Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/a7b573de-8dbd-4362-82ea-1bd3c997a837.roa
File:                     a7b573de-8dbd-4362-82ea-1bd3c997a837.roa (raw, json)
Hash identifier:          /2TPmP6Cz4THz8oLVvRSZb9GoRwvzhrEAt00vCO720Y=
Subject key identifier:   8A:EB:E0:80:C0:65:E1:5C:9C:27:86:06:EB:9B:61:80:89:5A:E4:7D
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       606A48B27E4EC5414633F4EC94BC3004D8EAC5B3
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/a7b573de-8dbd-4362-82ea-1bd3c997a837.roa
Signing time:             Sun 15 Feb 2026 00:11:13 +0000
ROA not before:           Sun 15 Feb 2026 00:11:13 +0000
ROA not after:            Sat 16 May 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        99.151.64.0/21 maxlen: 21
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 03 Mar 2026 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            60:6a:48:b2:7e:4e:c5:41:46:33:f4:ec:94:bc:30:04:d8:ea:c5:b3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Feb 15 00:11:13 2026 GMT
            Not After : May 16 23:59:59 2026 GMT
        Subject: serialNumber=857ea3e3ba3528faba554c369ac843dc29dddbb9d975cac7a6aa84811b2c58c8, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:8c:89:85:78:a2:93:3c:9a:cc:94:fa:bf:de:
                    bb:ac:26:0f:9b:d5:d7:36:a5:68:9f:b5:ef:0f:74:
                    f9:c8:03:36:af:30:53:86:62:82:cb:b0:f5:4d:65:
                    8b:46:3f:53:7a:d4:ef:cc:cc:8e:1f:66:04:12:aa:
                    c2:4c:86:f8:91:dc:6a:97:51:8f:d9:92:56:27:f7:
                    f0:b9:7a:59:a8:41:a0:9f:94:3d:88:05:8b:c8:45:
                    a2:f6:a2:c3:44:73:8f:ce:fc:df:3b:c6:86:35:2a:
                    95:ae:dc:39:eb:9e:51:80:7a:87:93:22:af:a2:45:
                    e2:fe:9a:6b:d4:a9:63:97:34:26:a2:e5:cd:d4:ba:
                    c5:3a:6b:64:ce:27:60:1a:a5:33:6f:c0:88:63:ab:
                    7c:d3:fa:9b:9e:49:a4:46:63:b0:db:5d:f2:c7:ae:
                    dd:34:39:32:88:56:1f:62:74:4d:16:f8:f9:11:24:
                    fd:2f:41:ff:8a:75:90:20:e8:a7:e8:b7:66:cd:1a:
                    2d:43:1b:c9:e6:98:74:fc:b9:93:5b:f9:18:e5:b8:
                    c1:1c:05:2a:fc:cd:87:56:05:e8:57:ce:9c:1c:6c:
                    38:6b:ca:cd:cb:55:32:59:be:97:e0:1a:41:2b:d3:
                    d2:ec:d0:15:56:ef:c6:79:e3:ae:20:c5:cd:0b:91:
                    d6:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8A:EB:E0:80:C0:65:E1:5C:9C:27:86:06:EB:9B:61:80:89:5A:E4:7D
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/a7b573de-8dbd-4362-82ea-1bd3c997a837.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  99.151.64.0/21

    Signature Algorithm: sha256WithRSAEncryption
         1a:a9:83:df:ef:32:e2:a2:88:ce:12:f6:72:1d:c7:91:fa:13:
         fd:d2:ec:25:0a:35:a5:b0:2f:42:c1:a3:cf:62:79:a0:e0:35:
         c6:71:98:08:9c:da:54:ff:10:4f:5a:e8:cb:78:46:77:9d:9d:
         cc:e6:c6:d4:3e:d6:4b:e0:3e:c7:0d:c6:df:0d:48:03:b5:dc:
         10:bf:a6:bb:a2:83:39:17:68:0b:a9:b3:23:c0:8d:20:4e:eb:
         e4:93:46:d4:15:53:de:42:31:52:ff:33:fb:30:f2:7f:51:80:
         0b:ef:65:43:f2:3e:0b:4c:22:b5:5b:da:2d:96:56:5c:99:42:
         42:a5:9d:58:a2:df:24:7c:fc:b8:f3:87:21:89:ed:38:47:20:
         c4:89:cc:0c:8c:6a:58:2b:3e:29:77:c1:6e:b0:8e:57:a1:46:
         91:84:e8:69:e4:06:18:e9:1a:94:5e:0e:b8:5b:53:2d:e6:f6:
         05:b1:59:cd:82:d0:e1:36:e2:b6:b3:e2:f3:e4:9d:36:7d:cd:
         26:91:1b:e5:15:b4:65:e3:68:37:31:0c:4a:c5:e3:dc:a4:fd:
         18:fc:65:38:de:59:d0:5b:99:90:ac:3d:69:a4:d0:51:b0:d5:
         cf:d1:42:bd:dc:25:78:ad:90:ef:69:4d:ff:d1:ab:9a:e1:59:
         c8:13:d5:1f
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUYGpIsn5OxUFGM/TslLwwBNjqxbMwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjYwMjE1MDAxMTEzWhcNMjYwNTE2MjM1OTU5
WjB6MUkwRwYDVQQFE0A4NTdlYTNlM2JhMzUyOGZhYmE1NTRjMzY5YWM4NDNkYzI5
ZGRkYmI5ZDk3NWNhYzdhNmFhODQ4MTFiMmM1OGM4MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDHjImFeKKTPJrMlPq/3rusJg+b1dc2pWifte8PdPnIAzav
MFOGYoLLsPVNZYtGP1N61O/MzI4fZgQSqsJMhviR3GqXUY/ZklYn9/C5elmoQaCf
lD2IBYvIRaL2osNEc4/O/N87xoY1KpWu3DnrnlGAeoeTIq+iReL+mmvUqWOXNCai
5c3UusU6a2TOJ2AapTNvwIhjq3zT+pueSaRGY7DbXfLHrt00OTKIVh9idE0W+PkR
JP0vQf+KdZAg6Kfot2bNGi1DG8nmmHT8uZNb+RjluMEcBSr8zYdWBehXzpwcbDhr
ys3LVTJZvpfgGkEr09Ls0BVW78Z5464gxc0LkdYHAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUiuvggMBl4VycJ4YG65thgIla5H0wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2E3YjU3M2RlLThkYmQtNDM2Mi04MmVhLTFiZDNjOTk3YTgzNy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBANjl0AwDQYJKoZIhvcNAQELBQADggEBABqpg9/vMuKiiM4S9nIdx5H6E/3S
7CUKNaWwL0LBo89ieaDgNcZxmAic2lT/EE9a6Mt4RnednczmxtQ+1kvgPscNxt8N
SAO13BC/pruigzkXaAupsyPAjSBO6+STRtQVU95CMVL/M/sw8n9RgAvvZUPyPgtM
IrVb2i2WVlyZQkKlnVii3yR8/LjzhyGJ7ThHIMSJzAyMalgrPil3wW6wjlehRpGE
6GnkBhjpGpReDrhbUy3m9gWxWc2C0OE24raz4vPknTZ9zSaRG+UVtGXjaDcxDErF
49yk/Rj8ZTjeWdBbmZCsPWmk0FGw1c/RQr3cJXitkO9pTf/Rq5rhWcgT1R8=
-----END CERTIFICATE-----