Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/bfd5c5b2-690e-40ea-b59a-87fc663904a6.roa
File:                     bfd5c5b2-690e-40ea-b59a-87fc663904a6.roa (raw, json)
Hash identifier:          ktTmWkDCB/0ngmO/qrKfpyV63VEYv/QobR0cRAPy/pI=
Subject key identifier:   44:96:AC:B6:0B:9D:8D:FE:CD:7F:8E:6C:AF:F0:BB:89:3C:06:3F:DA
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       475BE1AFAFA8CBC37382B6D5E9B88A9699D338DB
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/bfd5c5b2-690e-40ea-b59a-87fc663904a6.roa
Signing time:             Tue 17 Feb 2026 00:10:31 +0000
ROA not before:           Tue 17 Feb 2026 00:10:31 +0000
ROA not after:            Mon 18 May 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        95.40.0.0/15 maxlen: 15
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 03 Mar 2026 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            47:5b:e1:af:af:a8:cb:c3:73:82:b6:d5:e9:b8:8a:96:99:d3:38:db
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Feb 17 00:10:31 2026 GMT
            Not After : May 18 23:59:59 2026 GMT
        Subject: serialNumber=f1e45db97f654926cd58ab105255e87179e93cb94fef3c285b924d4b7059e260, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dc:52:e4:3a:ea:7c:06:ab:c5:2d:1d:0d:55:13:
                    93:5a:cf:c7:3a:22:cb:93:8b:7e:48:b8:50:be:53:
                    28:1d:41:7c:07:d2:e3:94:72:af:7b:2d:e8:d0:3c:
                    f8:4e:d2:24:ea:2d:72:ad:2d:a0:da:dd:d1:51:2d:
                    43:41:e4:08:af:f8:f9:24:11:69:4e:ff:f1:ac:62:
                    a3:c2:13:d1:a5:2e:30:44:d7:e0:f7:37:76:22:e5:
                    4e:11:dd:3c:c6:5b:c3:a8:c1:04:33:bb:d1:80:ca:
                    5c:19:fc:45:08:6d:0a:9e:61:11:3d:3f:53:7e:fe:
                    6e:73:4f:44:db:16:69:01:1a:6b:cc:48:9e:6c:b2:
                    20:40:b0:49:df:c0:71:9d:d5:93:14:66:0f:73:4b:
                    37:00:e8:82:37:b9:ad:ce:75:50:21:fa:4c:74:83:
                    f0:bd:be:79:51:51:fe:85:82:07:39:20:72:b8:89:
                    81:5e:ea:e7:85:39:c6:4f:ca:ee:c3:a6:38:bb:eb:
                    6f:18:c6:f8:01:04:e7:76:da:c7:88:f3:c1:8f:cd:
                    b4:da:2c:0c:86:42:61:28:fd:51:26:31:05:e6:81:
                    66:3e:c0:c9:d5:aa:45:60:e0:ee:98:5c:c5:e4:35:
                    8b:71:22:8b:c5:44:0d:15:cf:c4:e6:e1:13:7e:41:
                    ca:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                44:96:AC:B6:0B:9D:8D:FE:CD:7F:8E:6C:AF:F0:BB:89:3C:06:3F:DA
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/bfd5c5b2-690e-40ea-b59a-87fc663904a6.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  95.40.0.0/15

    Signature Algorithm: sha256WithRSAEncryption
         9a:a9:68:2f:1b:15:0f:b3:33:a9:3c:e0:52:a3:be:68:05:25:
         0d:9a:27:74:13:74:46:64:71:4f:3f:17:41:e8:b7:8a:ec:9c:
         7d:e0:4d:6e:e6:9a:dd:08:7f:25:fd:53:ad:00:4c:5f:62:b0:
         86:e4:f2:fe:9c:1f:5e:f8:9a:9d:1e:cc:06:e2:e0:7c:15:8b:
         9c:f6:66:1d:77:fe:a3:50:96:40:ed:cb:aa:6a:cd:3b:17:23:
         a2:18:77:58:20:91:20:95:10:81:b1:ff:6c:dc:56:42:5e:00:
         0b:51:a4:43:34:ca:2f:81:cf:73:38:75:ba:83:85:c3:01:72:
         73:52:b3:87:1f:61:f1:ea:ff:13:02:7d:8e:3e:e9:48:aa:96:
         1a:55:72:61:7c:b0:9d:a7:e0:99:04:bf:72:b1:15:14:77:a9:
         19:f9:32:be:6d:70:ef:66:2b:fc:a7:e5:5d:57:6e:7b:e2:33:
         2d:37:f7:37:ed:7f:01:d7:62:48:0e:e2:8a:8d:70:43:6c:c3:
         b7:4f:fe:4b:6e:8d:cb:80:77:db:dc:cc:dd:ea:3c:0f:8e:46:
         c7:b0:8a:db:00:a3:24:bf:7d:2d:91:fd:ad:10:08:ac:9b:4e:
         05:45:5e:78:94:01:c7:21:64:02:a6:9f:74:7b:8f:96:03:d1:
         5b:0d:6a:90
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUR1vhr6+oy8NzgrbV6biKlpnTONswDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjYwMjE3MDAxMDMxWhcNMjYwNTE4MjM1OTU5
WjB6MUkwRwYDVQQFE0BmMWU0NWRiOTdmNjU0OTI2Y2Q1OGFiMTA1MjU1ZTg3MTc5
ZTkzY2I5NGZlZjNjMjg1YjkyNGQ0YjcwNTllMjYwMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDcUuQ66nwGq8UtHQ1VE5Naz8c6IsuTi35IuFC+UygdQXwH
0uOUcq97LejQPPhO0iTqLXKtLaDa3dFRLUNB5Aiv+PkkEWlO//GsYqPCE9GlLjBE
1+D3N3Yi5U4R3TzGW8OowQQzu9GAylwZ/EUIbQqeYRE9P1N+/m5zT0TbFmkBGmvM
SJ5ssiBAsEnfwHGd1ZMUZg9zSzcA6II3ua3OdVAh+kx0g/C9vnlRUf6Fggc5IHK4
iYFe6ueFOcZPyu7Dpji7628YxvgBBOd22seI88GPzbTaLAyGQmEo/VEmMQXmgWY+
wMnVqkVg4O6YXMXkNYtxIovFRA0Vz8Tm4RN+Qcq3AgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQURJastgudjf7Nf45sr/C7iTwGP9owHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2JmZDVjNWIyLTY5MGUtNDBlYS1iNTlhLTg3ZmM2NjM5MDRhNi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwFfKDANBgkqhkiG9w0BAQsFAAOCAQEAmqloLxsVD7MzqTzgUqO+aAUlDZon
dBN0RmRxTz8XQei3iuycfeBNbuaa3Qh/Jf1TrQBMX2KwhuTy/pwfXvianR7MBuLg
fBWLnPZmHXf+o1CWQO3LqmrNOxcjohh3WCCRIJUQgbH/bNxWQl4AC1GkQzTKL4HP
czh1uoOFwwFyc1Kzhx9h8er/EwJ9jj7pSKqWGlVyYXywnafgmQS/crEVFHepGfky
vm1w72Yr/KflXVdue+IzLTf3N+1/AddiSA7iio1wQ2zDt0/+S26Ny4B329zM3eo8
D45Gx7CK2wCjJL99LZH9rRAIrJtOBUVeeJQBxyFkAqafdHuPlgPRWw1qkA==
-----END CERTIFICATE-----