Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/a2cac7c7-df41-4db6-b8bd-1b27d0ffc119.roa
File: a2cac7c7-df41-4db6-b8bd-1b27d0ffc119.roa (raw, json)
Hash identifier: oOIClvMNZE+Ie8pRgNcrKZLO6th566WyIn5mhi0y6io=
Subject key identifier: 8F:72:60:9C:1C:28:E8:C7:57:FB:22:1D:7A:BF:2C:10:22:CF:F1:D5
Certificate issuer: /CN=df759b5af3da6c9df033b0de998970a4e79655d0
Certificate serial: 40731724D192BB6B389ED6DBA0108DA1CB5F619E
Authority key identifier: DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/a2cac7c7-df41-4db6-b8bd-1b27d0ffc119.roa
Signing time: Fri 20 Feb 2026 01:30:48 +0000
ROA not before: Fri 20 Feb 2026 01:30:48 +0000
ROA not after: Thu 21 May 2026 23:59:59 +0000
asID: 7224
IP address blocks: 2001:3fc7:d000::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.mft
rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 22 Feb 2026 00:56:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
40:73:17:24:d1:92:bb:6b:38:9e:d6:db:a0:10:8d:a1:cb:5f:61:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=df759b5af3da6c9df033b0de998970a4e79655d0
Validity
Not Before: Feb 20 01:30:48 2026 GMT
Not After : May 21 23:59:59 2026 GMT
Subject: serialNumber=b915606e84adf12f0b155c84ae585243d387356b51443f3851c0141b9fe66656, CN=98d67deb-bb75-4e77-b1a0-36016b2d6350
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:1e:05:f0:21:e6:01:f4:48:40:28:42:9a:7a:
79:6d:d8:92:94:bf:1e:5b:0f:af:2f:47:c1:d8:6e:
6e:99:76:1c:e7:37:fb:6e:75:93:18:d8:f5:3e:13:
62:5e:73:13:f7:c8:7d:c4:6b:5c:98:e2:33:e8:1e:
61:51:89:07:26:b1:bf:99:20:5a:54:f7:26:05:11:
fb:f0:20:af:f2:9a:87:e3:80:d4:a8:92:e4:06:0e:
26:d4:13:ff:0b:45:7b:20:99:c0:79:ad:ab:17:eb:
4a:fe:6e:c2:39:b6:a9:71:8d:47:3a:7e:f3:55:f1:
62:fb:5b:fa:ba:92:03:31:b3:2f:73:fc:bb:a6:9f:
b5:0f:30:03:90:5b:65:e7:3e:4a:ff:53:7b:78:05:
99:c5:5c:2e:76:8c:32:25:d3:9e:9f:57:b3:a4:bb:
69:84:3e:37:d3:55:b1:e6:00:fa:c6:12:73:9d:85:
c0:dc:23:a8:db:5d:1f:9f:f9:09:d3:e6:8a:5e:17:
d6:82:e3:e5:ab:9a:85:b4:9c:d3:e7:63:88:b8:02:
7c:a8:86:82:13:31:7a:d3:1e:5e:4b:ad:1f:6c:e0:
cd:b8:60:ce:a8:79:ef:d3:c3:a2:63:56:d0:85:4e:
c1:bd:d7:1f:f1:31:50:ba:02:b9:d7:11:6f:be:0d:
90:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:72:60:9C:1C:28:E8:C7:57:FB:22:1D:7A:BF:2C:10:22:CF:F1:D5
X509v3 Authority Key Identifier:
keyid:DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/a2cac7c7-df41-4db6-b8bd-1b27d0ffc119.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc7:d000::/36
Signature Algorithm: sha256WithRSAEncryption
8d:14:58:ca:e8:7d:56:55:29:ac:c1:d9:69:14:50:a6:46:fe:
4d:99:21:79:6a:ed:b0:3c:ea:1a:32:a1:6f:21:66:41:53:bb:
55:31:26:81:9f:fb:17:59:3f:a6:73:97:ae:d2:6f:02:ab:9f:
56:a7:34:b1:59:ab:b2:f9:27:25:6a:96:a5:c9:72:3e:68:0f:
36:36:ca:be:05:4e:e4:06:c6:9a:70:dc:2b:2f:0c:9d:44:1a:
46:04:00:dd:79:15:3c:ee:44:bf:2c:8a:59:c5:67:79:ec:17:
ea:c7:ae:9c:b1:94:0a:5f:70:e3:95:00:53:49:24:a8:14:51:
16:c9:eb:fc:91:7b:59:0e:ed:38:8d:bb:e3:31:37:35:d0:0b:
ae:dc:c0:e4:ed:c5:5d:55:8b:bc:7f:0e:b6:62:b0:d6:af:95:
45:0a:64:58:be:fd:58:3f:1c:00:c2:4f:c9:52:4b:8f:09:39:
61:a9:24:24:f8:90:69:a3:4f:47:e2:62:7b:01:2c:67:75:e0:
28:0f:9e:44:17:b4:37:dc:6c:6a:6e:d7:43:1b:57:27:c5:a2:
00:94:2b:da:48:50:17:1f:1f:da:f3:33:0a:b4:e6:50:4e:cc:
c9:28:3c:0e:ad:37:c0:2c:1d:5e:e6:05:0b:3c:20:4d:ff:48:
5e:c2:09:b5
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUQHMXJNGSu2s4ntbboBCNoctfYZ4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGY3NTliNWFmM2RhNmM5ZGYwMzNiMGRlOTk4OTcwYTRl
Nzk2NTVkMDAeFw0yNjAyMjAwMTMwNDhaFw0yNjA1MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQGI5MTU2MDZlODRhZGYxMmYwYjE1NWM4NGFlNTg1MjQzZDM4NzM1NmI1MTQ0
M2YzODUxYzAxNDFiOWZlNjY2NTYxLTArBgNVBAMTJDk4ZDY3ZGViLWJiNzUtNGU3
Ny1iMWEwLTM2MDE2YjJkNjM1MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMIeBfAh5gH0SEAoQpp6eW3YkpS/HlsPry9Hwdhubpl2HOc3+251kxjY9T4T
Yl5zE/fIfcRrXJjiM+geYVGJByaxv5kgWlT3JgUR+/Agr/Kah+OA1KiS5AYOJtQT
/wtFeyCZwHmtqxfrSv5uwjm2qXGNRzp+81XxYvtb+rqSAzGzL3P8u6aftQ8wA5Bb
Zec+Sv9Te3gFmcVcLnaMMiXTnp9Xs6S7aYQ+N9NVseYA+sYSc52FwNwjqNtdH5/5
CdPmil4X1oLj5auahbSc0+djiLgCfKiGghMxetMeXkutH2zgzbhgzqh579PDomNW
0IVOwb3XH/ExULoCudcRb74NkDECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSPcmCc
HCjox1f7Ih16vywQIs/x1TAfBgNVHSMEGDAWgBTfdZta89psnfAzsN6ZiXCk55ZV
0DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzMzV2JXdlBh
Ykozd003RGVtWWx3cE9lV1ZkQS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9mZTM3MzdmYi0wOTVkLTQ0NGMtOTJmNC0zZjcyMjFmYjU0NGMv
YTJjYWM3YzctZGY0MS00ZGI2LWI4YmQtMWIyN2QwZmZjMTE5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZmUzNzM3ZmItMDk1ZC00NDRjLTkyZjQtM2Y3MjIxZmI1
NDRjLzBYRTV0WlZ5dUdlYUFfaDctMXFCcDdhWTRTby5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCABP8fQ
MA0GCSqGSIb3DQEBCwUAA4IBAQCNFFjK6H1WVSmswdlpFFCmRv5NmSF5au2wPOoa
MqFvIWZBU7tVMSaBn/sXWT+mc5eu0m8Cq59WpzSxWauy+SclapalyXI+aA82Nsq+
BU7kBsaacNwrLwydRBpGBADdeRU87kS/LIpZxWd57Bfqx66csZQKX3DjlQBTSSSo
FFEWyev8kXtZDu04jbvjMTc10Auu3MDk7cVdVYu8fw62YrDWr5VFCmRYvv1YPxwA
wk/JUkuPCTlhqSQk+JBpo09H4mJ7ASxndeAoD55EF7Q33GxqbtdDG1cnxaIAlCva
SFAXHx/a8zMKtOZQTszJKDwOrTfALB1e5gULPCBN/0hewgm1
-----END CERTIFICATE-----
Generated at Sat Feb 21 07:29:50 2026 by rpki-client