Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/37b584fa-f648-4a07-9cbd-40bfef4a0b2f.roa
File: 37b584fa-f648-4a07-9cbd-40bfef4a0b2f.roa (raw, json)
Hash identifier: Ynj+xNa1NLuc2Ax1tm+ZW34vZ1gPve5jw7qPVG/siAA=
Subject key identifier: 82:16:BE:72:7D:E1:23:D7:4B:C9:A2:35:56:E1:07:D5:48:DF:03:7B
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 776DA6F5972264903629A593FC9827450E4E1AD6
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/37b584fa-f648-4a07-9cbd-40bfef4a0b2f.roa
Signing time: Sat 12 Jul 2025 00:50:01 +0000
ROA not before: Sat 12 Jul 2025 00:50:01 +0000
ROA not after: Sat 16 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 185.48.120.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
77:6d:a6:f5:97:22:64:90:36:29:a5:93:fc:98:27:45:0e:4e:1a:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 12 00:50:01 2025 GMT
Not After : Aug 16 23:59:59 2025 GMT
Subject: serialNumber=744a40fb0af60e1a21f4b36f9123d2c1c2a5d0c8a78feace72bf6ec71585a8b8, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:54:3a:ce:d5:4c:1e:ea:29:7a:45:2f:14:e9:
69:e7:b1:5d:98:55:32:c5:4c:37:27:7f:5b:2b:16:
b6:49:e5:fc:18:0c:c5:6b:7d:45:a6:b3:f7:ee:c0:
31:d8:58:22:ab:65:13:74:7b:84:38:d3:5b:c6:88:
83:30:8a:d4:72:ed:17:7a:c5:17:5e:c0:39:5b:63:
5b:44:7e:4a:a6:00:82:bb:4a:d5:79:51:3e:ee:be:
1f:33:d4:47:b0:ea:76:30:7b:3f:39:25:dd:ef:0e:
e1:9a:5f:5b:4b:b6:94:9e:93:ea:32:b0:e9:8f:b2:
bf:43:8b:d9:05:ed:c6:91:bc:f3:54:51:38:3a:99:
70:77:a9:98:b6:12:de:c6:57:e0:4e:c8:96:4f:41:
8d:d4:2a:4f:ab:37:db:79:a1:ac:c4:d5:e9:76:50:
6e:a1:e7:fb:2c:0a:8c:a2:56:36:ef:fe:43:64:28:
b1:2b:fc:e8:ff:37:b7:15:a0:74:93:f2:5c:fe:9c:
e9:db:c9:ed:3e:ab:9a:d6:66:07:33:2f:bd:89:3a:
21:cf:48:9c:10:81:52:e5:8f:f3:f9:02:64:fc:ed:
ca:50:3e:23:19:aa:2c:b1:ab:aa:07:1f:f0:1f:85:
4a:9b:fd:a2:60:f4:bd:56:e0:f5:c4:f1:82:32:f7:
29:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:16:BE:72:7D:E1:23:D7:4B:C9:A2:35:56:E1:07:D5:48:DF:03:7B
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/37b584fa-f648-4a07-9cbd-40bfef4a0b2f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.48.120.0/22
Signature Algorithm: sha256WithRSAEncryption
26:cb:4c:5b:a3:22:0c:d5:8e:df:30:46:8f:29:b8:00:ff:ff:
84:b9:10:c8:80:ea:a1:a2:d2:5b:11:3d:56:5a:53:f1:f5:7a:
ac:b0:d2:37:1e:fc:47:4c:5e:79:39:7c:04:ae:b3:fd:c6:73:
82:cb:60:b1:65:96:d2:19:b8:f3:d5:a3:45:4c:39:59:af:58:
ca:75:e3:61:db:83:54:90:ea:aa:ab:18:a0:6b:66:73:32:37:
90:17:2f:89:f9:cf:80:79:0b:36:c5:47:e8:f2:a2:28:b3:de:
66:c6:2f:54:15:40:f5:60:fe:8d:29:af:90:71:b9:12:ea:fe:
1c:2d:84:66:16:52:07:a7:c9:7a:80:fc:90:06:c2:21:57:dc:
c0:ee:93:a2:aa:9d:5d:2c:88:83:f6:5e:4d:44:7e:7d:1c:d8:
30:7b:31:a0:34:b2:99:ea:18:74:64:0f:91:3b:6f:65:d7:44:
f0:1e:46:c0:2e:77:b7:a4:f2:00:d4:15:e2:8e:30:6c:bf:68:
05:35:98:36:cf:96:35:18:46:49:88:55:86:e7:76:55:35:d0:
b1:21:d8:69:2d:9d:5c:81:67:ec:03:de:a0:62:b5:83:95:3b:
e8:a6:5b:d2:fc:6f:62:83:a9:38:37:76:75:91:aa:06:8f:77:
45:5d:9d:34
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUd22m9ZciZJA2KaWT/JgnRQ5OGtYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTIwMDUwMDFaFw0yNTA4MTYyMzU5NTlaMHoxSTBHBgNV
BAUTQDc0NGE0MGZiMGFmNjBlMWEyMWY0YjM2ZjkxMjNkMmMxYzJhNWQwYzhhNzhm
ZWFjZTcyYmY2ZWM3MTU4NWE4YjgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOhUOs7VTB7qKXpFLxTpaeexXZhVMsVMNyd/WysWtknl/BgMxWt9Raaz9+7A
MdhYIqtlE3R7hDjTW8aIgzCK1HLtF3rFF17AOVtjW0R+SqYAgrtK1XlRPu6+HzPU
R7DqdjB7Pzkl3e8O4ZpfW0u2lJ6T6jKw6Y+yv0OL2QXtxpG881RRODqZcHepmLYS
3sZX4E7Ilk9BjdQqT6s323mhrMTV6XZQbqHn+ywKjKJWNu/+Q2QosSv86P83txWg
dJPyXP6c6dvJ7T6rmtZmBzMvvYk6Ic9InBCBUuWP8/kCZPztylA+IxmqLLGrqgcf
8B+FSpv9omD0vVbg9cTxgjL3KbsCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSCFr5y
feEj10vJojVW4QfVSN8DezAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MzdiNTg0ZmEtZjY0OC00YTA3LTljYmQtNDBiZmVmNGEwYjJmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArkweDAN
BgkqhkiG9w0BAQsFAAOCAQEAJstMW6MiDNWO3zBGjym4AP//hLkQyIDqoaLSWxE9
VlpT8fV6rLDSNx78R0xeeTl8BK6z/cZzgstgsWWW0hm489WjRUw5Wa9YynXjYduD
VJDqqqsYoGtmczI3kBcvifnPgHkLNsVH6PKiKLPeZsYvVBVA9WD+jSmvkHG5Eur+
HC2EZhZSB6fJeoD8kAbCIVfcwO6ToqqdXSyIg/ZeTUR+fRzYMHsxoDSymeoYdGQP
kTtvZddE8B5GwC53t6TyANQV4o4wbL9oBTWYNs+WNRhGSYhVhud2VTXQsSHYaS2d
XIFn7APeoGK1g5U76KZb0vxvYoOpODd2dZGqBo93RV2dNA==
-----END CERTIFICATE-----
Generated at Tue Jul 22 22:22:23 2025 by rpki-client