Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/19e6d59b-798d-488a-9fdb-94bb0d14ceb6.roa
File: 19e6d59b-798d-488a-9fdb-94bb0d14ceb6.roa (raw, json)
Hash identifier: 9vk3EgwmN9UxleLiIZWpZKWHyhHnbMcOs+V4gr9pEic=
Subject key identifier: CF:B9:09:F6:DD:08:A7:48:A9:B2:1E:35:D8:8E:F7:BB:91:6B:7A:CB
Certificate issuer: /CN=df759b5af3da6c9df033b0de998970a4e79655d0
Certificate serial: 6BF61A62D854E9BF5BDE312BCB53D4DD7FA72504
Authority key identifier: DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/19e6d59b-798d-488a-9fdb-94bb0d14ceb6.roa
Signing time: Fri 20 Feb 2026 01:30:51 +0000
ROA not before: Fri 20 Feb 2026 01:30:51 +0000
ROA not after: Thu 21 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc7:2800::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.mft
rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 22 Feb 2026 00:56:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6b:f6:1a:62:d8:54:e9:bf:5b:de:31:2b:cb:53:d4:dd:7f:a7:25:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=df759b5af3da6c9df033b0de998970a4e79655d0
Validity
Not Before: Feb 20 01:30:51 2026 GMT
Not After : May 21 23:59:59 2026 GMT
Subject: serialNumber=78b92a2af0c5765d1bd5a616a535dbb19f84e94e76f099d13ecf2c3570569735, CN=98d67deb-bb75-4e77-b1a0-36016b2d6350
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:0d:3c:dc:05:d7:e6:3a:00:b1:c0:36:0a:1a:
10:1f:fe:b8:16:ea:18:24:25:9c:60:f3:70:77:3b:
42:42:b7:9d:7a:b1:88:ea:c1:a8:ed:0c:47:57:b6:
dc:2c:fb:70:1a:b9:43:94:25:da:cf:55:81:af:ea:
c7:ad:73:88:7a:35:30:fd:e0:d3:17:80:ac:a0:85:
09:b5:6a:15:48:35:2d:24:d4:4d:72:4f:a1:b5:62:
5a:2b:f5:57:16:ca:72:54:e5:cf:96:0f:b7:3e:13:
03:c2:c7:28:de:88:4d:48:21:7c:df:c0:3e:b9:49:
ff:57:22:17:bc:e1:99:9e:8f:48:9d:7c:61:25:03:
12:75:85:02:94:fc:e6:bd:b4:9e:ce:35:23:28:81:
bf:6f:94:70:b1:a6:81:02:9a:91:4a:ce:d5:c2:31:
7b:ad:71:6f:d6:9a:65:ca:f1:b9:a3:cc:40:a4:ae:
12:c1:aa:2e:db:8f:b4:7c:3a:93:e0:e3:ef:38:7e:
e0:15:b8:dc:4f:8b:f5:06:c5:b3:2f:5e:59:4f:8b:
49:92:e3:ae:34:27:3b:57:d2:66:36:35:b9:8e:ea:
36:81:24:a8:d9:f2:b6:89:0b:ee:27:dc:4d:bb:8b:
17:1b:88:e4:55:e4:22:e7:6f:dd:67:75:4d:fd:3c:
4e:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:B9:09:F6:DD:08:A7:48:A9:B2:1E:35:D8:8E:F7:BB:91:6B:7A:CB
X509v3 Authority Key Identifier:
keyid:DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/19e6d59b-798d-488a-9fdb-94bb0d14ceb6.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc7:2800::/40
Signature Algorithm: sha256WithRSAEncryption
05:91:c9:51:ff:d7:7c:b3:a5:ea:82:67:2e:ca:97:29:f1:8c:
9b:82:ec:82:60:72:1d:02:3e:48:9c:65:fc:44:e9:98:3d:1a:
6a:a1:9d:40:3b:49:68:b5:23:e0:b9:ba:a1:86:d7:c4:a4:92:
cf:e9:4c:88:67:02:34:08:d5:46:a6:b2:21:c1:e4:c7:4b:81:
aa:c5:87:f9:97:34:0d:38:b5:9d:fb:a1:c6:1f:84:a7:45:60:
5c:74:ee:ca:df:de:fa:c0:6a:8a:b1:09:6d:e6:a9:1a:d0:01:
1e:e2:d0:96:d0:7c:c6:fa:9e:8d:f9:fe:e1:a7:05:a2:9a:bf:
c1:72:03:93:99:29:fc:c0:87:50:41:32:be:30:8c:8a:2b:86:
ac:bc:4c:fc:19:e4:33:0a:73:6a:68:b5:db:a0:2e:40:d9:06:
d5:7c:49:fc:d2:7d:e2:ec:ee:48:c6:cb:2a:da:04:a6:7d:84:
05:7c:10:47:6a:6c:3c:00:b3:ae:a2:8d:c3:39:2d:a6:32:28:
45:da:9c:de:e9:0a:37:b5:96:72:9f:5a:1a:63:d1:de:c2:07:
58:99:c9:7a:43:55:d8:93:58:37:f8:f3:7b:cc:30:7e:5e:da:
a5:ae:f6:ea:f9:32:f9:56:1b:8b:34:c8:13:6e:f8:8f:b4:85:
13:d1:08:a7
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUa/YaYthU6b9b3jEry1PU3X+nJQQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGY3NTliNWFmM2RhNmM5ZGYwMzNiMGRlOTk4OTcwYTRl
Nzk2NTVkMDAeFw0yNjAyMjAwMTMwNTFaFw0yNjA1MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDc4YjkyYTJhZjBjNTc2NWQxYmQ1YTYxNmE1MzVkYmIxOWY4NGU5NGU3NmYw
OTlkMTNlY2YyYzM1NzA1Njk3MzUxLTArBgNVBAMTJDk4ZDY3ZGViLWJiNzUtNGU3
Ny1iMWEwLTM2MDE2YjJkNjM1MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMYNPNwF1+Y6ALHANgoaEB/+uBbqGCQlnGDzcHc7QkK3nXqxiOrBqO0MR1e2
3Cz7cBq5Q5Ql2s9Vga/qx61ziHo1MP3g0xeArKCFCbVqFUg1LSTUTXJPobViWiv1
VxbKclTlz5YPtz4TA8LHKN6ITUghfN/APrlJ/1ciF7zhmZ6PSJ18YSUDEnWFApT8
5r20ns41IyiBv2+UcLGmgQKakUrO1cIxe61xb9aaZcrxuaPMQKSuEsGqLtuPtHw6
k+Dj7zh+4BW43E+L9QbFsy9eWU+LSZLjrjQnO1fSZjY1uY7qNoEkqNnytokL7ifc
TbuLFxuI5FXkIudv3Wd1Tf08TlsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTPuQn2
3QinSKmyHjXYjve7kWt6yzAfBgNVHSMEGDAWgBTfdZta89psnfAzsN6ZiXCk55ZV
0DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzMzV2JXdlBh
Ykozd003RGVtWWx3cE9lV1ZkQS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9mZTM3MzdmYi0wOTVkLTQ0NGMtOTJmNC0zZjcyMjFmYjU0NGMv
MTllNmQ1OWItNzk4ZC00ODhhLTlmZGItOTRiYjBkMTRjZWI2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZmUzNzM3ZmItMDk1ZC00NDRjLTkyZjQtM2Y3MjIxZmI1
NDRjLzBYRTV0WlZ5dUdlYUFfaDctMXFCcDdhWTRTby5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACABP8co
MA0GCSqGSIb3DQEBCwUAA4IBAQAFkclR/9d8s6Xqgmcuypcp8YybguyCYHIdAj5I
nGX8ROmYPRpqoZ1AO0lotSPgubqhhtfEpJLP6UyIZwI0CNVGprIhweTHS4GqxYf5
lzQNOLWd+6HGH4SnRWBcdO7K3976wGqKsQlt5qka0AEe4tCW0HzG+p6N+f7hpwWi
mr/BcgOTmSn8wIdQQTK+MIyKK4asvEz8GeQzCnNqaLXboC5A2QbVfEn80n3i7O5I
xssq2gSmfYQFfBBHamw8ALOuoo3DOS2mMihF2pze6Qo3tZZyn1oaY9HewgdYmcl6
Q1XYk1g3+PN7zDB+Xtqlrvbq+TL5VhuLNMgTbviPtIUT0Qin
-----END CERTIFICATE-----
Generated at Sat Feb 21 07:29:48 2026 by rpki-client