Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/37b584fa-f648-4a07-9cbd-40bfef4a0b2f.roa
File: 37b584fa-f648-4a07-9cbd-40bfef4a0b2f.roa (raw, json)
Hash identifier: 7kXi6OVt4Xl5udX5PLvDLGwGScpVHeFpBW+grpdBgvQ=
Subject key identifier: D5:47:AF:3F:13:4E:77:13:F6:F2:D2:C1:02:65:C4:07:3C:C8:5C:57
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 21B03E740AD8BA7349994223EE142A2D1AF7A397
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/37b584fa-f648-4a07-9cbd-40bfef4a0b2f.roa
Signing time: Wed 06 Aug 2025 00:51:09 +0000
ROA not before: Wed 06 Aug 2025 00:51:09 +0000
ROA not after: Wed 10 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 185.48.120.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
21:b0:3e:74:0a:d8:ba:73:49:99:42:23:ee:14:2a:2d:1a:f7:a3:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 6 00:51:09 2025 GMT
Not After : Sep 10 23:59:59 2025 GMT
Subject: serialNumber=4b619b08f9a10cda8d020c5452b3dd574eeae225258bad33bce7d66fd593e259, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:8a:23:19:5f:2a:4a:90:83:cd:d1:8c:67:64:
7f:a8:52:47:d7:89:f0:a6:10:ff:c1:c0:ab:98:8e:
45:74:b6:61:29:a7:0c:59:8e:dd:43:a8:7f:9d:fc:
3d:b2:c7:4e:67:b9:54:ac:a5:59:78:d2:94:d0:df:
1c:ca:5d:92:3c:3d:a3:e6:e5:6d:39:1c:0d:31:30:
ce:94:74:51:db:b0:33:5d:cb:df:5b:6c:df:7e:1e:
54:be:ed:be:c9:a6:f7:3b:9e:35:bd:39:58:fb:de:
0c:62:5f:99:6c:45:5c:27:73:ea:f0:f6:26:6a:f7:
6a:60:7a:70:bb:ed:52:15:f6:d7:b6:5a:fa:30:cf:
92:30:28:30:49:54:49:05:6b:50:93:95:51:4c:33:
c9:88:4b:4a:cb:87:df:aa:9e:24:56:ad:d8:f2:34:
eb:5b:6a:03:f6:91:1e:51:4c:2c:1b:fe:c3:de:83:
a5:c0:ca:28:9c:11:59:cd:f3:0d:b6:5e:13:1a:99:
1c:26:95:06:26:3f:0d:2e:53:1e:12:0a:d4:fd:cf:
c4:96:f0:8d:66:19:15:08:c3:a9:15:6c:04:78:fd:
41:64:75:90:fb:a6:9c:ba:82:2c:e5:19:3d:00:b2:
fe:c5:0c:11:44:37:fa:0d:50:72:89:f6:de:79:8c:
bb:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:47:AF:3F:13:4E:77:13:F6:F2:D2:C1:02:65:C4:07:3C:C8:5C:57
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/37b584fa-f648-4a07-9cbd-40bfef4a0b2f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.48.120.0/22
Signature Algorithm: sha256WithRSAEncryption
7c:8c:b2:01:a2:67:9f:7f:75:20:80:79:a3:20:d7:13:24:28:
e6:77:13:47:4c:5b:48:05:7c:b8:bb:2b:9d:3f:8f:d8:55:aa:
0d:93:ab:bf:f5:0d:a5:4f:df:0d:c3:b4:59:21:53:c8:5d:25:
9b:6d:89:b4:eb:e8:ae:1e:8f:0a:d3:0a:85:bc:24:f7:b5:4e:
ae:a5:92:a8:e7:6e:28:e2:26:26:19:d8:bd:e4:d4:ae:f4:74:
5d:a5:b2:4f:c1:ba:32:8e:f5:2c:ef:dc:fe:93:35:d1:bc:e1:
d8:a6:42:74:ad:f2:e6:0c:90:90:38:4b:15:bf:bb:5a:0e:60:
6c:a5:f6:70:2f:f3:3a:aa:90:4f:9d:8a:cf:63:da:b1:9d:ce:
34:ec:7e:27:d2:be:c6:92:66:50:a0:3b:86:da:b3:b4:52:c7:
c1:9f:ff:c9:3a:c0:89:ce:44:66:26:3b:64:84:00:aa:ce:e8:
73:9c:44:49:6e:b4:8d:70:80:27:9e:b1:22:bb:55:c1:f8:26:
09:3e:cd:d7:d6:bc:e6:66:93:2e:5a:4d:d9:ab:02:c6:2c:3a:
c6:0a:56:7b:d9:34:e4:ce:1f:4a:9d:0f:99:84:60:cf:43:2c:
35:fc:46:d7:88:60:f2:a9:09:d6:5e:e7:1b:43:60:6e:ee:c7:
7b:98:e9:3b
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUIbA+dArYunNJmUIj7hQqLRr3o5cwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDYwMDUxMDlaFw0yNTA5MTAyMzU5NTlaMHoxSTBHBgNV
BAUTQDRiNjE5YjA4ZjlhMTBjZGE4ZDAyMGM1NDUyYjNkZDU3NGVlYWUyMjUyNThi
YWQzM2JjZTdkNjZmZDU5M2UyNTkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIyKIxlfKkqQg83RjGdkf6hSR9eJ8KYQ/8HAq5iORXS2YSmnDFmO3UOof538
PbLHTme5VKylWXjSlNDfHMpdkjw9o+blbTkcDTEwzpR0UduwM13L31ts334eVL7t
vsmm9zueNb05WPveDGJfmWxFXCdz6vD2Jmr3amB6cLvtUhX217Za+jDPkjAoMElU
SQVrUJOVUUwzyYhLSsuH36qeJFat2PI061tqA/aRHlFMLBv+w96DpcDKKJwRWc3z
DbZeExqZHCaVBiY/DS5THhIK1P3PxJbwjWYZFQjDqRVsBHj9QWR1kPumnLqCLOUZ
PQCy/sUMEUQ3+g1Qcon23nmMu+UCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTVR68/
E053E/by0sECZcQHPMhcVzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MzdiNTg0ZmEtZjY0OC00YTA3LTljYmQtNDBiZmVmNGEwYjJmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArkweDAN
BgkqhkiG9w0BAQsFAAOCAQEAfIyyAaJnn391IIB5oyDXEyQo5ncTR0xbSAV8uLsr
nT+P2FWqDZOrv/UNpU/fDcO0WSFTyF0lm22JtOvorh6PCtMKhbwk97VOrqWSqOdu
KOImJhnYveTUrvR0XaWyT8G6Mo71LO/c/pM10bzh2KZCdK3y5gyQkDhLFb+7Wg5g
bKX2cC/zOqqQT52Kz2PasZ3ONOx+J9K+xpJmUKA7htqztFLHwZ//yTrAic5EZiY7
ZIQAqs7oc5xESW60jXCAJ56xIrtVwfgmCT7N19a85maTLlpN2asCxiw6xgpWe9k0
5M4fSp0PmYRgz0MsNfxG14hg8qkJ1l7nG0Ngbu7He5jpOw==
-----END CERTIFICATE-----
Generated at Sat Aug 23 10:04:21 2025 by rpki-client