Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/eba38095-a2fa-46c3-926b-3eae22565fa7.roa
File:                     eba38095-a2fa-46c3-926b-3eae22565fa7.roa (raw, json)
Hash identifier:          4vTmGBL7d1Y1/lcZnAMHTff10ANzeqcL9cIXPTPgY04=
Subject key identifier:   52:05:97:34:33:1A:9A:8C:42:DA:AD:67:B5:30:87:1E:F4:AB:81:9E
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       02CFCA22D9AE43C02C8E28DFBA603AD67B3976B5
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/eba38095-a2fa-46c3-926b-3eae22565fa7.roa
Signing time:             Wed 25 Feb 2026 01:20:57 +0000
ROA not before:           Wed 25 Feb 2026 01:20:57 +0000
ROA not after:            Tue 26 May 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:1f13:4400::/38 maxlen: 38
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 03 Mar 2026 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            02:cf:ca:22:d9:ae:43:c0:2c:8e:28:df:ba:60:3a:d6:7b:39:76:b5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Feb 25 01:20:57 2026 GMT
            Not After : May 26 23:59:59 2026 GMT
        Subject: serialNumber=27252cfc7fb457700dd44e6d72b992c3d24a7643d35248d71207dab6c4cfa129, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:71:8d:b7:d3:c5:9f:59:40:eb:83:29:c2:74:
                    66:94:eb:47:0f:ca:a7:b7:38:09:ec:cd:a3:44:64:
                    dd:38:d4:c8:0d:85:de:66:2f:6c:be:e9:0d:b3:17:
                    0f:22:86:ab:cf:04:2f:c6:79:91:59:d4:3e:eb:d6:
                    60:28:73:99:6f:04:85:0f:30:25:fc:d2:c8:f0:c3:
                    fc:8f:5f:23:15:d8:1b:f8:3b:8b:c8:1e:23:26:6d:
                    7c:0a:5a:3a:b3:f1:58:d3:71:9d:84:7e:b7:35:5b:
                    75:4d:f5:a6:e3:98:4d:78:04:f4:b8:15:8f:9c:be:
                    a8:11:77:27:76:f5:c9:74:22:66:58:99:0e:72:2b:
                    72:d5:ad:33:a3:09:46:59:11:58:7c:9f:f5:07:28:
                    9a:8c:cb:2b:9d:14:64:ca:e9:7e:45:ee:e3:d8:87:
                    85:ea:84:73:54:8b:62:11:27:0e:96:68:17:2c:db:
                    ce:32:89:2a:65:ec:63:92:0a:f3:e7:c6:cd:8e:99:
                    49:5d:14:73:23:2d:d7:fb:45:b5:af:45:34:7c:cc:
                    c0:b1:b4:fe:1d:3d:61:98:38:6a:80:40:78:69:a8:
                    2e:2b:ac:c2:4f:db:d9:07:7d:2e:25:97:07:c1:e1:
                    d0:b3:70:25:a2:4d:de:60:d1:4b:27:4a:ea:06:6f:
                    29:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                52:05:97:34:33:1A:9A:8C:42:DA:AD:67:B5:30:87:1E:F4:AB:81:9E
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/eba38095-a2fa-46c3-926b-3eae22565fa7.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1f13:4400::/38

    Signature Algorithm: sha256WithRSAEncryption
         a0:fc:8a:fb:4a:ed:40:be:82:5b:14:27:29:66:59:d0:bf:77:
         a8:ad:14:40:f0:a3:6c:9a:db:06:38:6b:36:6d:78:07:7f:88:
         33:cb:67:e3:f0:df:2c:32:23:29:92:a1:5f:37:d3:ee:75:d1:
         cd:a3:09:0c:ec:88:b3:90:63:8b:98:e4:cc:bd:b1:de:96:d2:
         a8:de:f3:ec:a6:a1:ac:f1:55:59:5c:e7:5d:ff:26:80:89:f3:
         9c:d5:e9:32:7e:f4:5a:96:5e:57:3b:d0:93:0a:ba:06:de:42:
         be:00:22:b9:56:13:56:3a:49:ff:2e:b3:9f:5e:c3:d2:68:8f:
         8d:f6:c2:a0:09:89:e1:99:2f:17:ec:3d:cd:09:c6:92:68:e7:
         f7:18:ac:63:36:94:b3:8b:15:89:c4:df:3c:46:e6:3f:36:73:
         4d:5f:7f:b6:d4:41:3e:64:b4:d6:1d:8b:f1:83:8d:3a:13:4f:
         3d:35:b2:f6:5a:5b:1f:c3:82:66:bb:ef:3c:fd:e0:ae:a9:3d:
         88:94:c0:98:d5:a1:f5:32:9a:71:72:e7:e6:fb:06:bb:e7:58:
         b7:c4:c1:97:2a:f9:1c:07:cc:b8:e7:a5:81:78:e3:36:4b:05:
         96:d6:c1:2d:24:80:73:53:fc:c4:80:70:c2:b2:4a:99:23:9f:
         e7:c6:10:6f
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUAs/KItmuQ8AsjijfumA61ns5drUwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjYwMjI1MDEyMDU3WhcNMjYwNTI2MjM1OTU5
WjB6MUkwRwYDVQQFE0AyNzI1MmNmYzdmYjQ1NzcwMGRkNDRlNmQ3MmI5OTJjM2Qy
NGE3NjQzZDM1MjQ4ZDcxMjA3ZGFiNmM0Y2ZhMTI5MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC+cY2308WfWUDrgynCdGaU60cPyqe3OAnszaNEZN041MgN
hd5mL2y+6Q2zFw8ihqvPBC/GeZFZ1D7r1mAoc5lvBIUPMCX80sjww/yPXyMV2Bv4
O4vIHiMmbXwKWjqz8VjTcZ2Efrc1W3VN9abjmE14BPS4FY+cvqgRdyd29cl0ImZY
mQ5yK3LVrTOjCUZZEVh8n/UHKJqMyyudFGTK6X5F7uPYh4XqhHNUi2IRJw6WaBcs
284yiSpl7GOSCvPnxs2OmUldFHMjLdf7RbWvRTR8zMCxtP4dPWGYOGqAQHhpqC4r
rMJP29kHfS4llwfB4dCzcCWiTd5g0UsnSuoGbykJAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUUgWXNDMamoxC2q1ntTCHHvSrgZ4wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2ViYTM4MDk1LWEyZmEtNDZjMy05MjZiLTNlYWUyMjU2NWZhNy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgImAB8TRDANBgkqhkiG9w0BAQsFAAOCAQEAoPyK+0rtQL6CWxQnKWZZ0L93
qK0UQPCjbJrbBjhrNm14B3+IM8tn4/DfLDIjKZKhXzfT7nXRzaMJDOyIs5Bji5jk
zL2x3pbSqN7z7KahrPFVWVznXf8mgInznNXpMn70WpZeVzvQkwq6Bt5CvgAiuVYT
VjpJ/y6zn17D0miPjfbCoAmJ4ZkvF+w9zQnGkmjn9xisYzaUs4sVicTfPEbmPzZz
TV9/ttRBPmS01h2L8YONOhNPPTWy9lpbH8OCZrvvPP3grqk9iJTAmNWh9TKacXLn
5vsGu+dYt8TBlyr5HAfMuOelgXjjNksFltbBLSSAc1P8xIBwwrJKmSOf58YQbw==
-----END CERTIFICATE-----