Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/222bf775-2bba-4790-943c-82c7a38f7efd.roa
File: 222bf775-2bba-4790-943c-82c7a38f7efd.roa (raw, json)
Hash identifier: Vfqgsaq+eb8S6OufosuoaUaK8dYBNa7z9buZbIB3wpk=
Subject key identifier: 8B:34:B3:D5:39:8F:D9:68:0A:EC:4B:A5:51:BF:C2:07:9B:FB:66:0E
Certificate issuer: /CN=df759b5af3da6c9df033b0de998970a4e79655d0
Certificate serial: 21E13A322BBE3EF735A883DF2C10A50063452E5E
Authority key identifier: DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/222bf775-2bba-4790-943c-82c7a38f7efd.roa
Signing time: Fri 20 Feb 2026 01:30:54 +0000
ROA not before: Fri 20 Feb 2026 01:30:54 +0000
ROA not after: Thu 21 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc4::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.mft
rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 22 Feb 2026 00:56:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
21:e1:3a:32:2b:be:3e:f7:35:a8:83:df:2c:10:a5:00:63:45:2e:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=df759b5af3da6c9df033b0de998970a4e79655d0
Validity
Not Before: Feb 20 01:30:54 2026 GMT
Not After : May 21 23:59:59 2026 GMT
Subject: serialNumber=3ccee3bbb4dc4330f1ff4abc15decc2c26c4e5e47042adaf40a9b0d51c5b8618, CN=98d67deb-bb75-4e77-b1a0-36016b2d6350
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:4b:50:0c:ec:0d:35:48:ad:50:a2:ff:64:37:
0f:6d:27:4b:d5:d7:be:4b:f1:e7:0c:87:b5:70:52:
53:14:b9:29:60:df:60:4d:00:76:d1:0b:61:a6:91:
7f:89:a8:f0:dd:e1:6c:2a:9d:21:85:bf:8c:b2:92:
f0:2b:ad:11:5d:1d:59:de:d4:9f:fe:76:54:cf:86:
58:b7:3a:41:8b:6b:e7:46:c8:64:96:24:54:83:60:
37:19:73:e5:68:48:19:ea:f4:e4:ac:c2:da:50:b4:
68:2d:6d:7e:a2:2d:04:b6:57:84:65:c3:ae:e2:34:
8c:3b:06:7f:1b:d6:25:75:d6:bb:e7:b4:be:f7:d3:
14:c4:19:4e:3a:9e:d9:63:32:7c:ce:70:40:11:46:
c0:07:b2:45:28:a0:df:86:8f:ea:24:ef:55:0c:63:
c8:45:f7:f4:71:74:f3:f9:b2:e1:68:9d:4d:c6:63:
a3:58:33:fd:a6:44:b8:ce:c2:89:05:19:6b:30:06:
c6:dc:6e:df:6c:f7:7d:cd:fb:1a:d8:0c:19:e6:35:
b0:1e:ad:2a:9f:f0:54:37:19:51:c2:ec:a2:b3:ed:
87:2d:9d:2e:9c:72:d3:47:75:0a:27:c4:97:ed:06:
92:25:7a:51:25:6c:be:53:9e:22:93:9c:0e:16:d8:
b8:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:34:B3:D5:39:8F:D9:68:0A:EC:4B:A5:51:BF:C2:07:9B:FB:66:0E
X509v3 Authority Key Identifier:
keyid:DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/222bf775-2bba-4790-943c-82c7a38f7efd.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc4::/36
Signature Algorithm: sha256WithRSAEncryption
c5:be:78:bf:58:10:bc:1e:6b:cd:d2:5f:c2:3b:ea:e0:e0:d3:
84:d2:26:ce:90:20:fe:58:0e:7b:e4:64:18:a8:fe:f1:00:6a:
db:59:80:75:7a:6e:32:0c:f7:ee:11:1d:83:e4:ff:7d:d3:e3:
d0:95:34:61:eb:0d:8f:d7:8d:97:3d:dd:6a:5b:0d:93:6d:f6:
fb:47:ff:15:e1:ec:84:7b:ba:5d:8e:fc:a1:00:3d:48:3b:cc:
66:02:fd:29:31:f8:81:83:e0:52:78:19:50:66:8a:28:37:bd:
f5:0c:ee:d3:b2:d4:38:a4:a5:32:06:93:79:c7:33:16:ae:a1:
12:72:a8:15:bc:19:9f:99:ec:43:0e:4a:a4:c3:3a:ae:a6:33:
6d:8d:e5:46:ba:79:18:7f:f7:82:c7:4a:80:04:e6:2d:ae:b3:
f4:8d:2c:d6:6d:46:4f:1d:74:19:94:9d:ab:fa:0b:3e:78:2a:
e8:99:71:b7:52:ec:e0:b3:20:cf:0d:d1:d3:f5:1d:6b:ee:7d:
3f:05:19:1b:09:0d:da:b1:09:af:bf:7a:5b:94:b4:eb:56:d7:
3b:db:29:73:8b:dc:27:76:9b:36:be:0e:fb:78:7b:3b:51:95:
22:15:8a:22:f0:39:e9:b0:e7:0a:2c:ac:ea:bc:32:73:e2:42:
e8:f5:84:ff
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUIeE6Miu+Pvc1qIPfLBClAGNFLl4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGY3NTliNWFmM2RhNmM5ZGYwMzNiMGRlOTk4OTcwYTRl
Nzk2NTVkMDAeFw0yNjAyMjAwMTMwNTRaFw0yNjA1MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDNjY2VlM2JiYjRkYzQzMzBmMWZmNGFiYzE1ZGVjYzJjMjZjNGU1ZTQ3MDQy
YWRhZjQwYTliMGQ1MWM1Yjg2MTgxLTArBgNVBAMTJDk4ZDY3ZGViLWJiNzUtNGU3
Ny1iMWEwLTM2MDE2YjJkNjM1MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALRLUAzsDTVIrVCi/2Q3D20nS9XXvkvx5wyHtXBSUxS5KWDfYE0AdtELYaaR
f4mo8N3hbCqdIYW/jLKS8CutEV0dWd7Un/52VM+GWLc6QYtr50bIZJYkVINgNxlz
5WhIGer05KzC2lC0aC1tfqItBLZXhGXDruI0jDsGfxvWJXXWu+e0vvfTFMQZTjqe
2WMyfM5wQBFGwAeyRSig34aP6iTvVQxjyEX39HF08/my4WidTcZjo1gz/aZEuM7C
iQUZazAGxtxu32z3fc37GtgMGeY1sB6tKp/wVDcZUcLsorPthy2dLpxy00d1CifE
l+0GkiV6USVsvlOeIpOcDhbYuG8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSLNLPV
OY/ZaArsS6VRv8IHm/tmDjAfBgNVHSMEGDAWgBTfdZta89psnfAzsN6ZiXCk55ZV
0DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzMzV2JXdlBh
Ykozd003RGVtWWx3cE9lV1ZkQS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9mZTM3MzdmYi0wOTVkLTQ0NGMtOTJmNC0zZjcyMjFmYjU0NGMv
MjIyYmY3NzUtMmJiYS00NzkwLTk0M2MtODJjN2EzOGY3ZWZkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZmUzNzM3ZmItMDk1ZC00NDRjLTkyZjQtM2Y3MjIxZmI1
NDRjLzBYRTV0WlZ5dUdlYUFfaDctMXFCcDdhWTRTby5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCABP8QA
MA0GCSqGSIb3DQEBCwUAA4IBAQDFvni/WBC8HmvN0l/CO+rg4NOE0ibOkCD+WA57
5GQYqP7xAGrbWYB1em4yDPfuER2D5P990+PQlTRh6w2P142XPd1qWw2Tbfb7R/8V
4eyEe7pdjvyhAD1IO8xmAv0pMfiBg+BSeBlQZoooN731DO7TstQ4pKUyBpN5xzMW
rqEScqgVvBmfmexDDkqkwzqupjNtjeVGunkYf/eCx0qABOYtrrP0jSzWbUZPHXQZ
lJ2r+gs+eCromXG3UuzgsyDPDdHT9R1r7n0/BRkbCQ3asQmvv3pblLTrVtc72ylz
i9wndps2vg77eHs7UZUiFYoi8DnpsOcKLKzqvDJz4kLo9YT/
-----END CERTIFICATE-----
Generated at Sat Feb 21 07:24:40 2026 by rpki-client