Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/b51f360b-51dd-46ed-9df1-5d5b37dcb02b.roa
File:                     b51f360b-51dd-46ed-9df1-5d5b37dcb02b.roa (raw, json)
Hash identifier:          0bmVFACcESQ+YvBBiWDfbpQm78kDdheqvluExgTZGHM=
Subject key identifier:   BA:A0:A1:77:6C:D3:C5:66:A5:37:AE:D5:92:D8:70:C1:14:34:3D:18
Certificate issuer:       /CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
Certificate serial:       717EC4BA20CBF63D2303E70A9172B56E535F5C7A
Authority key identifier: 2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/b51f360b-51dd-46ed-9df1-5d5b37dcb02b.roa
Signing time:             Fri 13 Feb 2026 15:10:14 +0000
ROA not before:           Fri 13 Feb 2026 15:10:14 +0000
ROA not after:            Thu 14 May 2026 23:59:59 +0000
asID:                     14618
IP address blocks:        2600:f0f0:611b::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 03 Mar 2026 22:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            71:7e:c4:ba:20:cb:f6:3d:23:03:e7:0a:91:72:b5:6e:53:5f:5c:7a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
        Validity
            Not Before: Feb 13 15:10:14 2026 GMT
            Not After : May 14 23:59:59 2026 GMT
        Subject: serialNumber=8eb1e04b3d8a10a4c1bce54de80fae945133a64b466af9ab78d3a8703f08a3a3, CN=fbb27576-cac2-4381-9a53-6c15e0dc26ff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:b3:0c:af:26:0f:b6:4e:ae:98:4b:22:34:a8:
                    3a:ba:79:ad:c4:c0:41:50:a6:db:9c:82:22:87:ac:
                    5a:5e:ef:70:fb:61:db:60:38:ee:4e:1e:43:ed:de:
                    7c:e3:61:cd:97:f0:3a:2a:72:f0:90:6c:fe:35:ce:
                    ac:53:55:2d:01:95:de:f1:a9:97:a4:7b:05:8a:00:
                    a3:57:29:69:bf:2f:ba:eb:8f:4a:81:2f:15:76:8d:
                    8b:13:9c:33:1e:5c:13:fe:86:88:5f:18:82:59:d8:
                    a9:6c:81:42:32:62:47:cf:93:12:2e:5b:a1:98:98:
                    c3:67:6b:68:66:88:d9:d4:62:2a:67:92:a5:5f:ef:
                    c7:90:ff:32:25:2c:6c:f1:03:e4:10:6a:28:4d:90:
                    fa:01:1b:6e:39:59:68:61:bd:9e:09:a0:ce:64:4d:
                    31:b3:24:af:3b:58:fb:a6:9e:1a:db:b6:61:85:38:
                    a2:26:9c:ce:6c:db:d1:cd:ae:ba:3a:1f:eb:68:c5:
                    b7:ac:60:bd:f4:0f:48:a6:fb:51:5a:e2:a7:e3:12:
                    21:2d:c1:f2:0c:8d:a8:25:54:80:8b:b4:10:2b:99:
                    06:0b:10:1e:a8:38:d2:89:81:0d:48:72:78:64:93:
                    e3:98:43:ae:d7:81:26:c0:ee:6b:2b:41:b8:c4:bc:
                    dc:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BA:A0:A1:77:6C:D3:C5:66:A5:37:AE:D5:92:D8:70:C1:14:34:3D:18
            X509v3 Authority Key Identifier:
                keyid:2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/b51f360b-51dd-46ed-9df1-5d5b37dcb02b.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:f0f0:611b::/48

    Signature Algorithm: sha256WithRSAEncryption
         42:d2:81:0e:e4:7e:7f:d3:1c:9f:98:f6:ed:dc:2c:24:8c:12:
         a8:78:d6:5f:80:36:5e:dc:f9:1f:46:a7:39:ad:92:c2:49:b5:
         af:0e:b0:4f:27:a4:7c:7e:0e:f6:a1:69:2b:bf:bf:02:91:5f:
         4b:88:dc:ed:70:7f:0e:98:f9:2f:ec:a1:e6:a6:68:c1:be:ed:
         8b:01:bc:c6:20:ab:46:8e:5d:2d:72:8e:51:df:57:d2:92:a3:
         3e:3f:91:7f:b2:fd:8c:53:62:2e:22:2b:51:4a:58:e5:54:e8:
         92:0b:9c:d8:2c:89:06:8b:d8:e0:8f:01:3e:c4:85:17:48:f5:
         5b:7d:55:48:60:8a:48:6d:06:54:5b:4a:81:c4:be:73:0d:62:
         05:72:74:06:bf:50:e4:d8:2c:36:2d:1c:05:29:94:7d:6e:f6:
         2b:94:0d:89:1c:c9:8a:1e:88:f7:79:4e:9e:97:77:96:4f:73:
         03:6b:b6:72:fe:72:1f:2f:21:d1:a8:97:80:60:9c:9e:fb:73:
         dc:d8:e9:dd:21:67:ee:da:38:0c:e2:6f:32:a0:f9:b6:33:c9:
         91:21:61:7d:27:d9:76:f3:48:93:47:6b:f5:23:32:b3:84:01:
         54:5c:8f:50:73:24:4c:2c:d0:9c:95:d2:c3:ca:11:8b:ec:8d:
         a0:e7:d9:b8
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUcX7EuiDL9j0jA+cKkXK1blNfXHowDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyYjU4NDVjMzA3ZDBiZjYxYjEzNGI4YWI3MTE1NDU4MjZi
MTcwN2ZkNWYwYWY4NGRhMDgwHhcNMjYwMjEzMTUxMDE0WhcNMjYwNTE0MjM1OTU5
WjB6MUkwRwYDVQQFE0A4ZWIxZTA0YjNkOGExMGE0YzFiY2U1NGRlODBmYWU5NDUx
MzNhNjRiNDY2YWY5YWI3OGQzYTg3MDNmMDhhM2EzMS0wKwYDVQQDEyRmYmIyNzU3
Ni1jYWMyLTQzODEtOWE1My02YzE1ZTBkYzI2ZmYwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC+swyvJg+2Tq6YSyI0qDq6ea3EwEFQptucgiKHrFpe73D7
YdtgOO5OHkPt3nzjYc2X8DoqcvCQbP41zqxTVS0Bld7xqZekewWKAKNXKWm/L7rr
j0qBLxV2jYsTnDMeXBP+hohfGIJZ2KlsgUIyYkfPkxIuW6GYmMNna2hmiNnUYipn
kqVf78eQ/zIlLGzxA+QQaihNkPoBG245WWhhvZ4JoM5kTTGzJK87WPumnhrbtmGF
OKImnM5s29HNrro6H+toxbesYL30D0im+1Fa4qfjEiEtwfIMjaglVICLtBArmQYL
EB6oONKJgQ1Icnhkk+OYQ67XgSbA7msrQbjEvNzfAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUuqChd2zTxWalN67VkthwwRQ0PRgwHwYDVR0jBBgwFoAULhjiCKGCVxsJ
fdIjpxaeQOvpiT0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy82YTk1MzdhOC1h
Njg1LTRiNDgtOWZhOC04MzYyZTRmYzQ3YWUvYjU4NDVjMzA3ZDBiZjYxYjEzNGI4
YWI3MTE1NDU4MjZiMTcwN2ZkNWYwYWY4NGRhMDguY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTE3ZjNlZDctNThiNS00Nzk2LWJlMzctMTRk
NjJlNDhmMDU2L2I1MWYzNjBiLTUxZGQtNDZlZC05ZGYxLTVkNWIzN2RjYjAyYi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzUxN2YzZWQ3LTU4YjUtNDc5Ni1iZTM3
LTE0ZDYyZTQ4ZjA1Ni9DX1liRTB1S3R4RlVXQ2F4Y0hfVjhLLUUyZ2cuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmAPDwYRswDQYJKoZIhvcNAQELBQADggEBAELSgQ7kfn/THJ+Y9u3cLCSM
Eqh41l+ANl7c+R9GpzmtksJJta8OsE8npHx+DvahaSu/vwKRX0uI3O1wfw6Y+S/s
oeamaMG+7YsBvMYgq0aOXS1yjlHfV9KSoz4/kX+y/YxTYi4iK1FKWOVU6JILnNgs
iQaL2OCPAT7EhRdI9Vt9VUhgikhtBlRbSoHEvnMNYgVydAa/UOTYLDYtHAUplH1u
9iuUDYkcyYoeiPd5Tp6Xd5ZPcwNrtnL+ch8vIdGol4BgnJ77c9zY6d0hZ+7aOAzi
bzKg+bYzyZEhYX0n2XbzSJNHa/UjMrOEAVRcj1BzJEws0JyV0sPKEYvsjaDn2bg=
-----END CERTIFICATE-----