Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/4f80fda1-9681-4549-9269-31023c00bc49.roa
File: 4f80fda1-9681-4549-9269-31023c00bc49.roa (raw, json)
Hash identifier: jFAEg7ChTJjtNXqnN/Jmg/Ukl1mU8wvT155WBj3FnVk=
Subject key identifier: 9E:7C:38:CE:EA:66:A1:65:EC:3E:26:1E:66:12:0B:12:88:BC:F7:B6
Certificate issuer: /CN=df759b5af3da6c9df033b0de998970a4e79655d0
Certificate serial: 644D478E67E7BEEAC4065B9AE4F3C25BE445A096
Authority key identifier: DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/4f80fda1-9681-4549-9269-31023c00bc49.roa
Signing time: Fri 20 Feb 2026 01:30:13 +0000
ROA not before: Fri 20 Feb 2026 01:30:13 +0000
ROA not after: Thu 21 May 2026 23:59:59 +0000
asID: 14618
IP address blocks: 2001:3fc3:800::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.mft
rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 22 Feb 2026 00:56:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
64:4d:47:8e:67:e7:be:ea:c4:06:5b:9a:e4:f3:c2:5b:e4:45:a0:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=df759b5af3da6c9df033b0de998970a4e79655d0
Validity
Not Before: Feb 20 01:30:13 2026 GMT
Not After : May 21 23:59:59 2026 GMT
Subject: serialNumber=474e29b4de7c6d278c12c06166ce9e198f4df8a8f2c0e91ac2c2077b273550f4, CN=98d67deb-bb75-4e77-b1a0-36016b2d6350
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:0e:7f:25:42:08:81:b9:c9:5f:ba:ba:9a:4c:
6e:7f:64:4e:3b:3c:a4:91:18:05:0b:7b:fa:9a:70:
a4:7c:af:f4:e7:e0:31:30:ab:d5:18:ef:ca:6e:72:
2d:9a:87:8d:01:f6:58:39:42:7d:40:a8:be:86:18:
d8:93:6b:f3:77:91:04:19:26:48:8e:a6:66:5e:f8:
f8:d5:c2:43:50:11:c9:12:ab:99:ca:cf:48:2e:77:
fd:ef:38:b9:0f:c3:3c:74:1b:1b:ed:f7:a6:9e:67:
cc:12:75:a8:a8:2d:d5:f9:ca:50:f7:fd:d7:08:6a:
73:a6:4c:b6:d6:33:9b:5e:c4:f0:2d:33:bf:e8:3c:
e0:69:eb:ee:4a:6e:9b:6d:a3:0f:96:ef:85:1a:47:
7d:86:f0:66:8a:30:12:f9:96:40:77:35:64:39:38:
c1:72:86:80:af:e3:49:e8:70:70:c2:a4:88:8b:ef:
ca:1e:62:7a:8b:65:4b:eb:e7:e7:0e:ae:6f:ef:ea:
1f:a5:a4:ff:84:72:e7:3a:49:98:5f:12:df:ea:fb:
2a:4f:75:aa:78:e9:eb:e8:a9:c1:15:52:e1:50:22:
a7:79:25:42:b4:5d:79:b9:94:bc:9b:4e:7c:81:64:
4d:1b:3e:6c:98:f0:20:a8:3f:ab:63:48:07:e1:5b:
5a:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:7C:38:CE:EA:66:A1:65:EC:3E:26:1E:66:12:0B:12:88:BC:F7:B6
X509v3 Authority Key Identifier:
keyid:DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/4f80fda1-9681-4549-9269-31023c00bc49.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc3:800::/40
Signature Algorithm: sha256WithRSAEncryption
a2:9f:cc:72:f6:e1:fc:e6:34:cc:23:fb:0d:4a:03:8d:e7:b0:
c1:15:84:de:93:54:34:46:1d:29:1a:3e:0e:22:f5:93:ce:e6:
a0:ae:b0:9b:69:e8:1d:26:90:31:6c:6c:ca:3e:63:16:3a:eb:
8d:a7:7d:c4:52:0f:03:20:2e:37:14:ed:ef:53:93:66:74:0e:
e7:a0:64:b6:61:b0:5e:9a:98:ea:df:24:73:38:ea:54:25:0c:
f0:f4:02:70:77:83:6e:26:90:78:50:56:ca:82:11:80:e4:18:
2d:16:73:c6:88:0d:db:2e:63:5c:17:03:f5:53:97:73:d0:ce:
9b:88:04:07:f0:9a:7e:cc:fa:a7:fd:ea:92:ba:c1:c3:2d:4a:
5d:61:00:8b:11:03:11:6b:13:1c:bc:50:c4:90:5d:31:3a:2b:
38:51:18:cb:df:ce:10:7b:6d:62:37:3e:51:c5:6d:5d:75:04:
e6:f6:38:d0:01:ab:b1:db:cb:27:39:8c:04:96:58:6e:d1:18:
a1:d0:a7:18:82:20:6b:80:63:99:66:5d:a5:44:24:e7:a7:78:
68:ca:ce:d2:bc:72:10:19:a5:2c:f7:2f:0f:30:a6:e3:1a:91:
60:0d:db:af:4c:5f:9d:dd:fa:95:f7:0c:5c:d3:7f:88:df:66:
f5:ff:be:a1
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUZE1HjmfnvurEBlua5PPCW+RFoJYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGY3NTliNWFmM2RhNmM5ZGYwMzNiMGRlOTk4OTcwYTRl
Nzk2NTVkMDAeFw0yNjAyMjAwMTMwMTNaFw0yNjA1MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDQ3NGUyOWI0ZGU3YzZkMjc4YzEyYzA2MTY2Y2U5ZTE5OGY0ZGY4YThmMmMw
ZTkxYWMyYzIwNzdiMjczNTUwZjQxLTArBgNVBAMTJDk4ZDY3ZGViLWJiNzUtNGU3
Ny1iMWEwLTM2MDE2YjJkNjM1MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOUOfyVCCIG5yV+6uppMbn9kTjs8pJEYBQt7+ppwpHyv9OfgMTCr1Rjvym5y
LZqHjQH2WDlCfUCovoYY2JNr83eRBBkmSI6mZl74+NXCQ1ARyRKrmcrPSC53/e84
uQ/DPHQbG+33pp5nzBJ1qKgt1fnKUPf91whqc6ZMttYzm17E8C0zv+g84Gnr7kpu
m22jD5bvhRpHfYbwZoowEvmWQHc1ZDk4wXKGgK/jSehwcMKkiIvvyh5ieotlS+vn
5w6ub+/qH6Wk/4Ry5zpJmF8S3+r7Kk91qnjp6+ipwRVS4VAip3klQrRdebmUvJtO
fIFkTRs+bJjwIKg/q2NIB+FbWrUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSefDjO
6mahZew+Jh5mEgsSiLz3tjAfBgNVHSMEGDAWgBTfdZta89psnfAzsN6ZiXCk55ZV
0DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzMzV2JXdlBh
Ykozd003RGVtWWx3cE9lV1ZkQS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9mZTM3MzdmYi0wOTVkLTQ0NGMtOTJmNC0zZjcyMjFmYjU0NGMv
NGY4MGZkYTEtOTY4MS00NTQ5LTkyNjktMzEwMjNjMDBiYzQ5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZmUzNzM3ZmItMDk1ZC00NDRjLTkyZjQtM2Y3MjIxZmI1
NDRjLzBYRTV0WlZ5dUdlYUFfaDctMXFCcDdhWTRTby5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACABP8MI
MA0GCSqGSIb3DQEBCwUAA4IBAQCin8xy9uH85jTMI/sNSgON57DBFYTek1Q0Rh0p
Gj4OIvWTzuagrrCbaegdJpAxbGzKPmMWOuuNp33EUg8DIC43FO3vU5NmdA7noGS2
YbBempjq3yRzOOpUJQzw9AJwd4NuJpB4UFbKghGA5BgtFnPGiA3bLmNcFwP1U5dz
0M6biAQH8Jp+zPqn/eqSusHDLUpdYQCLEQMRaxMcvFDEkF0xOis4URjL384Qe21i
Nz5RxW1ddQTm9jjQAaux28snOYwEllhu0Rih0KcYgiBrgGOZZl2lRCTnp3hoys7S
vHIQGaUs9y8PMKbjGpFgDduvTF+d3fqV9wxc03+I32b1/76h
-----END CERTIFICATE-----
Generated at Sat Feb 21 04:52:01 2026 by rpki-client