Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/1934dc5e-8201-4fe2-b7d5-6bc5fd15f720.roa
File: 1934dc5e-8201-4fe2-b7d5-6bc5fd15f720.roa (raw, json)
Hash identifier: 563M6jbOu67/UbCo6p4fkc/qOEJfk7UXohs3x1sOoNI=
Subject key identifier: 6C:99:98:30:A6:21:2B:50:69:E8:64:E0:1C:EB:D9:59:45:DD:00:A0
Certificate issuer: /CN=df759b5af3da6c9df033b0de998970a4e79655d0
Certificate serial: 66FA1E1634F999972D7B05E6B641FB6D70168F18
Authority key identifier: DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/1934dc5e-8201-4fe2-b7d5-6bc5fd15f720.roa
Signing time: Fri 20 Feb 2026 01:40:41 +0000
ROA not before: Fri 20 Feb 2026 01:40:41 +0000
ROA not after: Thu 21 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc3:6000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.mft
rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 22 Feb 2026 00:56:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
66:fa:1e:16:34:f9:99:97:2d:7b:05:e6:b6:41:fb:6d:70:16:8f:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=df759b5af3da6c9df033b0de998970a4e79655d0
Validity
Not Before: Feb 20 01:40:41 2026 GMT
Not After : May 21 23:59:59 2026 GMT
Subject: serialNumber=0202e6fc19e2c8a6b03be087db09f8dd86c2594068c0c0d116bb576d7428d245, CN=98d67deb-bb75-4e77-b1a0-36016b2d6350
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:0d:a1:f8:e5:ed:e3:8b:b6:10:83:d5:cd:5b:
88:71:a9:6d:55:d4:d1:c2:9b:bb:b9:98:de:8b:36:
bc:3f:c8:4f:25:1a:d3:05:58:8e:6b:a3:77:f1:9e:
e1:fc:c9:69:f7:81:8c:f5:e5:62:59:bf:be:c8:c9:
9d:32:9a:70:fb:68:eb:be:70:62:e4:2b:c3:ea:4b:
b8:e9:3f:eb:e4:0a:88:6d:e4:e4:e3:79:31:b4:c3:
88:a1:46:20:e6:ab:21:16:59:fd:77:71:db:55:64:
36:c6:d4:93:69:96:fa:eb:e3:f3:9a:d3:07:98:7b:
67:89:63:3c:86:c6:b1:7b:92:b4:c9:ab:fd:51:49:
c2:cd:1d:47:26:ba:1c:88:c2:13:0b:fe:8c:11:96:
f5:74:d1:f2:e4:bd:c9:a0:c2:34:49:21:72:4a:cb:
e4:65:5c:dd:05:4b:0b:3c:61:f3:5a:e4:80:68:ef:
f2:cf:99:1f:cf:4b:a5:81:1e:3f:97:2a:f9:50:d1:
f2:0c:26:df:b1:45:78:ee:cf:d1:bb:bb:a8:86:4c:
8f:82:07:d0:75:21:04:57:c0:24:83:0d:55:d5:35:
b8:54:78:b1:8e:38:15:21:8d:43:5f:3a:7a:89:83:
bc:53:05:c7:3d:c3:de:f6:73:b7:52:50:23:5b:76:
73:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:99:98:30:A6:21:2B:50:69:E8:64:E0:1C:EB:D9:59:45:DD:00:A0
X509v3 Authority Key Identifier:
keyid:DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/1934dc5e-8201-4fe2-b7d5-6bc5fd15f720.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc3:6000::/36
Signature Algorithm: sha256WithRSAEncryption
32:12:a2:4c:3e:0b:26:7a:a1:4d:68:ec:69:1c:64:f3:86:49:
b0:d9:ea:6d:80:73:5c:06:34:4f:d3:e5:86:10:4f:86:ff:61:
87:a9:bb:3e:05:b2:d0:6d:be:f9:8f:fa:a5:4c:9d:35:cb:c1:
84:fb:06:53:82:ae:16:f2:48:39:d0:43:bb:df:02:38:60:aa:
7d:9d:e9:e7:74:3d:b4:10:4c:45:ae:7a:17:a3:0e:ca:00:66:
de:fb:29:37:cf:59:81:16:84:05:d4:b6:f9:ed:a6:ac:c1:13:
c4:21:7b:70:9c:59:a6:c7:79:5d:fb:a4:73:dd:82:56:1f:2e:
b9:83:a2:0a:00:7d:49:f0:38:2b:75:cb:ff:c0:11:24:ee:4e:
ed:8d:55:15:62:7c:2a:13:74:f0:bb:69:8b:6b:aa:c6:c8:d6:
d1:00:bd:3c:98:1c:86:8e:d6:1c:c2:2f:ad:2e:06:a1:d3:50:
68:46:79:e6:2f:4d:7c:72:34:67:c0:d6:d8:d9:0f:fb:a9:39:
7f:c2:95:37:d6:92:1a:2b:e1:07:b0:b2:70:8d:6f:f6:a8:d4:
51:03:7a:d5:fd:f3:22:71:e3:50:da:a3:94:00:bb:2b:78:33:
e4:0d:88:2a:57:9b:c5:da:57:59:39:43:df:ad:4c:72:fa:a4:
87:04:4d:8e
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUZvoeFjT5mZctewXmtkH7bXAWjxgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGY3NTliNWFmM2RhNmM5ZGYwMzNiMGRlOTk4OTcwYTRl
Nzk2NTVkMDAeFw0yNjAyMjAwMTQwNDFaFw0yNjA1MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDAyMDJlNmZjMTllMmM4YTZiMDNiZTA4N2RiMDlmOGRkODZjMjU5NDA2OGMw
YzBkMTE2YmI1NzZkNzQyOGQyNDUxLTArBgNVBAMTJDk4ZDY3ZGViLWJiNzUtNGU3
Ny1iMWEwLTM2MDE2YjJkNjM1MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALoNofjl7eOLthCD1c1biHGpbVXU0cKbu7mY3os2vD/ITyUa0wVYjmujd/Ge
4fzJafeBjPXlYlm/vsjJnTKacPto675wYuQrw+pLuOk/6+QKiG3k5ON5MbTDiKFG
IOarIRZZ/Xdx21VkNsbUk2mW+uvj85rTB5h7Z4ljPIbGsXuStMmr/VFJws0dRya6
HIjCEwv+jBGW9XTR8uS9yaDCNEkhckrL5GVc3QVLCzxh81rkgGjv8s+ZH89LpYEe
P5cq+VDR8gwm37FFeO7P0bu7qIZMj4IH0HUhBFfAJIMNVdU1uFR4sY44FSGNQ186
eomDvFMFxz3D3vZzt1JQI1t2cxkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRsmZgw
piErUGnoZOAc69lZRd0AoDAfBgNVHSMEGDAWgBTfdZta89psnfAzsN6ZiXCk55ZV
0DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzMzV2JXdlBh
Ykozd003RGVtWWx3cE9lV1ZkQS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9mZTM3MzdmYi0wOTVkLTQ0NGMtOTJmNC0zZjcyMjFmYjU0NGMv
MTkzNGRjNWUtODIwMS00ZmUyLWI3ZDUtNmJjNWZkMTVmNzIwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZmUzNzM3ZmItMDk1ZC00NDRjLTkyZjQtM2Y3MjIxZmI1
NDRjLzBYRTV0WlZ5dUdlYUFfaDctMXFCcDdhWTRTby5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCABP8Ng
MA0GCSqGSIb3DQEBCwUAA4IBAQAyEqJMPgsmeqFNaOxpHGTzhkmw2eptgHNcBjRP
0+WGEE+G/2GHqbs+BbLQbb75j/qlTJ01y8GE+wZTgq4W8kg50EO73wI4YKp9nenn
dD20EExFrnoXow7KAGbe+yk3z1mBFoQF1Lb57aaswRPEIXtwnFmmx3ld+6Rz3YJW
Hy65g6IKAH1J8Dgrdcv/wBEk7k7tjVUVYnwqE3Twu2mLa6rGyNbRAL08mByGjtYc
wi+tLgah01BoRnnmL018cjRnwNbY2Q/7qTl/wpU31pIaK+EHsLJwjW/2qNRRA3rV
/fMiceNQ2qOUALsreDPkDYgqV5vF2ldZOUPfrUxy+qSHBE2O
-----END CERTIFICATE-----
Generated at Sat Feb 21 07:24:42 2026 by rpki-client