Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/c5a8891f-2cfd-49db-84c7-7a149ce6f868.roa
File: c5a8891f-2cfd-49db-84c7-7a149ce6f868.roa (raw, json)
Hash identifier: oWZuBZYJfPfpp33wUVv+DHxef2UFzcgFFvYMCo7/05g=
Subject key identifier: 6C:85:20:28:B2:5F:5D:A6:A5:1F:61:48:C7:4A:D2:7E:64:BB:59:46
Certificate issuer: /CN=df759b5af3da6c9df033b0de998970a4e79655d0
Certificate serial: 3A6A6DE3D4571BD92C88A16C21A0A6C7CE1A567A
Authority key identifier: DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/c5a8891f-2cfd-49db-84c7-7a149ce6f868.roa
Signing time: Fri 20 Feb 2026 01:40:24 +0000
ROA not before: Fri 20 Feb 2026 01:40:24 +0000
ROA not after: Thu 21 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc7::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.mft
rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 22 Feb 2026 00:56:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3a:6a:6d:e3:d4:57:1b:d9:2c:88:a1:6c:21:a0:a6:c7:ce:1a:56:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=df759b5af3da6c9df033b0de998970a4e79655d0
Validity
Not Before: Feb 20 01:40:24 2026 GMT
Not After : May 21 23:59:59 2026 GMT
Subject: serialNumber=ce17afc645b84f68e8b1f40b58b1c467ca11b983b9457d81c169bf85870b0ec5, CN=98d67deb-bb75-4e77-b1a0-36016b2d6350
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:2a:dd:80:28:88:3a:7a:6d:a1:ed:50:0e:bd:
bd:32:d7:f3:c9:1d:97:69:16:e1:47:ae:3a:73:e6:
06:15:8c:e6:ec:3b:fa:32:01:49:5c:32:e3:8c:20:
d5:5c:af:1f:13:8d:a0:b4:ef:bb:12:f4:bc:52:94:
9f:e3:5e:ec:14:02:c7:84:3c:08:42:2a:85:d9:56:
97:33:ca:8b:1a:6e:09:7b:3c:95:20:40:13:69:24:
cc:00:02:54:11:3e:b4:1b:9a:b3:be:6a:fc:18:99:
1d:70:44:0a:0d:65:fd:db:c0:01:d1:cb:cf:c8:80:
61:d9:b6:2e:98:90:16:1b:ab:0f:0f:0f:f6:70:8a:
fd:70:46:c5:29:a8:b0:f8:4b:31:20:45:cd:f4:24:
c9:88:21:9b:69:94:3a:35:f0:a3:33:36:24:3a:76:
45:c2:5d:b0:0b:85:b7:69:b1:77:47:ef:e6:c7:e3:
93:18:96:4d:cf:d1:d7:bc:c4:36:40:9b:fd:ea:ca:
5b:9f:82:fb:ef:7b:31:cd:5c:b0:28:2c:0d:03:ee:
a3:11:a4:b8:0e:51:c0:1e:de:6f:0a:59:8d:47:79:
dc:41:e8:3a:28:78:b8:06:d0:08:70:e8:16:dc:03:
b5:55:a2:28:4a:38:d3:cc:81:8c:7a:34:3a:59:f0:
c4:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:85:20:28:B2:5F:5D:A6:A5:1F:61:48:C7:4A:D2:7E:64:BB:59:46
X509v3 Authority Key Identifier:
keyid:DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/c5a8891f-2cfd-49db-84c7-7a149ce6f868.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc7::/36
Signature Algorithm: sha256WithRSAEncryption
6a:0d:e0:23:8c:9f:e3:81:d2:65:a0:f8:3b:0f:68:e1:8c:15:
62:f2:ca:35:f3:f6:cb:0c:fa:19:c4:8a:ed:ce:f4:bf:b8:95:
c6:f3:1d:d5:2e:53:3c:84:26:c0:34:5c:76:2b:3e:79:7e:d0:
b2:dc:be:fd:55:d9:ee:8c:a7:79:87:8b:58:ac:6f:aa:9b:e1:
a9:33:8e:61:a3:ed:33:e2:b4:62:54:08:fb:13:f5:75:3a:06:
75:2b:c4:eb:8a:5e:67:ab:79:aa:cb:b5:da:14:e9:4d:b6:1f:
bc:89:bc:2b:72:61:41:1e:68:3b:a7:0b:6b:7b:10:11:16:63:
7b:9f:4c:1d:3b:be:80:f1:6e:78:63:9f:d6:0d:52:d9:7c:94:
66:41:ad:7c:2f:71:e4:56:26:6c:db:92:1e:10:d2:8b:cc:e9:
21:c2:2c:18:e9:4d:12:1c:a9:f0:2e:34:54:ca:1f:05:b7:4c:
ca:b8:81:c8:47:2d:01:e5:ce:39:8b:81:26:da:d6:0b:f7:24:
45:68:15:2b:52:1d:89:25:3f:c3:e8:07:ec:9d:fa:ae:7e:e6:
b9:8b:03:6c:88:cd:d1:76:94:d8:a8:14:71:04:b9:c2:f7:3c:
8a:18:40:0b:22:1f:7d:7a:62:fa:5a:6c:af:b2:17:52:72:9a:
08:1e:2e:bb
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUOmpt49RXG9ksiKFsIaCmx84aVnowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGY3NTliNWFmM2RhNmM5ZGYwMzNiMGRlOTk4OTcwYTRl
Nzk2NTVkMDAeFw0yNjAyMjAwMTQwMjRaFw0yNjA1MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQGNlMTdhZmM2NDViODRmNjhlOGIxZjQwYjU4YjFjNDY3Y2ExMWI5ODNiOTQ1
N2Q4MWMxNjliZjg1ODcwYjBlYzUxLTArBgNVBAMTJDk4ZDY3ZGViLWJiNzUtNGU3
Ny1iMWEwLTM2MDE2YjJkNjM1MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALAq3YAoiDp6baHtUA69vTLX88kdl2kW4UeuOnPmBhWM5uw7+jIBSVwy44wg
1VyvHxONoLTvuxL0vFKUn+Ne7BQCx4Q8CEIqhdlWlzPKixpuCXs8lSBAE2kkzAAC
VBE+tBuas75q/BiZHXBECg1l/dvAAdHLz8iAYdm2LpiQFhurDw8P9nCK/XBGxSmo
sPhLMSBFzfQkyYghm2mUOjXwozM2JDp2RcJdsAuFt2mxd0fv5sfjkxiWTc/R17zE
NkCb/erKW5+C++97Mc1csCgsDQPuoxGkuA5RwB7ebwpZjUd53EHoOih4uAbQCHDo
FtwDtVWiKEo408yBjHo0OlnwxHcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRshSAo
sl9dpqUfYUjHStJ+ZLtZRjAfBgNVHSMEGDAWgBTfdZta89psnfAzsN6ZiXCk55ZV
0DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzMzV2JXdlBh
Ykozd003RGVtWWx3cE9lV1ZkQS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9mZTM3MzdmYi0wOTVkLTQ0NGMtOTJmNC0zZjcyMjFmYjU0NGMv
YzVhODg5MWYtMmNmZC00OWRiLTg0YzctN2ExNDljZTZmODY4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZmUzNzM3ZmItMDk1ZC00NDRjLTkyZjQtM2Y3MjIxZmI1
NDRjLzBYRTV0WlZ5dUdlYUFfaDctMXFCcDdhWTRTby5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCABP8cA
MA0GCSqGSIb3DQEBCwUAA4IBAQBqDeAjjJ/jgdJloPg7D2jhjBVi8so18/bLDPoZ
xIrtzvS/uJXG8x3VLlM8hCbANFx2Kz55ftCy3L79VdnujKd5h4tYrG+qm+GpM45h
o+0z4rRiVAj7E/V1OgZ1K8Tril5nq3mqy7XaFOlNth+8ibwrcmFBHmg7pwtrexAR
FmN7n0wdO76A8W54Y5/WDVLZfJRmQa18L3HkViZs25IeENKLzOkhwiwY6U0SHKnw
LjRUyh8Ft0zKuIHIRy0B5c45i4Em2tYL9yRFaBUrUh2JJT/D6Afsnfqufua5iwNs
iM3RdpTYqBRxBLnC9zyKGEALIh99emL6WmyvshdScpoIHi67
-----END CERTIFICATE-----
Generated at Sat Feb 21 07:29:49 2026 by rpki-client