Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/c772bd5a-4f72-4ad4-a5d0-9ed82e5f1e95.roa
File: c772bd5a-4f72-4ad4-a5d0-9ed82e5f1e95.roa (raw, json)
Hash identifier: DwXt+m5fPpdFCqpn604A7Otf+55k8mACqCmqCES7L9k=
Subject key identifier: 49:4D:A2:8B:26:29:3D:2E:50:7D:44:F6:46:40:AE:7D:4B:33:53:4B
Certificate issuer: /CN=df759b5af3da6c9df033b0de998970a4e79655d0
Certificate serial: 34D192826C27522ED1DFED0DA5E6CF35343AD75D
Authority key identifier: DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/c772bd5a-4f72-4ad4-a5d0-9ed82e5f1e95.roa
Signing time: Fri 07 Nov 2025 20:23:10 +0000
ROA not before: Fri 07 Nov 2025 20:23:10 +0000
ROA not after: Fri 12 Dec 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc6:a::/47 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.mft
rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
34:d1:92:82:6c:27:52:2e:d1:df:ed:0d:a5:e6:cf:35:34:3a:d7:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=df759b5af3da6c9df033b0de998970a4e79655d0
Validity
Not Before: Nov 7 20:23:10 2025 GMT
Not After : Dec 12 23:59:59 2025 GMT
Subject: serialNumber=9661b640ed79867eb214ee178f2d3ea45a7b2228bca8f322b112e37c01eea3de, CN=98d67deb-bb75-4e77-b1a0-36016b2d6350
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:e4:35:b3:03:eb:25:ed:c3:cf:26:1d:67:29:
39:0e:ee:8e:81:c1:7d:71:26:3f:2c:70:23:ee:0d:
b0:79:ef:b0:b6:3b:0b:34:ed:7a:25:ca:7a:a2:9f:
c2:db:33:c0:4b:c5:ee:62:b2:aa:e1:d3:bd:43:05:
9b:0a:a7:c0:ba:67:21:a9:22:0f:df:a4:d8:ee:02:
18:4d:f9:89:72:57:6b:24:99:9d:25:82:c0:a8:3a:
f8:48:ca:26:34:e9:72:46:8e:e5:fd:b9:22:67:11:
7e:41:64:01:0f:df:40:b4:90:fa:33:38:4a:11:2a:
00:55:61:47:f4:91:fb:09:a1:a2:bb:a1:fd:4a:00:
47:eb:81:28:7b:83:04:86:bc:f5:26:7e:38:d1:5f:
25:be:cb:71:11:7b:7e:53:66:bc:63:81:35:d9:4b:
3b:6a:77:5c:26:d8:10:9d:97:cb:c8:c4:f6:86:40:
56:2d:c3:8c:de:90:e7:c3:98:22:dc:8c:f5:ac:e1:
f6:af:16:f4:47:25:7d:77:bd:a5:c8:6a:ff:61:77:
21:b4:9c:6d:93:d8:4a:e5:db:fb:f9:c6:80:5d:7c:
7e:4c:65:ca:69:c5:0c:11:b2:a1:ed:54:f0:1f:29:
f6:0b:bd:cb:c5:0f:85:97:2e:bd:a2:e0:13:e8:f4:
20:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:4D:A2:8B:26:29:3D:2E:50:7D:44:F6:46:40:AE:7D:4B:33:53:4B
X509v3 Authority Key Identifier:
keyid:DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/c772bd5a-4f72-4ad4-a5d0-9ed82e5f1e95.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc6:a::/47
Signature Algorithm: sha256WithRSAEncryption
27:b6:0a:10:d2:f4:fe:b2:da:e8:d7:14:87:1d:99:53:d5:7b:
81:8a:74:67:0b:37:48:7f:a4:83:7d:65:1c:a5:2c:97:4a:f1:
5b:c7:76:34:5f:5a:0f:11:e0:28:be:7b:0b:46:64:14:25:f6:
be:14:fc:5d:e6:54:13:76:5c:1b:45:c1:db:5a:17:00:33:99:
59:64:86:46:0b:3e:60:ce:0f:5f:8a:6d:7a:f0:71:f1:db:9a:
cd:c9:e4:94:4b:4f:f6:7c:37:d1:e7:3f:7d:a9:61:1d:e3:dc:
a1:1e:5b:8b:f2:2f:cb:5c:01:63:23:30:c6:f9:d9:99:2f:a2:
52:76:dd:2b:f4:bf:1e:78:bd:52:6e:79:da:19:c6:39:c1:4f:
d9:e0:d2:cd:4d:2b:47:7b:51:c0:aa:86:3d:01:d3:ec:58:6c:
b0:8b:19:0a:43:8c:5f:3c:48:9c:66:ee:bf:3a:13:ef:50:62:
a6:c5:4e:15:70:35:89:9c:06:57:ee:a0:0a:01:3b:59:bf:37:
18:a9:e2:3c:11:7f:3a:cf:cc:5f:71:69:ee:a2:f8:0e:22:5d:
17:80:bf:af:f4:16:e1:66:d4:59:fb:f7:fe:c1:ec:75:e8:3e:
e9:87:52:d0:19:2a:75:13:24:27:dc:e2:1f:20:23:91:99:22:
a9:1e:5f:85
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUNNGSgmwnUi7R3+0NpebPNTQ6110wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGY3NTliNWFmM2RhNmM5ZGYwMzNiMGRlOTk4OTcwYTRl
Nzk2NTVkMDAeFw0yNTExMDcyMDIzMTBaFw0yNTEyMTIyMzU5NTlaMHoxSTBHBgNV
BAUTQDk2NjFiNjQwZWQ3OTg2N2ViMjE0ZWUxNzhmMmQzZWE0NWE3YjIyMjhiY2E4
ZjMyMmIxMTJlMzdjMDFlZWEzZGUxLTArBgNVBAMTJDk4ZDY3ZGViLWJiNzUtNGU3
Ny1iMWEwLTM2MDE2YjJkNjM1MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALvkNbMD6yXtw88mHWcpOQ7ujoHBfXEmPyxwI+4NsHnvsLY7CzTteiXKeqKf
wtszwEvF7mKyquHTvUMFmwqnwLpnIakiD9+k2O4CGE35iXJXaySZnSWCwKg6+EjK
JjTpckaO5f25ImcRfkFkAQ/fQLSQ+jM4ShEqAFVhR/SR+wmhoruh/UoAR+uBKHuD
BIa89SZ+ONFfJb7LcRF7flNmvGOBNdlLO2p3XCbYEJ2Xy8jE9oZAVi3DjN6Q58OY
ItyM9azh9q8W9EclfXe9pchq/2F3IbScbZPYSuXb+/nGgF18fkxlymnFDBGyoe1U
8B8p9gu9y8UPhZcuvaLgE+j0IGECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRJTaKL
Jik9LlB9RPZGQK59SzNTSzAfBgNVHSMEGDAWgBTfdZta89psnfAzsN6ZiXCk55ZV
0DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzMzV2JXdlBh
Ykozd003RGVtWWx3cE9lV1ZkQS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9mZTM3MzdmYi0wOTVkLTQ0NGMtOTJmNC0zZjcyMjFmYjU0NGMv
Yzc3MmJkNWEtNGY3Mi00YWQ0LWE1ZDAtOWVkODJlNWYxZTk1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZmUzNzM3ZmItMDk1ZC00NDRjLTkyZjQtM2Y3MjIxZmI1
NDRjLzBYRTV0WlZ5dUdlYUFfaDctMXFCcDdhWTRTby5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHASABP8YA
CjANBgkqhkiG9w0BAQsFAAOCAQEAJ7YKENL0/rLa6NcUhx2ZU9V7gYp0Zws3SH+k
g31lHKUsl0rxW8d2NF9aDxHgKL57C0ZkFCX2vhT8XeZUE3ZcG0XB21oXADOZWWSG
Rgs+YM4PX4ptevBx8duazcnklEtP9nw30ec/falhHePcoR5bi/Ivy1wBYyMwxvnZ
mS+iUnbdK/S/Hni9Um552hnGOcFP2eDSzU0rR3tRwKqGPQHT7FhssIsZCkOMXzxI
nGbuvzoT71BipsVOFXA1iZwGV+6gCgE7Wb83GKniPBF/Os/MX3Fp7qL4DiJdF4C/
r/QW4WbUWfv3/sHsdeg+6YdS0BkqdRMkJ9ziHyAjkZkiqR5fhQ==
-----END CERTIFICATE-----
Generated at Tue Nov 11 13:55:06 2025 by rpki-client