Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/63b5c934-2f43-477b-85d8-563b35f97cf3.roa
File: 63b5c934-2f43-477b-85d8-563b35f97cf3.roa (raw, json)
Hash identifier: J6WM+SKKupxwMhspBY3OCmrH7YHe58f4QQ/y9eQs8fk=
Subject key identifier: A9:A2:3E:8A:79:EF:8E:06:AF:32:4D:8E:48:F0:C9:F1:6B:D0:35:EB
Certificate issuer: /CN=df759b5af3da6c9df033b0de998970a4e79655d0
Certificate serial: 27040DDF58B2ECE7A55BA8E9417AC3E193D6E32E
Authority key identifier: DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/63b5c934-2f43-477b-85d8-563b35f97cf3.roa
Signing time: Fri 20 Feb 2026 01:30:54 +0000
ROA not before: Fri 20 Feb 2026 01:30:54 +0000
ROA not after: Thu 21 May 2026 23:59:59 +0000
asID: 8987
IP address blocks: 2001:3fc4::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.mft
rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 22 Feb 2026 00:56:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
27:04:0d:df:58:b2:ec:e7:a5:5b:a8:e9:41:7a:c3:e1:93:d6:e3:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=df759b5af3da6c9df033b0de998970a4e79655d0
Validity
Not Before: Feb 20 01:30:54 2026 GMT
Not After : May 21 23:59:59 2026 GMT
Subject: serialNumber=6b47d959e412922225365a42a41c230b9abf87424ae6e37f47ce7cf023faca3f, CN=98d67deb-bb75-4e77-b1a0-36016b2d6350
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:07:37:0e:27:ae:c6:47:11:01:4d:70:4f:f2:
fc:38:fa:7f:5a:65:61:5e:72:cb:04:09:5c:6b:01:
ce:2c:6f:28:d3:3f:70:91:44:36:13:4f:be:09:d3:
18:bf:2a:8a:a6:42:a5:fb:a3:22:e2:b4:78:ab:ad:
77:50:d6:33:a5:51:5c:23:cf:d1:bf:98:6e:ae:e8:
74:11:fa:e5:c6:f6:34:85:c8:23:de:ab:b9:ec:18:
cd:05:7f:de:d4:04:0b:33:9c:f7:0d:f0:24:f3:a7:
ad:4f:3c:af:77:87:42:da:a0:36:93:74:a1:80:1e:
8c:7b:7f:6a:da:be:4a:9f:31:f1:38:60:74:64:42:
9c:17:b3:84:33:6c:01:db:7a:98:85:f7:aa:5b:5d:
5d:2e:16:66:b2:6f:5e:68:b3:d5:91:ba:ab:b0:46:
57:1b:a4:d2:0d:df:9f:d6:65:5a:a0:12:3f:50:05:
5f:01:2d:c6:d7:82:7f:9d:c8:af:16:0d:a0:4a:8a:
79:06:f7:b9:de:7e:c8:3b:be:a0:03:b3:39:44:83:
de:0b:66:ad:48:54:47:8d:be:85:0c:31:c6:2f:27:
b6:d9:bb:d4:6b:1a:a7:63:b6:04:cc:c7:f9:af:82:
dd:7a:f1:c9:4a:19:5c:52:75:53:28:f7:f4:0c:89:
91:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:A2:3E:8A:79:EF:8E:06:AF:32:4D:8E:48:F0:C9:F1:6B:D0:35:EB
X509v3 Authority Key Identifier:
keyid:DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/63b5c934-2f43-477b-85d8-563b35f97cf3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc4::/36
Signature Algorithm: sha256WithRSAEncryption
9b:0b:c3:2b:a0:33:3b:95:ae:87:d8:cf:94:1b:15:a9:e0:b5:
4d:3a:64:de:c8:ad:ce:de:e9:26:d8:11:04:95:29:8d:ec:b6:
47:93:da:32:c8:d0:05:61:e5:91:3a:41:38:c8:de:6b:b8:cd:
07:06:6c:b2:85:7d:40:5a:ee:1c:d5:23:cf:58:46:a7:5f:e2:
44:c9:cf:a0:68:19:33:e2:74:cf:d6:bf:5a:ad:65:bc:96:55:
2e:a8:8c:0e:97:34:72:97:6a:be:28:8f:36:6f:4f:31:e7:10:
f4:7a:9d:2c:62:b5:1b:7d:d2:4f:a8:2a:b8:fe:3b:a3:ef:74:
a7:d1:f8:ac:89:a0:71:a4:7e:fd:20:7f:18:4d:6f:68:4b:e8:
85:e4:18:4a:bd:ae:75:90:bf:86:48:60:bf:68:5c:4c:20:94:
d2:5a:c6:c9:95:e9:b9:96:c2:00:1c:81:4e:88:60:bf:84:f3:
bd:cb:4d:37:53:c7:75:04:0b:f4:5e:e2:73:7d:e9:07:e3:be:
ae:81:d0:6c:1b:64:8e:5d:3c:92:1e:db:0b:a0:85:1e:2e:70:
77:f0:c5:ed:29:0c:b4:cc:ce:fe:94:dc:45:ab:42:d7:a0:d8:
38:ae:a4:d6:e2:50:bc:18:30:63:b4:ef:a2:90:8d:fc:e7:b3:
51:87:f5:4b
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUJwQN31iy7OelW6jpQXrD4ZPW4y4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGY3NTliNWFmM2RhNmM5ZGYwMzNiMGRlOTk4OTcwYTRl
Nzk2NTVkMDAeFw0yNjAyMjAwMTMwNTRaFw0yNjA1MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDZiNDdkOTU5ZTQxMjkyMjIyNTM2NWE0MmE0MWMyMzBiOWFiZjg3NDI0YWU2
ZTM3ZjQ3Y2U3Y2YwMjNmYWNhM2YxLTArBgNVBAMTJDk4ZDY3ZGViLWJiNzUtNGU3
Ny1iMWEwLTM2MDE2YjJkNjM1MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMAHNw4nrsZHEQFNcE/y/Dj6f1plYV5yywQJXGsBzixvKNM/cJFENhNPvgnT
GL8qiqZCpfujIuK0eKutd1DWM6VRXCPP0b+Ybq7odBH65cb2NIXII96ruewYzQV/
3tQECzOc9w3wJPOnrU88r3eHQtqgNpN0oYAejHt/atq+Sp8x8ThgdGRCnBezhDNs
Adt6mIX3qltdXS4WZrJvXmiz1ZG6q7BGVxuk0g3fn9ZlWqASP1AFXwEtxteCf53I
rxYNoEqKeQb3ud5+yDu+oAOzOUSD3gtmrUhUR42+hQwxxi8nttm71Gsap2O2BMzH
+a+C3XrxyUoZXFJ1Uyj39AyJkZsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSpoj6K
ee+OBq8yTY5I8Mnxa9A16zAfBgNVHSMEGDAWgBTfdZta89psnfAzsN6ZiXCk55ZV
0DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzMzV2JXdlBh
Ykozd003RGVtWWx3cE9lV1ZkQS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9mZTM3MzdmYi0wOTVkLTQ0NGMtOTJmNC0zZjcyMjFmYjU0NGMv
NjNiNWM5MzQtMmY0My00NzdiLTg1ZDgtNTYzYjM1Zjk3Y2YzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZmUzNzM3ZmItMDk1ZC00NDRjLTkyZjQtM2Y3MjIxZmI1
NDRjLzBYRTV0WlZ5dUdlYUFfaDctMXFCcDdhWTRTby5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCABP8QA
MA0GCSqGSIb3DQEBCwUAA4IBAQCbC8MroDM7la6H2M+UGxWp4LVNOmTeyK3O3ukm
2BEElSmN7LZHk9oyyNAFYeWROkE4yN5ruM0HBmyyhX1AWu4c1SPPWEanX+JEyc+g
aBkz4nTP1r9arWW8llUuqIwOlzRyl2q+KI82b08x5xD0ep0sYrUbfdJPqCq4/juj
73Sn0fisiaBxpH79IH8YTW9oS+iF5BhKva51kL+GSGC/aFxMIJTSWsbJlem5lsIA
HIFOiGC/hPO9y003U8d1BAv0XuJzfekH476ugdBsG2SOXTySHtsLoIUeLnB38MXt
KQy0zM7+lNxFq0LXoNg4rqTW4lC8GDBjtO+ikI3857NRh/VL
-----END CERTIFICATE-----
Generated at Sat Feb 21 07:24:41 2026 by rpki-client