Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/154c39ec-28ce-41bb-ad0d-c48503198277.roa
File:                     154c39ec-28ce-41bb-ad0d-c48503198277.roa (raw, json)
Hash identifier:          lU2SDQHz1O1JthFOvbRoCwcNyFM4rKROmqF9B2h2rIA=
Subject key identifier:   9D:9E:05:20:01:54:E9:9D:C3:C8:24:5C:88:BA:9D:8A:10:F3:A6:11
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       120D852E7BAEAA21C35D82CA5574DFF7E4B359B2
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/154c39ec-28ce-41bb-ad0d-c48503198277.roa
Signing time:             Wed 25 Feb 2026 02:41:17 +0000
ROA not before:           Wed 25 Feb 2026 02:41:17 +0000
ROA not after:            Tue 26 May 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:1f70:7400::/40 maxlen: 40
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 03 Mar 2026 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            12:0d:85:2e:7b:ae:aa:21:c3:5d:82:ca:55:74:df:f7:e4:b3:59:b2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Feb 25 02:41:17 2026 GMT
            Not After : May 26 23:59:59 2026 GMT
        Subject: serialNumber=c460f478df0ec6f601044e28062f13b83e687ffd46b3535b9dd7b2ca9b3010eb, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:06:07:37:66:b8:e7:e3:d2:97:04:78:a3:db:
                    35:d2:f8:af:78:e3:c4:1e:76:f6:3c:19:c1:73:29:
                    c6:b8:e2:ee:9e:5a:74:41:57:a1:80:0b:57:4c:12:
                    1d:bf:d2:54:bf:4a:b2:38:0e:59:f3:9c:1f:12:39:
                    7b:e1:bc:d8:1b:a2:b7:67:38:71:eb:4e:07:fc:78:
                    59:af:a8:3b:70:71:31:cf:91:b5:47:26:a3:9c:77:
                    d1:89:07:8f:f9:03:d5:1f:5d:5d:92:b2:d4:94:fa:
                    89:dc:95:96:ab:aa:79:e1:83:84:f8:ee:ce:cb:ac:
                    24:8c:ee:72:7d:f2:d8:99:0e:43:3e:af:38:95:43:
                    5a:83:65:54:49:63:d6:89:1d:8b:88:e7:99:22:43:
                    82:0b:e2:6e:b5:5a:d8:8c:78:63:7c:d1:ed:ee:b2:
                    06:a6:8b:95:8c:52:a3:d3:58:2a:74:dc:86:e8:9a:
                    9c:90:7e:1c:0f:38:fd:86:dd:9b:4d:ed:16:e9:50:
                    9e:13:da:ea:b3:5c:ee:05:af:b3:b4:17:18:54:1d:
                    88:4b:0c:4d:e5:4f:2d:8a:bf:6c:37:ae:2a:35:85:
                    5b:1c:91:fd:b7:58:50:c8:7f:4f:72:7a:11:63:3b:
                    fb:71:b5:09:3e:9c:da:16:5d:95:d4:71:db:33:7c:
                    d1:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9D:9E:05:20:01:54:E9:9D:C3:C8:24:5C:88:BA:9D:8A:10:F3:A6:11
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/154c39ec-28ce-41bb-ad0d-c48503198277.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1f70:7400::/40

    Signature Algorithm: sha256WithRSAEncryption
         03:33:bd:fb:a0:cc:c0:97:bc:05:1b:95:40:a8:ea:77:1d:00:
         0c:9d:8a:8f:9e:60:30:5a:3f:9d:e1:c9:43:74:98:d6:ab:3e:
         a8:82:a6:a1:d5:5c:e9:90:70:3d:3b:49:1b:d2:40:6b:6f:2a:
         40:79:72:89:9d:f2:8a:85:ad:09:69:c5:d1:66:10:87:c8:f8:
         49:a6:2c:f6:74:54:8f:d8:43:f8:ec:75:03:16:1a:14:9f:82:
         4e:f1:68:6e:bf:ca:9f:ef:d8:cd:d6:c5:eb:68:00:61:90:5e:
         88:90:92:50:16:dc:b9:d8:fa:06:74:32:59:3e:c4:43:3f:45:
         77:d5:30:37:5f:61:16:9e:ce:cf:3d:5b:00:cd:de:dd:42:9e:
         5f:83:54:bc:71:7c:f1:b8:1a:3f:99:fa:28:66:b2:99:75:dc:
         ce:78:05:aa:e4:de:31:c8:69:14:ad:eb:b4:18:c1:15:bf:78:
         55:f9:44:8d:5f:8c:13:ab:73:1c:50:2b:e1:a8:4a:d4:a6:89:
         1f:85:4f:ba:24:84:2c:83:d5:24:b6:a2:38:60:d9:af:db:b5:
         cf:c0:87:37:a1:67:82:cc:1e:6c:6b:a8:fa:79:b7:41:e4:c6:
         90:92:81:5a:48:e4:aa:c7:dc:41:37:7c:49:85:5d:62:f6:8d:
         c2:a9:a3:ce
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUEg2FLnuuqiHDXYLKVXTf9+SzWbIwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjYwMjI1MDI0MTE3WhcNMjYwNTI2MjM1OTU5
WjB6MUkwRwYDVQQFE0BjNDYwZjQ3OGRmMGVjNmY2MDEwNDRlMjgwNjJmMTNiODNl
Njg3ZmZkNDZiMzUzNWI5ZGQ3YjJjYTliMzAxMGViMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDIBgc3Zrjn49KXBHij2zXS+K9448QedvY8GcFzKca44u6e
WnRBV6GAC1dMEh2/0lS/SrI4DlnznB8SOXvhvNgbordnOHHrTgf8eFmvqDtwcTHP
kbVHJqOcd9GJB4/5A9UfXV2SstSU+onclZarqnnhg4T47s7LrCSM7nJ98tiZDkM+
rziVQ1qDZVRJY9aJHYuI55kiQ4IL4m61WtiMeGN80e3usgami5WMUqPTWCp03Ibo
mpyQfhwPOP2G3ZtN7RbpUJ4T2uqzXO4Fr7O0FxhUHYhLDE3lTy2Kv2w3rio1hVsc
kf23WFDIf09yehFjO/txtQk+nNoWXZXUcdszfNGHAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUnZ4FIAFU6Z3DyCRciLqdihDzphEwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzE1NGMzOWVjLTI4Y2UtNDFiYi1hZDBkLWM0ODUwMzE5ODI3Ny5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgAmAB9wdDANBgkqhkiG9w0BAQsFAAOCAQEAAzO9+6DMwJe8BRuVQKjqdx0A
DJ2Kj55gMFo/neHJQ3SY1qs+qIKmodVc6ZBwPTtJG9JAa28qQHlyiZ3yioWtCWnF
0WYQh8j4SaYs9nRUj9hD+Ox1AxYaFJ+CTvFobr/Kn+/YzdbF62gAYZBeiJCSUBbc
udj6BnQyWT7EQz9Fd9UwN19hFp7Ozz1bAM3e3UKeX4NUvHF88bgaP5n6KGaymXXc
zngFquTeMchpFK3rtBjBFb94VflEjV+ME6tzHFAr4ahK1KaJH4VPuiSELIPVJLai
OGDZr9u1z8CHN6FngswebGuo+nm3QeTGkJKBWkjkqsfcQTd8SYVdYvaNwqmjzg==
-----END CERTIFICATE-----