Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/8098420f-108f-4bc5-8d8c-6d62621f83e9.roa
File:                     8098420f-108f-4bc5-8d8c-6d62621f83e9.roa (raw, json)
Hash identifier:          kwMiMUzT/DIRtLGnpt3DF+bnA6yk51Ymu9jv7c/QmDA=
Subject key identifier:   47:61:50:8A:D0:3D:C1:D2:F8:43:D6:DB:CF:09:C4:51:FE:D5:AB:91
Certificate issuer:       /CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
Certificate serial:       1A6CFB89A2CC70CF9EA701D20736A23AA16E36
Authority key identifier: 2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/8098420f-108f-4bc5-8d8c-6d62621f83e9.roa
Signing time:             Fri 20 Feb 2026 01:30:17 +0000
ROA not before:           Fri 20 Feb 2026 01:30:17 +0000
ROA not after:            Thu 21 May 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:f0f2:7012::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 03 Mar 2026 22:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1a:6c:fb:89:a2:cc:70:cf:9e:a7:01:d2:07:36:a2:3a:a1:6e:36
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
        Validity
            Not Before: Feb 20 01:30:17 2026 GMT
            Not After : May 21 23:59:59 2026 GMT
        Subject: serialNumber=bfab438220fb2f44f1006d5deba7b9a5e09339f714f8117f7f851c645eeabad4, CN=fbb27576-cac2-4381-9a53-6c15e0dc26ff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:90:5d:85:94:5e:d5:cd:99:8f:60:61:00:00:51:
                    7a:b7:83:45:2b:10:45:3e:0d:b4:7d:a9:32:90:cc:
                    5d:bf:9b:03:ac:dd:2f:66:b5:05:04:f8:5c:29:f0:
                    4e:8a:97:18:29:bb:54:42:b6:5e:16:db:cb:dc:b6:
                    84:de:f6:cf:92:f5:b3:02:cf:0b:4f:9e:fa:e0:5a:
                    b1:28:77:67:7c:94:15:fc:9f:dc:96:7f:13:c2:51:
                    b5:2a:26:45:e5:3c:cc:11:13:cc:a6:f8:e1:b0:e4:
                    52:1c:2e:c8:fb:50:e3:4c:83:75:ca:80:fe:0c:60:
                    6a:5e:bd:44:2b:96:60:77:c0:2d:66:ec:91:46:4e:
                    8f:80:b1:e3:b0:88:3f:69:50:a1:cb:df:b8:41:b9:
                    00:aa:6d:62:68:6c:0e:d3:a2:c3:6b:b9:0c:7b:16:
                    9a:74:37:34:b9:30:49:fe:36:b5:0a:a0:ac:60:bc:
                    7c:21:55:93:f5:da:97:5e:5f:69:85:44:db:18:f7:
                    73:df:d1:32:fb:3a:5b:32:75:cf:c2:f3:e8:cb:35:
                    30:09:76:12:8b:ce:3f:7a:54:48:8d:cd:6a:cf:82:
                    5b:8a:f1:05:cc:fa:fa:ce:2a:ad:d0:ae:ea:0f:f0:
                    cf:5e:2f:77:77:08:d5:96:3f:91:94:9e:d9:7b:27:
                    af:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                47:61:50:8A:D0:3D:C1:D2:F8:43:D6:DB:CF:09:C4:51:FE:D5:AB:91
            X509v3 Authority Key Identifier:
                keyid:2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/8098420f-108f-4bc5-8d8c-6d62621f83e9.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:f0f2:7012::/48

    Signature Algorithm: sha256WithRSAEncryption
         96:b1:4c:78:08:47:4d:7a:70:88:28:2e:33:6d:bf:67:80:6e:
         ae:9e:28:04:1f:a5:c8:d8:36:bf:3f:e1:b5:47:0e:d5:b7:71:
         e9:2d:e9:c6:63:12:64:4e:5d:9f:03:ce:fc:90:de:96:dc:1c:
         48:71:72:b2:42:37:f7:10:9f:48:f4:a9:58:8c:8c:e6:a2:ec:
         64:9e:3a:76:69:fd:0c:5e:75:4a:ae:21:f1:50:38:ee:22:c7:
         ab:54:73:fd:1b:23:3d:cf:13:54:4d:0f:7a:99:99:73:8c:d9:
         f7:31:42:45:6b:98:e5:ed:1f:fa:9d:5e:e2:e3:19:f8:d8:9d:
         e0:f7:73:90:26:3c:00:1a:5b:d4:aa:c3:74:87:66:30:1e:d9:
         7d:2e:78:94:d6:7c:69:c2:b5:0b:40:8a:c2:0d:f0:1b:70:9c:
         32:94:88:72:b4:88:5d:f5:54:04:87:22:1e:ed:a8:51:f7:28:
         8c:e7:7f:9e:09:f9:07:47:f9:de:a9:d5:d4:4e:21:17:61:ea:
         1e:f4:08:4c:4c:81:17:ed:a2:46:2d:1f:ff:e6:7e:1a:d0:9e:
         1d:77:f1:39:59:06:fb:a0:a1:9b:f8:13:c6:aa:aa:13:e8:02:
         74:32:53:4c:68:a3:50:22:14:9c:85:04:69:24:68:b3:28:2e:
         30:de:7f:fa
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgITGmz7iaLMcM+epwHSBzaiOqFuNjANBgkqhkiG9w0BAQsF
ADA9MTswOQYDVQQDEzJiNTg0NWMzMDdkMGJmNjFiMTM0YjhhYjcxMTU0NTgyNmIx
NzA3ZmQ1ZjBhZjg0ZGEwODAeFw0yNjAyMjAwMTMwMTdaFw0yNjA1MjEyMzU5NTla
MHoxSTBHBgNVBAUTQGJmYWI0MzgyMjBmYjJmNDRmMTAwNmQ1ZGViYTdiOWE1ZTA5
MzM5ZjcxNGY4MTE3ZjdmODUxYzY0NWVlYWJhZDQxLTArBgNVBAMTJGZiYjI3NTc2
LWNhYzItNDM4MS05YTUzLTZjMTVlMGRjMjZmZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJBdhZRe1c2Zj2BhAABRereDRSsQRT4NtH2pMpDMXb+bA6zd
L2a1BQT4XCnwToqXGCm7VEK2Xhbby9y2hN72z5L1swLPC0+e+uBasSh3Z3yUFfyf
3JZ/E8JRtSomReU8zBETzKb44bDkUhwuyPtQ40yDdcqA/gxgal69RCuWYHfALWbs
kUZOj4Cx47CIP2lQocvfuEG5AKptYmhsDtOiw2u5DHsWmnQ3NLkwSf42tQqgrGC8
fCFVk/Xal15faYVE2xj3c9/RMvs6WzJ1z8Lz6Ms1MAl2EovOP3pUSI3Nas+CW4rx
Bcz6+s4qrdCu6g/wz14vd3cI1ZY/kZSe2Xsnr10CAwEAAaOCArQwggKwMB0GA1Ud
DgQWBBRHYVCK0D3B0vhD1tvPCcRR/tWrkTAfBgNVHSMEGDAWgBQuGOIIoYJXGwl9
0iOnFp5A6+mJPTAOBgNVHQ8BAf8EBAMCB4AwgfMGCCsGAQUFBwEBBIHmMIHjMIHg
BggrBgEFBQcwAoaB03JzeW5jOi8vcnBraS5hcmluLm5ldC9yZXBvc2l0b3J5L2Fy
aW4tcnBraS10YS81ZTRhMjNlYS1lODBhLTQwM2UtYjA4Yy0yMTcxZGEyMTU3ZDMv
NTIxZWIzM2YtOTY3Mi00Y2Q5LWFjY2UtMTM3MjI3ZTk3MWFjLzZhOTUzN2E4LWE2
ODUtNGI0OC05ZmE4LTgzNjJlNGZjNDdhZS9iNTg0NWMzMDdkMGJmNjFiMTM0Yjhh
YjcxMTU0NTgyNmIxNzA3ZmQ1ZjBhZjg0ZGEwOC5jZXIwgZ4GCCsGAQUFBwELBIGR
MIGOMIGLBggrBgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS81MTdmM2VkNy01OGI1LTQ3OTYtYmUzNy0xNGQ2
MmU0OGYwNTYvODA5ODQyMGYtMTA4Zi00YmM1LThkOGMtNmQ2MjYyMWY4M2U5LnJv
YTCBiAYDVR0fBIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0
LTIuYW1hem9uYXdzLmNvbS92b2x1bWUvNTE3ZjNlZDctNThiNS00Nzk2LWJlMzct
MTRkNjJlNDhmMDU2L0NfWWJFMHVLdHhGVVdDYXhjSF9WOEstRTJnZy5jcmwwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIw
CQMHACYA8PJwEjANBgkqhkiG9w0BAQsFAAOCAQEAlrFMeAhHTXpwiCguM22/Z4Bu
rp4oBB+lyNg2vz/htUcO1bdx6S3pxmMSZE5dnwPO/JDeltwcSHFyskI39xCfSPSp
WIyM5qLsZJ46dmn9DF51Sq4h8VA47iLHq1Rz/RsjPc8TVE0PepmZc4zZ9zFCRWuY
5e0f+p1e4uMZ+Nid4PdzkCY8ABpb1KrDdIdmMB7ZfS54lNZ8acK1C0CKwg3wG3Cc
MpSIcrSIXfVUBIciHu2oUfcojOd/ngn5B0f53qnV1E4hF2HqHvQITEyBF+2iRi0f
/+Z+GtCeHXfxOVkG+6Chm/gTxqqqE+gCdDJTTGijUCIUnIUEaSRosyguMN5/+g==
-----END CERTIFICATE-----
Generated at Sun Mar 1 22:13:37 2026 by rpki-client