Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/7ce56587-daa1-4400-bed4-6204cfafd220.roa
File: 7ce56587-daa1-4400-bed4-6204cfafd220.roa (raw, json)
Hash identifier: WIPg8dWzfNJiOWPF04CZCP96mwRbGhGpuh0pHLE4CCs=
Subject key identifier: D9:2C:BF:26:2A:CB:82:84:01:4C:CF:A2:64:63:4A:46:BF:EF:3F:1D
Certificate issuer: /CN=df759b5af3da6c9df033b0de998970a4e79655d0
Certificate serial: 442EBEBAC08DE170F388190918E90BEF9E508203
Authority key identifier: DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/7ce56587-daa1-4400-bed4-6204cfafd220.roa
Signing time: Fri 20 Feb 2026 01:40:42 +0000
ROA not before: Fri 20 Feb 2026 01:40:42 +0000
ROA not after: Thu 21 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc3:2000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.mft
rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 22 Feb 2026 00:56:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
44:2e:be:ba:c0:8d:e1:70:f3:88:19:09:18:e9:0b:ef:9e:50:82:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=df759b5af3da6c9df033b0de998970a4e79655d0
Validity
Not Before: Feb 20 01:40:42 2026 GMT
Not After : May 21 23:59:59 2026 GMT
Subject: serialNumber=ae0c617c0e38af4f06c1bee4a4c3de152728850ce131c1ef0dc0be2210ce08a9, CN=98d67deb-bb75-4e77-b1a0-36016b2d6350
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:da:9b:e5:33:1d:0f:57:5f:74:d9:5a:17:a2:
7b:c5:07:67:ac:e1:cc:81:ef:62:4c:ba:bb:01:28:
c6:8e:bb:ad:11:56:7c:54:ae:c9:24:5e:ed:6b:52:
1b:d8:3a:ce:69:c7:1e:42:29:e6:b3:7d:34:3d:f3:
89:35:e4:a0:b4:87:03:13:7b:76:c8:5c:3f:3f:67:
8e:42:78:17:37:06:77:e6:ac:25:a7:8d:f4:40:a3:
96:fb:02:2f:7f:ce:fa:c4:a6:ae:4f:36:a7:43:81:
4e:b5:3f:cb:ff:9a:99:53:15:25:00:8a:da:9a:ce:
a5:2d:8f:f9:6b:a2:45:a5:0d:4f:f6:d5:2f:e6:3b:
71:9f:80:82:62:37:c6:ca:5e:a1:0e:ba:ec:dd:a1:
1d:29:3b:19:d5:61:bc:71:49:97:ec:4f:7f:a2:ff:
ec:ea:42:9f:fe:55:dd:a3:73:6d:85:d4:36:1a:0f:
50:d1:e2:b9:c6:f9:d2:6e:c3:9b:9f:10:0c:51:ba:
34:0f:43:ad:a7:36:d7:73:c9:1a:a6:3f:2b:31:1f:
56:2a:50:c5:66:d0:4c:b8:6b:44:73:5b:4d:2f:85:
c8:c0:96:24:ef:bb:9c:fe:b3:a4:f2:f2:29:38:02:
b5:6d:08:29:3b:ad:9c:28:f5:e2:f6:c6:83:0e:b6:
66:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:2C:BF:26:2A:CB:82:84:01:4C:CF:A2:64:63:4A:46:BF:EF:3F:1D
X509v3 Authority Key Identifier:
keyid:DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/7ce56587-daa1-4400-bed4-6204cfafd220.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc3:2000::/36
Signature Algorithm: sha256WithRSAEncryption
a4:7a:36:21:a7:74:a2:86:35:3c:ce:e3:c7:2d:47:95:bf:7e:
99:06:c5:d5:f0:10:df:33:58:6b:26:2a:ae:4b:0d:36:e0:bd:
ab:9f:1c:bc:f9:52:47:18:0f:b4:0a:be:25:69:42:4e:f8:7e:
50:39:79:59:67:96:8a:33:e0:b3:64:24:41:81:fa:e4:a0:ca:
05:b7:d5:af:82:29:78:38:05:d7:8b:36:e2:f1:33:64:96:4e:
5e:b4:6f:15:b1:f6:1e:4f:d4:dd:40:fe:91:9b:9c:bb:f3:67:
de:cc:e5:ed:46:f2:59:26:e7:cf:ce:d7:fc:a8:99:81:60:d8:
6f:e9:84:0f:3b:99:64:42:e0:2e:30:a3:bf:18:9a:4a:c8:65:
95:6e:6e:60:8e:35:f9:43:c5:73:d5:bf:1a:e7:4b:33:94:df:
b9:a6:c3:2b:54:e1:f3:ca:cb:5c:41:38:c2:ac:0d:a0:60:92:
67:5f:70:9a:8d:df:78:6a:aa:70:56:e1:1b:c9:0b:b5:0d:87:
34:14:75:0b:03:d3:5a:b4:81:06:be:28:b1:05:63:1e:38:9f:
f3:dd:8e:20:50:d7:7d:5a:15:69:0f:52:77:cf:e6:ac:4f:2b:
44:b6:4e:19:37:f2:9d:2e:0a:e4:a6:1f:77:49:06:ab:4c:6f:
ba:f6:25:82
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIURC6+usCN4XDziBkJGOkL755QggMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGY3NTliNWFmM2RhNmM5ZGYwMzNiMGRlOTk4OTcwYTRl
Nzk2NTVkMDAeFw0yNjAyMjAwMTQwNDJaFw0yNjA1MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQGFlMGM2MTdjMGUzOGFmNGYwNmMxYmVlNGE0YzNkZTE1MjcyODg1MGNlMTMx
YzFlZjBkYzBiZTIyMTBjZTA4YTkxLTArBgNVBAMTJDk4ZDY3ZGViLWJiNzUtNGU3
Ny1iMWEwLTM2MDE2YjJkNjM1MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANDam+UzHQ9XX3TZWheie8UHZ6zhzIHvYky6uwEoxo67rRFWfFSuySRe7WtS
G9g6zmnHHkIp5rN9ND3ziTXkoLSHAxN7dshcPz9njkJ4FzcGd+asJaeN9ECjlvsC
L3/O+sSmrk82p0OBTrU/y/+amVMVJQCK2prOpS2P+WuiRaUNT/bVL+Y7cZ+AgmI3
xspeoQ667N2hHSk7GdVhvHFJl+xPf6L/7OpCn/5V3aNzbYXUNhoPUNHiucb50m7D
m58QDFG6NA9Drac213PJGqY/KzEfVipQxWbQTLhrRHNbTS+FyMCWJO+7nP6zpPLy
KTgCtW0IKTutnCj14vbGgw62Zg8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTZLL8m
KsuChAFMz6JkY0pGv+8/HTAfBgNVHSMEGDAWgBTfdZta89psnfAzsN6ZiXCk55ZV
0DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzMzV2JXdlBh
Ykozd003RGVtWWx3cE9lV1ZkQS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9mZTM3MzdmYi0wOTVkLTQ0NGMtOTJmNC0zZjcyMjFmYjU0NGMv
N2NlNTY1ODctZGFhMS00NDAwLWJlZDQtNjIwNGNmYWZkMjIwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZmUzNzM3ZmItMDk1ZC00NDRjLTkyZjQtM2Y3MjIxZmI1
NDRjLzBYRTV0WlZ5dUdlYUFfaDctMXFCcDdhWTRTby5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCABP8Mg
MA0GCSqGSIb3DQEBCwUAA4IBAQCkejYhp3SihjU8zuPHLUeVv36ZBsXV8BDfM1hr
JiquSw024L2rnxy8+VJHGA+0Cr4laUJO+H5QOXlZZ5aKM+CzZCRBgfrkoMoFt9Wv
gil4OAXXizbi8TNklk5etG8VsfYeT9TdQP6Rm5y782fezOXtRvJZJufPztf8qJmB
YNhv6YQPO5lkQuAuMKO/GJpKyGWVbm5gjjX5Q8Vz1b8a50szlN+5psMrVOHzystc
QTjCrA2gYJJnX3Cajd94aqpwVuEbyQu1DYc0FHULA9NatIEGviixBWMeOJ/z3Y4g
UNd9WhVpD1J3z+asTytEtk4ZN/KdLgrkph93SQarTG+69iWC
-----END CERTIFICATE-----
Generated at Sat Feb 21 07:24:39 2026 by rpki-client