Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/60e798f1-2c72-4195-b34c-7c1c6171e9a3.roa
File:                     60e798f1-2c72-4195-b34c-7c1c6171e9a3.roa (raw, json)
Hash identifier:          G7NENwhXTb1UGHdZaTPNFd5trS5L0g8x72azSY8XTJc=
Subject key identifier:   41:A3:F4:F6:32:87:B0:07:00:1C:8D:BC:59:D1:4F:D3:A1:D0:C8:A4
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       528B727EFAB2C58949E5D1CA7C60B4130FB8541E
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/60e798f1-2c72-4195-b34c-7c1c6171e9a3.roa
Signing time:             Sun 15 Feb 2026 00:10:43 +0000
ROA not before:           Sun 15 Feb 2026 00:10:43 +0000
ROA not after:            Sat 16 May 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        99.151.175.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 03 Mar 2026 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            52:8b:72:7e:fa:b2:c5:89:49:e5:d1:ca:7c:60:b4:13:0f:b8:54:1e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Feb 15 00:10:43 2026 GMT
            Not After : May 16 23:59:59 2026 GMT
        Subject: serialNumber=e08c61995d55e16d8315213762668f5101eb1a8aa871197e5097ae893fc6053d, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:9e:47:61:71:51:6e:ff:1c:93:f8:68:54:f5:
                    56:b1:32:6f:11:47:b8:a6:ea:86:3f:6b:5b:e5:f9:
                    16:85:e9:75:6c:3c:65:9b:96:6a:b5:50:2f:a6:7a:
                    4b:88:94:55:4c:49:9e:a3:c4:7c:fd:16:d6:96:f5:
                    c4:51:bd:b8:88:de:59:00:8e:b4:a3:2c:ef:66:35:
                    0e:53:38:f2:d2:56:11:ee:4d:d1:36:35:19:a3:9d:
                    fd:bf:e8:f6:39:43:8a:fc:a3:99:84:68:47:f7:53:
                    c8:52:c1:c4:18:1b:8e:96:87:e2:d2:d7:e6:a4:6c:
                    08:5c:8d:da:1c:1e:37:7c:ce:7c:1e:27:e1:b7:e1:
                    35:91:6e:2d:f2:da:db:1e:93:ff:a4:3a:c9:ed:15:
                    45:34:04:5d:d0:b3:24:f7:7d:9a:62:4d:e2:d1:c5:
                    44:9b:74:82:50:19:19:a3:8f:82:ab:4b:68:27:51:
                    30:1f:35:57:41:29:64:69:15:f1:bc:d3:cc:80:ca:
                    22:e0:5c:81:29:2a:eb:55:0c:4f:d4:1d:7b:51:38:
                    d5:42:4b:08:5b:f9:c4:d6:52:cf:56:7c:1d:85:c8:
                    88:e1:5f:1e:e3:6f:70:b8:f9:ab:42:98:4c:a1:7e:
                    e8:fa:4b:11:e0:b2:f7:63:16:37:73:a3:35:a4:8b:
                    f8:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                41:A3:F4:F6:32:87:B0:07:00:1C:8D:BC:59:D1:4F:D3:A1:D0:C8:A4
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/60e798f1-2c72-4195-b34c-7c1c6171e9a3.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  99.151.175.0/24

    Signature Algorithm: sha256WithRSAEncryption
         c2:89:2e:f5:d9:06:58:de:1e:ce:bb:6f:b1:ba:66:5c:8a:b1:
         ee:ea:19:51:9b:56:21:3f:53:73:fc:6d:c4:20:14:5a:61:e2:
         dc:ac:9e:da:27:17:11:c0:bd:03:a7:44:01:8d:98:2f:24:65:
         23:c0:e6:6c:47:57:e7:e6:03:4e:da:8e:56:c2:bc:6b:3d:f5:
         cd:97:5f:37:9e:3b:9e:5e:e4:82:8c:0a:b2:31:fa:23:71:30:
         3b:4c:fe:99:8d:61:fa:80:a1:80:fc:30:9e:09:5c:24:84:69:
         e2:51:f5:6a:c0:cf:19:6e:12:7b:d6:43:cd:fc:a2:c2:da:a3:
         12:bb:2a:66:25:c0:b1:93:68:a8:57:c3:53:71:19:2a:92:bf:
         fa:49:a8:cf:55:2c:63:b1:3a:bc:92:b0:b7:ce:b8:12:49:99:
         00:e4:f4:84:8d:a0:83:51:c8:26:0e:66:c5:b8:cc:ee:02:9e:
         b0:d1:74:7b:dc:b4:e4:6f:06:64:52:c8:b6:c2:34:68:c6:28:
         6d:4c:0a:3d:3e:a7:d5:23:b2:7f:7b:4c:84:a6:53:0c:ed:95:
         46:e8:c4:1a:c0:31:7c:46:68:47:ef:df:a4:25:b4:c2:56:72:
         e5:10:47:7d:ff:4c:0d:60:fb:b8:fa:4f:b4:bc:3f:1e:e8:b6:
         bb:4b:5f:08
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUUotyfvqyxYlJ5dHKfGC0Ew+4VB4wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjYwMjE1MDAxMDQzWhcNMjYwNTE2MjM1OTU5
WjB6MUkwRwYDVQQFE0BlMDhjNjE5OTVkNTVlMTZkODMxNTIxMzc2MjY2OGY1MTAx
ZWIxYThhYTg3MTE5N2U1MDk3YWU4OTNmYzYwNTNkMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCUnkdhcVFu/xyT+GhU9VaxMm8RR7im6oY/a1vl+RaF6XVs
PGWblmq1UC+mekuIlFVMSZ6jxHz9FtaW9cRRvbiI3lkAjrSjLO9mNQ5TOPLSVhHu
TdE2NRmjnf2/6PY5Q4r8o5mEaEf3U8hSwcQYG46Wh+LS1+akbAhcjdocHjd8znwe
J+G34TWRbi3y2tsek/+kOsntFUU0BF3QsyT3fZpiTeLRxUSbdIJQGRmjj4KrS2gn
UTAfNVdBKWRpFfG808yAyiLgXIEpKutVDE/UHXtRONVCSwhb+cTWUs9WfB2FyIjh
Xx7jb3C4+atCmEyhfuj6SxHgsvdjFjdzozWki/jxAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUQaP09jKHsAcAHI28WdFP06HQyKQwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzYwZTc5OGYxLTJjNzItNDE5NS1iMzRjLTdjMWM2MTcxZTlhMy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBABjl68wDQYJKoZIhvcNAQELBQADggEBAMKJLvXZBljeHs67b7G6ZlyKse7q
GVGbViE/U3P8bcQgFFph4tysntonFxHAvQOnRAGNmC8kZSPA5mxHV+fmA07ajlbC
vGs99c2XXzeeO55e5IKMCrIx+iNxMDtM/pmNYfqAoYD8MJ4JXCSEaeJR9WrAzxlu
EnvWQ838osLaoxK7KmYlwLGTaKhXw1NxGSqSv/pJqM9VLGOxOrySsLfOuBJJmQDk
9ISNoINRyCYOZsW4zO4CnrDRdHvctORvBmRSyLbCNGjGKG1MCj0+p9Ujsn97TISm
UwztlUboxBrAMXxGaEfv36QltMJWcuUQR33/TA1g+7j6T7S8Px7otrtLXwg=
-----END CERTIFICATE-----