Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0582d0d5-4d6b-43e7-869e-df722bf70a81.roa
File: 0582d0d5-4d6b-43e7-869e-df722bf70a81.roa (raw, json)
Hash identifier: FDygz/svf1TsF6iiCGvFLXfPMUH0OP+kgNpBGLug4gM=
Subject key identifier: 9A:ED:A8:E9:1B:AB:80:20:B0:D6:D0:1A:29:66:C5:40:54:FA:34:8E
Certificate issuer: /CN=df759b5af3da6c9df033b0de998970a4e79655d0
Certificate serial: 5A53F176A03CE1C03CC4CD2A3E806FC84C45535C
Authority key identifier: DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0582d0d5-4d6b-43e7-869e-df722bf70a81.roa
Signing time: Fri 20 Feb 2026 01:40:42 +0000
ROA not before: Fri 20 Feb 2026 01:40:42 +0000
ROA not after: Thu 21 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc7:2880::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.mft
rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 22 Feb 2026 00:56:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5a:53:f1:76:a0:3c:e1:c0:3c:c4:cd:2a:3e:80:6f:c8:4c:45:53:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=df759b5af3da6c9df033b0de998970a4e79655d0
Validity
Not Before: Feb 20 01:40:42 2026 GMT
Not After : May 21 23:59:59 2026 GMT
Subject: serialNumber=d8972050764a1f1b7cf86af0ccc4194f09d2e23ec5d9245fd2200adb8f77ca2f, CN=98d67deb-bb75-4e77-b1a0-36016b2d6350
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:50:e4:03:d5:95:d2:e2:d7:11:34:7b:0f:ec:
da:c1:cf:71:f6:6c:7f:64:de:76:26:9d:60:20:f4:
af:38:77:b2:16:fe:45:3d:26:2b:67:98:99:99:62:
41:6e:2c:16:af:d7:b9:76:6f:b0:ac:c8:62:02:9f:
27:08:e1:7e:f1:9f:a8:91:1e:f3:37:67:3f:58:43:
0f:9e:39:92:86:36:a1:96:3d:23:4d:6f:9d:51:ac:
b0:bc:97:1f:06:f5:e1:03:ff:ee:db:9a:a3:44:bd:
e6:38:cc:05:df:39:d7:d6:7c:2b:e4:63:28:8d:83:
13:be:09:7c:09:8d:c5:7e:d8:4b:2c:3f:f7:e0:7d:
64:76:3e:ce:b3:4d:6d:15:e4:ef:40:c5:e0:ad:08:
be:15:79:52:82:2e:eb:49:47:11:37:f0:f6:9a:fe:
23:f5:ba:c1:0d:75:6e:83:25:ed:d7:49:48:0e:74:
d7:fd:45:09:63:07:3f:fb:d6:88:6f:0c:bb:0a:40:
a6:62:63:fc:3f:88:1f:c4:cc:03:b5:b5:44:bf:11:
cb:9d:c9:13:24:28:7e:42:b1:78:7e:f0:2e:f4:1a:
92:c4:84:e8:b1:69:ad:93:b8:e0:cc:d3:dc:15:a2:
28:0b:92:dc:78:06:99:82:fc:85:b9:7b:37:ac:b4:
de:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:ED:A8:E9:1B:AB:80:20:B0:D6:D0:1A:29:66:C5:40:54:FA:34:8E
X509v3 Authority Key Identifier:
keyid:DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0582d0d5-4d6b-43e7-869e-df722bf70a81.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc7:2880::/48
Signature Algorithm: sha256WithRSAEncryption
75:de:e9:4e:ac:95:76:86:c2:35:08:4b:54:67:d7:bb:4a:b6:
f8:be:63:db:43:11:6c:43:3c:18:a4:67:4f:37:15:9c:64:63:
63:44:9a:7d:71:04:17:49:f5:f0:d4:1d:01:f9:3b:29:45:81:
c7:a9:60:28:04:7a:46:6d:e6:51:fa:ad:8d:83:37:e7:5b:cc:
e2:e7:b0:95:09:95:01:25:e4:3c:ba:a9:05:3e:b8:c1:89:b9:
3a:5c:21:b9:c3:8d:c8:2b:79:40:1b:fa:fe:be:02:2a:70:64:
b3:8b:e5:4c:53:0f:6f:07:8d:04:01:6e:49:55:02:22:4a:c6:
55:b1:bc:7e:e3:2e:1e:1d:de:d5:62:b8:78:4e:84:52:9a:94:
7a:b0:7d:99:03:cf:74:9f:08:ec:09:5f:7d:f6:ff:23:3b:3a:
74:6d:02:0d:15:80:08:45:c1:62:2d:00:8c:34:a6:f2:f5:33:
3e:34:17:9d:20:0c:01:d5:6c:5e:eb:69:d7:6c:6c:c9:2a:74:
22:6c:bc:f1:40:90:16:ad:d5:34:a3:32:1e:85:91:86:63:9d:
2a:19:be:0c:b2:91:7c:f7:e3:d7:e2:8b:2a:4e:12:f7:f1:cb:
92:80:54:df:86:2a:b6:e7:9f:20:a5:ed:09:e7:6a:72:30:36:
59:09:e6:83
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUWlPxdqA84cA8xM0qPoBvyExFU1wwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGY3NTliNWFmM2RhNmM5ZGYwMzNiMGRlOTk4OTcwYTRl
Nzk2NTVkMDAeFw0yNjAyMjAwMTQwNDJaFw0yNjA1MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQGQ4OTcyMDUwNzY0YTFmMWI3Y2Y4NmFmMGNjYzQxOTRmMDlkMmUyM2VjNWQ5
MjQ1ZmQyMjAwYWRiOGY3N2NhMmYxLTArBgNVBAMTJDk4ZDY3ZGViLWJiNzUtNGU3
Ny1iMWEwLTM2MDE2YjJkNjM1MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOBQ5APVldLi1xE0ew/s2sHPcfZsf2TediadYCD0rzh3shb+RT0mK2eYmZli
QW4sFq/XuXZvsKzIYgKfJwjhfvGfqJEe8zdnP1hDD545koY2oZY9I01vnVGssLyX
Hwb14QP/7tuao0S95jjMBd8519Z8K+RjKI2DE74JfAmNxX7YSyw/9+B9ZHY+zrNN
bRXk70DF4K0IvhV5UoIu60lHETfw9pr+I/W6wQ11boMl7ddJSA501/1FCWMHP/vW
iG8MuwpApmJj/D+IH8TMA7W1RL8Ry53JEyQofkKxeH7wLvQaksSE6LFprZO44MzT
3BWiKAuS3HgGmYL8hbl7N6y03i8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSa7ajp
G6uAILDW0BopZsVAVPo0jjAfBgNVHSMEGDAWgBTfdZta89psnfAzsN6ZiXCk55ZV
0DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzMzV2JXdlBh
Ykozd003RGVtWWx3cE9lV1ZkQS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9mZTM3MzdmYi0wOTVkLTQ0NGMtOTJmNC0zZjcyMjFmYjU0NGMv
MDU4MmQwZDUtNGQ2Yi00M2U3LTg2OWUtZGY3MjJiZjcwYTgxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZmUzNzM3ZmItMDk1ZC00NDRjLTkyZjQtM2Y3MjIxZmI1
NDRjLzBYRTV0WlZ5dUdlYUFfaDctMXFCcDdhWTRTby5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACABP8co
gDANBgkqhkiG9w0BAQsFAAOCAQEAdd7pTqyVdobCNQhLVGfXu0q2+L5j20MRbEM8
GKRnTzcVnGRjY0SafXEEF0n18NQdAfk7KUWBx6lgKAR6Rm3mUfqtjYM351vM4uew
lQmVASXkPLqpBT64wYm5OlwhucONyCt5QBv6/r4CKnBks4vlTFMPbweNBAFuSVUC
IkrGVbG8fuMuHh3e1WK4eE6EUpqUerB9mQPPdJ8I7Alfffb/Izs6dG0CDRWACEXB
Yi0AjDSm8vUzPjQXnSAMAdVsXutp12xsySp0Imy88UCQFq3VNKMyHoWRhmOdKhm+
DLKRfPfj1+KLKk4S9/HLkoBU34YqtuefIKXtCedqcjA2WQnmgw==
-----END CERTIFICATE-----
Generated at Sat Feb 21 07:24:40 2026 by rpki-client