Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/37b584fa-f648-4a07-9cbd-40bfef4a0b2f.roa
File: 37b584fa-f648-4a07-9cbd-40bfef4a0b2f.roa (raw, json)
Hash identifier: HzW63amC6pNitBudiNOb9k+WC8YVONxyj9ML1AAOkQo=
Subject key identifier: ED:3C:C4:6A:45:AE:6E:89:A7:47:98:99:50:87:82:CE:E0:8B:FB:97
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 098056CA463DCECEB485A7E31B16B7569AD66669
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/37b584fa-f648-4a07-9cbd-40bfef4a0b2f.roa
Signing time: Tue 21 Oct 2025 13:41:13 +0000
ROA not before: Tue 21 Oct 2025 13:41:13 +0000
ROA not after: Tue 25 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 185.48.120.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 29 Oct 2025 00:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
09:80:56:ca:46:3d:ce:ce:b4:85:a7:e3:1b:16:b7:56:9a:d6:66:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 21 13:41:13 2025 GMT
Not After : Nov 25 23:59:59 2025 GMT
Subject: serialNumber=7f434164c942ca1d8773cf537bfdae322623590d1b85be6c3c7f0ffbc072167b, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:e7:c9:ad:9c:be:9d:c2:ae:f0:8d:3b:bd:f5:
03:f5:0d:d4:a6:92:44:72:29:cc:d0:63:16:aa:64:
49:79:53:c0:02:3c:87:ca:c1:2b:ef:00:e6:f8:ba:
dc:59:19:8f:69:11:9e:64:58:93:87:c3:c6:27:d9:
41:10:1d:69:60:33:41:a5:51:85:cd:20:81:3d:ba:
8b:45:2b:10:aa:09:a2:9d:1c:04:b7:61:2f:73:85:
a8:c6:4c:27:85:b8:b7:3b:c6:67:1c:15:93:bc:ba:
8a:f8:9a:4b:f5:27:4e:cf:e2:d4:c0:38:7f:ea:84:
68:c8:4d:ca:fb:6d:00:50:d4:ed:5b:07:de:31:28:
d1:c2:3a:db:b2:d6:4e:85:59:d5:65:50:ac:84:34:
44:20:5b:8f:76:5a:48:20:f4:88:ca:9e:17:e8:55:
8f:35:f5:4c:92:5e:a0:5f:c6:3a:b0:d8:b7:c3:13:
f7:96:1f:dc:17:d7:fe:0c:7c:4c:fd:18:d8:51:8d:
e8:08:aa:59:b1:52:c7:b8:9d:96:ea:60:0b:37:b3:
7d:7e:09:e4:d4:14:d1:62:1f:a3:c2:0e:3f:2c:7f:
39:f6:f5:23:82:7d:e4:2a:8f:5b:7b:4c:ca:6e:a5:
ca:be:85:67:5b:af:0a:9b:0c:36:6f:14:3a:90:f5:
18:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:3C:C4:6A:45:AE:6E:89:A7:47:98:99:50:87:82:CE:E0:8B:FB:97
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/37b584fa-f648-4a07-9cbd-40bfef4a0b2f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.48.120.0/22
Signature Algorithm: sha256WithRSAEncryption
53:ca:ea:d2:24:e7:6f:fa:44:17:bd:dd:0b:0e:53:6e:87:48:
64:19:52:94:74:40:7a:db:31:b4:4e:3f:a3:e9:9e:1c:80:42:
6f:92:ff:e7:97:15:fc:c7:9c:53:3e:89:40:67:29:1e:94:a8:
c8:16:44:46:a1:7c:58:fe:47:72:d4:61:ce:b1:f2:c7:58:ed:
e8:f6:32:c8:c5:d7:c6:70:e2:61:67:72:88:8e:b3:74:16:92:
74:bc:18:90:62:60:cb:98:94:21:28:c6:07:0b:b8:b5:bf:95:
0c:55:f0:b1:97:0e:e1:b4:7b:de:25:2d:82:d7:74:b3:b5:7b:
ee:a3:ff:f7:37:71:bd:33:f3:81:56:4b:2c:98:f6:10:75:20:
ab:7c:91:1a:5f:85:1d:72:b2:31:19:4c:00:9d:30:3a:03:78:
db:f6:7c:14:a3:29:14:97:9d:6b:07:60:e1:93:25:5a:18:05:
84:cc:68:55:fa:e5:9c:06:da:c1:c3:49:3d:55:3c:b1:f2:67:
48:ea:74:0b:c0:7b:10:d2:2f:f9:87:af:ea:bd:54:2f:c1:89:
48:c6:0c:a3:e7:88:60:fd:66:ab:5f:1f:a0:bb:23:50:ce:e5:
47:70:ee:a3:7b:05:c6:02:e7:fa:5b:91:da:13:54:83:98:8f:
88:19:b3:ab
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUCYBWykY9zs60hafjGxa3VprWZmkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMjExMzQxMTNaFw0yNTExMjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDdmNDM0MTY0Yzk0MmNhMWQ4NzczY2Y1MzdiZmRhZTMyMjYyMzU5MGQxYjg1
YmU2YzNjN2YwZmZiYzA3MjE2N2IxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALfnya2cvp3CrvCNO731A/UN1KaSRHIpzNBjFqpkSXlTwAI8h8rBK+8A5vi6
3FkZj2kRnmRYk4fDxifZQRAdaWAzQaVRhc0ggT26i0UrEKoJop0cBLdhL3OFqMZM
J4W4tzvGZxwVk7y6iviaS/UnTs/i1MA4f+qEaMhNyvttAFDU7VsH3jEo0cI627LW
ToVZ1WVQrIQ0RCBbj3ZaSCD0iMqeF+hVjzX1TJJeoF/GOrDYt8MT95Yf3BfX/gx8
TP0Y2FGN6AiqWbFSx7idlupgCzezfX4J5NQU0WIfo8IOPyx/Ofb1I4J95CqPW3tM
ym6lyr6FZ1uvCpsMNm8UOpD1GDUCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTtPMRq
Ra5uiadHmJlQh4LO4Iv7lzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MzdiNTg0ZmEtZjY0OC00YTA3LTljYmQtNDBiZmVmNGEwYjJmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArkweDAN
BgkqhkiG9w0BAQsFAAOCAQEAU8rq0iTnb/pEF73dCw5TbodIZBlSlHRAetsxtE4/
o+meHIBCb5L/55cV/MecUz6JQGcpHpSoyBZERqF8WP5HctRhzrHyx1jt6PYyyMXX
xnDiYWdyiI6zdBaSdLwYkGJgy5iUISjGBwu4tb+VDFXwsZcO4bR73iUtgtd0s7V7
7qP/9zdxvTPzgVZLLJj2EHUgq3yRGl+FHXKyMRlMAJ0wOgN42/Z8FKMpFJedawdg
4ZMlWhgFhMxoVfrlnAbawcNJPVU8sfJnSOp0C8B7ENIv+Yev6r1UL8GJSMYMo+eI
YP1mq18foLsjUM7lR3Duo3sFxgLn+luR2hNUg5iPiBmzqw==
-----END CERTIFICATE-----
Generated at Tue Oct 28 04:19:30 2025 by rpki-client