Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/d3a1c600-199e-451d-b216-427176bb5382.roa
File:                     d3a1c600-199e-451d-b216-427176bb5382.roa (raw, json)
Hash identifier:          n5lUdxEm0LlCL0i2jp/jqpk5qkZCgpA21qUUWAEiKlo=
Subject key identifier:   EF:14:FA:7C:1E:C0:03:B6:08:3E:B4:99:0D:47:EC:13:25:54:88:38
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       41360E8831C39BC1DD9DFAB42F25CF9FE476D031
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/d3a1c600-199e-451d-b216-427176bb5382.roa
Signing time:             Wed 18 Feb 2026 00:21:38 +0000
ROA not before:           Wed 18 Feb 2026 00:21:38 +0000
ROA not after:            Tue 19 May 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        69.0.220.0/22 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 03 Mar 2026 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            41:36:0e:88:31:c3:9b:c1:dd:9d:fa:b4:2f:25:cf:9f:e4:76:d0:31
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Feb 18 00:21:38 2026 GMT
            Not After : May 19 23:59:59 2026 GMT
        Subject: serialNumber=a0d050b76e9e2d633f588173b247990914fd4d3f7ae99eceb5bd3c35a8a8a195, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:ea:14:58:55:df:5d:cb:a5:53:98:5a:5c:3d:
                    16:01:af:57:a6:ce:83:38:74:4c:9c:99:bc:af:2a:
                    17:2c:da:df:07:e2:12:bb:23:55:69:e0:72:0e:38:
                    b8:89:23:92:74:e8:17:28:d5:43:0d:cb:90:86:8d:
                    2b:c9:82:8d:e3:97:49:d8:bf:f3:ee:53:ab:dd:c8:
                    c2:d6:a0:2e:3a:0b:95:01:c3:09:3d:df:45:ff:3a:
                    a1:ab:62:98:0a:84:3b:a3:7b:23:0e:72:16:f6:40:
                    e3:61:4d:6d:c8:f6:83:13:c0:69:4c:16:91:e7:1a:
                    53:74:19:e1:31:dc:55:8e:48:cc:97:d2:b5:45:e5:
                    6c:c3:82:b3:a1:1b:83:57:e2:3d:20:7b:61:5b:f3:
                    79:56:05:33:04:9a:20:ba:6d:ed:64:e9:e2:99:29:
                    44:69:90:5b:f8:0f:88:d2:1f:01:63:01:1d:04:d8:
                    50:89:a3:98:65:ba:10:66:8f:56:e4:cd:b6:4f:39:
                    c3:f4:0e:18:a9:41:ee:c0:76:66:99:89:9a:68:7f:
                    bc:2f:2a:35:b1:d7:4d:72:f6:a0:c9:1e:cf:89:0c:
                    d1:d8:4a:47:cc:c8:fb:ee:07:b2:6a:bf:da:0d:c6:
                    e9:d5:1c:71:95:d6:66:69:26:44:20:3f:c3:f8:07:
                    3f:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EF:14:FA:7C:1E:C0:03:B6:08:3E:B4:99:0D:47:EC:13:25:54:88:38
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/d3a1c600-199e-451d-b216-427176bb5382.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  69.0.220.0/22

    Signature Algorithm: sha256WithRSAEncryption
         8f:cd:8a:f2:73:12:87:55:44:14:65:66:18:24:cf:ee:83:63:
         a2:a4:90:bf:27:30:c6:ff:f4:5b:4b:f2:35:48:82:a8:6c:0d:
         5c:67:f6:3d:bf:3a:bb:f8:de:52:bb:6f:65:a9:99:d1:3d:8c:
         e7:f9:69:fd:90:53:5a:cf:f3:e5:41:97:ce:a6:32:ed:9d:6d:
         3b:05:f0:d1:51:ef:71:9a:7d:13:81:b8:94:b7:2a:29:55:1e:
         f9:c7:51:09:96:a6:04:d9:47:23:31:a1:27:26:f2:1a:4f:0b:
         4f:1a:5f:23:ff:e6:13:4d:e7:f2:ac:47:dd:71:25:9d:f0:cc:
         c3:c5:72:0d:80:75:9b:23:88:09:66:1f:86:28:0a:c8:bb:28:
         85:4d:4f:53:9c:c5:b1:02:13:65:87:b3:44:34:dc:9f:52:99:
         e5:45:30:0a:3c:0e:e5:5d:34:d7:2a:f4:3e:d0:30:a4:c0:aa:
         6b:ed:cb:7c:cd:37:6b:12:e6:a9:8d:f8:fd:45:99:b4:0b:e0:
         e1:87:ec:27:de:46:e8:56:26:bc:73:52:32:22:7d:e1:ad:82:
         27:65:2b:a0:1a:e0:7f:46:6e:9e:6e:ef:c1:7e:76:5c:4e:98:
         9d:db:a8:a6:51:8a:db:c8:f0:1f:4b:f4:6f:c4:dc:79:4c:20:
         68:02:af:e5
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUQTYOiDHDm8Hdnfq0LyXPn+R20DEwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjYwMjE4MDAyMTM4WhcNMjYwNTE5MjM1OTU5
WjB6MUkwRwYDVQQFE0BhMGQwNTBiNzZlOWUyZDYzM2Y1ODgxNzNiMjQ3OTkwOTE0
ZmQ0ZDNmN2FlOTllY2ViNWJkM2MzNWE4YThhMTk1MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCg6hRYVd9dy6VTmFpcPRYBr1emzoM4dEycmbyvKhcs2t8H
4hK7I1Vp4HIOOLiJI5J06Bco1UMNy5CGjSvJgo3jl0nYv/PuU6vdyMLWoC46C5UB
wwk930X/OqGrYpgKhDujeyMOchb2QONhTW3I9oMTwGlMFpHnGlN0GeEx3FWOSMyX
0rVF5WzDgrOhG4NX4j0ge2Fb83lWBTMEmiC6be1k6eKZKURpkFv4D4jSHwFjAR0E
2FCJo5hluhBmj1bkzbZPOcP0DhipQe7AdmaZiZpof7wvKjWx101y9qDJHs+JDNHY
SkfMyPvuB7Jqv9oNxunVHHGV1mZpJkQgP8P4Bz9zAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU7xT6fB7AA7YIPrSZDUfsEyVUiDgwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2QzYTFjNjAwLTE5OWUtNDUxZC1iMjE2LTQyNzE3NmJiNTM4Mi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAJFANwwDQYJKoZIhvcNAQELBQADggEBAI/NivJzEodVRBRlZhgkz+6DY6Kk
kL8nMMb/9FtL8jVIgqhsDVxn9j2/Orv43lK7b2WpmdE9jOf5af2QU1rP8+VBl86m
Mu2dbTsF8NFR73GafROBuJS3KilVHvnHUQmWpgTZRyMxoScm8hpPC08aXyP/5hNN
5/KsR91xJZ3wzMPFcg2AdZsjiAlmH4YoCsi7KIVNT1OcxbECE2WHs0Q03J9SmeVF
MAo8DuVdNNcq9D7QMKTAqmvty3zNN2sS5qmN+P1FmbQL4OGH7CfeRuhWJrxzUjIi
feGtgidlK6Aa4H9Gbp5u78F+dlxOmJ3bqKZRitvI8B9L9G/E3HlMIGgCr+U=
-----END CERTIFICATE-----
Generated at Mon Mar 2 00:16:24 2026 by rpki-client