Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/c91dc110-e4d6-4a78-90dc-94e4d2083c89.roa
File:                     c91dc110-e4d6-4a78-90dc-94e4d2083c89.roa (raw, json)
Hash identifier:          3QF34JLPEmFeGtieWoBLx00wQB/XGPQa5YWSu43gAqc=
Subject key identifier:   A4:AE:0D:67:37:03:78:9A:53:BC:41:EA:4B:D7:D2:CE:1D:F4:5D:B2
Certificate issuer:       /CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
Certificate serial:       4DDFF33930F2ACD380DDB84C5C3861DB2093AD29
Authority key identifier: 2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/c91dc110-e4d6-4a78-90dc-94e4d2083c89.roa
Signing time:             Fri 13 Feb 2026 15:10:56 +0000
ROA not before:           Fri 13 Feb 2026 15:10:56 +0000
ROA not after:            Thu 14 May 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:f0f0:100::/40 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 03 Mar 2026 22:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4d:df:f3:39:30:f2:ac:d3:80:dd:b8:4c:5c:38:61:db:20:93:ad:29
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
        Validity
            Not Before: Feb 13 15:10:56 2026 GMT
            Not After : May 14 23:59:59 2026 GMT
        Subject: serialNumber=b48aebe4612512c8c551585111dcfcdce6493370e0cf588d4d05e6191afdd09a, CN=fbb27576-cac2-4381-9a53-6c15e0dc26ff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:77:e2:e3:9d:12:b2:54:fd:99:35:11:ec:a5:
                    e3:8e:72:04:39:c1:9a:2f:2c:0e:2c:5a:87:e2:5c:
                    b1:8e:b3:16:00:af:54:d0:04:6e:83:c4:50:9c:23:
                    0d:74:77:68:03:17:57:04:17:b8:57:e3:dc:ec:4e:
                    ad:c4:a4:17:c7:b3:af:4b:55:38:ce:17:82:2e:84:
                    0c:47:a0:a2:88:57:87:3b:f8:af:f5:d0:a5:7f:11:
                    f4:65:a9:2e:f8:db:49:9d:92:83:37:97:92:e3:fe:
                    69:7c:c5:da:ab:16:f9:0a:53:97:b6:ba:5a:78:61:
                    6f:f2:c0:db:50:77:b3:c1:f2:74:02:17:fe:f4:91:
                    21:96:56:30:25:cc:f5:19:28:f3:22:bc:2b:5c:70:
                    d8:a2:46:5b:0f:93:e5:a8:29:a2:9b:b0:30:33:9d:
                    73:07:fb:0d:8d:1d:d9:4f:77:61:05:a3:02:6b:15:
                    74:c8:4d:f1:eb:30:96:6b:36:cc:53:a8:f3:8a:90:
                    b5:7a:da:b2:ac:40:ee:b0:8d:08:b6:69:ca:43:ff:
                    bf:27:2b:d8:ef:2e:4c:65:17:6f:d3:db:1a:07:0e:
                    e2:64:ad:43:37:af:24:2e:35:82:94:f7:65:02:7a:
                    3c:bc:66:71:d5:1c:77:82:07:af:0e:2c:85:8f:ba:
                    44:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A4:AE:0D:67:37:03:78:9A:53:BC:41:EA:4B:D7:D2:CE:1D:F4:5D:B2
            X509v3 Authority Key Identifier:
                keyid:2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/c91dc110-e4d6-4a78-90dc-94e4d2083c89.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:f0f0:100::/40

    Signature Algorithm: sha256WithRSAEncryption
         31:5c:2f:50:8c:64:f1:e2:89:3e:a1:0e:bf:5b:5e:66:31:11:
         bb:d5:f2:fa:da:e8:3e:2a:61:0c:a8:62:7c:8f:a5:5a:cc:65:
         83:86:cc:05:9e:97:23:ba:24:25:be:57:d6:5d:c9:74:36:3e:
         1c:e9:c4:66:1e:f1:6c:ac:71:1a:8b:ea:d4:7c:7b:ab:fe:0d:
         ed:d6:31:a8:2c:90:d3:ef:ac:97:b1:58:5a:59:bd:e3:68:16:
         41:62:4b:05:62:f3:72:f5:b0:34:da:93:bf:91:f7:09:06:2c:
         f8:7c:fc:a8:03:55:a5:92:38:7f:d7:1e:ae:a1:58:af:bb:9e:
         34:a5:18:92:a5:41:78:c0:08:7e:84:64:45:6b:52:18:1b:76:
         e2:c8:94:9d:89:5f:e9:6f:fb:c6:ae:3d:bd:86:42:db:e9:fd:
         6d:72:22:0b:ff:2a:c5:23:be:7f:1a:9f:00:a4:a2:53:b4:aa:
         50:23:6a:74:92:b8:e3:31:e0:0e:6c:c1:2e:cb:0a:37:c7:1e:
         c1:00:3a:ef:98:f5:f6:7c:65:b7:c1:b2:a5:ea:eb:57:17:5c:
         00:da:e5:1a:59:3c:3b:86:95:f9:28:ac:d8:63:f1:7d:75:40:
         ae:b0:c5:09:e5:ee:30:36:09:d1:01:83:8d:7f:26:75:ef:ef:
         74:5c:89:53
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUTd/zOTDyrNOA3bhMXDhh2yCTrSkwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyYjU4NDVjMzA3ZDBiZjYxYjEzNGI4YWI3MTE1NDU4MjZi
MTcwN2ZkNWYwYWY4NGRhMDgwHhcNMjYwMjEzMTUxMDU2WhcNMjYwNTE0MjM1OTU5
WjB6MUkwRwYDVQQFE0BiNDhhZWJlNDYxMjUxMmM4YzU1MTU4NTExMWRjZmNkY2U2
NDkzMzcwZTBjZjU4OGQ0ZDA1ZTYxOTFhZmRkMDlhMS0wKwYDVQQDEyRmYmIyNzU3
Ni1jYWMyLTQzODEtOWE1My02YzE1ZTBkYzI2ZmYwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCVd+LjnRKyVP2ZNRHspeOOcgQ5wZovLA4sWofiXLGOsxYA
r1TQBG6DxFCcIw10d2gDF1cEF7hX49zsTq3EpBfHs69LVTjOF4IuhAxHoKKIV4c7
+K/10KV/EfRlqS7420mdkoM3l5Lj/ml8xdqrFvkKU5e2ulp4YW/ywNtQd7PB8nQC
F/70kSGWVjAlzPUZKPMivCtccNiiRlsPk+WoKaKbsDAznXMH+w2NHdlPd2EFowJr
FXTITfHrMJZrNsxTqPOKkLV62rKsQO6wjQi2acpD/78nK9jvLkxlF2/T2xoHDuJk
rUM3ryQuNYKU92UCejy8ZnHVHHeCB68OLIWPukQXAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUpK4NZzcDeJpTvEHqS9fSzh30XbIwHwYDVR0jBBgwFoAULhjiCKGCVxsJ
fdIjpxaeQOvpiT0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy82YTk1MzdhOC1h
Njg1LTRiNDgtOWZhOC04MzYyZTRmYzQ3YWUvYjU4NDVjMzA3ZDBiZjYxYjEzNGI4
YWI3MTE1NDU4MjZiMTcwN2ZkNWYwYWY4NGRhMDguY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTE3ZjNlZDctNThiNS00Nzk2LWJlMzctMTRk
NjJlNDhmMDU2L2M5MWRjMTEwLWU0ZDYtNGE3OC05MGRjLTk0ZTRkMjA4M2M4OS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzUxN2YzZWQ3LTU4YjUtNDc5Ni1iZTM3
LTE0ZDYyZTQ4ZjA1Ni9DX1liRTB1S3R4RlVXQ2F4Y0hfVjhLLUUyZ2cuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgAmAPDwATANBgkqhkiG9w0BAQsFAAOCAQEAMVwvUIxk8eKJPqEOv1teZjER
u9Xy+troPiphDKhifI+lWsxlg4bMBZ6XI7okJb5X1l3JdDY+HOnEZh7xbKxxGovq
1Hx7q/4N7dYxqCyQ0++sl7FYWlm942gWQWJLBWLzcvWwNNqTv5H3CQYs+Hz8qANV
pZI4f9cerqFYr7ueNKUYkqVBeMAIfoRkRWtSGBt24siUnYlf6W/7xq49vYZC2+n9
bXIiC/8qxSO+fxqfAKSiU7SqUCNqdJK44zHgDmzBLssKN8cewQA675j19nxlt8Gy
perrVxdcANrlGlk8O4aV+Sis2GPxfXVArrDFCeXuMDYJ0QGDjX8mde/vdFyJUw==
-----END CERTIFICATE-----