Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/2f059a21-d41b-4846-b7ae-7ea38c32fd4c/0c492edd-c347-4b97-a816-01566f9d097b.roa
File:                     0c492edd-c347-4b97-a816-01566f9d097b.roa (raw, json)
Hash identifier:          NXRhe2OBhSWadyGOdKYC9YQJ4o0P2+PIb3MZXVU07ec=
Subject key identifier:   E5:56:95:2E:A2:83:AB:BB:FB:16:FF:FF:94:F9:41:32:2C:6E:F2:5E
Certificate issuer:       /CN=c167a8b3a01f06717d2af62e3809072084c3af8f48948e40e2
Certificate serial:       2EC9B8A138A6683E12D58E7C5012AB93A272C7DC
Authority key identifier: 1E:5F:2D:62:F8:5A:D2:84:D4:D1:89:25:6B:88:69:E8:E9:11:28:38
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/0a3db4ff-9cd8-4d02-a027-6fa90494a3a1/c167a8b3a01f06717d2af62e3809072084c3af8f48948e40e2.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/2f059a21-d41b-4846-b7ae-7ea38c32fd4c/0c492edd-c347-4b97-a816-01566f9d097b.roa
Signing time:             Tue 17 Feb 2026 00:00:07 +0000
ROA not before:           Tue 17 Feb 2026 00:00:07 +0000
ROA not after:            Mon 18 May 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        2606:f40:8000::/39 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/2f059a21-d41b-4846-b7ae-7ea38c32fd4c/HwZxfSr2LjgJByCEw6-PSJSOQOI.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/2f059a21-d41b-4846-b7ae-7ea38c32fd4c/HwZxfSr2LjgJByCEw6-PSJSOQOI.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/0a3db4ff-9cd8-4d02-a027-6fa90494a3a1/c167a8b3a01f06717d2af62e3809072084c3af8f48948e40e2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/0a3db4ff-9cd8-4d02-a027-6fa90494a3a1/0a3db4ff-9cd8-4d02-a027-6fa90494a3a1.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/0a3db4ff-9cd8-4d02-a027-6fa90494a3a1/0a3db4ff-9cd8-4d02-a027-6fa90494a3a1.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/0a3db4ff-9cd8-4d02-a027-6fa90494a3a1.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/76fe11d4-d352-4994-8f6c-d6c91b0b8415.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/76fe11d4-d352-4994-8f6c-d6c91b0b8415.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 03 Mar 2026 20:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2e:c9:b8:a1:38:a6:68:3e:12:d5:8e:7c:50:12:ab:93:a2:72:c7:dc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c167a8b3a01f06717d2af62e3809072084c3af8f48948e40e2
        Validity
            Not Before: Feb 17 00:00:07 2026 GMT
            Not After : May 18 23:59:59 2026 GMT
        Subject: serialNumber=5c584a1e70d8f6ad51c718fa39b0f1cf35ed1c14a01a45f00d981b7f58667fbd, CN=8f95e4d1-f14f-4d61-ae00-67e047d2f102
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e9:4d:09:40:d9:60:17:5b:89:eb:cd:45:5c:34:
                    90:23:bb:e9:ce:e3:9f:db:da:54:67:e3:f4:8b:c0:
                    04:52:59:03:09:5c:2b:cc:20:26:9e:56:bc:57:0f:
                    2f:e8:4a:62:98:09:93:62:96:6f:d1:53:97:12:e0:
                    f5:c7:26:a9:c4:84:ca:5f:d9:b4:a7:08:a3:ef:34:
                    58:75:85:32:e6:ca:05:48:9b:51:71:d1:d4:05:fa:
                    8e:62:ff:6d:f2:bf:a2:1b:8c:96:48:02:19:49:37:
                    46:f6:69:e5:b0:b6:ef:26:ec:21:1f:9d:61:6f:38:
                    d9:e0:4a:80:5a:a6:e6:4e:4f:55:34:ea:dd:9f:ec:
                    26:4e:c7:11:5d:91:3b:ef:c8:26:f4:46:c4:dc:b3:
                    22:6c:04:4d:e2:d2:2b:c7:53:1c:05:cf:c2:ab:d6:
                    56:7c:b9:50:67:b0:16:14:94:12:d2:e4:40:34:c3:
                    02:76:35:d9:f5:cf:e2:97:59:3b:c5:ac:b4:a8:b1:
                    ac:3d:db:b1:b8:4c:f2:86:23:05:ef:7e:7a:39:74:
                    95:8e:5b:43:4a:3d:93:9d:ad:f6:b0:54:59:d2:f5:
                    cf:a8:d2:c3:23:82:d9:7c:48:d9:2e:37:2a:f8:92:
                    b1:f6:cb:cd:8a:ff:e9:ce:46:9d:a0:97:55:65:2c:
                    15:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E5:56:95:2E:A2:83:AB:BB:FB:16:FF:FF:94:F9:41:32:2C:6E:F2:5E
            X509v3 Authority Key Identifier:
                keyid:1E:5F:2D:62:F8:5A:D2:84:D4:D1:89:25:6B:88:69:E8:E9:11:28:38

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/0a3db4ff-9cd8-4d02-a027-6fa90494a3a1/c167a8b3a01f06717d2af62e3809072084c3af8f48948e40e2.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/2f059a21-d41b-4846-b7ae-7ea38c32fd4c/0c492edd-c347-4b97-a816-01566f9d097b.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/2f059a21-d41b-4846-b7ae-7ea38c32fd4c/HwZxfSr2LjgJByCEw6-PSJSOQOI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2606:f40:8000::/39

    Signature Algorithm: sha256WithRSAEncryption
         1c:33:78:5c:ad:18:54:d4:f8:d7:2f:df:65:fa:ea:3b:53:1c:
         c0:d3:14:97:8c:f9:0d:1f:1e:b5:94:a8:0f:55:87:43:34:17:
         ed:e3:3d:98:2a:d6:7d:4e:85:39:83:f7:6c:bb:ac:61:f9:32:
         31:a2:37:fe:33:13:8f:30:30:97:45:25:c1:62:84:9a:d3:14:
         de:e7:53:56:51:1f:d4:c6:3f:f0:d9:19:f0:89:d9:58:55:4c:
         a5:af:e1:af:0b:3d:56:8f:e2:3d:5f:26:ed:7c:b8:85:5d:b9:
         e0:5f:73:8b:8c:07:e0:42:d3:36:2b:40:17:c3:96:68:d9:1f:
         05:1c:8a:be:38:3d:5e:04:24:44:83:36:4d:a8:e8:73:02:6d:
         93:73:fd:6a:2c:2c:14:7a:b5:ac:47:b4:55:84:14:e2:fd:45:
         97:fe:f6:f8:74:8e:7f:5d:a2:0b:73:ee:aa:b9:49:ab:f3:bf:
         8b:6e:0f:02:01:6c:15:92:f8:3f:43:65:b0:aa:ca:5d:62:fe:
         5d:cb:60:d8:27:40:c8:16:dd:34:aa:35:19:a6:2d:60:16:e8:
         68:49:3d:ea:16:c7:c0:cf:c8:2b:7a:12:51:b6:9b:f9:87:96:
         7d:a9:bd:ae:b2:a3:da:12:78:2e:a4:33:c9:15:e5:24:f9:98:
         8c:ae:90:f0
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIULsm4oTimaD4S1Y58UBKrk6Jyx9wwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyYzE2N2E4YjNhMDFmMDY3MTdkMmFmNjJlMzgwOTA3MjA4
NGMzYWY4ZjQ4OTQ4ZTQwZTIwHhcNMjYwMjE3MDAwMDA3WhcNMjYwNTE4MjM1OTU5
WjB6MUkwRwYDVQQFE0A1YzU4NGExZTcwZDhmNmFkNTFjNzE4ZmEzOWIwZjFjZjM1
ZWQxYzE0YTAxYTQ1ZjAwZDk4MWI3ZjU4NjY3ZmJkMS0wKwYDVQQDEyQ4Zjk1ZTRk
MS1mMTRmLTRkNjEtYWUwMC02N2UwNDdkMmYxMDIwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDpTQlA2WAXW4nrzUVcNJAju+nO45/b2lRn4/SLwARSWQMJ
XCvMICaeVrxXDy/oSmKYCZNilm/RU5cS4PXHJqnEhMpf2bSnCKPvNFh1hTLmygVI
m1Fx0dQF+o5i/23yv6IbjJZIAhlJN0b2aeWwtu8m7CEfnWFvONngSoBapuZOT1U0
6t2f7CZOxxFdkTvvyCb0RsTcsyJsBE3i0ivHUxwFz8Kr1lZ8uVBnsBYUlBLS5EA0
wwJ2Ndn1z+KXWTvFrLSosaw927G4TPKGIwXvfno5dJWOW0NKPZOdrfawVFnS9c+o
0sMjgtl8SNkuNyr4krH2y82K/+nORp2gl1VlLBUNAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQU5VaVLqKDq7v7Fv//lPlBMixu8l4wHwYDVR0jBBgwFoAUHl8tYvha0oTU
0Ykla4hp6OkRKDgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
Lzc2ZmUxMWQ0LWQzNTItNDk5NC04ZjZjLWQ2YzkxYjBiODQxNS8wYTNkYjRmZi05
Y2Q4LTRkMDItYTAyNy02ZmE5MDQ5NGEzYTEvYzE2N2E4YjNhMDFmMDY3MTdkMmFm
NjJlMzgwOTA3MjA4NGMzYWY4ZjQ4OTQ4ZTQwZTIuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMmYwNTlhMjEtZDQxYi00ODQ2LWI3YWUtN2Vh
MzhjMzJmZDRjLzBjNDkyZWRkLWMzNDctNGI5Ny1hODE2LTAxNTY2ZjlkMDk3Yi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzJmMDU5YTIxLWQ0MWItNDg0Ni1iN2Fl
LTdlYTM4YzMyZmQ0Yy9Id1p4ZlNyMkxqZ0pCeUNFdzYtUFNKU09RT0kuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgEmBg9AgDANBgkqhkiG9w0BAQsFAAOCAQEAHDN4XK0YVNT41y/fZfrqO1Mc
wNMUl4z5DR8etZSoD1WHQzQX7eM9mCrWfU6FOYP3bLusYfkyMaI3/jMTjzAwl0Ul
wWKEmtMU3udTVlEf1MY/8NkZ8InZWFVMpa/hrws9Vo/iPV8m7Xy4hV254F9zi4wH
4ELTNitAF8OWaNkfBRyKvjg9XgQkRIM2TajocwJtk3P9aiwsFHq1rEe0VYQU4v1F
l/72+HSOf12iC3PuqrlJq/O/i24PAgFsFZL4P0NlsKrKXWL+Xctg2CdAyBbdNKo1
GaYtYBboaEk96hbHwM/IK3oSUbab+YeWfam9rrKj2hJ4LqQzyRXlJPmYjK6Q8A==
-----END CERTIFICATE-----