Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/e1761481-a0e9-4093-b4d3-7919660f0dfa.roa
File: e1761481-a0e9-4093-b4d3-7919660f0dfa.roa (raw, json)
Hash identifier: BFBtoOQCUu7jRXiO7pLSeAz2U+3WWxwSGbwPSQQV/B8=
Subject key identifier: 55:2C:B0:52:D3:A0:A9:39:95:6E:37:7D:9E:60:3F:32:43:A4:10:F3
Certificate issuer: /CN=df759b5af3da6c9df033b0de998970a4e79655d0
Certificate serial: 1970124B810ED5308BC9C7E9908D39EF8D1A9741
Authority key identifier: DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/e1761481-a0e9-4093-b4d3-7919660f0dfa.roa
Signing time: Fri 20 Feb 2026 01:30:15 +0000
ROA not before: Fri 20 Feb 2026 01:30:15 +0000
ROA not after: Thu 21 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc7:4800::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.mft
rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 22 Feb 2026 00:56:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
19:70:12:4b:81:0e:d5:30:8b:c9:c7:e9:90:8d:39:ef:8d:1a:97:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=df759b5af3da6c9df033b0de998970a4e79655d0
Validity
Not Before: Feb 20 01:30:15 2026 GMT
Not After : May 21 23:59:59 2026 GMT
Subject: serialNumber=c42ac1dbf2b54303dc154aef40c3b3b3a7de7ff8b24ff504e38473fcbbf71c8d, CN=98d67deb-bb75-4e77-b1a0-36016b2d6350
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:c9:92:23:23:f8:02:74:bd:49:43:61:7b:e4:
47:a9:6f:b6:72:1b:8d:a2:b4:36:c4:40:15:b2:73:
0d:d4:da:84:89:aa:5e:9d:0c:d7:71:db:eb:fe:25:
a4:b1:50:45:17:40:dd:39:fc:2f:97:c9:c1:8f:98:
4d:7e:d6:be:fd:45:32:a7:74:e3:e6:76:97:71:26:
b2:6a:dc:ec:24:ef:ee:ad:35:2a:f7:34:a4:bb:2e:
18:9d:51:91:71:a3:91:fe:7c:42:4f:5b:1c:7b:21:
04:b3:b5:2c:44:c7:9c:db:d3:46:a0:84:14:fd:eb:
e0:38:1d:40:4d:87:e9:11:3d:31:9d:c1:97:5b:a5:
6e:e7:e0:78:12:ad:94:02:89:a7:19:e6:06:a9:f6:
0e:c1:77:dc:f7:ad:06:6c:40:23:1d:18:89:82:08:
72:05:03:ed:97:ea:42:61:66:6e:8d:a4:46:dc:3e:
51:89:d4:10:e0:6c:c6:73:94:e4:1f:48:0a:cd:ab:
d9:db:e5:da:e6:6c:18:f6:70:0a:88:e3:45:4a:60:
57:7f:70:ea:22:cf:38:17:3d:22:84:89:10:3c:46:
b9:57:9e:a3:4f:e0:83:e7:62:eb:60:44:91:0a:90:
cd:ea:d2:90:a4:d0:7c:39:91:23:b1:bd:16:a7:eb:
46:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:2C:B0:52:D3:A0:A9:39:95:6E:37:7D:9E:60:3F:32:43:A4:10:F3
X509v3 Authority Key Identifier:
keyid:DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/e1761481-a0e9-4093-b4d3-7919660f0dfa.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc7:4800::/40
Signature Algorithm: sha256WithRSAEncryption
c2:35:4e:8c:4a:d6:b5:67:8f:62:29:88:32:cc:4f:1f:ca:23:
56:7d:1d:3a:3e:ea:85:ec:5b:61:8c:6f:76:0b:96:a3:cd:9f:
92:58:cc:95:60:72:1d:a7:a5:0d:93:95:d6:fc:51:16:41:52:
03:c7:f7:b7:cf:6a:45:53:fa:db:5b:fa:3f:af:4c:56:bf:ab:
10:92:8e:d8:48:d5:26:70:ad:1d:1d:69:bf:5a:72:bb:42:67:
45:7f:9b:15:1c:ce:85:ff:b5:bd:1a:73:b1:ff:4e:de:38:95:
6e:7d:0b:97:5f:ef:3d:df:95:98:f7:bf:7a:2d:9b:bd:46:f7:
f5:02:d9:69:ea:66:8f:d5:d1:4f:99:50:d3:dc:69:90:12:bf:
a8:67:ef:a7:b3:7e:22:87:08:70:39:68:74:ca:33:bf:55:67:
f1:dc:10:53:fe:01:a6:83:50:4e:63:e5:21:82:39:ad:e7:ca:
07:5b:95:16:14:30:cf:ab:68:98:47:26:5d:cc:46:1c:23:3f:
5b:e8:b6:65:03:5c:e0:b0:0c:2a:7d:92:17:41:03:ff:33:23:
dd:80:60:fd:f9:48:35:20:aa:50:20:8c:59:cd:99:fb:8c:ee:
68:d5:8b:4f:97:48:67:2e:b7:51:86:2f:27:53:dd:ad:89:f2:
01:b6:cc:d5
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUGXASS4EO1TCLycfpkI05740al0EwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGY3NTliNWFmM2RhNmM5ZGYwMzNiMGRlOTk4OTcwYTRl
Nzk2NTVkMDAeFw0yNjAyMjAwMTMwMTVaFw0yNjA1MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQGM0MmFjMWRiZjJiNTQzMDNkYzE1NGFlZjQwYzNiM2IzYTdkZTdmZjhiMjRm
ZjUwNGUzODQ3M2ZjYmJmNzFjOGQxLTArBgNVBAMTJDk4ZDY3ZGViLWJiNzUtNGU3
Ny1iMWEwLTM2MDE2YjJkNjM1MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANPJkiMj+AJ0vUlDYXvkR6lvtnIbjaK0NsRAFbJzDdTahImqXp0M13Hb6/4l
pLFQRRdA3Tn8L5fJwY+YTX7Wvv1FMqd04+Z2l3Emsmrc7CTv7q01Kvc0pLsuGJ1R
kXGjkf58Qk9bHHshBLO1LETHnNvTRqCEFP3r4DgdQE2H6RE9MZ3Bl1ulbufgeBKt
lAKJpxnmBqn2DsF33PetBmxAIx0YiYIIcgUD7ZfqQmFmbo2kRtw+UYnUEOBsxnOU
5B9ICs2r2dvl2uZsGPZwCojjRUpgV39w6iLPOBc9IoSJEDxGuVeeo0/gg+di62BE
kQqQzerSkKTQfDmRI7G9FqfrRukCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRVLLBS
06CpOZVuN32eYD8yQ6QQ8zAfBgNVHSMEGDAWgBTfdZta89psnfAzsN6ZiXCk55ZV
0DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzMzV2JXdlBh
Ykozd003RGVtWWx3cE9lV1ZkQS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9mZTM3MzdmYi0wOTVkLTQ0NGMtOTJmNC0zZjcyMjFmYjU0NGMv
ZTE3NjE0ODEtYTBlOS00MDkzLWI0ZDMtNzkxOTY2MGYwZGZhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZmUzNzM3ZmItMDk1ZC00NDRjLTkyZjQtM2Y3MjIxZmI1
NDRjLzBYRTV0WlZ5dUdlYUFfaDctMXFCcDdhWTRTby5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACABP8dI
MA0GCSqGSIb3DQEBCwUAA4IBAQDCNU6MSta1Z49iKYgyzE8fyiNWfR06PuqF7Fth
jG92C5ajzZ+SWMyVYHIdp6UNk5XW/FEWQVIDx/e3z2pFU/rbW/o/r0xWv6sQko7Y
SNUmcK0dHWm/WnK7QmdFf5sVHM6F/7W9GnOx/07eOJVufQuXX+8935WY9796LZu9
Rvf1Atlp6maP1dFPmVDT3GmQEr+oZ++ns34ihwhwOWh0yjO/VWfx3BBT/gGmg1BO
Y+Uhgjmt58oHW5UWFDDPq2iYRyZdzEYcIz9b6LZlA1zgsAwqfZIXQQP/MyPdgGD9
+Ug1IKpQIIxZzZn7jO5o1YtPl0hnLrdRhi8nU92tifIBtszV
-----END CERTIFICATE-----
Generated at Sat Feb 21 07:24:39 2026 by rpki-client