Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/9a1e6435-6342-4b18-94d7-27beb2ce0519.roa
File: 9a1e6435-6342-4b18-94d7-27beb2ce0519.roa (raw, json)
Hash identifier: YwX3HBDX+DxWvAC9PIzRDkRq6/3f6QNCeI5Cnr05FZw=
Subject key identifier: 41:C6:2F:D8:52:DB:27:79:15:4A:DF:E8:E8:14:39:D6:17:32:48:31
Certificate issuer: /CN=df759b5af3da6c9df033b0de998970a4e79655d0
Certificate serial: 47450885AC92CE24DF5709BB6B0D279DDCC4B95F
Authority key identifier: DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/9a1e6435-6342-4b18-94d7-27beb2ce0519.roa
Signing time: Fri 20 Feb 2026 01:30:17 +0000
ROA not before: Fri 20 Feb 2026 01:30:17 +0000
ROA not after: Thu 21 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc7:a000::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.mft
rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 22 Feb 2026 00:56:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
47:45:08:85:ac:92:ce:24:df:57:09:bb:6b:0d:27:9d:dc:c4:b9:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=df759b5af3da6c9df033b0de998970a4e79655d0
Validity
Not Before: Feb 20 01:30:17 2026 GMT
Not After : May 21 23:59:59 2026 GMT
Subject: serialNumber=503cad857308c15a9d8a85eb557d6a01638273988c38a7ac4421a77960e2ff01, CN=98d67deb-bb75-4e77-b1a0-36016b2d6350
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:53:d4:9d:8a:23:86:d8:5a:91:1b:32:49:25:
09:51:8c:ad:58:70:33:0b:3d:ad:5b:98:77:8e:86:
16:82:22:12:79:0e:1d:d8:44:92:6e:a2:0c:0e:6d:
b0:76:8a:b6:da:29:0f:fc:1f:24:45:cd:fc:c8:bc:
5d:49:e3:f9:d1:19:ec:6c:94:ec:43:9e:60:85:3e:
d0:f7:13:ee:11:09:c0:d6:10:b8:39:7d:b4:57:6a:
1a:ca:f5:88:ca:1d:54:4f:e6:08:60:b5:b4:f2:c7:
c1:f1:79:af:dd:be:f8:b4:5f:5c:71:f6:e7:48:a0:
a4:04:c6:94:f2:0a:9d:e0:e5:38:4b:3f:cf:f7:3f:
17:cd:52:0a:e0:4e:cf:4e:c9:62:a6:dd:24:ef:7e:
a2:a6:18:f0:09:f4:d6:bd:3b:26:ea:55:46:3c:ce:
2f:a4:e9:7b:74:8d:be:ad:d9:ba:57:20:37:06:4e:
78:92:75:34:7e:1b:ed:95:d4:04:c8:c3:ea:67:81:
ed:2b:a6:f2:79:c9:a6:9f:7f:b6:77:5e:bb:2a:60:
ea:fd:71:48:35:91:3d:23:49:15:78:96:0a:38:1c:
da:ac:93:47:71:14:01:50:c7:5b:0a:bf:58:b6:31:
98:4f:88:c4:f1:75:e1:47:3e:28:62:3a:66:84:1d:
6d:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:C6:2F:D8:52:DB:27:79:15:4A:DF:E8:E8:14:39:D6:17:32:48:31
X509v3 Authority Key Identifier:
keyid:DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/9a1e6435-6342-4b18-94d7-27beb2ce0519.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc7:a000::/36
Signature Algorithm: sha256WithRSAEncryption
95:de:8d:4e:73:50:81:c1:f2:17:60:d6:ed:24:65:36:cd:30:
fc:e5:ac:f5:c0:fe:bb:15:35:3e:03:98:ea:b0:e2:7f:2e:72:
2b:75:2d:84:d4:21:21:e6:78:93:02:4d:c4:b1:7a:8e:c6:ba:
54:a9:c9:c0:11:a2:82:60:19:9b:df:38:bd:c9:e4:02:a5:c2:
71:b8:a5:d5:f4:02:51:a0:88:43:07:fc:af:74:ff:89:d3:b0:
05:55:d3:d3:fb:43:66:1d:2d:17:fe:4d:b4:62:de:c9:46:b8:
54:74:c9:80:2c:63:a3:df:c4:f1:5d:36:d1:e0:d4:50:8b:b7:
55:33:77:46:5d:1e:94:e4:66:84:67:cd:49:81:d7:90:08:f6:
a8:f6:6e:72:93:d9:11:63:07:1f:dd:c9:02:d3:05:ea:f8:71:
83:5c:75:79:4a:ee:97:b0:05:24:6a:61:4b:9a:2b:d5:c9:d4:
82:68:dd:89:db:30:65:30:f4:8b:ff:3d:fe:98:45:45:2c:29:
59:a5:d9:9d:c9:7a:9a:a2:01:bb:60:2b:d2:65:c8:b8:3e:d9:
dc:a1:fc:03:83:cf:d6:46:70:99:c0:37:27:17:be:77:01:59:
b3:ad:bc:5c:f1:1c:f8:05:7a:50:d2:82:b2:59:17:90:36:55:
10:60:2d:c9
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUR0UIhaySziTfVwm7aw0nndzEuV8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGY3NTliNWFmM2RhNmM5ZGYwMzNiMGRlOTk4OTcwYTRl
Nzk2NTVkMDAeFw0yNjAyMjAwMTMwMTdaFw0yNjA1MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDUwM2NhZDg1NzMwOGMxNWE5ZDhhODVlYjU1N2Q2YTAxNjM4MjczOTg4YzM4
YTdhYzQ0MjFhNzc5NjBlMmZmMDExLTArBgNVBAMTJDk4ZDY3ZGViLWJiNzUtNGU3
Ny1iMWEwLTM2MDE2YjJkNjM1MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ1T1J2KI4bYWpEbMkklCVGMrVhwMws9rVuYd46GFoIiEnkOHdhEkm6iDA5t
sHaKttopD/wfJEXN/Mi8XUnj+dEZ7GyU7EOeYIU+0PcT7hEJwNYQuDl9tFdqGsr1
iModVE/mCGC1tPLHwfF5r92++LRfXHH250igpATGlPIKneDlOEs/z/c/F81SCuBO
z07JYqbdJO9+oqYY8An01r07JupVRjzOL6Tpe3SNvq3ZulcgNwZOeJJ1NH4b7ZXU
BMjD6meB7Sum8nnJpp9/tndeuypg6v1xSDWRPSNJFXiWCjgc2qyTR3EUAVDHWwq/
WLYxmE+IxPF14Uc+KGI6ZoQdbakCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRBxi/Y
UtsneRVK3+joFDnWFzJIMTAfBgNVHSMEGDAWgBTfdZta89psnfAzsN6ZiXCk55ZV
0DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzMzV2JXdlBh
Ykozd003RGVtWWx3cE9lV1ZkQS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9mZTM3MzdmYi0wOTVkLTQ0NGMtOTJmNC0zZjcyMjFmYjU0NGMv
OWExZTY0MzUtNjM0Mi00YjE4LTk0ZDctMjdiZWIyY2UwNTE5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZmUzNzM3ZmItMDk1ZC00NDRjLTkyZjQtM2Y3MjIxZmI1
NDRjLzBYRTV0WlZ5dUdlYUFfaDctMXFCcDdhWTRTby5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCABP8eg
MA0GCSqGSIb3DQEBCwUAA4IBAQCV3o1Oc1CBwfIXYNbtJGU2zTD85az1wP67FTU+
A5jqsOJ/LnIrdS2E1CEh5niTAk3EsXqOxrpUqcnAEaKCYBmb3zi9yeQCpcJxuKXV
9AJRoIhDB/yvdP+J07AFVdPT+0NmHS0X/k20Yt7JRrhUdMmALGOj38TxXTbR4NRQ
i7dVM3dGXR6U5GaEZ81JgdeQCPao9m5yk9kRYwcf3ckC0wXq+HGDXHV5Su6XsAUk
amFLmivVydSCaN2J2zBlMPSL/z3+mEVFLClZpdmdyXqaogG7YCvSZci4PtncofwD
g8/WRnCZwDcnF753AVmzrbxc8Rz4BXpQ0oKyWReQNlUQYC3J
-----END CERTIFICATE-----
Generated at Sat Feb 21 07:24:37 2026 by rpki-client