Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/751d5a0a-c925-4787-ac94-98c23675f1ba.roa
File: 751d5a0a-c925-4787-ac94-98c23675f1ba.roa (raw, json)
Hash identifier: dmISFuRLy9uMWSfuSghMZreZfDSr+JJ1/NM74HVPesA=
Subject key identifier: A0:F1:99:3F:1A:00:7F:5D:0D:62:9A:9E:17:2C:AC:42:1A:88:C0:B9
Certificate issuer: /CN=df759b5af3da6c9df033b0de998970a4e79655d0
Certificate serial: 7B4AB2FF3DB8ECB2CF1A17A9F29482D7AABCF6E6
Authority key identifier: DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/751d5a0a-c925-4787-ac94-98c23675f1ba.roa
Signing time: Fri 20 Feb 2026 01:40:06 +0000
ROA not before: Fri 20 Feb 2026 01:40:06 +0000
ROA not after: Thu 21 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc7:f840::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.mft
rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 22 Feb 2026 00:56:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7b:4a:b2:ff:3d:b8:ec:b2:cf:1a:17:a9:f2:94:82:d7:aa:bc:f6:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=df759b5af3da6c9df033b0de998970a4e79655d0
Validity
Not Before: Feb 20 01:40:06 2026 GMT
Not After : May 21 23:59:59 2026 GMT
Subject: serialNumber=9d979f3140ca218dd9a18b7d90f7ea807dd344e63dce4bc4cfeba46d2ec3d629, CN=98d67deb-bb75-4e77-b1a0-36016b2d6350
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:53:84:7c:a4:c6:49:c9:35:88:07:66:ee:97:
8d:12:b8:93:2c:4a:92:2f:f8:d1:08:5f:40:0c:9f:
31:c8:b7:cb:ef:dc:aa:44:e1:fc:5e:ab:dc:a5:c4:
5e:18:3c:ef:c0:c3:59:1e:f8:af:35:ef:4e:9a:b9:
66:f1:18:a7:ca:9d:c4:6c:f2:3d:70:06:7e:6c:71:
8b:6d:14:94:19:36:e9:fa:c5:17:3d:18:2a:c3:f3:
a5:f3:d9:68:78:51:6d:a2:97:ff:80:fd:4b:7c:40:
d7:ce:ad:9a:37:ae:f0:b4:4e:d5:e4:c8:3c:b4:d4:
7d:ac:ab:50:0a:26:77:51:6f:58:0b:27:b7:8a:1a:
4f:ac:a5:0f:87:32:86:82:0a:a1:e7:a8:7d:2a:c7:
ef:e5:19:12:f4:11:7b:9e:13:39:72:a9:0c:ca:fa:
51:63:51:26:65:ad:0f:e3:5f:03:0e:32:89:87:d1:
87:6e:ea:eb:9c:f1:83:d3:ba:17:29:04:30:33:94:
5f:3d:60:07:ce:d3:58:6a:2e:12:e3:cf:f3:fa:f5:
e6:51:6b:50:b2:45:40:a7:88:00:1a:03:d1:2e:96:
0d:07:9d:e7:48:b3:2e:20:76:00:42:5d:10:3d:06:
66:3c:37:79:be:44:43:4c:35:19:05:ae:f8:72:19:
92:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:F1:99:3F:1A:00:7F:5D:0D:62:9A:9E:17:2C:AC:42:1A:88:C0:B9
X509v3 Authority Key Identifier:
keyid:DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/751d5a0a-c925-4787-ac94-98c23675f1ba.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc7:f840::/48
Signature Algorithm: sha256WithRSAEncryption
08:43:ff:05:1a:5a:4e:b4:a6:a1:62:76:8f:50:87:54:7b:57:
93:02:5a:04:e7:69:eb:58:0e:0f:c9:68:98:ab:2c:59:37:12:
79:dd:6f:57:f8:7a:2a:f1:96:72:e0:ae:d2:4e:f2:51:65:52:
90:c0:88:82:89:fd:8a:91:e8:ac:68:9a:e2:18:13:3a:8a:32:
c3:e0:a8:c4:43:a6:a4:1f:00:4a:d3:1d:13:ce:52:d3:3f:97:
c8:1a:71:dd:45:4a:82:bf:b5:3f:70:95:7d:eb:09:ee:5c:66:
c3:93:40:b4:ce:0c:7b:41:cc:75:29:77:d0:2b:f4:95:d8:ca:
47:1b:72:93:9d:80:89:45:10:df:45:e3:3f:4c:87:a9:8f:0b:
a5:24:ea:df:8a:d9:ae:19:b8:f5:dd:97:f0:97:ee:3f:f9:d9:
a1:6f:cd:ae:a8:ec:ed:c3:ff:b6:82:9e:66:98:ff:b4:4b:f7:
4b:ff:a1:16:3e:33:c3:17:3f:82:62:09:c8:e6:13:ec:27:b9:
6c:38:24:e2:7a:12:0f:fb:0e:8e:53:b3:8f:b3:10:fe:27:8b:
19:c4:c4:77:48:a4:e4:0b:6e:bd:3c:67:73:99:e8:ee:01:ed:
6f:ff:96:10:cc:23:d0:e2:1e:b4:ab:75:82:08:8b:9a:b4:39:
fb:1b:71:06
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUe0qy/z247LLPGhep8pSC16q89uYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGY3NTliNWFmM2RhNmM5ZGYwMzNiMGRlOTk4OTcwYTRl
Nzk2NTVkMDAeFw0yNjAyMjAwMTQwMDZaFw0yNjA1MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDlkOTc5ZjMxNDBjYTIxOGRkOWExOGI3ZDkwZjdlYTgwN2RkMzQ0ZTYzZGNl
NGJjNGNmZWJhNDZkMmVjM2Q2MjkxLTArBgNVBAMTJDk4ZDY3ZGViLWJiNzUtNGU3
Ny1iMWEwLTM2MDE2YjJkNjM1MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK5ThHykxknJNYgHZu6XjRK4kyxKki/40QhfQAyfMci3y+/cqkTh/F6r3KXE
Xhg878DDWR74rzXvTpq5ZvEYp8qdxGzyPXAGfmxxi20UlBk26frFFz0YKsPzpfPZ
aHhRbaKX/4D9S3xA186tmjeu8LRO1eTIPLTUfayrUAomd1FvWAsnt4oaT6ylD4cy
hoIKoeeofSrH7+UZEvQRe54TOXKpDMr6UWNRJmWtD+NfAw4yiYfRh27q65zxg9O6
FykEMDOUXz1gB87TWGouEuPP8/r15lFrULJFQKeIABoD0S6WDQed50izLiB2AEJd
ED0GZjw3eb5EQ0w1GQWu+HIZko0CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSg8Zk/
GgB/XQ1imp4XLKxCGojAuTAfBgNVHSMEGDAWgBTfdZta89psnfAzsN6ZiXCk55ZV
0DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzMzV2JXdlBh
Ykozd003RGVtWWx3cE9lV1ZkQS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9mZTM3MzdmYi0wOTVkLTQ0NGMtOTJmNC0zZjcyMjFmYjU0NGMv
NzUxZDVhMGEtYzkyNS00Nzg3LWFjOTQtOThjMjM2NzVmMWJhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZmUzNzM3ZmItMDk1ZC00NDRjLTkyZjQtM2Y3MjIxZmI1
NDRjLzBYRTV0WlZ5dUdlYUFfaDctMXFCcDdhWTRTby5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACABP8f4
QDANBgkqhkiG9w0BAQsFAAOCAQEACEP/BRpaTrSmoWJ2j1CHVHtXkwJaBOdp61gO
D8lomKssWTcSed1vV/h6KvGWcuCu0k7yUWVSkMCIgon9ipHorGia4hgTOooyw+Co
xEOmpB8AStMdE85S0z+XyBpx3UVKgr+1P3CVfesJ7lxmw5NAtM4Me0HMdSl30Cv0
ldjKRxtyk52AiUUQ30XjP0yHqY8LpSTq34rZrhm49d2X8JfuP/nZoW/Nrqjs7cP/
toKeZpj/tEv3S/+hFj4zwxc/gmIJyOYT7Ce5bDgk4noSD/sOjlOzj7MQ/ieLGcTE
d0ik5AtuvTxnc5no7gHtb/+WEMwj0OIetKt1ggiLmrQ5+xtxBg==
-----END CERTIFICATE-----
Generated at Sat Feb 21 07:25:30 2026 by rpki-client