Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/739d8b08-f82b-4a2a-841c-2faf7a331ffa.roa
File: 739d8b08-f82b-4a2a-841c-2faf7a331ffa.roa (raw, json)
Hash identifier: T4ap73VNeovfhipjOW3Jb5H9gpP68vIOu9SrhD1bKJM=
Subject key identifier: B7:71:E7:34:E0:F7:7D:F5:97:AE:08:11:E3:AE:82:EF:A8:60:A0:1F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 34E225FEC38791C3A291F8BFE51806122CC858D4
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/739d8b08-f82b-4a2a-841c-2faf7a331ffa.roa
Signing time: Tue 21 Oct 2025 14:40:05 +0000
ROA not before: Tue 21 Oct 2025 14:40:05 +0000
ROA not after: Tue 25 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07e:9000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 12:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
34:e2:25:fe:c3:87:91:c3:a2:91:f8:bf:e5:18:06:12:2c:c8:58:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 21 14:40:05 2025 GMT
Not After : Nov 25 23:59:59 2025 GMT
Subject: serialNumber=17532f77f4be1cf1966413138f2787fa285434b239f1670f3901521f13fedf47, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:b9:5d:cd:17:25:d5:f3:51:0c:59:10:c2:01:
92:da:98:dc:8d:e9:b8:e6:c0:01:00:27:6d:05:9c:
c6:04:a3:e6:e3:9c:18:2f:d3:ed:81:40:8f:ed:39:
be:db:f5:28:3e:7c:bf:04:68:c2:d2:cd:a5:08:a6:
d6:41:9e:32:1c:5c:5c:b9:ff:5a:39:b0:5d:15:39:
9f:51:29:15:29:8c:ac:b7:93:4d:2c:5a:51:c2:35:
ff:12:c3:d2:df:25:86:69:ff:e0:de:dd:00:98:2e:
cf:24:31:dd:dd:4c:9b:a6:c4:cc:85:de:70:d4:0b:
78:a7:4c:29:c9:98:93:27:33:e6:45:9c:c2:99:e3:
04:e0:f6:66:13:23:f5:71:a5:e2:fc:e1:e0:42:01:
66:63:cd:e1:b3:ce:fb:73:c3:69:6f:9b:80:fb:0e:
a5:8d:b8:b6:f5:9e:cc:a9:f9:ca:6a:d3:ec:a7:c0:
66:b7:42:7a:7b:64:1a:bc:d9:39:26:61:d9:47:89:
9f:a4:1b:75:f7:4b:b0:d9:26:99:88:9b:da:ca:64:
8c:e3:f0:a2:37:c8:ea:50:2e:d6:b4:bb:34:0c:5d:
cb:f1:30:cc:bd:ce:b4:9a:76:c2:4e:9f:56:b7:3a:
1f:c8:28:0e:7d:1e:c4:01:73:1d:be:c8:eb:39:ed:
35:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:71:E7:34:E0:F7:7D:F5:97:AE:08:11:E3:AE:82:EF:A8:60:A0:1F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/739d8b08-f82b-4a2a-841c-2faf7a331ffa.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07e:9000::/40
Signature Algorithm: sha256WithRSAEncryption
89:9c:cc:ba:22:9d:db:58:a3:59:6c:eb:29:50:a2:fc:3d:6c:
cd:4b:ef:a0:cb:4e:ee:ed:ed:6c:c7:4b:a5:2e:56:0e:77:3a:
f5:09:eb:23:df:00:d5:6a:66:15:ac:92:0e:dc:28:73:cd:06:
91:fc:68:0f:7b:e8:ea:00:40:b6:5b:c6:1d:85:34:78:d7:d5:
5a:a3:de:54:84:21:77:f5:09:03:b8:87:ab:fb:40:1f:b6:32:
1b:24:35:b3:4f:79:70:da:af:0e:be:8c:f7:ca:d4:62:c6:64:
90:8c:cf:6a:e5:de:18:8e:b2:21:17:5c:51:e8:9a:f8:f8:b7:
81:1e:86:f0:e9:4e:36:3a:f7:2a:71:96:3e:7c:ad:d9:e5:5f:
05:49:8b:f0:24:32:9f:4c:bc:a8:9a:62:8d:20:5c:a8:0b:2d:
a1:d4:60:69:ed:35:5a:56:ea:45:09:45:6b:9f:22:0a:2c:60:
12:d7:e2:76:81:52:ef:e9:42:73:a1:17:d1:6c:0a:72:1b:e9:
bd:94:83:d2:42:18:78:6c:97:c0:b2:99:cd:37:fd:96:b5:27:
cb:e0:ba:cc:4d:fa:53:fe:3c:bc:cf:56:74:8b:60:6f:43:59:
cd:fd:21:a8:6f:8f:29:02:21:e2:9c:69:d9:62:27:70:47:2a:
ff:c8:af:b1
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUNOIl/sOHkcOikfi/5RgGEizIWNQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMjExNDQwMDVaFw0yNTExMjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDE3NTMyZjc3ZjRiZTFjZjE5NjY0MTMxMzhmMjc4N2ZhMjg1NDM0YjIzOWYx
NjcwZjM5MDE1MjFmMTNmZWRmNDcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALq5Xc0XJdXzUQxZEMIBktqY3I3puObAAQAnbQWcxgSj5uOcGC/T7YFAj+05
vtv1KD58vwRowtLNpQim1kGeMhxcXLn/WjmwXRU5n1EpFSmMrLeTTSxaUcI1/xLD
0t8lhmn/4N7dAJguzyQx3d1Mm6bEzIXecNQLeKdMKcmYkycz5kWcwpnjBOD2ZhMj
9XGl4vzh4EIBZmPN4bPO+3PDaW+bgPsOpY24tvWezKn5ymrT7KfAZrdCentkGrzZ
OSZh2UeJn6QbdfdLsNkmmYib2spkjOPwojfI6lAu1rS7NAxdy/EwzL3OtJp2wk6f
Vrc6H8goDn0exAFzHb7I6zntNccCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBS3cec0
4Pd99ZeuCBHjroLvqGCgHzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NzM5ZDhiMDgtZjgyYi00YTJhLTg0MWMtMmZhZjdhMzMxZmZhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0H6Q
MA0GCSqGSIb3DQEBCwUAA4IBAQCJnMy6Ip3bWKNZbOspUKL8PWzNS++gy07u7e1s
x0ulLlYOdzr1Cesj3wDVamYVrJIO3ChzzQaR/GgPe+jqAEC2W8YdhTR419Vao95U
hCF39QkDuIer+0AftjIbJDWzT3lw2q8Ovoz3ytRixmSQjM9q5d4YjrIhF1xR6Jr4
+LeBHobw6U42OvcqcZY+fK3Z5V8FSYvwJDKfTLyommKNIFyoCy2h1GBp7TVaVupF
CUVrnyIKLGAS1+J2gVLv6UJzoRfRbApyG+m9lIPSQhh4bJfAspnNN/2WtSfL4LrM
TfpT/jy8z1Z0i2BvQ1nN/SGob48pAiHinGnZYidwRyr/yK+x
-----END CERTIFICATE-----
Generated at Wed Nov 5 20:28:40 2025 by rpki-client