Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/e44f32b3-ff36-487e-b814-9b622650bde3.roa
File:                     e44f32b3-ff36-487e-b814-9b622650bde3.roa (raw, json)
Hash identifier:          36PNWq/eebJxPN4zP/AAxoWdqVZjaUeJj6ryqV8p3Lg=
Subject key identifier:   1A:A9:0D:09:09:2F:7D:BE:99:1F:A1:13:B6:AF:52:7A:D8:48:09:FB
Certificate issuer:       /CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
Certificate serial:       1409E0CBEDAEC87ECBC4A3C5CE82439329C77F10
Authority key identifier: 2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/e44f32b3-ff36-487e-b814-9b622650bde3.roa
Signing time:             Tue 17 Feb 2026 00:30:17 +0000
ROA not before:           Tue 17 Feb 2026 00:30:17 +0000
ROA not after:            Mon 18 May 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:f0f0:1100::/40 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 03 Mar 2026 22:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            14:09:e0:cb:ed:ae:c8:7e:cb:c4:a3:c5:ce:82:43:93:29:c7:7f:10
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
        Validity
            Not Before: Feb 17 00:30:17 2026 GMT
            Not After : May 18 23:59:59 2026 GMT
        Subject: serialNumber=01de5c300fd5338ffa22c4bb11064e1dd8117e7b871ff551be12c4c7e746abb0, CN=fbb27576-cac2-4381-9a53-6c15e0dc26ff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:27:4e:a1:9f:1b:ee:e4:dc:12:87:96:ad:46:
                    31:da:00:7c:0c:2e:e3:a3:8a:56:a7:a3:7d:4d:29:
                    4e:43:90:38:12:a1:33:d4:e0:d0:4c:c0:80:0c:36:
                    48:f9:5b:47:3f:c9:7e:a4:b4:5a:cc:e2:53:8d:4d:
                    61:e4:75:d7:55:ea:a9:ae:ad:e9:30:02:3b:03:c5:
                    66:5d:6b:11:7a:a2:f6:92:2a:41:c2:6d:23:57:5f:
                    ea:d8:f6:97:eb:1b:6e:e2:19:b0:93:ff:f0:c8:b8:
                    b0:57:ba:17:6b:61:27:c4:20:f7:28:9e:e8:a2:bf:
                    6a:e1:42:4a:ee:16:56:a6:5f:37:5e:b3:26:95:f7:
                    f4:91:f6:45:19:84:e9:25:18:80:be:d5:82:69:6e:
                    09:84:f8:f2:80:a7:57:5d:9c:a3:19:6e:f5:7b:22:
                    0d:93:e2:d0:e2:3d:c9:0b:7a:a0:69:26:4e:af:5d:
                    64:9c:f0:c1:5f:bc:28:3b:d3:b7:37:12:22:5c:22:
                    85:c5:8d:f9:39:a5:fa:17:64:59:15:6d:3e:23:ad:
                    8e:ab:cc:0d:4d:e0:a7:c6:a2:40:71:4f:e9:1a:74:
                    93:b9:af:c0:ed:60:14:f4:ce:03:14:e3:ef:32:81:
                    27:4f:e5:eb:41:4e:2b:d4:5e:f8:71:04:55:a8:08:
                    0f:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1A:A9:0D:09:09:2F:7D:BE:99:1F:A1:13:B6:AF:52:7A:D8:48:09:FB
            X509v3 Authority Key Identifier:
                keyid:2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/e44f32b3-ff36-487e-b814-9b622650bde3.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:f0f0:1100::/40

    Signature Algorithm: sha256WithRSAEncryption
         11:a8:ba:4e:fd:e0:22:e3:7e:e4:a9:52:e8:3f:dc:81:44:1b:
         45:d7:c2:80:bb:33:c8:ff:36:8d:9e:27:69:23:2d:07:49:e9:
         ba:48:2e:54:76:2a:5a:47:c1:0b:ef:12:c7:0f:12:62:2c:4b:
         19:88:7b:b8:5e:7d:12:39:bd:93:f6:f0:2a:ec:09:e6:98:95:
         30:ca:bc:d4:d2:f1:27:cc:f7:cc:66:a6:ac:de:88:22:c8:a5:
         70:38:e2:f5:0d:4b:3f:e1:73:96:fe:67:a9:9a:38:79:f0:de:
         f6:21:38:4f:b1:f9:dc:65:db:c1:75:eb:3f:dc:ab:74:da:37:
         17:72:2c:b2:35:58:d3:1e:21:88:f3:b2:54:02:cd:32:c7:fa:
         0a:f6:5b:f8:62:b1:9a:a8:3d:17:c8:45:b5:0c:4f:e3:79:21:
         40:88:ab:ab:cd:85:39:37:bb:33:ad:8e:56:cd:ad:94:5b:96:
         37:23:ae:c4:f0:6a:e8:a6:a5:9f:c3:48:8e:94:bf:6a:b4:4e:
         73:3a:0c:2a:ca:2c:3a:64:5c:c3:cd:88:17:6c:bb:fc:f9:54:
         48:84:f9:ee:2b:31:25:c3:6f:d4:3d:78:14:73:3a:0b:52:4c:
         da:10:ae:8d:cf:bd:b7:b0:2a:70:bc:ae:62:95:5e:aa:2e:2e:
         69:1e:23:ed
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUFAngy+2uyH7LxKPFzoJDkynHfxAwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyYjU4NDVjMzA3ZDBiZjYxYjEzNGI4YWI3MTE1NDU4MjZi
MTcwN2ZkNWYwYWY4NGRhMDgwHhcNMjYwMjE3MDAzMDE3WhcNMjYwNTE4MjM1OTU5
WjB6MUkwRwYDVQQFE0AwMWRlNWMzMDBmZDUzMzhmZmEyMmM0YmIxMTA2NGUxZGQ4
MTE3ZTdiODcxZmY1NTFiZTEyYzRjN2U3NDZhYmIwMS0wKwYDVQQDEyRmYmIyNzU3
Ni1jYWMyLTQzODEtOWE1My02YzE1ZTBkYzI2ZmYwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCuJ06hnxvu5NwSh5atRjHaAHwMLuOjilano31NKU5DkDgS
oTPU4NBMwIAMNkj5W0c/yX6ktFrM4lONTWHkdddV6qmurekwAjsDxWZdaxF6ovaS
KkHCbSNXX+rY9pfrG27iGbCT//DIuLBXuhdrYSfEIPconuiiv2rhQkruFlamXzde
syaV9/SR9kUZhOklGIC+1YJpbgmE+PKAp1ddnKMZbvV7Ig2T4tDiPckLeqBpJk6v
XWSc8MFfvCg707c3EiJcIoXFjfk5pfoXZFkVbT4jrY6rzA1N4KfGokBxT+kadJO5
r8DtYBT0zgMU4+8ygSdP5etBTivUXvhxBFWoCA8PAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUGqkNCQkvfb6ZH6ETtq9SethICfswHwYDVR0jBBgwFoAULhjiCKGCVxsJ
fdIjpxaeQOvpiT0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy82YTk1MzdhOC1h
Njg1LTRiNDgtOWZhOC04MzYyZTRmYzQ3YWUvYjU4NDVjMzA3ZDBiZjYxYjEzNGI4
YWI3MTE1NDU4MjZiMTcwN2ZkNWYwYWY4NGRhMDguY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTE3ZjNlZDctNThiNS00Nzk2LWJlMzctMTRk
NjJlNDhmMDU2L2U0NGYzMmIzLWZmMzYtNDg3ZS1iODE0LTliNjIyNjUwYmRlMy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzUxN2YzZWQ3LTU4YjUtNDc5Ni1iZTM3
LTE0ZDYyZTQ4ZjA1Ni9DX1liRTB1S3R4RlVXQ2F4Y0hfVjhLLUUyZ2cuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgAmAPDwETANBgkqhkiG9w0BAQsFAAOCAQEAEai6Tv3gIuN+5KlS6D/cgUQb
RdfCgLszyP82jZ4naSMtB0npukguVHYqWkfBC+8Sxw8SYixLGYh7uF59Ejm9k/bw
KuwJ5piVMMq81NLxJ8z3zGamrN6IIsilcDji9Q1LP+Fzlv5nqZo4efDe9iE4T7H5
3GXbwXXrP9yrdNo3F3IssjVY0x4hiPOyVALNMsf6CvZb+GKxmqg9F8hFtQxP43kh
QIirq82FOTe7M62OVs2tlFuWNyOuxPBq6Kaln8NIjpS/arROczoMKsosOmRcw82I
F2y7/PlUSIT57isxJcNv1D14FHM6C1JM2hCujc+9t7AqcLyuYpVeqi4uaR4j7Q==
-----END CERTIFICATE-----