Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/37b584fa-f648-4a07-9cbd-40bfef4a0b2f.roa
File: 37b584fa-f648-4a07-9cbd-40bfef4a0b2f.roa (raw, json)
Hash identifier: 1K/l8HtRM70ogEnS4nJxnPaSR7e9tVX1cLypxNaSn7c=
Subject key identifier: 5E:84:C1:18:CE:D7:D2:BF:E8:EB:2D:1E:E4:18:4E:90:AC:58:FD:99
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 05D7CC603216866B30D2EDD3D928CC9BD2B542D0
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/37b584fa-f648-4a07-9cbd-40bfef4a0b2f.roa
Signing time: Fri 23 May 2025 00:41:08 +0000
ROA not before: Fri 23 May 2025 00:41:08 +0000
ROA not after: Fri 27 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 185.48.120.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
05:d7:cc:60:32:16:86:6b:30:d2:ed:d3:d9:28:cc:9b:d2:b5:42:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 23 00:41:08 2025 GMT
Not After : Jun 27 23:59:59 2025 GMT
Subject: serialNumber=705eb1c58e8838e317b8cd6e6e572dd9f86315ab8ee70b2975c5661b20ae9781, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f4:67:de:48:5f:20:37:f5:7c:ca:24:71:d7:1a:
23:1e:81:1b:5a:3a:e2:cf:86:17:de:07:dd:70:b9:
85:97:d8:3d:a0:4c:22:d4:f0:c0:13:9c:d5:55:b3:
70:9f:c6:9e:14:bb:a2:56:45:fa:47:e2:8c:15:94:
79:66:69:0c:00:07:d2:96:dd:3a:73:4b:82:88:05:
23:39:a3:68:7a:a6:dc:1f:7d:28:3f:ff:1e:df:da:
76:b8:a8:d2:37:24:ec:29:0c:ed:b6:e6:63:90:bb:
e0:35:59:4b:04:c7:4e:39:b4:3c:77:8b:0c:dc:6f:
35:21:e6:ef:83:f4:59:2e:d1:a6:75:fa:35:11:07:
39:d5:93:85:bc:b9:ba:74:c0:c0:3f:0a:b8:b6:15:
37:e0:58:dd:ec:20:85:ce:4e:e6:7f:ce:71:8c:23:
99:2f:eb:34:d6:70:e3:44:fc:d6:1a:7f:99:3e:dd:
c6:2f:de:18:52:ea:34:d3:fb:33:5d:8e:51:9f:68:
03:23:83:26:b4:02:a6:5a:f0:92:6c:6b:7d:8b:98:
f6:69:77:db:74:3f:31:7c:d8:b0:cd:64:e6:25:9e:
68:e6:6f:f5:92:18:53:d3:54:c0:f1:b8:2a:36:1d:
30:ea:4c:71:55:e9:79:62:e1:00:33:f0:c2:ef:19:
99:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:84:C1:18:CE:D7:D2:BF:E8:EB:2D:1E:E4:18:4E:90:AC:58:FD:99
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/37b584fa-f648-4a07-9cbd-40bfef4a0b2f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.48.120.0/22
Signature Algorithm: sha256WithRSAEncryption
a9:ae:94:9f:9a:d2:03:a4:3b:f1:3c:df:59:d5:5a:4f:79:d5:
4e:eb:fd:69:c8:8f:1e:f8:8e:ff:b4:1b:37:bb:d9:09:13:c2:
b9:58:db:76:fa:ee:d0:89:1f:8f:ac:51:da:ef:24:83:c3:8c:
0b:93:0a:37:f7:98:c6:e0:aa:d7:b6:cb:6a:d7:2b:76:55:a3:
62:fd:71:0b:f5:2c:61:70:4b:77:0d:c5:9a:67:3c:ba:8a:8b:
81:bb:97:e1:1d:f3:4a:59:ed:3f:02:e8:e2:86:ce:b0:92:9a:
60:40:f9:a2:4f:9d:5b:65:3b:9e:b7:c5:16:22:2d:8f:8c:87:
05:52:06:03:1f:ef:c1:88:99:46:f5:46:96:73:58:bf:fd:7f:
7d:97:b4:7a:f9:9d:58:e5:e4:65:d1:a1:d1:1a:5a:36:5a:9f:
97:32:ea:4a:f8:42:f2:44:61:38:35:53:3c:5e:4a:03:a8:12:
69:03:be:1d:78:4b:b7:47:b7:12:a6:ba:58:7c:e6:9b:51:59:
23:52:aa:c1:db:d2:fd:d7:14:22:26:e7:90:0c:5d:1f:71:37:
ad:ba:c2:05:b5:51:1c:dd:04:07:1b:1b:21:28:f6:61:4b:97:
ba:24:45:c1:52:30:f9:ff:5e:4d:e3:42:fd:94:2d:c4:fa:c1:
b2:6d:eb:76
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUBdfMYDIWhmsw0u3T2SjMm9K1QtAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjMwMDQxMDhaFw0yNTA2MjcyMzU5NTlaMHoxSTBHBgNV
BAUTQDcwNWViMWM1OGU4ODM4ZTMxN2I4Y2Q2ZTZlNTcyZGQ5Zjg2MzE1YWI4ZWU3
MGIyOTc1YzU2NjFiMjBhZTk3ODExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPRn3khfIDf1fMokcdcaIx6BG1o64s+GF94H3XC5hZfYPaBMItTwwBOc1VWz
cJ/GnhS7olZF+kfijBWUeWZpDAAH0pbdOnNLgogFIzmjaHqm3B99KD//Ht/adrio
0jck7CkM7bbmY5C74DVZSwTHTjm0PHeLDNxvNSHm74P0WS7RpnX6NREHOdWThby5
unTAwD8KuLYVN+BY3ewghc5O5n/OcYwjmS/rNNZw40T81hp/mT7dxi/eGFLqNNP7
M12OUZ9oAyODJrQCplrwkmxrfYuY9ml323Q/MXzYsM1k5iWeaOZv9ZIYU9NUwPG4
KjYdMOpMcVXpeWLhADPwwu8ZmbcCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRehMEY
ztfSv+jrLR7kGE6QrFj9mTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MzdiNTg0ZmEtZjY0OC00YTA3LTljYmQtNDBiZmVmNGEwYjJmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArkweDAN
BgkqhkiG9w0BAQsFAAOCAQEAqa6Un5rSA6Q78TzfWdVaT3nVTuv9aciPHviO/7Qb
N7vZCRPCuVjbdvru0Ikfj6xR2u8kg8OMC5MKN/eYxuCq17bLatcrdlWjYv1xC/Us
YXBLdw3Fmmc8uoqLgbuX4R3zSlntPwLo4obOsJKaYED5ok+dW2U7nrfFFiItj4yH
BVIGAx/vwYiZRvVGlnNYv/1/fZe0evmdWOXkZdGh0RpaNlqflzLqSvhC8kRhODVT
PF5KA6gSaQO+HXhLt0e3Eqa6WHzmm1FZI1KqwdvS/dcUIibnkAxdH3E3rbrCBbVR
HN0EBxsbISj2YUuXuiRFwVIw+f9eTeNC/ZQtxPrBsm3rdg==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:40:23 2025 by rpki-client