Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/aab50dd8-a220-4509-8901-cb5ca23cff5f.roa
File: aab50dd8-a220-4509-8901-cb5ca23cff5f.roa (raw, json)
Hash identifier: 2mSUFlCaIfUyZfXg5jIZ8c5B64KchZzlUPWmZVOa62E=
Subject key identifier: 70:E1:CD:08:85:86:E5:F9:60:CB:8F:12:FA:15:A2:65:63:3B:DE:65
Certificate issuer: /CN=df759b5af3da6c9df033b0de998970a4e79655d0
Certificate serial: 54B29458CEB6BE5DDF47F664C411D4B7F8C89E88
Authority key identifier: DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/aab50dd8-a220-4509-8901-cb5ca23cff5f.roa
Signing time: Fri 20 Feb 2026 01:40:43 +0000
ROA not before: Fri 20 Feb 2026 01:40:43 +0000
ROA not after: Thu 21 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc6:c::/47 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.mft
rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 22 Feb 2026 00:56:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
54:b2:94:58:ce:b6:be:5d:df:47:f6:64:c4:11:d4:b7:f8:c8:9e:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=df759b5af3da6c9df033b0de998970a4e79655d0
Validity
Not Before: Feb 20 01:40:43 2026 GMT
Not After : May 21 23:59:59 2026 GMT
Subject: serialNumber=d47ab9643aabef6d79e955a363bfc23270650d485a20cc35f4beaef1827d1068, CN=98d67deb-bb75-4e77-b1a0-36016b2d6350
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:6d:9a:89:4a:ae:39:82:97:19:cf:97:bf:b4:
71:d2:9d:f2:34:7a:29:4c:a2:3a:a6:b5:c8:bf:e6:
5d:73:ac:7c:86:dc:a6:0f:33:c0:49:15:79:5d:17:
33:e0:25:25:48:4a:3b:2e:99:89:70:39:ea:ef:5f:
23:3b:e7:59:a2:df:50:62:a3:18:f7:52:ce:0d:1b:
86:6b:15:cc:ed:db:0b:86:b5:64:f7:c4:04:84:30:
32:e3:2e:35:33:c4:31:6e:ba:70:15:a4:02:c1:35:
6b:c0:0b:52:95:ee:db:38:d0:1e:a3:80:7c:c3:1c:
53:2f:2a:50:25:b7:88:b0:2d:86:c8:5e:ed:53:36:
f1:58:2b:13:7a:09:32:0b:36:f6:0e:a7:4d:90:91:
19:ba:63:59:56:40:e1:e5:10:da:ea:b2:c1:4c:84:
a1:2c:4c:db:86:3e:e7:9b:c9:39:4b:d3:c9:2b:bf:
64:e2:1b:bb:69:2b:29:29:2f:4e:e0:e9:f0:f9:8f:
e7:e1:de:73:cd:23:fa:df:32:64:cf:d0:75:29:87:
c2:f1:54:2c:6f:f1:24:69:8d:81:98:48:89:7e:1e:
09:69:bd:dd:84:4c:da:66:43:46:45:37:3e:23:9d:
06:6d:34:0e:07:67:e2:5f:95:33:33:5b:cc:b0:7f:
67:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:E1:CD:08:85:86:E5:F9:60:CB:8F:12:FA:15:A2:65:63:3B:DE:65
X509v3 Authority Key Identifier:
keyid:DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/aab50dd8-a220-4509-8901-cb5ca23cff5f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc6:c::/47
Signature Algorithm: sha256WithRSAEncryption
c6:a2:b1:e9:46:a3:0d:5c:09:c4:37:1f:c4:d1:69:6a:78:34:
2a:64:14:f5:99:12:e0:c9:e1:26:6c:5a:1a:cd:41:b9:b6:fc:
0e:a9:48:56:a5:f1:82:fe:43:11:33:69:ab:8e:46:2b:e6:3c:
da:56:f2:d8:91:d8:e8:9d:39:8d:e5:09:a1:79:46:4d:dc:83:
a6:1c:76:7d:64:38:cd:16:03:67:e7:52:5c:d8:21:36:a5:a6:
75:88:e5:d3:d7:fd:08:b4:7a:66:03:3a:b4:d0:d3:02:eb:d0:
87:f0:1f:41:ef:07:ff:fe:bf:e1:b5:92:83:aa:0d:09:c2:01:
33:d2:1c:91:e1:9e:23:d0:43:cc:b8:f9:43:b3:68:e9:75:57:
f9:9b:cf:c9:cf:99:c0:a2:fd:bb:f3:9d:d8:c4:9e:28:10:33:
77:10:4d:23:9e:93:fc:c7:a9:b7:33:e3:24:2d:e4:3f:85:38:
07:45:72:de:8c:66:cc:4d:db:ff:c4:71:58:15:b4:a3:d1:58:
78:8b:b0:18:e1:70:38:1c:9b:03:6a:a5:d3:83:f8:43:f4:ca:
87:f0:2e:9b:6b:cd:61:8a:ba:a4:21:78:04:9d:d5:23:9d:15:
06:2e:68:d6:5e:bd:87:23:6c:fc:d6:7a:bd:a7:42:dd:e3:67:
fd:a8:fa:4a
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUVLKUWM62vl3fR/ZkxBHUt/jInogwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGY3NTliNWFmM2RhNmM5ZGYwMzNiMGRlOTk4OTcwYTRl
Nzk2NTVkMDAeFw0yNjAyMjAwMTQwNDNaFw0yNjA1MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQGQ0N2FiOTY0M2FhYmVmNmQ3OWU5NTVhMzYzYmZjMjMyNzA2NTBkNDg1YTIw
Y2MzNWY0YmVhZWYxODI3ZDEwNjgxLTArBgNVBAMTJDk4ZDY3ZGViLWJiNzUtNGU3
Ny1iMWEwLTM2MDE2YjJkNjM1MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKFtmolKrjmClxnPl7+0cdKd8jR6KUyiOqa1yL/mXXOsfIbcpg8zwEkVeV0X
M+AlJUhKOy6ZiXA56u9fIzvnWaLfUGKjGPdSzg0bhmsVzO3bC4a1ZPfEBIQwMuMu
NTPEMW66cBWkAsE1a8ALUpXu2zjQHqOAfMMcUy8qUCW3iLAthshe7VM28VgrE3oJ
Mgs29g6nTZCRGbpjWVZA4eUQ2uqywUyEoSxM24Y+55vJOUvTySu/ZOIbu2krKSkv
TuDp8PmP5+Hec80j+t8yZM/QdSmHwvFULG/xJGmNgZhIiX4eCWm93YRM2mZDRkU3
PiOdBm00Dgdn4l+VMzNbzLB/Z60CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRw4c0I
hYbl+WDLjxL6FaJlYzveZTAfBgNVHSMEGDAWgBTfdZta89psnfAzsN6ZiXCk55ZV
0DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzMzV2JXdlBh
Ykozd003RGVtWWx3cE9lV1ZkQS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9mZTM3MzdmYi0wOTVkLTQ0NGMtOTJmNC0zZjcyMjFmYjU0NGMv
YWFiNTBkZDgtYTIyMC00NTA5LTg5MDEtY2I1Y2EyM2NmZjVmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZmUzNzM3ZmItMDk1ZC00NDRjLTkyZjQtM2Y3MjIxZmI1
NDRjLzBYRTV0WlZ5dUdlYUFfaDctMXFCcDdhWTRTby5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHASABP8YA
DDANBgkqhkiG9w0BAQsFAAOCAQEAxqKx6UajDVwJxDcfxNFpang0KmQU9ZkS4Mnh
JmxaGs1Bubb8DqlIVqXxgv5DETNpq45GK+Y82lby2JHY6J05jeUJoXlGTdyDphx2
fWQ4zRYDZ+dSXNghNqWmdYjl09f9CLR6ZgM6tNDTAuvQh/AfQe8H//6/4bWSg6oN
CcIBM9IckeGeI9BDzLj5Q7No6XVX+ZvPyc+ZwKL9u/Od2MSeKBAzdxBNI56T/Mep
tzPjJC3kP4U4B0Vy3oxmzE3b/8RxWBW0o9FYeIuwGOFwOBybA2ql04P4Q/TKh/Au
m2vNYYq6pCF4BJ3VI50VBi5o1l69hyNs/NZ6vadC3eNn/aj6Sg==
-----END CERTIFICATE-----
Generated at Sat Feb 21 07:24:38 2026 by rpki-client