Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/92b566f4-9c90-4070-b5bd-f89c7da23c8a.roa
File: 92b566f4-9c90-4070-b5bd-f89c7da23c8a.roa (raw, json)
Hash identifier: 00a5GKakbcXiaXTMUHLCeSoHgKqxn5Fg2nKswuAgXMI=
Subject key identifier: 21:48:CF:62:F1:52:89:8C:0D:97:13:69:9A:10:E2:ED:EC:3B:5F:DC
Certificate issuer: /CN=df759b5af3da6c9df033b0de998970a4e79655d0
Certificate serial: 6DD24E6F1861C264DA5F19A78DAB810095552DFA
Authority key identifier: DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/92b566f4-9c90-4070-b5bd-f89c7da23c8a.roa
Signing time: Fri 20 Feb 2026 01:40:23 +0000
ROA not before: Fri 20 Feb 2026 01:40:23 +0000
ROA not after: Thu 21 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc3:4000::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.mft
rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 22 Feb 2026 00:56:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6d:d2:4e:6f:18:61:c2:64:da:5f:19:a7:8d:ab:81:00:95:55:2d:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=df759b5af3da6c9df033b0de998970a4e79655d0
Validity
Not Before: Feb 20 01:40:23 2026 GMT
Not After : May 21 23:59:59 2026 GMT
Subject: serialNumber=a1c9a4a2124e83e20a751ac87e17b7f73fcb8b46a33cb704920bd0e336701fc8, CN=98d67deb-bb75-4e77-b1a0-36016b2d6350
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:dd:86:19:c3:78:59:36:63:3b:31:ae:da:7b:
05:00:19:fc:80:04:10:c6:db:a7:6e:da:c2:c3:7d:
6f:e3:ea:d6:74:59:cb:df:61:d8:46:a6:b8:ff:ad:
55:3e:47:fc:66:42:17:4c:16:bf:ca:75:33:29:64:
85:8b:a9:28:72:15:0e:0a:61:c9:61:0c:75:bc:99:
22:23:28:7f:2c:d8:94:14:c7:1e:f6:a7:a9:84:b6:
78:67:fa:ce:98:b4:bc:74:2a:c0:0e:37:64:9f:98:
cb:51:2a:3b:f1:63:d0:cd:40:55:b7:e1:88:7b:de:
06:8e:13:f1:e5:32:59:fc:95:e5:81:22:76:cd:c4:
99:19:1c:ab:74:38:92:5b:38:3a:cb:64:d3:5f:3a:
cb:39:95:c6:26:f3:71:f4:34:ef:2e:a3:15:b8:71:
1c:e3:20:23:bd:a2:51:b0:d5:d2:c8:94:72:dc:75:
5e:6a:ad:01:cc:ab:ca:95:c9:eb:42:ba:1a:f2:b0:
af:a6:ff:e1:f0:43:8e:20:b7:85:ff:f2:82:fd:30:
5d:95:a9:05:56:c4:83:79:3e:15:f1:2a:82:14:6e:
6e:2e:88:02:80:c8:1d:6e:f8:8e:db:90:81:84:23:
16:6b:0e:77:9d:b8:df:6f:8f:c8:70:0a:04:2d:f8:
81:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:48:CF:62:F1:52:89:8C:0D:97:13:69:9A:10:E2:ED:EC:3B:5F:DC
X509v3 Authority Key Identifier:
keyid:DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/92b566f4-9c90-4070-b5bd-f89c7da23c8a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc3:4000::/36
Signature Algorithm: sha256WithRSAEncryption
0c:d9:e3:46:59:9f:86:1e:b2:e7:c9:bb:05:52:64:a1:a4:c6:
f2:34:08:45:74:43:d8:26:bd:72:80:97:00:81:2d:75:76:7d:
a9:92:e5:63:46:3c:42:57:18:09:1e:57:8f:a0:23:6d:86:57:
7d:66:5e:59:97:fa:c9:02:7d:eb:b6:5e:6d:07:db:e8:16:b2:
8e:ae:5e:95:1d:cd:58:3d:7a:c1:35:34:ee:6f:1c:e3:ac:6f:
e0:0d:89:fd:eb:af:f6:d2:2c:c6:37:9f:c1:e9:76:dc:53:9d:
86:1e:3c:63:7f:68:1e:47:3b:27:0d:0c:15:82:55:f2:60:cf:
80:3b:c1:ff:cb:8f:0a:db:54:63:30:58:7b:5e:20:39:ff:bd:
4b:43:46:5b:f0:0c:8e:60:d4:29:f4:4a:e0:63:f5:d8:63:11:
70:63:a7:5f:59:76:0a:06:ec:38:a4:38:24:5d:43:e4:db:6d:
d3:80:31:52:04:60:7c:36:25:67:a9:84:a8:e2:8c:c4:b7:4b:
75:e6:75:f2:56:2b:04:b9:af:0d:95:69:86:de:79:6a:52:50:
ff:7c:27:0a:e2:39:8b:5b:1d:7d:63:a5:13:e4:37:f6:96:e0:
76:c2:3a:f2:a2:06:d8:56:43:93:98:ab:80:a5:44:fb:a0:8d:
49:5d:5d:a3
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUbdJObxhhwmTaXxmnjauBAJVVLfowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGY3NTliNWFmM2RhNmM5ZGYwMzNiMGRlOTk4OTcwYTRl
Nzk2NTVkMDAeFw0yNjAyMjAwMTQwMjNaFw0yNjA1MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQGExYzlhNGEyMTI0ZTgzZTIwYTc1MWFjODdlMTdiN2Y3M2ZjYjhiNDZhMzNj
YjcwNDkyMGJkMGUzMzY3MDFmYzgxLTArBgNVBAMTJDk4ZDY3ZGViLWJiNzUtNGU3
Ny1iMWEwLTM2MDE2YjJkNjM1MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAI7dhhnDeFk2Yzsxrtp7BQAZ/IAEEMbbp27awsN9b+Pq1nRZy99h2EamuP+t
VT5H/GZCF0wWv8p1MylkhYupKHIVDgphyWEMdbyZIiMofyzYlBTHHvanqYS2eGf6
zpi0vHQqwA43ZJ+Yy1EqO/Fj0M1AVbfhiHveBo4T8eUyWfyV5YEids3EmRkcq3Q4
kls4Ostk0186yzmVxibzcfQ07y6jFbhxHOMgI72iUbDV0siUctx1XmqtAcyrypXJ
60K6GvKwr6b/4fBDjiC3hf/ygv0wXZWpBVbEg3k+FfEqghRubi6IAoDIHW74jtuQ
gYQjFmsOd52432+PyHAKBC34gYMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQhSM9i
8VKJjA2XE2maEOLt7Dtf3DAfBgNVHSMEGDAWgBTfdZta89psnfAzsN6ZiXCk55ZV
0DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzMzV2JXdlBh
Ykozd003RGVtWWx3cE9lV1ZkQS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9mZTM3MzdmYi0wOTVkLTQ0NGMtOTJmNC0zZjcyMjFmYjU0NGMv
OTJiNTY2ZjQtOWM5MC00MDcwLWI1YmQtZjg5YzdkYTIzYzhhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZmUzNzM3ZmItMDk1ZC00NDRjLTkyZjQtM2Y3MjIxZmI1
NDRjLzBYRTV0WlZ5dUdlYUFfaDctMXFCcDdhWTRTby5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCABP8NA
MA0GCSqGSIb3DQEBCwUAA4IBAQAM2eNGWZ+GHrLnybsFUmShpMbyNAhFdEPYJr1y
gJcAgS11dn2pkuVjRjxCVxgJHlePoCNthld9Zl5Zl/rJAn3rtl5tB9voFrKOrl6V
Hc1YPXrBNTTubxzjrG/gDYn966/20izGN5/B6XbcU52GHjxjf2geRzsnDQwVglXy
YM+AO8H/y48K21RjMFh7XiA5/71LQ0Zb8AyOYNQp9ErgY/XYYxFwY6dfWXYKBuw4
pDgkXUPk223TgDFSBGB8NiVnqYSo4ozEt0t15nXyVisEua8NlWmG3nlqUlD/fCcK
4jmLWx19Y6UT5Df2luB2wjryogbYVkOTmKuApUT7oI1JXV2j
-----END CERTIFICATE-----
Generated at Sat Feb 21 07:25:31 2026 by rpki-client