Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/9824ff97-2456-49b2-84a0-9566b712b248.roa
File:                     9824ff97-2456-49b2-84a0-9566b712b248.roa (raw, json)
Hash identifier:          5TWE+z9gHyg3qJVI9m7ODLikSl3hjvDREB7nsrnD8sY=
Subject key identifier:   0F:E1:17:08:96:82:64:A2:DE:44:E4:BE:A3:2D:98:C0:CB:3B:21:EA
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       38ABB56A45AC5E5583048CA2547539ECCF02A22B
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/9824ff97-2456-49b2-84a0-9566b712b248.roa
Signing time:             Sun 15 Feb 2026 00:20:07 +0000
ROA not before:           Sun 15 Feb 2026 00:20:07 +0000
ROA not after:            Sat 16 May 2026 23:59:59 +0000
asID:                     14618
IP address blocks:        2600:1f60:7400::/40 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 03 Mar 2026 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            38:ab:b5:6a:45:ac:5e:55:83:04:8c:a2:54:75:39:ec:cf:02:a2:2b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Feb 15 00:20:07 2026 GMT
            Not After : May 16 23:59:59 2026 GMT
        Subject: serialNumber=527f5411408cb74d66a450d44252b5ec0d0c9c39bc0b43c5e234ae7818234696, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:74:b3:61:84:f3:b9:50:cb:eb:d1:8d:45:a0:
                    a3:26:c7:6c:23:9e:10:29:ae:e8:19:71:e7:a8:79:
                    06:84:39:e7:d1:59:be:cd:7f:bd:e9:f0:dc:86:ea:
                    8c:1a:31:be:0c:44:30:75:6b:05:4a:28:46:4d:0e:
                    ec:07:44:61:5f:32:39:65:af:59:fe:ca:e9:b9:55:
                    08:83:2c:d2:6f:b3:00:40:ae:11:2d:2b:1a:ae:5e:
                    da:af:11:53:ca:4b:93:61:ac:1f:8e:b1:fb:3a:a2:
                    f0:ea:66:3c:24:1a:c2:70:69:ee:8d:28:16:e8:da:
                    02:5a:51:d2:e4:c6:69:3a:d7:ee:1d:0a:ce:a7:01:
                    ec:70:98:fb:dc:0d:75:90:33:47:e5:c2:b3:da:f2:
                    8d:ce:89:9d:0c:51:a9:f6:3c:ae:0f:d3:51:1b:46:
                    8a:72:62:18:75:e4:20:f1:37:6a:9a:ee:a3:9e:38:
                    86:ae:f4:39:93:10:6f:c1:4c:c4:1b:3f:3c:96:8a:
                    da:4b:23:58:ab:cc:74:d9:d0:13:49:8d:3d:ab:b5:
                    02:6f:0e:91:af:5f:75:83:07:c5:6f:2a:38:67:12:
                    8e:cf:f3:cb:9d:9a:16:7d:6c:ad:26:fa:7e:11:6a:
                    ef:e1:37:17:e5:fb:0a:1c:92:8a:da:40:38:15:25:
                    d9:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0F:E1:17:08:96:82:64:A2:DE:44:E4:BE:A3:2D:98:C0:CB:3B:21:EA
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/9824ff97-2456-49b2-84a0-9566b712b248.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1f60:7400::/40

    Signature Algorithm: sha256WithRSAEncryption
         9e:41:d8:bc:d2:8f:ae:a4:f6:9c:3e:a0:b9:68:41:e5:53:34:
         d1:8a:06:87:01:1a:f0:72:f7:76:97:02:51:df:db:b1:5e:bb:
         a6:79:1f:e7:d2:2f:36:9e:df:37:11:9a:58:5a:75:13:ef:b4:
         27:04:f1:c6:cc:6a:63:4c:dd:ff:e5:c7:1a:a6:5a:6b:4c:d2:
         66:62:fa:32:50:fe:5b:48:e5:94:4b:df:06:18:f9:a5:1e:3b:
         e2:7b:55:99:2e:cd:30:45:53:b4:d6:d8:58:fa:9f:c8:18:b3:
         20:94:dc:98:45:10:0d:ae:61:2a:cd:e4:61:1c:a3:2b:6f:45:
         07:44:09:8e:a4:9f:83:99:d0:ed:9f:12:bb:5f:24:41:82:8a:
         23:90:ab:07:ef:0b:c3:9b:43:e7:b8:23:18:a2:34:ba:d4:9f:
         60:10:5f:ca:fd:00:a8:d3:59:c4:bb:7c:ad:55:2c:66:b8:72:
         8d:2f:15:f4:e2:e7:c5:10:14:cb:4e:44:68:3b:41:57:4b:1f:
         b7:ec:12:db:c6:32:50:54:e2:6a:a3:b9:9e:f4:3c:51:30:ef:
         ff:ab:96:72:d4:bc:cf:b8:e9:d3:c5:52:23:41:26:90:7c:ef:
         14:8d:6a:45:96:8e:58:fd:48:4b:02:71:86:50:5f:0e:c1:9a:
         63:65:51:d5
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUOKu1akWsXlWDBIyiVHU57M8CoiswDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjYwMjE1MDAyMDA3WhcNMjYwNTE2MjM1OTU5
WjB6MUkwRwYDVQQFE0A1MjdmNTQxMTQwOGNiNzRkNjZhNDUwZDQ0MjUyYjVlYzBk
MGM5YzM5YmMwYjQzYzVlMjM0YWU3ODE4MjM0Njk2MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCzdLNhhPO5UMvr0Y1FoKMmx2wjnhAprugZceeoeQaEOefR
Wb7Nf73p8NyG6owaMb4MRDB1awVKKEZNDuwHRGFfMjllr1n+yum5VQiDLNJvswBA
rhEtKxquXtqvEVPKS5NhrB+Osfs6ovDqZjwkGsJwae6NKBbo2gJaUdLkxmk61+4d
Cs6nAexwmPvcDXWQM0flwrPa8o3OiZ0MUan2PK4P01EbRopyYhh15CDxN2qa7qOe
OIau9DmTEG/BTMQbPzyWitpLI1irzHTZ0BNJjT2rtQJvDpGvX3WDB8VvKjhnEo7P
88udmhZ9bK0m+n4Rau/hNxfl+wockoraQDgVJdnxAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUD+EXCJaCZKLeROS+oy2YwMs7IeowHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzk4MjRmZjk3LTI0NTYtNDliMi04NGEwLTk1NjZiNzEyYjI0OC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgAmAB9gdDANBgkqhkiG9w0BAQsFAAOCAQEAnkHYvNKPrqT2nD6guWhB5VM0
0YoGhwEa8HL3dpcCUd/bsV67pnkf59IvNp7fNxGaWFp1E++0JwTxxsxqY0zd/+XH
GqZaa0zSZmL6MlD+W0jllEvfBhj5pR474ntVmS7NMEVTtNbYWPqfyBizIJTcmEUQ
Da5hKs3kYRyjK29FB0QJjqSfg5nQ7Z8Su18kQYKKI5CrB+8Lw5tD57gjGKI0utSf
YBBfyv0AqNNZxLt8rVUsZrhyjS8V9OLnxRAUy05EaDtBV0sft+wS28YyUFTiaqO5
nvQ8UTDv/6uWctS8z7jp08VSI0EmkHzvFI1qRZaOWP1ISwJxhlBfDsGaY2VR1Q==
-----END CERTIFICATE-----