Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/6939390a-b25d-45cf-aa34-f6ba281ea03a.roa
File:                     6939390a-b25d-45cf-aa34-f6ba281ea03a.roa (raw, json)
Hash identifier:          y3V9Do93p/lbPqpPTTRpxY/qIXOyj67XPua0wPMERzM=
Subject key identifier:   C8:4C:D5:A0:68:D2:03:09:35:C6:06:00:C5:BD:4A:64:DE:89:E9:22
Certificate issuer:       /CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
Certificate serial:       2DE13C84E83AB43FE53EEDF7D7B2DA19FBFC31ED
Authority key identifier: 2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/6939390a-b25d-45cf-aa34-f6ba281ea03a.roa
Signing time:             Fri 13 Feb 2026 15:10:11 +0000
ROA not before:           Fri 13 Feb 2026 15:10:11 +0000
ROA not after:            Thu 14 May 2026 23:59:59 +0000
asID:                     14618
IP address blocks:        2600:f0f0:6113::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 03 Mar 2026 22:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2d:e1:3c:84:e8:3a:b4:3f:e5:3e:ed:f7:d7:b2:da:19:fb:fc:31:ed
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
        Validity
            Not Before: Feb 13 15:10:11 2026 GMT
            Not After : May 14 23:59:59 2026 GMT
        Subject: serialNumber=5989b95a667135331b50186cc9a2c9fe61690a49836c11e14d30fa6821b37a63, CN=fbb27576-cac2-4381-9a53-6c15e0dc26ff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:ff:c7:8e:1f:b6:f2:32:83:db:48:e2:26:44:
                    dc:b1:2f:8f:0b:4b:c4:20:bd:f1:f5:b6:9c:a3:ec:
                    db:1a:60:7c:6b:09:92:48:a3:8d:af:29:e6:b1:71:
                    74:3f:e9:a0:84:bb:7a:b9:8c:0d:98:4f:7f:c1:3e:
                    4c:c7:ca:79:3c:72:b2:d5:09:a9:12:1a:94:b7:50:
                    f6:16:d6:b0:7d:44:25:ae:77:31:7e:16:60:64:50:
                    a2:fd:99:9e:20:66:19:8c:ce:72:4e:02:9a:4f:db:
                    52:0c:75:f4:15:9e:df:e4:fd:d0:e1:dd:71:03:ce:
                    38:29:a2:9a:e7:c4:ed:f7:28:96:98:c1:85:d0:82:
                    17:24:7c:0e:69:1c:eb:78:fb:4e:3c:bb:b5:4c:08:
                    6e:e0:c6:96:1e:3d:08:da:ae:4e:3a:ff:0b:3a:37:
                    94:a9:b6:6d:5c:05:de:c6:e9:73:fb:c5:85:40:61:
                    c2:d0:2c:ef:dc:2d:e5:66:8c:e4:14:21:5b:cf:2a:
                    6a:8c:21:ce:b1:17:6c:f4:38:ca:eb:7c:64:06:31:
                    60:f9:b9:12:a3:67:69:e0:32:ca:59:cc:13:cf:5c:
                    53:ae:62:f1:3f:a2:3e:27:17:2a:94:0c:5c:c0:c4:
                    6f:3d:ba:39:23:60:e4:eb:3c:14:27:df:dc:12:eb:
                    59:71
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C8:4C:D5:A0:68:D2:03:09:35:C6:06:00:C5:BD:4A:64:DE:89:E9:22
            X509v3 Authority Key Identifier:
                keyid:2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/6939390a-b25d-45cf-aa34-f6ba281ea03a.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:f0f0:6113::/48

    Signature Algorithm: sha256WithRSAEncryption
         77:d9:b5:76:a5:3b:a8:41:29:be:78:1c:cc:ec:a1:e2:9d:2c:
         15:94:91:a9:fd:14:bc:8a:66:db:41:95:34:eb:99:eb:6f:b0:
         92:f3:07:76:e1:e7:ef:c3:27:bd:b3:ef:a0:5f:24:53:a3:fb:
         e1:8d:e5:66:5c:0d:0b:cf:d4:0c:28:32:24:c7:f6:64:94:8c:
         7e:f0:82:bb:1e:e5:12:84:72:ae:a5:18:ca:e6:3e:b6:b2:6c:
         46:8b:cb:b8:3f:2f:8f:bc:97:d0:1c:d2:79:79:b9:67:68:31:
         aa:0f:40:6d:69:31:b2:9a:62:99:0f:88:65:ce:05:c0:71:87:
         bb:85:0a:8b:e9:92:71:33:ac:36:a1:61:c6:3f:91:a0:b8:a9:
         7a:f0:28:55:cb:13:ab:18:95:bf:7d:65:b8:c4:25:bc:89:78:
         a5:2e:90:35:8f:95:92:b8:57:99:92:3d:00:ba:a2:dc:10:79:
         4e:d4:34:55:76:34:05:4d:58:3f:57:3f:49:a2:c5:73:53:3d:
         1a:c3:1b:31:72:9a:4d:35:1e:85:c5:01:ca:f3:4d:3c:0f:73:
         b6:76:03:36:86:23:60:ef:17:03:d5:e3:32:60:5b:d0:87:1c:
         ad:ae:7d:d9:fa:f2:7e:4f:19:f9:a9:b9:ce:a0:fa:60:a7:d8:
         e9:f6:f9:a6
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIULeE8hOg6tD/lPu3317LaGfv8Me0wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyYjU4NDVjMzA3ZDBiZjYxYjEzNGI4YWI3MTE1NDU4MjZi
MTcwN2ZkNWYwYWY4NGRhMDgwHhcNMjYwMjEzMTUxMDExWhcNMjYwNTE0MjM1OTU5
WjB6MUkwRwYDVQQFE0A1OTg5Yjk1YTY2NzEzNTMzMWI1MDE4NmNjOWEyYzlmZTYx
NjkwYTQ5ODM2YzExZTE0ZDMwZmE2ODIxYjM3YTYzMS0wKwYDVQQDEyRmYmIyNzU3
Ni1jYWMyLTQzODEtOWE1My02YzE1ZTBkYzI2ZmYwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCd/8eOH7byMoPbSOImRNyxL48LS8QgvfH1tpyj7NsaYHxr
CZJIo42vKeaxcXQ/6aCEu3q5jA2YT3/BPkzHynk8crLVCakSGpS3UPYW1rB9RCWu
dzF+FmBkUKL9mZ4gZhmMznJOAppP21IMdfQVnt/k/dDh3XEDzjgpoprnxO33KJaY
wYXQghckfA5pHOt4+048u7VMCG7gxpYePQjark46/ws6N5Sptm1cBd7G6XP7xYVA
YcLQLO/cLeVmjOQUIVvPKmqMIc6xF2z0OMrrfGQGMWD5uRKjZ2ngMspZzBPPXFOu
YvE/oj4nFyqUDFzAxG89ujkjYOTrPBQn39wS61lxAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUyEzVoGjSAwk1xgYAxb1KZN6J6SIwHwYDVR0jBBgwFoAULhjiCKGCVxsJ
fdIjpxaeQOvpiT0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy82YTk1MzdhOC1h
Njg1LTRiNDgtOWZhOC04MzYyZTRmYzQ3YWUvYjU4NDVjMzA3ZDBiZjYxYjEzNGI4
YWI3MTE1NDU4MjZiMTcwN2ZkNWYwYWY4NGRhMDguY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTE3ZjNlZDctNThiNS00Nzk2LWJlMzctMTRk
NjJlNDhmMDU2LzY5MzkzOTBhLWIyNWQtNDVjZi1hYTM0LWY2YmEyODFlYTAzYS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzUxN2YzZWQ3LTU4YjUtNDc5Ni1iZTM3
LTE0ZDYyZTQ4ZjA1Ni9DX1liRTB1S3R4RlVXQ2F4Y0hfVjhLLUUyZ2cuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmAPDwYRMwDQYJKoZIhvcNAQELBQADggEBAHfZtXalO6hBKb54HMzsoeKd
LBWUkan9FLyKZttBlTTrmetvsJLzB3bh5+/DJ72z76BfJFOj++GN5WZcDQvP1Awo
MiTH9mSUjH7wgrse5RKEcq6lGMrmPraybEaLy7g/L4+8l9Ac0nl5uWdoMaoPQG1p
MbKaYpkPiGXOBcBxh7uFCovpknEzrDahYcY/kaC4qXrwKFXLE6sYlb99ZbjEJbyJ
eKUukDWPlZK4V5mSPQC6otwQeU7UNFV2NAVNWD9XP0mixXNTPRrDGzFymk01HoXF
AcrzTTwPc7Z2AzaGI2DvFwPV4zJgW9CHHK2ufdn68n5PGfmpuc6g+mCn2On2+aY=
-----END CERTIFICATE-----