Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/37b584fa-f648-4a07-9cbd-40bfef4a0b2f.roa
File: 37b584fa-f648-4a07-9cbd-40bfef4a0b2f.roa (raw, json)
Hash identifier: JvGKzke4Idnyri2k5vMjOuEbon2KDvULMDJ121B8LLE=
Subject key identifier: 42:48:C1:95:3B:EC:41:39:29:82:83:DF:95:9D:D9:BC:37:5C:7B:3C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 60FE6541DDF12041E9B9DFA040E1566E74C7D4FC
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/37b584fa-f648-4a07-9cbd-40bfef4a0b2f.roa
Signing time: Tue 17 Jun 2025 00:40:36 +0000
ROA not before: Tue 17 Jun 2025 00:40:36 +0000
ROA not after: Tue 22 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 185.48.120.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
60:fe:65:41:dd:f1:20:41:e9:b9:df:a0:40:e1:56:6e:74:c7:d4:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 17 00:40:36 2025 GMT
Not After : Jul 22 23:59:59 2025 GMT
Subject: serialNumber=337443f20d016ce6aa73f3cdd12e011e33b95669ae62a6c06ab92c8d3ac21c90, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:94:a4:ba:a7:a1:15:15:d3:dc:d8:54:23:b5:
59:74:05:e3:df:75:fd:31:7c:ac:dc:1d:a1:3c:b7:
ca:a6:f8:2d:34:cc:8c:c9:5f:d0:a5:8b:0e:cc:c3:
be:6f:3b:70:0f:ac:1c:bb:1c:22:da:f4:52:f6:ea:
fc:a1:de:36:d2:ed:d7:5a:43:cb:6e:80:a7:6d:c3:
f1:a7:73:57:c0:fa:cd:81:ef:2a:79:13:e4:d6:67:
03:48:59:b4:af:06:0d:c8:c4:0b:c4:38:5f:23:e2:
69:ca:6b:6f:4c:f8:82:56:88:4f:90:41:e9:6a:0f:
3a:fd:61:29:4a:c3:56:1b:05:11:30:89:b6:83:3a:
fc:be:08:1e:91:8d:18:68:0e:15:3c:7e:f3:7b:15:
9c:22:fb:64:f2:1c:62:80:9c:25:b8:b6:75:0d:99:
9c:31:24:28:98:c0:57:2b:3d:94:8b:e9:9b:2f:df:
56:67:22:f9:85:78:51:3e:55:79:97:61:ba:a6:81:
8a:df:d2:19:40:aa:84:41:71:bd:7f:35:f6:69:c3:
13:4a:b5:a6:7a:60:ec:d1:99:06:17:26:dd:a7:2a:
20:4f:9d:31:6e:fb:55:27:ba:d3:b9:3c:fb:44:e0:
c2:0c:05:10:be:38:e6:d7:06:4e:02:75:4b:6c:4a:
fc:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:48:C1:95:3B:EC:41:39:29:82:83:DF:95:9D:D9:BC:37:5C:7B:3C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/37b584fa-f648-4a07-9cbd-40bfef4a0b2f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.48.120.0/22
Signature Algorithm: sha256WithRSAEncryption
ba:75:53:2f:e8:a3:4b:b9:43:99:04:5a:a6:9f:8e:80:0a:ba:
5b:c6:0b:90:14:c0:3c:d0:27:30:3f:57:ed:b0:31:30:0d:4b:
f9:31:5c:c3:9c:08:10:62:f1:d4:af:44:a2:fc:58:41:8e:86:
95:07:21:f2:6d:3b:e0:a5:89:13:5a:0f:63:e9:f0:89:6c:81:
ad:bb:79:8c:1e:1f:27:bb:87:fb:87:dd:0b:f4:49:83:24:ea:
ab:cb:bb:be:2e:9a:c5:bb:6e:f9:49:e4:68:63:ef:ad:8a:7a:
a3:a6:25:6f:92:c6:88:e3:86:ba:e1:e9:ae:fe:7c:7e:d9:b5:
f9:e5:35:9d:12:1e:c5:37:58:ce:bf:bd:b6:51:ae:ec:16:49:
65:4a:d4:25:83:9c:42:e6:80:d4:d7:37:27:f9:40:46:37:4e:
df:aa:38:4f:8e:77:75:f2:77:5f:f9:ad:25:72:ad:a6:46:30:
34:93:5d:4f:cb:5a:6f:b9:07:c7:c0:f2:b2:fc:0e:4e:7f:73:
10:ce:59:db:29:fa:b1:52:09:a8:c6:14:11:bb:03:62:a7:c9:
a0:bc:81:86:b7:7a:b4:94:18:ff:6e:12:4f:e8:10:32:5f:9d:
84:0c:ea:d6:72:0e:5c:3d:b3:5e:f7:88:b0:01:5a:f9:13:cf:
41:80:9a:83
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUYP5lQd3xIEHpud+gQOFWbnTH1PwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTcwMDQwMzZaFw0yNTA3MjIyMzU5NTlaMHoxSTBHBgNV
BAUTQDMzNzQ0M2YyMGQwMTZjZTZhYTczZjNjZGQxMmUwMTFlMzNiOTU2NjlhZTYy
YTZjMDZhYjkyYzhkM2FjMjFjOTAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALuUpLqnoRUV09zYVCO1WXQF4991/TF8rNwdoTy3yqb4LTTMjMlf0KWLDszD
vm87cA+sHLscItr0Uvbq/KHeNtLt11pDy26Ap23D8adzV8D6zYHvKnkT5NZnA0hZ
tK8GDcjEC8Q4XyPiacprb0z4glaIT5BB6WoPOv1hKUrDVhsFETCJtoM6/L4IHpGN
GGgOFTx+83sVnCL7ZPIcYoCcJbi2dQ2ZnDEkKJjAVys9lIvpmy/fVmci+YV4UT5V
eZdhuqaBit/SGUCqhEFxvX819mnDE0q1pnpg7NGZBhcm3acqIE+dMW77VSe607k8
+0TgwgwFEL445tcGTgJ1S2xK/MECAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRCSMGV
O+xBOSmCg9+Vndm8N1x7PDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MzdiNTg0ZmEtZjY0OC00YTA3LTljYmQtNDBiZmVmNGEwYjJmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArkweDAN
BgkqhkiG9w0BAQsFAAOCAQEAunVTL+ijS7lDmQRapp+OgAq6W8YLkBTAPNAnMD9X
7bAxMA1L+TFcw5wIEGLx1K9EovxYQY6GlQch8m074KWJE1oPY+nwiWyBrbt5jB4f
J7uH+4fdC/RJgyTqq8u7vi6axbtu+UnkaGPvrYp6o6Ylb5LGiOOGuuHprv58ftm1
+eU1nRIexTdYzr+9tlGu7BZJZUrUJYOcQuaA1Nc3J/lARjdO36o4T453dfJ3X/mt
JXKtpkYwNJNdT8tab7kHx8DysvwOTn9zEM5Z2yn6sVIJqMYUEbsDYqfJoLyBhrd6
tJQY/24ST+gQMl+dhAzq1nIOXD2zXveIsAFa+RPPQYCagw==
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:54:49 2025 by rpki-client