Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/c47386ff-4f1d-480a-be76-cc4ee1b3a35f.roa
File: c47386ff-4f1d-480a-be76-cc4ee1b3a35f.roa (raw, json)
Hash identifier: qnCPoskdpNktEuYY0KS29uNG18Ibu84qpMWbtImgFj8=
Subject key identifier: 43:3B:C9:74:6F:9A:44:7F:7D:27:A4:6C:3F:C7:F6:A9:A6:4E:93:F7
Certificate issuer: /CN=df759b5af3da6c9df033b0de998970a4e79655d0
Certificate serial: 5C62D152EF12C61681C808A708B2D5F887CADCBC
Authority key identifier: DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/c47386ff-4f1d-480a-be76-cc4ee1b3a35f.roa
Signing time: Fri 20 Feb 2026 01:40:46 +0000
ROA not before: Fri 20 Feb 2026 01:40:46 +0000
ROA not after: Thu 21 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc3::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.mft
rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 22 Feb 2026 00:56:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5c:62:d1:52:ef:12:c6:16:81:c8:08:a7:08:b2:d5:f8:87:ca:dc:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=df759b5af3da6c9df033b0de998970a4e79655d0
Validity
Not Before: Feb 20 01:40:46 2026 GMT
Not After : May 21 23:59:59 2026 GMT
Subject: serialNumber=e2768c42b555dbfec5d8387e029cea789250507a97a5ad0796b09502ef102ca6, CN=98d67deb-bb75-4e77-b1a0-36016b2d6350
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:db:b2:77:a3:9f:30:e7:2a:db:28:d4:3c:75:
48:77:66:30:47:5a:c8:b5:5b:6f:44:94:8f:67:3f:
57:69:65:e0:ee:b9:62:51:d3:9b:40:76:7f:bf:95:
05:10:7f:b6:ae:96:d2:8c:72:e8:50:a0:53:7c:f3:
c1:55:69:70:bc:1a:f1:59:c5:ba:2d:77:dc:d2:df:
fb:a0:6c:98:1d:ee:ab:c0:a9:49:c0:bc:a1:98:cc:
1e:a7:47:86:e7:8c:1e:f3:36:60:a5:8e:7a:da:b1:
f7:0f:49:8f:df:8d:04:35:21:7b:9b:6a:8f:05:ab:
f1:51:6d:c4:15:7d:ba:34:5d:6e:88:c7:1d:16:b3:
90:6b:ab:db:71:ed:5d:19:e4:3a:f4:b9:ed:5c:fb:
ea:89:78:61:7c:6a:0c:38:72:a5:e9:46:28:06:dc:
ab:d6:44:2b:0e:b3:b7:a4:f0:75:d1:f7:40:22:6c:
a8:7b:66:0d:e5:2b:c8:c3:ae:03:32:06:9b:ea:ba:
ac:6e:a9:18:01:30:eb:5b:67:c6:c6:cf:30:09:74:
e2:bd:3f:80:a1:1c:70:23:e0:fa:35:4f:36:6f:1d:
17:07:fa:28:d2:ac:5f:c2:a4:4a:88:66:88:99:07:
e3:bd:e3:d9:b0:5b:a1:8b:49:50:e3:27:1a:82:14:
82:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:3B:C9:74:6F:9A:44:7F:7D:27:A4:6C:3F:C7:F6:A9:A6:4E:93:F7
X509v3 Authority Key Identifier:
keyid:DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/c47386ff-4f1d-480a-be76-cc4ee1b3a35f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc3::/36
Signature Algorithm: sha256WithRSAEncryption
a9:b9:dc:aa:54:40:b3:07:0b:bb:d7:94:26:c0:75:14:fa:8c:
67:aa:6d:e8:e4:cc:56:ac:aa:75:b4:82:66:8b:68:fe:25:ec:
55:b4:e0:5e:d3:e7:dc:e7:fb:82:8c:f1:17:4c:32:1b:13:a3:
4b:a9:07:ca:d0:64:c8:23:ae:c6:6b:17:11:ff:28:18:47:a8:
24:b8:96:ff:6a:91:87:ec:b6:57:8d:72:dd:99:7f:1e:15:bf:
d2:09:6a:e5:2e:a7:e5:9d:31:9f:a9:db:eb:64:ee:22:81:78:
df:a4:13:97:c0:61:a1:62:cf:ba:a6:4d:78:74:74:b6:9a:01:
a4:2c:b5:1c:b8:2d:75:15:d4:0d:c5:62:d2:56:7a:9f:30:91:
ea:18:05:d6:76:08:6f:eb:bb:cc:8a:c9:99:12:cf:57:69:62:
ec:ef:b1:05:5e:78:2a:06:7f:67:4b:5b:58:64:3c:95:69:2e:
0c:e7:c3:cd:27:79:9c:cc:79:45:d0:75:03:fb:82:8c:5c:97:
10:da:61:20:c4:95:70:44:37:da:e6:c8:e6:0e:37:fb:b8:6e:
8d:e6:b1:d0:ca:3c:94:66:29:82:c5:b8:3b:a0:b4:09:7a:f2:
ec:d8:b2:a1:72:18:2b:be:64:7e:45:3f:96:bf:74:6c:d8:44:
c4:fe:03:e3
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUXGLRUu8SxhaByAinCLLV+IfK3LwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGY3NTliNWFmM2RhNmM5ZGYwMzNiMGRlOTk4OTcwYTRl
Nzk2NTVkMDAeFw0yNjAyMjAwMTQwNDZaFw0yNjA1MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQGUyNzY4YzQyYjU1NWRiZmVjNWQ4Mzg3ZTAyOWNlYTc4OTI1MDUwN2E5N2E1
YWQwNzk2YjA5NTAyZWYxMDJjYTYxLTArBgNVBAMTJDk4ZDY3ZGViLWJiNzUtNGU3
Ny1iMWEwLTM2MDE2YjJkNjM1MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKDbsnejnzDnKtso1Dx1SHdmMEdayLVbb0SUj2c/V2ll4O65YlHTm0B2f7+V
BRB/tq6W0oxy6FCgU3zzwVVpcLwa8VnFui133NLf+6BsmB3uq8CpScC8oZjMHqdH
hueMHvM2YKWOetqx9w9Jj9+NBDUhe5tqjwWr8VFtxBV9ujRdbojHHRazkGur23Ht
XRnkOvS57Vz76ol4YXxqDDhypelGKAbcq9ZEKw6zt6TwddH3QCJsqHtmDeUryMOu
AzIGm+q6rG6pGAEw61tnxsbPMAl04r0/gKEccCPg+jVPNm8dFwf6KNKsX8KkSohm
iJkH473j2bBboYtJUOMnGoIUggUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRDO8l0
b5pEf30npGw/x/appk6T9zAfBgNVHSMEGDAWgBTfdZta89psnfAzsN6ZiXCk55ZV
0DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzMzV2JXdlBh
Ykozd003RGVtWWx3cE9lV1ZkQS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9mZTM3MzdmYi0wOTVkLTQ0NGMtOTJmNC0zZjcyMjFmYjU0NGMv
YzQ3Mzg2ZmYtNGYxZC00ODBhLWJlNzYtY2M0ZWUxYjNhMzVmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZmUzNzM3ZmItMDk1ZC00NDRjLTkyZjQtM2Y3MjIxZmI1
NDRjLzBYRTV0WlZ5dUdlYUFfaDctMXFCcDdhWTRTby5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCABP8MA
MA0GCSqGSIb3DQEBCwUAA4IBAQCpudyqVECzBwu715QmwHUU+oxnqm3o5MxWrKp1
tIJmi2j+JexVtOBe0+fc5/uCjPEXTDIbE6NLqQfK0GTII67GaxcR/ygYR6gkuJb/
apGH7LZXjXLdmX8eFb/SCWrlLqflnTGfqdvrZO4igXjfpBOXwGGhYs+6pk14dHS2
mgGkLLUcuC11FdQNxWLSVnqfMJHqGAXWdghv67vMismZEs9XaWLs77EFXngqBn9n
S1tYZDyVaS4M58PNJ3mczHlF0HUD+4KMXJcQ2mEgxJVwRDfa5sjmDjf7uG6N5rHQ
yjyUZimCxbg7oLQJevLs2LKhchgrvmR+RT+Wv3Rs2ETE/gPj
-----END CERTIFICATE-----
Generated at Sat Feb 21 08:46:39 2026 by rpki-client