Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/c772bd5a-4f72-4ad4-a5d0-9ed82e5f1e95.roa
File: c772bd5a-4f72-4ad4-a5d0-9ed82e5f1e95.roa (raw, json)
Hash identifier: eNboHmdAdYgmJ+NiPM/1I4vjOWCeC99nX/THMZ35sBs=
Subject key identifier: 66:F0:8F:78:F0:7D:20:B3:49:C7:07:43:77:3F:AF:8A:47:57:40:88
Certificate issuer: /CN=df759b5af3da6c9df033b0de998970a4e79655d0
Certificate serial: 7A2AE69952145865A79624EDFB1BC0D3EACBA36E
Authority key identifier: DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/c772bd5a-4f72-4ad4-a5d0-9ed82e5f1e95.roa
Signing time: Fri 20 Feb 2026 01:40:04 +0000
ROA not before: Fri 20 Feb 2026 01:40:04 +0000
ROA not after: Thu 21 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc6:a::/47 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.mft
rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 22 Feb 2026 00:56:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7a:2a:e6:99:52:14:58:65:a7:96:24:ed:fb:1b:c0:d3:ea:cb:a3:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=df759b5af3da6c9df033b0de998970a4e79655d0
Validity
Not Before: Feb 20 01:40:04 2026 GMT
Not After : May 21 23:59:59 2026 GMT
Subject: serialNumber=b0b7178c8caf3ababe5c5c580159de397aee6a71bf818db195b67e086fe003c1, CN=98d67deb-bb75-4e77-b1a0-36016b2d6350
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:23:b3:88:a6:e3:d4:b9:45:c1:64:ec:b3:ad:
bb:5d:41:ac:06:57:88:cc:2b:c3:6b:85:23:ce:00:
27:f1:e7:17:7c:33:1c:85:df:a9:99:20:4a:d1:b6:
59:8f:81:1d:59:9d:2d:1f:a7:54:eb:95:5d:96:36:
95:5b:49:b5:a1:dd:e7:c8:08:73:ad:a1:5c:2a:83:
46:25:86:06:db:42:2f:1b:ac:f4:a3:e2:cb:ce:bf:
95:00:c8:b1:83:1c:fd:27:62:01:e7:dd:83:95:21:
e6:51:9a:98:4b:0c:5b:a8:f5:ed:4d:6c:0a:be:05:
17:a5:bc:9c:75:59:75:29:0c:b3:dc:51:44:e9:8f:
a6:8f:98:73:fa:27:23:7f:1c:16:fd:07:a8:13:96:
64:78:8f:4a:f6:fd:52:23:d2:8f:4c:54:e4:cb:97:
d0:4a:f7:47:6d:78:c8:13:9a:a1:e6:b5:7d:07:55:
37:91:d7:54:46:d1:48:81:29:3d:a8:8a:25:07:b7:
ba:c3:6b:ee:d9:ce:5e:a7:d4:79:35:18:dc:f4:d3:
ac:ed:3e:3d:dc:cf:1d:9e:87:32:5f:90:d8:cb:99:
87:02:5a:cf:f3:9a:e2:d0:2d:da:27:52:dc:b7:b8:
04:fd:21:33:a2:63:41:bb:31:b9:8f:62:8a:5c:c4:
16:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:F0:8F:78:F0:7D:20:B3:49:C7:07:43:77:3F:AF:8A:47:57:40:88
X509v3 Authority Key Identifier:
keyid:DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/c772bd5a-4f72-4ad4-a5d0-9ed82e5f1e95.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc6:a::/47
Signature Algorithm: sha256WithRSAEncryption
46:8d:07:97:5f:b4:c7:f8:32:65:71:fd:5f:28:9f:c2:3e:9b:
54:32:2b:02:3c:55:8e:87:ff:5a:b9:c4:f6:bc:ee:2e:40:a0:
3b:c9:58:a0:36:b4:27:a4:44:95:af:9c:65:e8:f3:3c:06:e0:
44:78:0d:e9:8d:48:20:52:93:bf:0d:50:af:4b:db:ac:32:85:
99:42:f9:37:a9:33:ed:52:3d:a8:1e:1f:3f:a7:c6:bc:b7:36:
20:00:2e:07:d0:d9:af:9b:9e:c4:5d:22:9b:0b:85:74:6d:40:
a6:ec:40:ab:34:ff:e4:a1:77:c4:20:22:73:62:23:0d:8d:bd:
9a:41:c0:98:ff:a4:68:7a:ad:9b:b3:a9:38:e5:53:97:12:a5:
2c:93:59:1e:46:14:85:78:ac:f3:71:60:b9:ca:d0:83:e9:51:
f0:ce:f8:5b:40:76:43:37:4b:d3:5c:92:85:05:a3:a1:83:fe:
ef:95:c3:44:d2:e3:bb:a3:6f:c3:a5:32:13:bc:3c:39:7a:f0:
dc:28:08:6a:1c:f7:c8:01:00:91:69:c1:e8:ac:8a:27:dc:83:
c6:d7:64:01:f5:f4:22:01:eb:e5:d7:cd:c9:dd:cc:ce:1c:bf:
50:8d:8f:cb:cd:3e:c6:c2:59:27:72:82:9c:99:63:86:54:b0:
20:ce:d8:27
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUeirmmVIUWGWnliTt+xvA0+rLo24wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGY3NTliNWFmM2RhNmM5ZGYwMzNiMGRlOTk4OTcwYTRl
Nzk2NTVkMDAeFw0yNjAyMjAwMTQwMDRaFw0yNjA1MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQGIwYjcxNzhjOGNhZjNhYmFiZTVjNWM1ODAxNTlkZTM5N2FlZTZhNzFiZjgx
OGRiMTk1YjY3ZTA4NmZlMDAzYzExLTArBgNVBAMTJDk4ZDY3ZGViLWJiNzUtNGU3
Ny1iMWEwLTM2MDE2YjJkNjM1MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALgjs4im49S5RcFk7LOtu11BrAZXiMwrw2uFI84AJ/HnF3wzHIXfqZkgStG2
WY+BHVmdLR+nVOuVXZY2lVtJtaHd58gIc62hXCqDRiWGBttCLxus9KPiy86/lQDI
sYMc/SdiAefdg5Uh5lGamEsMW6j17U1sCr4FF6W8nHVZdSkMs9xRROmPpo+Yc/on
I38cFv0HqBOWZHiPSvb9UiPSj0xU5MuX0Er3R214yBOaoea1fQdVN5HXVEbRSIEp
PaiKJQe3usNr7tnOXqfUeTUY3PTTrO0+PdzPHZ6HMl+Q2MuZhwJaz/Oa4tAt2idS
3Le4BP0hM6JjQbsxuY9iilzEFnUCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRm8I94
8H0gs0nHB0N3P6+KR1dAiDAfBgNVHSMEGDAWgBTfdZta89psnfAzsN6ZiXCk55ZV
0DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzMzV2JXdlBh
Ykozd003RGVtWWx3cE9lV1ZkQS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9mZTM3MzdmYi0wOTVkLTQ0NGMtOTJmNC0zZjcyMjFmYjU0NGMv
Yzc3MmJkNWEtNGY3Mi00YWQ0LWE1ZDAtOWVkODJlNWYxZTk1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZmUzNzM3ZmItMDk1ZC00NDRjLTkyZjQtM2Y3MjIxZmI1
NDRjLzBYRTV0WlZ5dUdlYUFfaDctMXFCcDdhWTRTby5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHASABP8YA
CjANBgkqhkiG9w0BAQsFAAOCAQEARo0Hl1+0x/gyZXH9Xyifwj6bVDIrAjxVjof/
WrnE9rzuLkCgO8lYoDa0J6REla+cZejzPAbgRHgN6Y1IIFKTvw1Qr0vbrDKFmUL5
N6kz7VI9qB4fP6fGvLc2IAAuB9DZr5uexF0imwuFdG1ApuxAqzT/5KF3xCAic2Ij
DY29mkHAmP+kaHqtm7OpOOVTlxKlLJNZHkYUhXis83FgucrQg+lR8M74W0B2QzdL
01yShQWjoYP+75XDRNLju6Nvw6UyE7w8OXrw3CgIahz3yAEAkWnB6KyKJ9yDxtdk
AfX0IgHr5dfNyd3Mzhy/UI2Py80+xsJZJ3KCnJljhlSwIM7YJw==
-----END CERTIFICATE-----
Generated at Sat Feb 21 07:29:48 2026 by rpki-client