Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/d203f3b7-b0ac-4a90-8d89-cbcf13c69e19.roa
File: d203f3b7-b0ac-4a90-8d89-cbcf13c69e19.roa (raw, json)
Hash identifier: BS6V1JXixhY6w/yO56xiElj5K65B84tvpZEf39LkRqQ=
Subject key identifier: 1F:55:F4:D4:91:0F:70:25:A2:B8:72:FC:96:64:C7:EB:ED:C9:5E:51
Certificate issuer: /CN=df759b5af3da6c9df033b0de998970a4e79655d0
Certificate serial: 11F066221B59349C3FB4F44D8AB83A98383912F2
Authority key identifier: DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/d203f3b7-b0ac-4a90-8d89-cbcf13c69e19.roa
Signing time: Fri 20 Feb 2026 01:40:23 +0000
ROA not before: Fri 20 Feb 2026 01:40:23 +0000
ROA not after: Thu 21 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc3:a000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.mft
rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 22 Feb 2026 00:56:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
11:f0:66:22:1b:59:34:9c:3f:b4:f4:4d:8a:b8:3a:98:38:39:12:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=df759b5af3da6c9df033b0de998970a4e79655d0
Validity
Not Before: Feb 20 01:40:23 2026 GMT
Not After : May 21 23:59:59 2026 GMT
Subject: serialNumber=5e8ba55d20236875efa77ce8f3cfdfc5958bff9830a0840fea114b6678748c2d, CN=98d67deb-bb75-4e77-b1a0-36016b2d6350
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:f5:1c:04:e1:4a:23:c7:10:08:90:ba:72:38:
c1:70:4e:17:23:cd:19:ee:fa:fc:87:c5:6a:1d:80:
b3:95:b6:3e:d8:08:7e:6e:66:49:71:5a:44:96:7e:
d5:d8:a8:b1:da:df:de:bc:9a:d6:2d:08:c0:64:29:
ea:bf:c0:74:c6:2b:ff:84:f7:6f:ee:d4:79:a8:37:
0b:20:e4:9a:52:d3:47:6e:d2:15:7a:b0:fe:d0:9d:
45:bf:c7:de:ad:19:86:09:a6:64:d9:96:57:6e:de:
ae:60:34:c9:9c:85:9c:a6:8a:78:9c:6f:d1:d3:5c:
6b:b4:83:48:01:26:e1:15:89:bd:1f:5c:b5:ec:be:
9f:f8:e3:cf:29:08:26:2c:16:eb:61:24:45:8d:ed:
4f:f4:31:06:4a:42:af:96:73:04:59:9b:73:04:a5:
26:28:f8:0c:1f:26:b8:96:af:74:d4:9b:95:10:3d:
7e:30:6c:30:71:4a:c3:c5:56:e2:f1:25:d6:b2:9f:
34:d2:e1:59:79:9d:2e:34:d4:0c:36:05:81:45:29:
75:b3:18:2b:fd:2c:a4:d2:0c:54:cb:c7:74:77:eb:
f9:8f:66:56:ed:1d:0f:96:fa:2a:fc:c6:0f:2d:10:
53:ec:8e:9f:96:43:00:5b:e3:40:5a:59:94:d7:4d:
94:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:55:F4:D4:91:0F:70:25:A2:B8:72:FC:96:64:C7:EB:ED:C9:5E:51
X509v3 Authority Key Identifier:
keyid:DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/d203f3b7-b0ac-4a90-8d89-cbcf13c69e19.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc3:a000::/36
Signature Algorithm: sha256WithRSAEncryption
21:54:da:56:7f:a5:1d:1f:0a:2f:67:f0:c2:0c:ba:61:75:52:
ef:89:8d:fe:6e:b3:8e:5b:26:0a:d3:f6:d2:ff:0d:68:f5:ea:
26:36:61:e9:dd:e4:1c:04:1f:f6:2b:17:09:51:9c:f9:fb:9b:
c0:c8:50:5a:41:a2:dd:69:26:54:45:43:5a:26:60:34:a8:dd:
87:2c:b4:82:65:e5:81:31:f0:ca:2a:58:a3:98:dc:79:2f:9a:
89:f9:b8:cd:94:b3:44:a2:27:be:3e:b9:2b:da:28:be:8d:69:
39:12:58:1f:66:0b:28:82:a7:54:75:e2:4e:85:cb:88:e5:4d:
75:8a:3c:c9:01:aa:64:19:e8:48:aa:2d:19:40:88:be:3f:c2:
88:7c:14:58:f8:d9:41:3a:6c:22:70:9e:0c:c9:47:a4:06:77:
db:03:c5:27:b8:84:16:3f:1a:57:11:7c:98:e8:02:90:fa:02:
dd:99:b1:cd:c2:24:dd:73:d5:32:a7:d6:63:94:c5:3d:97:0d:
fc:c4:85:98:01:b4:85:a9:7b:d7:7c:d3:93:29:93:a0:77:05:
f6:48:84:80:46:e5:fe:ba:af:ed:08:bb:b8:70:b4:71:d0:ca:
70:7f:52:84:a3:04:a4:7e:f6:f7:22:fa:1f:d9:bb:70:4c:12:
d6:ba:af:0b
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUEfBmIhtZNJw/tPRNirg6mDg5EvIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGY3NTliNWFmM2RhNmM5ZGYwMzNiMGRlOTk4OTcwYTRl
Nzk2NTVkMDAeFw0yNjAyMjAwMTQwMjNaFw0yNjA1MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDVlOGJhNTVkMjAyMzY4NzVlZmE3N2NlOGYzY2ZkZmM1OTU4YmZmOTgzMGEw
ODQwZmVhMTE0YjY2Nzg3NDhjMmQxLTArBgNVBAMTJDk4ZDY3ZGViLWJiNzUtNGU3
Ny1iMWEwLTM2MDE2YjJkNjM1MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKz1HAThSiPHEAiQunI4wXBOFyPNGe76/IfFah2As5W2PtgIfm5mSXFaRJZ+
1diosdrf3rya1i0IwGQp6r/AdMYr/4T3b+7Ueag3CyDkmlLTR27SFXqw/tCdRb/H
3q0ZhgmmZNmWV27ermA0yZyFnKaKeJxv0dNca7SDSAEm4RWJvR9ctey+n/jjzykI
JiwW62EkRY3tT/QxBkpCr5ZzBFmbcwSlJij4DB8muJavdNSblRA9fjBsMHFKw8VW
4vEl1rKfNNLhWXmdLjTUDDYFgUUpdbMYK/0spNIMVMvHdHfr+Y9mVu0dD5b6KvzG
Dy0QU+yOn5ZDAFvjQFpZlNdNlHECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQfVfTU
kQ9wJaK4cvyWZMfr7cleUTAfBgNVHSMEGDAWgBTfdZta89psnfAzsN6ZiXCk55ZV
0DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzMzV2JXdlBh
Ykozd003RGVtWWx3cE9lV1ZkQS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9mZTM3MzdmYi0wOTVkLTQ0NGMtOTJmNC0zZjcyMjFmYjU0NGMv
ZDIwM2YzYjctYjBhYy00YTkwLThkODktY2JjZjEzYzY5ZTE5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZmUzNzM3ZmItMDk1ZC00NDRjLTkyZjQtM2Y3MjIxZmI1
NDRjLzBYRTV0WlZ5dUdlYUFfaDctMXFCcDdhWTRTby5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCABP8Og
MA0GCSqGSIb3DQEBCwUAA4IBAQAhVNpWf6UdHwovZ/DCDLphdVLviY3+brOOWyYK
0/bS/w1o9eomNmHp3eQcBB/2KxcJUZz5+5vAyFBaQaLdaSZURUNaJmA0qN2HLLSC
ZeWBMfDKKlijmNx5L5qJ+bjNlLNEoie+Prkr2ii+jWk5ElgfZgsogqdUdeJOhcuI
5U11ijzJAapkGehIqi0ZQIi+P8KIfBRY+NlBOmwicJ4MyUekBnfbA8UnuIQWPxpX
EXyY6AKQ+gLdmbHNwiTdc9Uyp9ZjlMU9lw38xIWYAbSFqXvXfNOTKZOgdwX2SISA
RuX+uq/tCLu4cLRx0Mpwf1KEowSkfvb3Ivof2btwTBLWuq8L
-----END CERTIFICATE-----
Generated at Sat Feb 21 07:24:41 2026 by rpki-client