByfQEDYBDOQfIjeKVgjKPrFA9
yUjGkEv6iJRbXBwvvkxHkToA2cNbcylqWIY9Wg0xqiGsFXiLM0amikRCqVtjYNkP
78xfox2XRUgHoXJI3e4Ltc7H1PEdiYyb3cN2Oqq0oLIuasK/KZ1gH+T8wzdh+T2L
VrF2P3uodrmxZocbNU6IX4i/0InjZMqhn7u1lvsjuB+p8xzR
-----END CERTIFICATE-----
Generated at Sun Oct 19 22:28:02 2025 by rpki-client