Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/de9aec2a-9314-43f8-bb3e-64216efeb7b4.roa
File: de9aec2a-9314-43f8-bb3e-64216efeb7b4.roa (raw, json)
Hash identifier: pA8O7Fus0gL0zMrBO3npMtYEo8AcTKL7RWIFYkrGbMo=
Subject key identifier: C2:E1:2E:FF:5C:D0:9B:3A:A0:C0:B7:41:2A:B8:B7:CE:64:B6:9B:46
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 173A902C6359D74B1E4744CCCDE24E9E0B55CBA6
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/de9aec2a-9314-43f8-bb3e-64216efeb7b4.roa
Signing time: Sat 27 Sep 2025 00:53:11 +0000
ROA not before: Sat 27 Sep 2025 00:53:11 +0000
ROA not after: Sat 01 Nov 2025 23:59:59 +0000
asID: 14618
IP address blocks: 2001:3fc7:4800::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 09 Oct 2025 13:21:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
17:3a:90:2c:63:59:d7:4b:1e:47:44:cc:cd:e2:4e:9e:0b:55:cb:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Sep 27 00:53:11 2025 GMT
Not After : Nov 1 23:59:59 2025 GMT
Subject: serialNumber=54545dcab48b5ed4ee15331efa095944763f16c50b0560a02ce4d0339d078e09, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:7c:41:6c:7d:d1:ac:5b:84:0d:63:ce:62:40:
18:d4:d8:63:23:e7:93:7f:21:ee:ea:e9:fa:b2:09:
61:ce:2d:61:27:2d:47:1a:19:5c:0d:c0:a4:6f:e8:
b3:dd:79:10:72:2a:07:45:4f:42:f4:2b:89:4a:81:
33:d5:87:d6:ef:fb:cb:cf:28:7d:68:63:17:ed:ec:
47:b2:8a:96:3d:47:68:68:42:4f:dc:38:ff:fd:54:
2c:b2:f6:07:4c:5d:60:10:00:dd:02:61:c4:e1:c9:
ac:aa:89:75:66:5c:6e:a3:ed:1b:4b:40:67:9c:b2:
23:e6:66:5f:63:1e:81:db:f7:72:92:7d:dc:30:b0:
60:09:15:6e:73:ce:82:ee:0b:eb:96:5c:5a:7f:80:
a2:a7:40:e8:1b:17:d7:35:35:cb:54:0c:5b:e0:60:
97:4d:60:12:9f:a9:34:c7:6d:1b:34:87:33:74:0c:
d0:87:15:49:4c:4c:e0:3c:7f:91:16:f4:f2:66:13:
01:60:97:9f:da:18:2f:70:2a:c0:ba:71:aa:46:2f:
2e:40:2d:75:b7:78:87:50:d8:6c:fa:e3:5a:3e:b8:
21:f4:5d:81:fd:99:22:1b:89:d2:78:0f:e1:19:07:
3f:39:ff:24:df:2e:6c:fb:83:fd:6a:f8:89:ea:0f:
06:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:E1:2E:FF:5C:D0:9B:3A:A0:C0:B7:41:2A:B8:B7:CE:64:B6:9B:46
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/de9aec2a-9314-43f8-bb3e-64216efeb7b4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc7:4800::/40
Signature Algorithm: sha256WithRSAEncryption
08:6d:0d:06:50:18:c3:35:e8:54:ac:c6:9f:7d:82:23:d6:5a:
28:3d:d7:83:d5:98:4c:b8:67:6a:2f:63:0e:db:c2:e8:d2:2b:
0c:ff:cf:c4:ea:64:6d:12:f2:0a:8b:10:c4:05:5a:f2:a9:d8:
da:e6:15:3f:1e:0f:19:f7:5e:77:c0:ea:ec:87:02:6f:66:83:
19:24:bd:ba:ec:5d:bf:5e:ed:19:19:b3:9e:ae:f3:2c:08:e3:
a6:7c:91:b1:58:1c:c5:2f:8a:8b:48:3b:32:be:df:29:3f:56:
4b:6b:06:e4:2e:b4:54:02:75:b0:b8:a9:a3:52:b5:d1:13:ea:
9c:95:18:d7:b2:bb:2d:4e:cf:6c:2f:56:be:c0:e3:34:d8:53:
85:de:30:b1:5a:74:fb:5b:d7:1b:64:fe:1d:32:c6:00:3d:bd:
72:fb:ba:f9:81:d0:df:ad:49:70:44:5d:af:e0:dd:1b:19:62:
5e:fa:c2:b7:ef:90:83:62:bd:2b:36:d6:d5:e6:62:c3:67:c4:
fe:bf:79:ba:d3:cf:84:77:07:e9:b1:2b:4b:d3:7d:bb:c2:54:
71:9f:f3:38:25:28:c2:34:00:56:b7:2a:25:bf:41:65:53:65:
3a:b1:7d:90:1b:d6:de:95:f5:44:38:70:33:e0:eb:5a:15:78:
77:fd:d0:c1
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUFzqQLGNZ10seR0TMzeJOngtVy6YwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA5MjcwMDUzMTFaFw0yNTExMDEyMzU5NTlaMHoxSTBHBgNV
BAUTQDU0NTQ1ZGNhYjQ4YjVlZDRlZTE1MzMxZWZhMDk1OTQ0NzYzZjE2YzUwYjA1
NjBhMDJjZTRkMDMzOWQwNzhlMDkxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPB8QWx90axbhA1jzmJAGNTYYyPnk38h7urp+rIJYc4tYSctRxoZXA3ApG/o
s915EHIqB0VPQvQriUqBM9WH1u/7y88ofWhjF+3sR7KKlj1HaGhCT9w4//1ULLL2
B0xdYBAA3QJhxOHJrKqJdWZcbqPtG0tAZ5yyI+ZmX2Megdv3cpJ93DCwYAkVbnPO
gu4L65ZcWn+AoqdA6BsX1zU1y1QMW+Bgl01gEp+pNMdtGzSHM3QM0IcVSUxM4Dx/
kRb08mYTAWCXn9oYL3AqwLpxqkYvLkAtdbd4h1DYbPrjWj64IfRdgf2ZIhuJ0ngP
4RkHPzn/JN8ubPuD/Wr4ieoPBiMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTC4S7/
XNCbOqDAt0EquLfOZLabRjAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
ZGU5YWVjMmEtOTMxNC00M2Y4LWJiM2UtNjQyMTZlZmViN2I0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACABP8dI
MA0GCSqGSIb3DQEBCwUAA4IBAQAIbQ0GUBjDNehUrMaffYIj1looPdeD1ZhMuGdq
L2MO28Lo0isM/8/E6mRtEvIKixDEBVryqdja5hU/Hg8Z9153wOrshwJvZoMZJL26
7F2/Xu0ZGbOervMsCOOmfJGxWBzFL4qLSDsyvt8pP1ZLawbkLrRUAnWwuKmjUrXR
E+qclRjXsrstTs9sL1a+wOM02FOF3jCxWnT7W9cbZP4dMsYAPb1y+7r5gdDfrUlw
RF2v4N0bGWJe+sK375CDYr0rNtbV5mLDZ8T+v3m608+EdwfpsStL0327wlRxn/M4
JSjCNABWtyolv0FlU2U6sX2QG9belfVEOHAz4OtaFXh3/dDB
-----END CERTIFICATE-----
Generated at Wed Oct 8 21:14:47 2025 by rpki-client