Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/37b584fa-f648-4a07-9cbd-40bfef4a0b2f.roa
File: 37b584fa-f648-4a07-9cbd-40bfef4a0b2f.roa (raw, json)
Hash identifier: 8wi6b60VTtPkSK74ivVHNwX1VzYz+iK4oEMYxe6FbyY=
Subject key identifier: 31:74:47:F3:6E:45:8C:D7:5B:49:5F:5F:73:F4:8D:E1:97:4B:7E:3E
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 41DFAB5EB61563B5CF8CFA55B255EB367B5650C6
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/37b584fa-f648-4a07-9cbd-40bfef4a0b2f.roa
Signing time: Mon 01 Sep 2025 19:51:22 +0000
ROA not before: Mon 01 Sep 2025 19:51:22 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 185.48.120.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
41:df:ab:5e:b6:15:63:b5:cf:8c:fa:55:b2:55:eb:36:7b:56:50:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 19:51:22 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=3d2848194d35e8ceb0693541a14e529f19c2505a847ee634fa4e8ec2ac742d3e, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:c6:a6:f3:69:29:07:1a:1b:c2:f2:30:8b:68:
88:ce:41:a4:4e:89:0b:26:35:71:aa:de:f5:dd:cb:
8d:fa:87:f2:58:62:9a:60:5f:74:bf:bf:5b:71:11:
d1:0d:eb:4f:4b:8d:da:c7:72:e5:62:8d:64:b9:8b:
0f:28:5c:10:c6:e2:39:bd:6a:82:53:88:55:4e:6f:
ae:d3:48:3a:13:ac:c4:b5:71:bd:f1:46:f7:8d:e6:
ac:40:88:53:91:20:65:fb:e3:c9:89:d5:00:74:b2:
78:20:77:6c:b3:c5:cb:13:23:81:2b:00:93:38:36:
37:0a:3b:f6:ea:6b:e3:ac:2d:fd:e2:39:d9:c0:82:
24:fe:50:f8:05:15:79:bc:a4:9a:fe:71:04:52:0d:
2c:5c:af:a9:5f:a8:4c:02:8c:25:84:1c:ea:7c:8a:
bf:5e:b3:2e:b7:72:af:59:71:b8:60:b6:b2:a9:63:
6e:f7:b5:47:64:17:9f:91:28:4e:b9:fd:72:dd:03:
66:6f:79:01:42:51:82:a2:51:e4:a3:84:d9:e3:25:
ab:c4:8f:e4:ec:26:bc:f5:ed:20:98:1a:51:4c:33:
82:df:a2:f6:1c:f0:f5:68:8b:bc:bc:9b:65:49:a3:
21:9c:0f:d9:4a:8e:4c:aa:b0:72:c6:11:da:cb:10:
47:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:74:47:F3:6E:45:8C:D7:5B:49:5F:5F:73:F4:8D:E1:97:4B:7E:3E
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/37b584fa-f648-4a07-9cbd-40bfef4a0b2f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.48.120.0/22
Signature Algorithm: sha256WithRSAEncryption
33:e0:dd:c0:33:14:30:56:0d:e7:ce:46:8b:6a:14:c0:0f:70:
1c:ff:03:e1:ac:fd:cd:f2:91:01:ae:80:d1:fe:15:a8:90:b6:
c9:c3:c5:7a:14:4a:a6:73:a8:13:23:b8:8d:3d:0d:c9:e1:5f:
8c:1b:65:57:2a:97:31:d0:45:ac:7d:c7:22:3c:d5:c1:be:3f:
9f:24:a6:93:d0:8b:da:6a:87:4d:c1:1b:8a:85:5d:f6:cb:14:
89:29:c4:a5:68:d0:06:bf:b1:09:8e:ae:7e:6e:7c:26:f9:fe:
2a:4d:b1:c7:0c:b8:32:e5:87:80:18:e5:20:80:b9:06:21:cb:
c7:c2:da:d4:4e:a7:13:a5:60:41:37:da:91:4f:d8:d4:13:b4:
9b:da:17:5a:8b:cb:4b:07:84:ab:6d:cc:25:16:3b:e3:9c:49:
d8:5b:03:78:ce:78:a3:f2:ea:0c:6e:da:4d:0f:0f:2c:fb:ac:
dc:d1:27:62:95:67:3c:e0:c8:33:f8:af:9c:34:e7:5e:06:3e:
34:ca:a2:03:c2:5c:01:87:5b:e4:e1:22:7a:63:2c:3e:96:8f:
e4:95:9d:5f:ee:47:19:eb:6f:6e:1e:86:c4:66:df:4d:db:c5:
76:9f:67:92:8c:b5:2b:7e:d5:bc:92:cd:23:62:8a:95:89:5c:
17:53:da:15
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUQd+rXrYVY7XPjPpVslXrNntWUMYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDExOTUxMjJaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDNkMjg0ODE5NGQzNWU4Y2ViMDY5MzU0MWExNGU1MjlmMTljMjUwNWE4NDdl
ZTYzNGZhNGU4ZWMyYWM3NDJkM2UxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAO/GpvNpKQcaG8LyMItoiM5BpE6JCyY1care9d3LjfqH8lhimmBfdL+/W3ER
0Q3rT0uN2sdy5WKNZLmLDyhcEMbiOb1qglOIVU5vrtNIOhOsxLVxvfFG943mrECI
U5EgZfvjyYnVAHSyeCB3bLPFyxMjgSsAkzg2Nwo79upr46wt/eI52cCCJP5Q+AUV
ebykmv5xBFINLFyvqV+oTAKMJYQc6nyKv16zLrdyr1lxuGC2sqljbve1R2QXn5Eo
Trn9ct0DZm95AUJRgqJR5KOE2eMlq8SP5OwmvPXtIJgaUUwzgt+i9hzw9WiLvLyb
ZUmjIZwP2UqOTKqwcsYR2ssQR70CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQxdEfz
bkWM11tJX19z9I3hl0t+PjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MzdiNTg0ZmEtZjY0OC00YTA3LTljYmQtNDBiZmVmNGEwYjJmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArkweDAN
BgkqhkiG9w0BAQsFAAOCAQEAM+DdwDMUMFYN585Gi2oUwA9wHP8D4az9zfKRAa6A
0f4VqJC2ycPFehRKpnOoEyO4jT0NyeFfjBtlVyqXMdBFrH3HIjzVwb4/nySmk9CL
2mqHTcEbioVd9ssUiSnEpWjQBr+xCY6ufm58Jvn+Kk2xxwy4MuWHgBjlIIC5BiHL
x8La1E6nE6VgQTfakU/Y1BO0m9oXWovLSweEq23MJRY745xJ2FsDeM54o/LqDG7a
TQ8PLPus3NEnYpVnPODIM/ivnDTnXgY+NMqiA8JcAYdb5OEiemMsPpaP5JWdX+5H
Getvbh6GxGbfTdvFdp9nkoy1K37VvJLNI2KKlYlcF1PaFQ==
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:08:18 2025 by rpki-client