Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/6b161c7d-a2d5-44f9-95b6-bbf915698d48.roa
File: 6b161c7d-a2d5-44f9-95b6-bbf915698d48.roa (raw, json)
Hash identifier: 6qUBWMmnnB3FNXeXVphQU/1KKunVPfunslsGAKM9UcI=
Subject key identifier: 35:28:55:4F:1A:4B:46:3C:68:AF:60:28:7C:90:22:D8:49:8E:E6:E5
Certificate issuer: /CN=df759b5af3da6c9df033b0de998970a4e79655d0
Certificate serial: 648A76C0CEE56FE6C3DA2FC0667C7797F89B137B
Authority key identifier: DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/6b161c7d-a2d5-44f9-95b6-bbf915698d48.roa
Signing time: Fri 20 Feb 2026 01:30:11 +0000
ROA not before: Fri 20 Feb 2026 01:30:11 +0000
ROA not after: Thu 21 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc7:f000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.mft
rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 22 Feb 2026 00:56:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
64:8a:76:c0:ce:e5:6f:e6:c3:da:2f:c0:66:7c:77:97:f8:9b:13:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=df759b5af3da6c9df033b0de998970a4e79655d0
Validity
Not Before: Feb 20 01:30:11 2026 GMT
Not After : May 21 23:59:59 2026 GMT
Subject: serialNumber=9deadce48926806b33229bd81c4af87d0c622034ed9df3a9e33f88a8dd2af931, CN=98d67deb-bb75-4e77-b1a0-36016b2d6350
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:0a:2f:4f:87:38:ac:f6:a9:35:49:df:6a:12:
1d:2b:f5:f6:1b:aa:01:ae:7d:73:df:d1:1c:bc:ed:
b9:a0:16:37:14:32:e1:8c:4e:d0:fd:5b:8d:3c:dc:
5e:c4:c4:85:f9:bc:35:9a:95:11:da:70:24:00:3a:
bc:58:88:19:02:2a:10:cd:28:4e:a1:cf:cc:85:9d:
13:f5:17:42:b3:b5:4a:7d:33:ab:fc:07:63:c6:04:
74:a5:1a:8b:9e:95:a6:c6:43:19:85:69:b0:7a:06:
07:27:81:57:3e:d7:ca:23:70:45:12:35:d7:08:30:
00:ce:bb:07:fd:f6:99:ed:25:55:56:bf:06:04:f4:
10:f5:ed:b3:79:55:32:56:db:c7:41:97:60:0a:cc:
63:d0:6c:ef:d0:5a:d9:6e:d8:0f:23:80:64:a2:77:
3e:14:ed:60:f3:c0:95:9e:97:71:48:0d:2d:ce:56:
5e:fd:b1:c5:2e:e0:70:ee:4c:ea:67:3e:26:30:dc:
cc:4d:f5:14:4a:ea:40:e3:09:13:ad:65:0b:91:4d:
fd:c2:ff:03:ad:36:92:42:a0:1a:6b:48:4c:61:d3:
29:f0:49:58:3b:6e:9b:d8:e1:1b:77:b6:8b:7a:5e:
58:ef:4a:69:4e:b4:3a:b2:a9:e9:28:bc:82:11:57:
6f:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:28:55:4F:1A:4B:46:3C:68:AF:60:28:7C:90:22:D8:49:8E:E6:E5
X509v3 Authority Key Identifier:
keyid:DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/6b161c7d-a2d5-44f9-95b6-bbf915698d48.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc7:f000::/36
Signature Algorithm: sha256WithRSAEncryption
83:58:04:6f:48:34:13:9c:b1:eb:76:68:ec:64:86:b5:d5:e2:
d6:f2:d2:50:35:9d:e7:c1:ed:73:fc:fb:fd:87:c1:e6:e2:c9:
c4:a5:c7:e4:ac:f8:67:a5:83:7d:f8:ce:28:a6:e6:4a:34:76:
9f:b0:cd:23:30:62:5f:17:6f:16:6d:af:15:95:4d:9c:af:33:
5a:9b:b2:03:77:2c:b7:5d:67:c2:70:3d:db:32:4c:db:58:21:
66:83:72:ed:c9:d4:7f:2a:da:2f:49:0c:f8:d7:05:ea:1a:50:
51:e6:50:af:e8:fb:4f:61:e8:c5:d3:50:6d:d5:52:eb:28:6c:
63:33:1d:d7:62:cf:28:cb:9c:98:c7:07:93:51:d0:70:db:0c:
64:d0:77:5b:27:a7:c7:fa:8c:c0:8e:5d:b8:e2:23:5d:3c:59:
98:1d:1e:46:5d:97:88:d6:1c:b8:89:c4:3a:0c:ea:cf:5d:32:
81:70:d0:ed:0c:5e:4f:00:df:20:e2:27:34:dc:bf:e4:b7:b9:
1b:ca:48:45:85:45:bf:4e:e4:8f:13:c0:df:b9:ea:fb:2c:cf:
d2:46:a6:68:31:90:02:5a:fe:8e:10:71:c8:bf:a6:ee:0f:6e:
d9:41:bf:b1:9a:97:ee:52:8b:ec:f3:df:15:46:9e:c5:7b:d0:
7b:b5:f5:87
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUZIp2wM7lb+bD2i/AZnx3l/ibE3swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGY3NTliNWFmM2RhNmM5ZGYwMzNiMGRlOTk4OTcwYTRl
Nzk2NTVkMDAeFw0yNjAyMjAwMTMwMTFaFw0yNjA1MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDlkZWFkY2U0ODkyNjgwNmIzMzIyOWJkODFjNGFmODdkMGM2MjIwMzRlZDlk
ZjNhOWUzM2Y4OGE4ZGQyYWY5MzExLTArBgNVBAMTJDk4ZDY3ZGViLWJiNzUtNGU3
Ny1iMWEwLTM2MDE2YjJkNjM1MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANgKL0+HOKz2qTVJ32oSHSv19huqAa59c9/RHLztuaAWNxQy4YxO0P1bjTzc
XsTEhfm8NZqVEdpwJAA6vFiIGQIqEM0oTqHPzIWdE/UXQrO1Sn0zq/wHY8YEdKUa
i56VpsZDGYVpsHoGByeBVz7XyiNwRRI11wgwAM67B/32me0lVVa/BgT0EPXts3lV
Mlbbx0GXYArMY9Bs79Ba2W7YDyOAZKJ3PhTtYPPAlZ6XcUgNLc5WXv2xxS7gcO5M
6mc+JjDczE31FErqQOMJE61lC5FN/cL/A602kkKgGmtITGHTKfBJWDtum9jhG3e2
i3peWO9KaU60OrKp6Si8ghFXb78CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQ1KFVP
GktGPGivYCh8kCLYSY7m5TAfBgNVHSMEGDAWgBTfdZta89psnfAzsN6ZiXCk55ZV
0DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzMzV2JXdlBh
Ykozd003RGVtWWx3cE9lV1ZkQS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9mZTM3MzdmYi0wOTVkLTQ0NGMtOTJmNC0zZjcyMjFmYjU0NGMv
NmIxNjFjN2QtYTJkNS00NGY5LTk1YjYtYmJmOTE1Njk4ZDQ4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZmUzNzM3ZmItMDk1ZC00NDRjLTkyZjQtM2Y3MjIxZmI1
NDRjLzBYRTV0WlZ5dUdlYUFfaDctMXFCcDdhWTRTby5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCABP8fw
MA0GCSqGSIb3DQEBCwUAA4IBAQCDWARvSDQTnLHrdmjsZIa11eLW8tJQNZ3nwe1z
/Pv9h8Hm4snEpcfkrPhnpYN9+M4opuZKNHafsM0jMGJfF28Wba8VlU2crzNam7ID
dyy3XWfCcD3bMkzbWCFmg3LtydR/KtovSQz41wXqGlBR5lCv6PtPYejF01Bt1VLr
KGxjMx3XYs8oy5yYxweTUdBw2wxk0HdbJ6fH+ozAjl244iNdPFmYHR5GXZeI1hy4
icQ6DOrPXTKBcNDtDF5PAN8g4ic03L/kt7kbykhFhUW/TuSPE8Dfuer7LM/SRqZo
MZACWv6OEHHIv6buD27ZQb+xmpfuUovs898VRp7Fe9B7tfWH
-----END CERTIFICATE-----
Generated at Sat Feb 21 07:24:40 2026 by rpki-client