
Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/f8610070-4efe-423a-a72e-bfc906b441cc.roa
File: f8610070-4efe-423a-a72e-bfc906b441cc.roa (raw, json)
Hash identifier: xLQoULhfObN0FoG66UjNB/O09BSc+2IOpr4xZZ3ZVss=
Subject key identifier: BC:A8:E5:B8:68:F8:49:74:C3:22:05:47:60:6F:E7:86:20:26:1B:83
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 4101EBF86C0CE8B9CDB93BD1188E2759CAB576E5
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/f8610070-4efe-423a-a72e-bfc906b441cc.roa
Signing time: Sat 27 Sep 2025 00:53:12 +0000
ROA not before: Sat 27 Sep 2025 00:53:12 +0000
ROA not after: Sat 01 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc7:4800::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
41:01:eb:f8:6c:0c:e8:b9:cd:b9:3b:d1:18:8e:27:59:ca:b5:76:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Sep 27 00:53:12 2025 GMT
Not After : Nov 1 23:59:59 2025 GMT
Subject: serialNumber=c7e442d5b046046cabd3f6c40ec44a767e85fe97eba09b2be602807eff5ab48f, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:fc:11:82:2f:5c:2c:3f:92:bf:9f:03:0c:a8:
e7:4e:1b:07:b2:fc:1e:74:d4:88:bc:15:81:73:1c:
fd:b7:bf:71:1f:85:45:e9:79:bd:c3:c1:e8:97:dd:
07:d9:44:53:3d:1b:f3:eb:8d:0c:3b:df:05:bc:a8:
a5:41:73:c0:d0:54:2d:26:be:05:53:86:d4:d9:cf:
a0:62:68:e2:99:4a:41:bb:3c:5e:f2:d4:9c:20:e0:
76:a3:ab:c7:d6:5a:44:d3:78:f1:c1:af:ef:e6:4b:
fe:50:53:55:22:3d:aa:e6:8c:c7:68:87:83:76:da:
f0:ea:c7:a3:7a:37:00:50:00:5b:16:63:c0:27:80:
7d:2b:da:95:f6:5d:df:7b:8f:4a:6d:ff:42:4e:f6:
6e:33:33:1d:ce:62:88:b5:28:81:5c:ad:90:5b:bd:
95:5f:c9:aa:20:3a:71:dd:82:b6:e1:d4:4f:b5:26:
4f:4f:f0:d6:3b:a6:05:7d:8a:f6:3e:4a:d2:9e:e8:
90:9e:3a:8b:10:ea:d7:4e:40:37:ed:3b:bd:32:c0:
0d:21:53:ec:c7:24:76:42:f1:c6:dc:48:ae:f4:77:
32:94:20:c5:71:b1:9d:d7:49:28:e2:42:e5:8f:d2:
01:3e:4f:99:70:6d:e9:06:37:2f:56:4b:ca:68:ce:
df:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:A8:E5:B8:68:F8:49:74:C3:22:05:47:60:6F:E7:86:20:26:1B:83
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/f8610070-4efe-423a-a72e-bfc906b441cc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc7:4800::/40
Signature Algorithm: sha256WithRSAEncryption
0c:c5:d5:ce:34:cc:65:ec:f3:8b:34:fc:da:5e:e0:da:ec:64:
56:e8:67:10:c9:e4:01:84:3c:3b:14:46:af:96:82:20:1e:18:
99:0f:60:39:a9:e6:71:55:bf:39:d6:98:c5:b3:8c:b0:0f:17:
81:e5:99:50:ed:f4:8c:77:b8:a0:e6:5b:0f:88:28:74:a1:9f:
a7:0d:a3:84:ef:21:c0:e1:9b:57:e3:39:27:a2:66:f0:b4:2a:
96:4a:ef:cb:ce:b4:e2:c3:29:6c:26:aa:65:cb:2e:12:db:d7:
66:14:4a:a6:39:af:7d:69:ea:4b:54:a6:05:f4:1e:03:94:b5:
9a:61:4d:f5:7b:aa:a1:9f:de:39:60:1f:bf:b6:7b:71:be:6a:
fd:57:99:32:5f:f0:f9:9b:bb:23:30:39:3d:c8:ec:eb:83:cf:
bf:ca:30:57:b1:39:c2:a6:6d:b5:18:24:c5:3e:34:48:85:ae:
be:b6:8d:99:e4:df:22:fc:7f:0c:21:53:a6:b9:32:fc:60:1a:
a0:0c:c0:cc:9c:15:72:2b:65:b4:51:ba:c0:5d:78:67:e8:8b:
9e:cd:53:16:6b:e8:aa:10:30:2a:a1:71:2d:e9:a5:28:3d:ac:
e4:57:2b:3f:9e:5a:20:a5:e4:de:94:cf:c4:53:d3:0c:1d:c9:
4d:54:8a:11
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUQQHr+GwM6LnNuTvRGI4nWcq1duUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA5MjcwMDUzMTJaFw0yNTExMDEyMzU5NTlaMHoxSTBHBgNV
BAUTQGM3ZTQ0MmQ1YjA0NjA0NmNhYmQzZjZjNDBlYzQ0YTc2N2U4NWZlOTdlYmEw
OWIyYmU2MDI4MDdlZmY1YWI0OGYxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMT8EYIvXCw/kr+fAwyo504bB7L8HnTUiLwVgXMc/be/cR+FRel5vcPB6Jfd
B9lEUz0b8+uNDDvfBbyopUFzwNBULSa+BVOG1NnPoGJo4plKQbs8XvLUnCDgdqOr
x9ZaRNN48cGv7+ZL/lBTVSI9quaMx2iHg3ba8OrHo3o3AFAAWxZjwCeAfSvalfZd
33uPSm3/Qk72bjMzHc5iiLUogVytkFu9lV/JqiA6cd2CtuHUT7UmT0/w1jumBX2K
9j5K0p7okJ46ixDq105AN+07vTLADSFT7MckdkLxxtxIrvR3MpQgxXGxnddJKOJC
5Y/SAT5PmXBt6QY3L1ZLymjO3yECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBS8qOW4
aPhJdMMiBUdgb+eGICYbgzAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
Zjg2MTAwNzAtNGVmZS00MjNhLWE3MmUtYmZjOTA2YjQ0MWNjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACABP8dI
MA0GCSqGSIb3DQEBCwUAA4IBAQAMxdXONMxl7POLNPzaXuDa7GRW6GcQyeQBhDw7
FEavloIgHhiZD2A5qeZxVb851pjFs4ywDxeB5ZlQ7fSMd7ig5lsPiCh0oZ+nDaOE
7yHA4ZtX4zknombwtCqWSu/LzrTiwylsJqplyy4S29dmFEqmOa99aepLVKYF9B4D
lLWaYU31e6qhn945YB+/tntxvmr9V5kyX/D5m7sjMDk9yOzrg8+/yjBXsTnCpm21
GCTFPjRIha6+to2Z5N8i/H8MIVOmuTL8YBqgDMDMnBVyK2W0UbrAXXhn6IuezVMW
a+iqEDAqoXEt6aUoPazkVys/nlogpeTelM/EU9MMHclNVIoR
-----END CERTIFICATE-----
Generated at Sun Oct 19 17:45:31 2025 by rpki-client