Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/e27e7a59-99bf-4559-b0df-87da2f6dc6e9.roa
File: e27e7a59-99bf-4559-b0df-87da2f6dc6e9.roa (raw, json)
Hash identifier: 6+U9q3rJY+0E/4Y/UorwQBtkYNl2s4CVurSkeQfs/t0=
Subject key identifier: B2:3F:79:15:51:69:6E:96:F0:9D:E6:03:E5:ED:D7:75:2E:79:C9:05
Certificate issuer: /CN=df759b5af3da6c9df033b0de998970a4e79655d0
Certificate serial: 33942C19A3170089CD670AE0F120C4B34A588D2E
Authority key identifier: DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/e27e7a59-99bf-4559-b0df-87da2f6dc6e9.roa
Signing time: Fri 20 Feb 2026 01:30:16 +0000
ROA not before: Fri 20 Feb 2026 01:30:16 +0000
ROA not after: Thu 21 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc1:8000::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.mft
rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 22 Feb 2026 00:56:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
33:94:2c:19:a3:17:00:89:cd:67:0a:e0:f1:20:c4:b3:4a:58:8d:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=df759b5af3da6c9df033b0de998970a4e79655d0
Validity
Not Before: Feb 20 01:30:16 2026 GMT
Not After : May 21 23:59:59 2026 GMT
Subject: serialNumber=2e868c690e1586f46e5bd8e6ef062f4946f05bf04625a27d99f3137a35b62f37, CN=98d67deb-bb75-4e77-b1a0-36016b2d6350
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:25:f4:59:7c:c5:52:69:f4:a9:bc:29:6e:c7:
ec:cc:c3:d1:cc:f3:3e:4d:db:ee:83:43:7e:50:4b:
d1:5e:c6:f0:ec:9f:3c:4e:b6:59:32:49:91:05:6d:
da:a6:08:64:32:32:e8:40:50:40:c4:8f:9a:25:c1:
0c:80:b9:f9:bf:b9:0c:98:86:80:f3:26:b5:39:87:
db:72:9e:70:0f:17:fb:e8:b5:8f:23:c1:42:fd:6c:
85:a6:f5:6d:74:f4:8d:59:8f:ae:f2:64:6a:f7:10:
69:bb:f5:21:57:1f:37:0d:cd:0e:63:24:f4:ad:56:
26:9e:be:ad:63:aa:1e:ce:ca:0c:0d:df:3d:a0:ac:
6e:12:76:02:3a:56:19:f9:5b:d0:76:82:4a:13:f5:
49:f9:3b:34:41:94:e8:b8:24:b5:9d:6b:d3:ef:c2:
05:67:16:de:d6:0c:76:fa:95:01:7a:2a:d4:b8:e0:
5c:09:03:71:34:28:06:bd:46:3b:5a:bf:75:f1:a3:
00:59:53:a9:da:1a:42:cb:31:d2:ba:0c:2a:66:be:
cf:b5:da:87:c9:02:eb:a2:68:04:f6:b7:23:57:8f:
1c:00:4d:88:62:61:93:1b:d4:80:df:75:a7:81:b5:
7e:5c:91:17:6c:c9:f0:63:d3:81:bd:fb:55:c4:23:
2a:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:3F:79:15:51:69:6E:96:F0:9D:E6:03:E5:ED:D7:75:2E:79:C9:05
X509v3 Authority Key Identifier:
keyid:DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/e27e7a59-99bf-4559-b0df-87da2f6dc6e9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc1:8000::/38
Signature Algorithm: sha256WithRSAEncryption
08:29:8b:d1:b5:cc:12:26:48:d3:4f:a2:72:9f:9b:f4:2c:88:
8a:19:ce:41:67:0f:48:5b:a7:cc:0b:f7:4e:a0:ce:3c:ee:15:
67:c7:13:00:90:2c:30:ba:6c:a5:a8:1d:ff:e3:ea:4b:3a:6f:
39:4f:d6:ef:ff:66:88:2e:fa:86:29:d6:da:64:6b:77:fa:b7:
57:a1:1f:05:b9:32:7a:5c:53:f3:f9:24:46:79:c3:3b:0d:cf:
a0:b9:2d:b4:e6:a0:f2:20:f8:94:3a:c9:fe:cb:e0:69:27:0d:
e1:b3:90:f0:db:22:8b:60:91:0a:bd:f5:96:04:9e:57:6b:61:
f2:90:76:31:67:dc:93:cc:ad:4e:31:40:19:12:5f:30:74:fb:
14:b0:da:fe:50:9d:89:49:5b:3d:b9:3f:d4:09:65:26:72:fc:
76:51:9a:08:04:94:89:02:c4:04:eb:e4:14:51:8d:cf:1b:2d:
41:67:d9:e8:31:e9:df:4c:6c:a5:f5:48:94:d7:ff:f9:b3:e3:
49:aa:10:4d:a8:bd:7a:5d:3b:6b:3e:97:d3:e2:19:24:07:50:
c8:a9:1a:16:f8:94:76:7f:fb:8e:77:7e:e0:29:f1:d9:1e:50:
79:fd:15:76:59:d2:b7:ad:01:5e:3d:53:bc:60:6f:96:3b:53:
56:43:22:88
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUM5QsGaMXAInNZwrg8SDEs0pYjS4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGY3NTliNWFmM2RhNmM5ZGYwMzNiMGRlOTk4OTcwYTRl
Nzk2NTVkMDAeFw0yNjAyMjAwMTMwMTZaFw0yNjA1MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDJlODY4YzY5MGUxNTg2ZjQ2ZTViZDhlNmVmMDYyZjQ5NDZmMDViZjA0NjI1
YTI3ZDk5ZjMxMzdhMzViNjJmMzcxLTArBgNVBAMTJDk4ZDY3ZGViLWJiNzUtNGU3
Ny1iMWEwLTM2MDE2YjJkNjM1MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJsl9Fl8xVJp9Km8KW7H7MzD0czzPk3b7oNDflBL0V7G8OyfPE62WTJJkQVt
2qYIZDIy6EBQQMSPmiXBDIC5+b+5DJiGgPMmtTmH23KecA8X++i1jyPBQv1shab1
bXT0jVmPrvJkavcQabv1IVcfNw3NDmMk9K1WJp6+rWOqHs7KDA3fPaCsbhJ2AjpW
Gflb0HaCShP1Sfk7NEGU6LgktZ1r0+/CBWcW3tYMdvqVAXoq1LjgXAkDcTQoBr1G
O1q/dfGjAFlTqdoaQssx0roMKma+z7Xah8kC66JoBPa3I1ePHABNiGJhkxvUgN91
p4G1flyRF2zJ8GPTgb37VcQjKjcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSyP3kV
UWlulvCd5gPl7dd1LnnJBTAfBgNVHSMEGDAWgBTfdZta89psnfAzsN6ZiXCk55ZV
0DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzMzV2JXdlBh
Ykozd003RGVtWWx3cE9lV1ZkQS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9mZTM3MzdmYi0wOTVkLTQ0NGMtOTJmNC0zZjcyMjFmYjU0NGMv
ZTI3ZTdhNTktOTliZi00NTU5LWIwZGYtODdkYTJmNmRjNmU5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZmUzNzM3ZmItMDk1ZC00NDRjLTkyZjQtM2Y3MjIxZmI1
NDRjLzBYRTV0WlZ5dUdlYUFfaDctMXFCcDdhWTRTby5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAiABP8GA
MA0GCSqGSIb3DQEBCwUAA4IBAQAIKYvRtcwSJkjTT6Jyn5v0LIiKGc5BZw9IW6fM
C/dOoM487hVnxxMAkCwwumylqB3/4+pLOm85T9bv/2aILvqGKdbaZGt3+rdXoR8F
uTJ6XFPz+SRGecM7Dc+guS205qDyIPiUOsn+y+BpJw3hs5Dw2yKLYJEKvfWWBJ5X
a2HykHYxZ9yTzK1OMUAZEl8wdPsUsNr+UJ2JSVs9uT/UCWUmcvx2UZoIBJSJAsQE
6+QUUY3PGy1BZ9noMenfTGyl9UiU1//5s+NJqhBNqL16XTtrPpfT4hkkB1DIqRoW
+JR2f/uOd37gKfHZHlB5/RV2WdK3rQFePVO8YG+WO1NWQyKI
-----END CERTIFICATE-----
Generated at Sat Feb 21 07:29:50 2026 by rpki-client