Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/695b2c0d-a8e0-45bc-878b-176c66a934f6.roa
File: 695b2c0d-a8e0-45bc-878b-176c66a934f6.roa (raw, json)
Hash identifier: f9xim8/ROFbc4OzJW/gisIwlfTi0X9cWAWjWOp99VPk=
Subject key identifier: D8:B5:AF:04:96:1B:48:83:CE:8A:27:94:7E:82:18:4D:8E:F1:E9:F8
Certificate issuer: /CN=df759b5af3da6c9df033b0de998970a4e79655d0
Certificate serial: 44033A26336FD9E482C58728F48779BD8AB33EA7
Authority key identifier: DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/695b2c0d-a8e0-45bc-878b-176c66a934f6.roa
Signing time: Fri 20 Feb 2026 01:30:10 +0000
ROA not before: Fri 20 Feb 2026 01:30:10 +0000
ROA not after: Thu 21 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc7:28c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.mft
rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 22 Feb 2026 00:56:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
44:03:3a:26:33:6f:d9:e4:82:c5:87:28:f4:87:79:bd:8a:b3:3e:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=df759b5af3da6c9df033b0de998970a4e79655d0
Validity
Not Before: Feb 20 01:30:10 2026 GMT
Not After : May 21 23:59:59 2026 GMT
Subject: serialNumber=cc6031437864ce7b3a65626865703ff7bfef947c0f587d8cb39d3dba2c226be2, CN=98d67deb-bb75-4e77-b1a0-36016b2d6350
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:4c:f0:3d:dd:b4:58:10:08:4b:cf:8b:92:31:
0d:28:33:67:a6:49:df:b7:20:f6:a2:23:2a:df:73:
94:7f:94:49:f3:30:50:4b:80:41:9e:6c:14:f4:d9:
3e:fd:cc:6d:fd:7f:e4:cb:aa:0d:24:14:33:a9:d2:
a5:17:1f:91:ab:2a:c2:1b:e1:66:55:e7:d6:79:71:
71:38:12:90:fb:58:97:e1:2f:b0:1a:4b:7d:c1:4c:
d3:e4:37:3a:5a:a2:18:3f:7c:ac:c6:d0:90:7d:e3:
cf:b7:84:6c:4a:3f:0e:3a:c1:1f:8d:db:4b:58:c8:
16:53:e1:ac:5a:bf:4f:71:f1:df:a9:10:92:38:e1:
a3:ea:f3:97:86:eb:34:32:d7:45:21:90:62:ef:c5:
94:98:4c:ed:7a:5f:a7:41:93:97:ac:56:a3:0a:82:
13:1e:a1:2b:bb:09:80:cb:90:1a:07:d7:a4:9c:a5:
2b:7f:55:13:25:75:4f:e8:ab:f6:3a:44:c0:05:c0:
8f:f0:fc:35:67:9c:9d:45:6a:8d:1b:6e:d4:1a:ae:
0e:33:f9:49:67:0e:e4:e6:d6:4f:59:c5:b6:00:15:
d9:9f:fb:fd:de:e3:e2:bc:a7:4a:df:a7:71:73:95:
9b:a3:8c:02:bb:16:b0:1a:69:3e:71:aa:1a:f2:1a:
1c:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:B5:AF:04:96:1B:48:83:CE:8A:27:94:7E:82:18:4D:8E:F1:E9:F8
X509v3 Authority Key Identifier:
keyid:DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/695b2c0d-a8e0-45bc-878b-176c66a934f6.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc7:28c0::/48
Signature Algorithm: sha256WithRSAEncryption
b5:01:2e:db:84:b6:fc:20:32:ea:a1:0b:c5:92:09:73:3a:ee:
4d:00:ec:49:d9:a1:2d:be:b7:5b:0c:9d:0d:89:da:a5:b1:fb:
34:ac:61:37:24:ae:af:36:95:c7:34:ef:e0:24:78:92:92:9a:
11:40:68:d9:de:00:47:e7:28:e6:fa:2f:0e:d6:a1:69:cb:f7:
2b:41:36:e9:b3:e8:a3:f0:3a:14:37:61:42:75:f7:bd:83:7e:
97:eb:36:0d:79:b7:0f:20:26:58:cb:eb:d0:58:b2:63:6e:7a:
19:77:5f:91:5f:a5:c8:92:f9:b7:22:c8:af:ad:43:87:66:6f:
d6:2d:41:45:7f:93:25:f7:a6:41:d2:30:a0:8c:f5:68:e9:75:
72:5b:52:1f:e3:34:7b:d1:92:7f:6a:41:f8:5e:6f:35:21:15:
29:fe:a7:37:ff:00:8b:52:d7:56:85:c6:43:de:5c:a9:75:22:
70:eb:23:3c:fe:7f:3e:72:db:c2:f7:38:be:7d:2d:17:7b:5f:
7f:98:2b:24:97:07:12:0a:14:cf:ab:f7:70:97:e3:38:28:90:
62:e1:db:b9:22:81:2d:71:ce:95:4c:a5:9b:26:fa:55:61:c9:
a6:e1:39:6e:fc:db:14:32:01:f5:47:af:75:84:ee:19:67:7b:
ab:03:45:dc
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIURAM6JjNv2eSCxYco9Id5vYqzPqcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGY3NTliNWFmM2RhNmM5ZGYwMzNiMGRlOTk4OTcwYTRl
Nzk2NTVkMDAeFw0yNjAyMjAwMTMwMTBaFw0yNjA1MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQGNjNjAzMTQzNzg2NGNlN2IzYTY1NjI2ODY1NzAzZmY3YmZlZjk0N2MwZjU4
N2Q4Y2IzOWQzZGJhMmMyMjZiZTIxLTArBgNVBAMTJDk4ZDY3ZGViLWJiNzUtNGU3
Ny1iMWEwLTM2MDE2YjJkNjM1MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKBM8D3dtFgQCEvPi5IxDSgzZ6ZJ37cg9qIjKt9zlH+USfMwUEuAQZ5sFPTZ
Pv3Mbf1/5MuqDSQUM6nSpRcfkasqwhvhZlXn1nlxcTgSkPtYl+EvsBpLfcFM0+Q3
OlqiGD98rMbQkH3jz7eEbEo/DjrBH43bS1jIFlPhrFq/T3Hx36kQkjjho+rzl4br
NDLXRSGQYu/FlJhM7Xpfp0GTl6xWowqCEx6hK7sJgMuQGgfXpJylK39VEyV1T+ir
9jpEwAXAj/D8NWecnUVqjRtu1BquDjP5SWcO5ObWT1nFtgAV2Z/7/d7j4rynSt+n
cXOVm6OMArsWsBppPnGqGvIaHPsCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTYta8E
lhtIg86KJ5R+ghhNjvHp+DAfBgNVHSMEGDAWgBTfdZta89psnfAzsN6ZiXCk55ZV
0DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzMzV2JXdlBh
Ykozd003RGVtWWx3cE9lV1ZkQS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9mZTM3MzdmYi0wOTVkLTQ0NGMtOTJmNC0zZjcyMjFmYjU0NGMv
Njk1YjJjMGQtYThlMC00NWJjLTg3OGItMTc2YzY2YTkzNGY2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZmUzNzM3ZmItMDk1ZC00NDRjLTkyZjQtM2Y3MjIxZmI1
NDRjLzBYRTV0WlZ5dUdlYUFfaDctMXFCcDdhWTRTby5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACABP8co
wDANBgkqhkiG9w0BAQsFAAOCAQEAtQEu24S2/CAy6qELxZIJczruTQDsSdmhLb63
WwydDYnapbH7NKxhNySurzaVxzTv4CR4kpKaEUBo2d4AR+co5vovDtahacv3K0E2
6bPoo/A6FDdhQnX3vYN+l+s2DXm3DyAmWMvr0FiyY256GXdfkV+lyJL5tyLIr61D
h2Zv1i1BRX+TJfemQdIwoIz1aOl1cltSH+M0e9GSf2pB+F5vNSEVKf6nN/8Ai1LX
VoXGQ95cqXUicOsjPP5/PnLbwvc4vn0tF3tff5grJJcHEgoUz6v3cJfjOCiQYuHb
uSKBLXHOlUylmyb6VWHJpuE5bvzbFDIB9UevdYTuGWd7qwNF3A==
-----END CERTIFICATE-----
Generated at Sat Feb 21 07:25:29 2026 by rpki-client