Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/f21f3ab6-5c32-4a28-ab46-a813ba9034e1.roa
File:                     f21f3ab6-5c32-4a28-ab46-a813ba9034e1.roa (raw, json)
Hash identifier:          iRdr9cVG0aHHRXXwz0ckOqc8vc0+W1bS6WXSweGDjv8=
Subject key identifier:   38:C2:A3:9C:2A:93:DF:C1:86:BE:10:1D:55:F3:D2:25:F8:2C:D2:77
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       76A887AF5B72FC1B2D45AE13F4EF0142235772C5
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/f21f3ab6-5c32-4a28-ab46-a813ba9034e1.roa
Signing time:             Tue 24 Feb 2026 00:10:07 +0000
ROA not before:           Tue 24 Feb 2026 00:10:07 +0000
ROA not after:            Mon 25 May 2026 23:59:59 +0000
asID:                     14618
IP address blocks:        2600:1fff:8050::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 03 Mar 2026 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            76:a8:87:af:5b:72:fc:1b:2d:45:ae:13:f4:ef:01:42:23:57:72:c5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Feb 24 00:10:07 2026 GMT
            Not After : May 25 23:59:59 2026 GMT
        Subject: serialNumber=029cfb1eb98d8aa4c65017d6b841f3960b067d936c5f08c3f2e337780a6e2dc8, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:7b:1f:47:56:b7:c9:e2:35:31:8f:c1:16:e9:
                    cf:ae:39:fa:9f:dd:0b:9c:1e:36:33:d1:76:54:57:
                    73:05:af:f4:0d:56:73:07:c0:2c:41:80:0f:07:c8:
                    16:50:5a:cb:1b:e1:a8:aa:f3:e8:5d:8d:3b:39:57:
                    16:e8:c3:98:f1:0b:54:d3:14:50:ac:e2:c3:08:44:
                    64:59:70:24:80:aa:fa:d9:f5:8e:3b:12:2d:1c:05:
                    2e:75:52:84:ec:86:13:b1:cc:91:b3:4f:f2:2b:5a:
                    fc:b9:90:ae:26:28:bd:b5:60:81:eb:ee:6c:6b:4b:
                    71:78:f7:47:4c:2a:0c:1e:ed:76:46:4f:b5:31:ba:
                    3e:c3:f8:a3:e0:48:ac:fb:56:72:07:c8:1f:50:15:
                    d6:0e:ed:4a:c3:fc:5d:11:e2:de:0c:a8:82:1b:94:
                    08:4e:2e:ac:fd:e9:9a:74:a2:88:1c:d2:27:fb:17:
                    32:7a:d6:5a:b7:11:36:3f:39:64:88:82:c6:44:7d:
                    01:66:1b:c9:de:79:7f:a7:9e:84:00:9a:91:13:ea:
                    a0:8f:b2:4c:54:03:b0:6c:e2:27:33:0e:1e:d8:eb:
                    03:80:15:3c:f6:a7:44:54:5d:f3:ee:81:91:b0:dd:
                    f9:48:9a:5f:56:72:6f:cc:c0:9c:43:a5:d9:a0:bc:
                    25:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                38:C2:A3:9C:2A:93:DF:C1:86:BE:10:1D:55:F3:D2:25:F8:2C:D2:77
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/f21f3ab6-5c32-4a28-ab46-a813ba9034e1.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1fff:8050::/48

    Signature Algorithm: sha256WithRSAEncryption
         7c:cd:71:54:2b:ee:21:4c:3b:1c:5d:6c:4b:e1:00:bb:f5:0d:
         90:0d:1a:49:21:af:4b:c0:ac:a4:1f:a6:92:0b:90:b6:b4:29:
         b2:ee:f5:fc:39:ef:7b:aa:f3:9f:3d:e5:86:96:ad:ee:72:b1:
         0a:09:8e:37:c5:97:d6:e6:69:c0:88:cb:9a:fe:39:0d:de:c7:
         65:85:b7:39:82:f5:a9:fb:de:18:13:43:08:c8:83:de:f2:fe:
         da:14:1a:3e:e1:bb:98:39:b2:9a:7c:f4:0c:8b:db:1c:27:fe:
         d0:6f:31:b7:fb:d5:4e:c2:3b:21:ef:9c:60:c5:94:8b:f1:24:
         b5:ec:c5:df:e7:8a:d9:dd:6f:3f:f7:94:57:1d:44:4d:fa:03:
         47:0d:21:d7:e8:29:42:99:1c:53:c8:66:2e:39:9b:69:2a:1b:
         6d:88:4b:c6:eb:82:9d:f1:49:c5:4a:45:96:77:e3:f8:d3:97:
         83:d4:33:b9:1f:8c:8a:68:b4:e9:4b:41:09:d1:02:36:b2:89:
         94:a4:0e:75:04:14:91:14:fa:e3:13:08:84:b2:e5:fe:44:52:
         1e:fb:43:55:67:8d:72:b5:c6:de:83:23:99:88:53:cc:ff:82:
         e7:7d:d4:b2:db:d7:6f:48:e1:47:b3:f9:7e:5d:e3:98:46:13:
         ac:d4:82:40
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUdqiHr1ty/BstRa4T9O8BQiNXcsUwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjYwMjI0MDAxMDA3WhcNMjYwNTI1MjM1OTU5
WjB6MUkwRwYDVQQFE0AwMjljZmIxZWI5OGQ4YWE0YzY1MDE3ZDZiODQxZjM5NjBi
MDY3ZDkzNmM1ZjA4YzNmMmUzMzc3ODBhNmUyZGM4MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDSex9HVrfJ4jUxj8EW6c+uOfqf3QucHjYz0XZUV3MFr/QN
VnMHwCxBgA8HyBZQWssb4aiq8+hdjTs5Vxbow5jxC1TTFFCs4sMIRGRZcCSAqvrZ
9Y47Ei0cBS51UoTshhOxzJGzT/IrWvy5kK4mKL21YIHr7mxrS3F490dMKgwe7XZG
T7Uxuj7D+KPgSKz7VnIHyB9QFdYO7UrD/F0R4t4MqIIblAhOLqz96Zp0oogc0if7
FzJ61lq3ETY/OWSIgsZEfQFmG8neeX+nnoQAmpET6qCPskxUA7Bs4iczDh7Y6wOA
FTz2p0RUXfPugZGw3flIml9Wcm/MwJxDpdmgvCU7AgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUOMKjnCqT38GGvhAdVfPSJfgs0ncwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2YyMWYzYWI2LTVjMzItNGEyOC1hYjQ2LWE4MTNiYTkwMzRlMS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmAB//gFAwDQYJKoZIhvcNAQELBQADggEBAHzNcVQr7iFMOxxdbEvhALv1
DZANGkkhr0vArKQfppILkLa0KbLu9fw573uq85895YaWre5ysQoJjjfFl9bmacCI
y5r+OQ3ex2WFtzmC9an73hgTQwjIg97y/toUGj7hu5g5spp89AyL2xwn/tBvMbf7
1U7COyHvnGDFlIvxJLXsxd/nitndbz/3lFcdRE36A0cNIdfoKUKZHFPIZi45m2kq
G22IS8brgp3xScVKRZZ34/jTl4PUM7kfjIpotOlLQQnRAjayiZSkDnUEFJEU+uMT
CISy5f5EUh77Q1VnjXK1xt6DI5mIU8z/gud91LLb129I4Uez+X5d45hGE6zUgkA=
-----END CERTIFICATE-----