Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/7d07779e-2b8c-4173-b3f8-1cd5de2e437c.roa
File:                     7d07779e-2b8c-4173-b3f8-1cd5de2e437c.roa (raw, json)
Hash identifier:          G9p/53dmZt4lShTA5kQQq6ap7WzANdF2B0GfUGb0En0=
Subject key identifier:   03:33:11:C1:99:4A:E1:DE:F9:E9:8E:F7:7B:7D:78:8B:59:7D:4C:55
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       21E1B47F6B7037DCDEAE08BABCC10C9D915FB1A2
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/7d07779e-2b8c-4173-b3f8-1cd5de2e437c.roa
Signing time:             Wed 25 Feb 2026 01:50:06 +0000
ROA not before:           Wed 25 Feb 2026 01:50:06 +0000
ROA not after:            Tue 26 May 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:1f29:4000::/36 maxlen: 36
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 03 Mar 2026 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            21:e1:b4:7f:6b:70:37:dc:de:ae:08:ba:bc:c1:0c:9d:91:5f:b1:a2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Feb 25 01:50:06 2026 GMT
            Not After : May 26 23:59:59 2026 GMT
        Subject: serialNumber=5cb32548f5060af3246133607f9e31c38d5519749066140a371038856b40a797, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:82:9b:89:a0:94:43:03:b7:72:f9:82:84:29:
                    ab:8a:be:c1:c0:14:9f:7d:f9:fd:ec:4b:e3:e6:6b:
                    f2:69:d8:9c:08:04:c2:05:cf:de:89:ef:95:8f:82:
                    f0:6a:39:65:c2:38:63:7a:ec:12:ff:57:b9:0d:4e:
                    d3:50:3e:23:20:1b:e0:7e:57:f5:a1:1b:a1:3d:fa:
                    9c:cb:2f:45:2f:b6:2e:f3:40:2a:5d:2d:b6:57:db:
                    ae:0c:8c:55:c2:7a:bb:77:1e:3f:98:0e:7b:f7:4e:
                    a8:a6:4a:cd:7b:5b:6d:13:dd:86:24:d5:87:46:0d:
                    c9:72:2a:6e:0d:1c:2c:83:11:ec:68:09:fc:dd:d2:
                    dc:07:bf:3b:ab:87:25:d0:ed:fd:97:fd:ef:08:ac:
                    59:a8:f5:85:b0:83:ce:66:65:9b:e0:45:af:7a:c7:
                    92:da:84:02:9f:7a:07:89:66:b0:71:66:0e:b9:4b:
                    f9:dd:2f:c9:7f:7d:0b:66:61:10:22:2b:7c:8e:5a:
                    c4:f5:58:9c:37:d3:77:85:a5:5e:3b:ca:6f:f6:a5:
                    86:43:90:55:6d:08:63:9a:9c:a5:6d:5d:83:64:74:
                    8d:0c:51:c2:54:4e:9e:a4:ac:ad:07:5f:58:25:c4:
                    f7:59:f7:08:bb:e1:d0:2b:b7:e8:d9:58:8f:8f:f7:
                    54:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                03:33:11:C1:99:4A:E1:DE:F9:E9:8E:F7:7B:7D:78:8B:59:7D:4C:55
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/7d07779e-2b8c-4173-b3f8-1cd5de2e437c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1f29:4000::/36

    Signature Algorithm: sha256WithRSAEncryption
         ae:0d:6c:b1:a0:c5:4b:12:3e:9c:81:0f:e8:3d:85:36:99:d3:
         43:16:4c:e2:3e:43:2f:2f:f0:39:ea:42:08:c1:c2:38:1c:02:
         eb:28:31:aa:37:d1:9f:db:e0:4a:b2:59:dc:3c:40:85:d1:7b:
         65:dc:1f:ff:01:8a:09:75:22:03:7e:c5:23:ca:34:6a:e5:11:
         e6:28:08:ec:98:35:f7:b0:45:30:8e:8e:ac:f7:37:ec:0e:33:
         2c:7f:14:ff:20:6a:5f:33:07:89:49:27:fd:0c:d7:84:32:33:
         1d:22:d4:b2:0f:1c:f7:72:3c:ee:07:ed:32:02:10:cf:ac:ba:
         60:2e:a4:09:af:6e:89:46:46:09:50:35:70:80:6c:07:25:20:
         61:89:6c:89:91:b7:f1:a9:eb:84:14:e2:d7:e7:7e:f0:45:51:
         4c:d8:af:cd:63:22:72:f5:6d:4f:57:a9:df:4d:2e:7a:ec:25:
         f1:50:3b:aa:18:7b:10:b8:75:ba:f1:fb:90:2c:ed:b8:ba:96:
         8b:2a:55:5e:0e:f2:24:41:4c:ca:d8:13:b8:6e:31:44:aa:c7:
         b6:49:8f:a0:07:89:3e:29:7f:a5:8b:ce:62:0a:80:23:b2:91:
         99:de:7a:88:a6:8e:76:aa:e4:cc:aa:09:00:46:d1:d8:f1:74:
         33:e9:df:bc
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUIeG0f2twN9zergi6vMEMnZFfsaIwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjYwMjI1MDE1MDA2WhcNMjYwNTI2MjM1OTU5
WjB6MUkwRwYDVQQFE0A1Y2IzMjU0OGY1MDYwYWYzMjQ2MTMzNjA3ZjllMzFjMzhk
NTUxOTc0OTA2NjE0MGEzNzEwMzg4NTZiNDBhNzk3MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCsgpuJoJRDA7dy+YKEKauKvsHAFJ99+f3sS+Pma/Jp2JwI
BMIFz96J75WPgvBqOWXCOGN67BL/V7kNTtNQPiMgG+B+V/WhG6E9+pzLL0Uvti7z
QCpdLbZX264MjFXCert3Hj+YDnv3TqimSs17W20T3YYk1YdGDclyKm4NHCyDEexo
Cfzd0twHvzurhyXQ7f2X/e8IrFmo9YWwg85mZZvgRa96x5LahAKfegeJZrBxZg65
S/ndL8l/fQtmYRAiK3yOWsT1WJw303eFpV47ym/2pYZDkFVtCGOanKVtXYNkdI0M
UcJUTp6krK0HX1glxPdZ9wi74dArt+jZWI+P91Q3AgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUAzMRwZlK4d756Y73e314i1l9TFUwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzdkMDc3NzllLTJiOGMtNDE3My1iM2Y4LTFjZDVkZTJlNDM3Yy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgQmAB8pQDANBgkqhkiG9w0BAQsFAAOCAQEArg1ssaDFSxI+nIEP6D2FNpnT
QxZM4j5DLy/wOepCCMHCOBwC6ygxqjfRn9vgSrJZ3DxAhdF7Zdwf/wGKCXUiA37F
I8o0auUR5igI7Jg197BFMI6OrPc37A4zLH8U/yBqXzMHiUkn/QzXhDIzHSLUsg8c
93I87gftMgIQz6y6YC6kCa9uiUZGCVA1cIBsByUgYYlsiZG38anrhBTi1+d+8EVR
TNivzWMicvVtT1ep300ueuwl8VA7qhh7ELh1uvH7kCztuLqWiypVXg7yJEFMytgT
uG4xRKrHtkmPoAeJPil/pYvOYgqAI7KRmd56iKaOdqrkzKoJAEbR2PF0M+nfvA==
-----END CERTIFICATE-----