Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/cc0cfc1a-62af-4984-9516-b068332cb387.roa
File:                     cc0cfc1a-62af-4984-9516-b068332cb387.roa (raw, json)
Hash identifier:          4finpPVAGbMdj9RltDRbNu24d3CBJKeCv7+zSc5amIM=
Subject key identifier:   A2:FD:C7:E7:DD:84:72:DA:15:A8:6B:51:1B:8F:D5:60:EE:5E:AE:86
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       048AE59AE03F56706908D2C8A3C83A03239022CE
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/cc0cfc1a-62af-4984-9516-b068332cb387.roa
Signing time:             Sat 14 Feb 2026 00:51:45 +0000
ROA not before:           Sat 14 Feb 2026 00:51:45 +0000
ROA not after:            Fri 15 May 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        56.86.0.0/16 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 03 Mar 2026 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            04:8a:e5:9a:e0:3f:56:70:69:08:d2:c8:a3:c8:3a:03:23:90:22:ce
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Feb 14 00:51:45 2026 GMT
            Not After : May 15 23:59:59 2026 GMT
        Subject: serialNumber=9b84455c06d2320de41fae0e334bb02c2204c3c82d4d08058521a2e9cbe4a391, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:ac:0b:6a:1e:4a:52:67:ab:f2:c0:f1:d3:f0:
                    67:d3:6a:e4:46:88:61:93:6a:36:47:37:7f:7d:f8:
                    1e:13:71:8c:a2:7c:6a:95:29:1c:5e:29:07:7f:f8:
                    17:0c:45:05:9d:f6:11:2c:47:ce:d7:93:93:4a:e6:
                    2e:c3:0d:ac:c2:44:c1:6b:28:31:7e:a6:36:cf:19:
                    12:22:04:e5:d5:e7:7e:2d:8f:c0:96:00:2d:9c:7b:
                    ec:dd:7a:7b:9d:ae:c7:34:a5:35:f7:4f:6b:84:66:
                    9a:12:82:f2:14:7a:02:fe:8e:ce:df:6a:dd:3f:53:
                    a4:04:64:f3:8f:dd:85:41:9f:a7:a6:30:2d:a2:39:
                    af:01:a0:76:d5:88:d8:ed:93:11:6b:43:78:36:52:
                    e5:35:b3:b3:3b:04:fa:63:5b:83:20:4c:85:67:c7:
                    c8:d2:d1:04:f3:7f:6b:83:44:25:00:cc:25:31:01:
                    9c:d4:2d:20:12:c2:22:45:f2:86:d9:98:64:bb:ca:
                    f7:60:cc:2a:e9:c6:fe:0a:4c:48:df:9d:75:2b:f3:
                    9d:13:1c:73:08:b5:4f:61:f9:4b:e7:03:10:2f:56:
                    96:a8:0b:1d:27:f4:de:57:85:01:e7:d3:5e:c7:21:
                    97:81:a4:cc:7a:64:99:8c:fe:aa:a4:df:64:a9:b8:
                    28:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A2:FD:C7:E7:DD:84:72:DA:15:A8:6B:51:1B:8F:D5:60:EE:5E:AE:86
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/cc0cfc1a-62af-4984-9516-b068332cb387.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  56.86.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         34:fc:be:9f:00:db:26:91:cd:8b:39:90:b5:1f:14:d6:a9:0d:
         c0:1c:f6:2b:11:ce:ac:2a:e5:dc:8c:b5:d2:b1:df:c4:95:97:
         06:f3:a2:f8:5d:d6:ea:c3:a0:7d:d5:d3:65:b1:f8:47:ae:47:
         db:19:5f:ad:a2:f3:58:30:2f:a2:4f:df:99:d9:3b:10:7d:c7:
         80:16:b9:3e:99:38:2b:2f:41:90:4c:c8:8a:6f:18:7f:15:d0:
         e4:2e:60:5a:06:dc:0f:e5:92:90:82:b3:99:85:ee:a8:54:89:
         e3:61:28:b9:48:c7:dd:d1:f8:cf:b1:66:1a:56:c5:83:30:dd:
         62:26:37:55:31:c5:6a:1e:61:81:5d:84:c8:be:a5:5c:3c:e2:
         88:59:14:ac:ab:99:b5:fd:28:9f:49:d5:c1:64:f6:8a:f1:b2:
         10:0d:79:48:9f:05:f2:e8:9f:d7:c9:e3:20:70:1e:56:70:a8:
         9b:fa:53:f6:01:ef:ca:7e:23:ec:48:9a:1c:a0:d2:f4:78:87:
         7d:27:01:7f:bd:fc:d5:7a:57:ec:db:d8:09:d4:d7:13:ba:30:
         c7:14:82:2c:1f:f2:bc:b3:b7:86:42:56:87:b7:58:19:f4:9f:
         bf:7b:e0:0e:7f:e7:ec:a0:9b:d3:71:55:5d:cb:8e:53:5a:a1:
         c6:23:08:80
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUBIrlmuA/VnBpCNLIo8g6AyOQIs4wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjYwMjE0MDA1MTQ1WhcNMjYwNTE1MjM1OTU5
WjB6MUkwRwYDVQQFE0A5Yjg0NDU1YzA2ZDIzMjBkZTQxZmFlMGUzMzRiYjAyYzIy
MDRjM2M4MmQ0ZDA4MDU4NTIxYTJlOWNiZTRhMzkxMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC+rAtqHkpSZ6vywPHT8GfTauRGiGGTajZHN399+B4TcYyi
fGqVKRxeKQd/+BcMRQWd9hEsR87Xk5NK5i7DDazCRMFrKDF+pjbPGRIiBOXV534t
j8CWAC2ce+zdenudrsc0pTX3T2uEZpoSgvIUegL+js7fat0/U6QEZPOP3YVBn6em
MC2iOa8BoHbViNjtkxFrQ3g2UuU1s7M7BPpjW4MgTIVnx8jS0QTzf2uDRCUAzCUx
AZzULSASwiJF8obZmGS7yvdgzCrpxv4KTEjfnXUr850THHMItU9h+UvnAxAvVpao
Cx0n9N5XhQHn017HIZeBpMx6ZJmM/qqk32SpuCg1AgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUov3H592EctoVqGtRG4/VYO5eroYwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2NjMGNmYzFhLTYyYWYtNDk4NC05NTE2LWIwNjgzMzJjYjM4Ny5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwA4VjANBgkqhkiG9w0BAQsFAAOCAQEANPy+nwDbJpHNizmQtR8U1qkNwBz2
KxHOrCrl3Iy10rHfxJWXBvOi+F3W6sOgfdXTZbH4R65H2xlfraLzWDAvok/fmdk7
EH3HgBa5Ppk4Ky9BkEzIim8YfxXQ5C5gWgbcD+WSkIKzmYXuqFSJ42EouUjH3dH4
z7FmGlbFgzDdYiY3VTHFah5hgV2EyL6lXDziiFkUrKuZtf0on0nVwWT2ivGyEA15
SJ8F8uif18njIHAeVnCom/pT9gHvyn4j7EiaHKDS9HiHfScBf7381XpX7NvYCdTX
E7owxxSCLB/yvLO3hkJWh7dYGfSfv3vgDn/n7KCb03FVXcuOU1qhxiMIgA==
-----END CERTIFICATE-----