Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/0f89be87-45c1-410c-99ee-05d9e524cb54.roa
File:                     0f89be87-45c1-410c-99ee-05d9e524cb54.roa (raw, json)
Hash identifier:          bTVqs9+U7nehtyYlr7cT89DBOFJwuZnKycA+PvDC1w0=
Subject key identifier:   22:77:72:1C:EE:FC:1A:AE:84:DB:6A:19:AE:46:34:D8:8E:1C:3D:DE
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       0248F6376CE3566A537695CC3C6C4CF1D1D04BA3
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/0f89be87-45c1-410c-99ee-05d9e524cb54.roa
Signing time:             Tue 17 Feb 2026 00:20:48 +0000
ROA not before:           Tue 17 Feb 2026 00:20:48 +0000
ROA not after:            Mon 18 May 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:1ff6:a400::/40 maxlen: 40
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 03 Mar 2026 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            02:48:f6:37:6c:e3:56:6a:53:76:95:cc:3c:6c:4c:f1:d1:d0:4b:a3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Feb 17 00:20:48 2026 GMT
            Not After : May 18 23:59:59 2026 GMT
        Subject: serialNumber=00d89b7395dc08c653cef58f24d71eb27f99000b27c0307ff5cf2a8f8c9b4203, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:22:bd:8a:87:2b:16:7b:0b:55:54:23:a2:56:
                    60:33:66:ec:47:33:3d:6b:d3:64:f3:3b:55:08:d3:
                    6d:da:ca:7d:dd:b5:83:c5:a0:c0:32:72:8f:1d:48:
                    55:97:bb:44:49:64:a2:74:44:5c:f7:3d:12:cb:8b:
                    b3:5d:b9:b5:39:c7:ac:c0:a6:93:20:78:a2:07:a4:
                    8e:db:bf:0a:ac:01:96:ec:0f:e2:3b:af:9a:bd:94:
                    ed:b1:4e:14:cd:9c:14:5e:05:b7:2e:6f:04:ee:74:
                    e0:15:07:a9:cf:a9:94:b4:7d:f3:0c:14:41:95:52:
                    d8:d3:7b:b2:e3:1e:c3:2b:5c:c6:0c:2c:f6:66:f0:
                    6c:78:5f:a0:ab:4a:1c:a3:fd:a5:b0:46:52:5f:55:
                    e8:5b:12:25:ba:86:3a:4d:44:99:a7:49:3a:01:0f:
                    27:af:01:89:c1:80:ed:40:f7:19:ae:a7:ba:74:b1:
                    df:30:e5:65:b9:04:24:c8:3b:e3:be:40:44:ff:ba:
                    f3:0a:94:fa:68:43:ba:b6:bd:ff:9c:f2:6f:90:69:
                    27:46:71:96:d2:f1:80:79:12:6f:88:1f:f2:0c:e3:
                    cd:16:ca:48:84:a6:e1:e8:27:ac:89:94:c2:04:42:
                    26:bb:cd:57:15:64:60:05:77:b1:03:31:32:24:d9:
                    d5:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                22:77:72:1C:EE:FC:1A:AE:84:DB:6A:19:AE:46:34:D8:8E:1C:3D:DE
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/0f89be87-45c1-410c-99ee-05d9e524cb54.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1ff6:a400::/40

    Signature Algorithm: sha256WithRSAEncryption
         24:34:20:ac:e8:f3:78:d9:0d:b3:4f:1d:b0:73:21:c2:42:d0:
         c4:f8:36:25:5f:38:70:3b:97:a0:67:84:d7:1e:fc:6e:3e:f3:
         6a:c8:f7:07:d7:8d:84:00:e3:00:43:ca:f0:1c:47:24:cd:3c:
         c7:2c:57:a5:e5:82:21:1d:95:3e:50:ae:54:d1:3a:1e:b2:bb:
         52:bc:3b:f8:0a:cd:3e:d2:12:81:17:56:99:d5:6c:77:d3:17:
         71:c0:96:69:c4:40:e2:5a:04:56:6b:86:d9:eb:79:36:cb:9e:
         a9:0a:45:25:8a:ed:cc:5c:40:81:48:99:8d:7b:6a:e1:97:83:
         20:d9:39:e1:65:e3:15:ce:21:d5:0d:8a:fd:a0:3e:d1:8d:ab:
         1a:a7:dd:7d:0a:16:04:35:d0:7e:eb:a5:4e:e1:8b:b4:74:f4:
         b5:40:82:dc:8d:6e:b3:3d:54:cc:1a:7e:f8:a6:0d:8a:3f:3e:
         ed:7d:9b:f3:8e:c0:8d:fc:af:f8:e5:be:e5:a9:29:45:fc:64:
         16:50:b9:15:6a:1c:ce:2a:7a:8e:e5:42:31:12:5c:6f:fc:d3:
         3d:cf:e1:88:80:5d:04:23:a8:45:71:6a:fa:58:de:fa:21:0d:
         9b:16:1d:96:1d:a5:26:d4:90:4f:35:a1:5b:fa:a2:df:70:82:
         e7:81:87:cd
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUAkj2N2zjVmpTdpXMPGxM8dHQS6MwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjYwMjE3MDAyMDQ4WhcNMjYwNTE4MjM1OTU5
WjB6MUkwRwYDVQQFE0AwMGQ4OWI3Mzk1ZGMwOGM2NTNjZWY1OGYyNGQ3MWViMjdm
OTkwMDBiMjdjMDMwN2ZmNWNmMmE4ZjhjOWI0MjAzMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCtIr2KhysWewtVVCOiVmAzZuxHMz1r02TzO1UI023ayn3d
tYPFoMAyco8dSFWXu0RJZKJ0RFz3PRLLi7NdubU5x6zAppMgeKIHpI7bvwqsAZbs
D+I7r5q9lO2xThTNnBReBbcubwTudOAVB6nPqZS0ffMMFEGVUtjTe7LjHsMrXMYM
LPZm8Gx4X6CrShyj/aWwRlJfVehbEiW6hjpNRJmnSToBDyevAYnBgO1A9xmup7p0
sd8w5WW5BCTIO+O+QET/uvMKlPpoQ7q2vf+c8m+QaSdGcZbS8YB5Em+IH/IM480W
ykiEpuHoJ6yJlMIEQia7zVcVZGAFd7EDMTIk2dUfAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUIndyHO78Gq6E22oZrkY02I4cPd4wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzBmODliZTg3LTQ1YzEtNDEwYy05OWVlLTA1ZDllNTI0Y2I1NC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgAmAB/2pDANBgkqhkiG9w0BAQsFAAOCAQEAJDQgrOjzeNkNs08dsHMhwkLQ
xPg2JV84cDuXoGeE1x78bj7zasj3B9eNhADjAEPK8BxHJM08xyxXpeWCIR2VPlCu
VNE6HrK7Urw7+ArNPtISgRdWmdVsd9MXccCWacRA4loEVmuG2et5NsueqQpFJYrt
zFxAgUiZjXtq4ZeDINk54WXjFc4h1Q2K/aA+0Y2rGqfdfQoWBDXQfuulTuGLtHT0
tUCC3I1usz1UzBp++KYNij8+7X2b847Ajfyv+OW+5akpRfxkFlC5FWoczip6juVC
MRJcb/zTPc/hiIBdBCOoRXFq+lje+iENmxYdlh2lJtSQTzWhW/qi33CC54GHzQ==
-----END CERTIFICATE-----