Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/20a0941e-97e6-476c-adec-4755830b9511.roa
File: 20a0941e-97e6-476c-adec-4755830b9511.roa (raw, json)
Hash identifier: 2B36T/bhm50luTVpUX1tVWxwCLra1Kj97uLBXzau8CE=
Subject key identifier: AB:C2:53:16:EB:5F:54:28:41:2A:7A:22:61:96:D6:DA:BD:F2:2B:23
Certificate issuer: /CN=df759b5af3da6c9df033b0de998970a4e79655d0
Certificate serial: 7098664C4DB59A2AB2FFF1FE3879935A65F365E6
Authority key identifier: DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/20a0941e-97e6-476c-adec-4755830b9511.roa
Signing time: Fri 20 Feb 2026 01:30:15 +0000
ROA not before: Fri 20 Feb 2026 01:30:15 +0000
ROA not after: Thu 21 May 2026 23:59:59 +0000
asID: 14618
IP address blocks: 2001:3fc7:4800::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.mft
rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 21 Feb 2026 18:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
70:98:66:4c:4d:b5:9a:2a:b2:ff:f1:fe:38:79:93:5a:65:f3:65:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=df759b5af3da6c9df033b0de998970a4e79655d0
Validity
Not Before: Feb 20 01:30:15 2026 GMT
Not After : May 21 23:59:59 2026 GMT
Subject: serialNumber=a2a15fd47ffd7fe6a97e00413e4b149a051627997b78ba35826a19dbf756b389, CN=98d67deb-bb75-4e77-b1a0-36016b2d6350
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:2a:04:79:62:96:2a:d0:72:bb:38:95:41:83:
87:1e:33:f2:75:3a:0b:bf:4b:43:04:29:b5:df:e9:
82:a8:59:39:18:0a:28:d5:c9:93:55:1a:ec:81:49:
23:d2:8f:92:fd:3e:02:4a:d0:82:20:2c:79:c2:d9:
d2:6f:38:43:84:dd:27:33:c1:0e:02:d5:54:41:ac:
dd:2f:e9:f7:15:1c:90:55:a1:6d:a9:16:6d:60:f7:
54:c0:be:a4:e2:88:ef:9d:6f:fb:61:d9:e2:4e:96:
98:84:88:97:f1:35:28:91:73:35:a2:59:16:b2:4c:
7e:77:b9:24:67:59:5e:4e:51:73:96:33:3c:4f:2a:
53:db:b5:bf:36:43:a6:91:bc:54:66:4f:f8:88:fa:
6a:6c:22:f3:33:88:34:b6:ad:24:81:5f:0f:4e:0c:
47:b7:dc:0f:41:f1:06:bf:c1:12:65:f3:88:da:62:
0a:17:d0:ef:1d:24:9a:73:70:8f:33:7f:a9:17:0c:
68:4a:ee:1f:bf:26:57:e1:17:45:5b:70:ad:c1:80:
55:ed:ba:2a:3a:06:d4:a5:a8:c7:00:ca:6e:56:13:
03:9a:bc:83:c9:a6:27:ef:08:11:08:6a:a5:12:2b:
43:71:d1:e3:79:7b:1d:8b:8d:9f:47:70:ab:9b:2a:
9d:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:C2:53:16:EB:5F:54:28:41:2A:7A:22:61:96:D6:DA:BD:F2:2B:23
X509v3 Authority Key Identifier:
keyid:DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/20a0941e-97e6-476c-adec-4755830b9511.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc7:4800::/40
Signature Algorithm: sha256WithRSAEncryption
ac:c1:f7:b7:52:bc:73:5b:d5:f7:3c:74:d5:19:0c:91:13:e2:
65:71:7c:42:63:31:36:a9:45:d9:04:13:54:71:23:9c:20:c5:
5a:5b:e3:ad:7b:df:c4:76:f3:cb:79:0b:cd:e5:c1:6d:33:2b:
c0:25:e4:44:a9:a8:64:31:95:d7:60:fd:92:b5:8a:67:57:9f:
60:a0:d9:93:49:4c:a0:a8:b0:ef:19:5d:1e:82:b5:01:1c:3f:
b3:eb:b6:7f:ab:a2:04:b9:bf:c3:36:32:67:16:e9:2d:7d:12:
b4:bd:38:ae:f0:2f:89:8a:1c:2b:d4:5b:48:6f:5d:85:4c:c4:
6f:e3:30:c9:73:6a:55:39:35:8e:06:28:d1:6a:78:27:47:62:
8e:a2:fc:1e:ee:a7:fc:ab:0a:17:2b:f9:53:84:4f:b2:04:a4:
48:1a:2a:87:36:7c:95:48:8a:dc:14:60:51:92:7d:9e:6a:ef:
b1:7e:e5:40:ad:ee:95:39:da:d3:8b:60:06:6b:7b:dd:59:2d:
37:07:b9:b1:bd:90:88:bb:26:b8:70:a7:6a:df:7a:51:ab:b3:
b3:e8:3c:d2:e9:09:3c:84:93:53:ee:8f:9e:f4:96:d9:2f:68:
36:73:47:05:28:64:ed:83:b5:96:70:d5:67:34:54:40:8f:ac:
f3:08:f4:8b
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUcJhmTE21miqy//H+OHmTWmXzZeYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGY3NTliNWFmM2RhNmM5ZGYwMzNiMGRlOTk4OTcwYTRl
Nzk2NTVkMDAeFw0yNjAyMjAwMTMwMTVaFw0yNjA1MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQGEyYTE1ZmQ0N2ZmZDdmZTZhOTdlMDA0MTNlNGIxNDlhMDUxNjI3OTk3Yjc4
YmEzNTgyNmExOWRiZjc1NmIzODkxLTArBgNVBAMTJDk4ZDY3ZGViLWJiNzUtNGU3
Ny1iMWEwLTM2MDE2YjJkNjM1MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJoqBHlilirQcrs4lUGDhx4z8nU6C79LQwQptd/pgqhZORgKKNXJk1Ua7IFJ
I9KPkv0+AkrQgiAsecLZ0m84Q4TdJzPBDgLVVEGs3S/p9xUckFWhbakWbWD3VMC+
pOKI751v+2HZ4k6WmISIl/E1KJFzNaJZFrJMfne5JGdZXk5Rc5YzPE8qU9u1vzZD
ppG8VGZP+Ij6amwi8zOINLatJIFfD04MR7fcD0HxBr/BEmXziNpiChfQ7x0kmnNw
jzN/qRcMaEruH78mV+EXRVtwrcGAVe26KjoG1KWoxwDKblYTA5q8g8mmJ+8IEQhq
pRIrQ3HR43l7HYuNn0dwq5sqnW8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSrwlMW
619UKEEqeiJhltbavfIrIzAfBgNVHSMEGDAWgBTfdZta89psnfAzsN6ZiXCk55ZV
0DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzMzV2JXdlBh
Ykozd003RGVtWWx3cE9lV1ZkQS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9mZTM3MzdmYi0wOTVkLTQ0NGMtOTJmNC0zZjcyMjFmYjU0NGMv
MjBhMDk0MWUtOTdlNi00NzZjLWFkZWMtNDc1NTgzMGI5NTExLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZmUzNzM3ZmItMDk1ZC00NDRjLTkyZjQtM2Y3MjIxZmI1
NDRjLzBYRTV0WlZ5dUdlYUFfaDctMXFCcDdhWTRTby5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACABP8dI
MA0GCSqGSIb3DQEBCwUAA4IBAQCswfe3UrxzW9X3PHTVGQyRE+JlcXxCYzE2qUXZ
BBNUcSOcIMVaW+Ote9/EdvPLeQvN5cFtMyvAJeREqahkMZXXYP2StYpnV59goNmT
SUygqLDvGV0egrUBHD+z67Z/q6IEub/DNjJnFuktfRK0vTiu8C+Jihwr1FtIb12F
TMRv4zDJc2pVOTWOBijRangnR2KOovwe7qf8qwoXK/lThE+yBKRIGiqHNnyVSIrc
FGBRkn2eau+xfuVAre6VOdrTi2AGa3vdWS03B7mxvZCIuya4cKdq33pRq7Oz6DzS
6Qk8hJNT7o+e9JbZL2g2c0cFKGTtg7WWcNVnNFRAj6zzCPSL
-----END CERTIFICATE-----
Generated at Sat Feb 21 04:52:01 2026 by rpki-client