Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/f8738a51-4689-46b8-a472-d4d0afaca2d7.roa
File:                     f8738a51-4689-46b8-a472-d4d0afaca2d7.roa (raw, json)
Hash identifier:          EXUeHb5ttcCl+D1Rrlz5ndC/AQvRWiWqidEka5QqPWM=
Subject key identifier:   7F:1F:25:6C:49:84:EF:26:AC:B2:26:51:09:F6:37:F9:26:62:CA:E7
Certificate issuer:       /CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
Certificate serial:       69517357A2043882922B90DBCC6FA9878B47E8B7
Authority key identifier: 2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/f8738a51-4689-46b8-a472-d4d0afaca2d7.roa
Signing time:             Fri 13 Feb 2026 15:00:45 +0000
ROA not before:           Fri 13 Feb 2026 15:00:45 +0000
ROA not after:            Thu 14 May 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:f0f0:4::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 03 Mar 2026 22:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            69:51:73:57:a2:04:38:82:92:2b:90:db:cc:6f:a9:87:8b:47:e8:b7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
        Validity
            Not Before: Feb 13 15:00:45 2026 GMT
            Not After : May 14 23:59:59 2026 GMT
        Subject: serialNumber=8358cd46fba0aaacf2b3be586a455ffa36928ec2edb50cf76b6e38e079cc1255, CN=fbb27576-cac2-4381-9a53-6c15e0dc26ff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:df:bc:a1:67:44:25:df:10:7e:b4:cd:63:1e:
                    43:ae:4d:0e:4d:58:c5:83:ee:26:6d:72:92:49:13:
                    8e:8a:71:d6:64:3a:cd:ef:33:ec:2f:2a:63:b8:b2:
                    44:d6:92:d3:73:47:98:1a:19:fa:1c:e8:21:14:2f:
                    df:df:d1:3b:9d:16:7b:7c:07:07:70:f5:3d:36:4f:
                    67:99:4b:2b:32:ef:85:50:ce:e7:6f:85:b1:79:ca:
                    17:14:0b:52:55:45:5f:fd:e1:81:5a:81:02:8d:e1:
                    7c:68:fe:26:ab:47:07:31:38:2b:09:76:fb:06:1c:
                    c7:93:6a:dd:15:c5:f4:ed:b9:e1:ed:d3:60:da:ff:
                    e8:0d:52:27:d0:70:2d:6d:b0:4f:59:3c:17:e9:90:
                    c1:7d:54:e9:7c:ff:73:44:94:8b:58:4a:d2:44:f1:
                    d0:2f:13:1b:2b:0b:46:51:fc:dc:c0:e6:6a:44:24:
                    37:b1:f8:21:49:20:3b:aa:36:42:25:00:14:7b:33:
                    e1:32:c9:2d:17:f2:e6:a3:d9:88:29:c7:6e:32:c2:
                    66:53:c2:05:03:27:b5:82:94:f9:e6:cd:db:cc:e5:
                    aa:f8:e0:c2:69:8b:60:23:26:56:4c:a4:50:b6:44:
                    0d:e8:15:72:5c:d4:d1:cf:ca:34:93:9c:da:f6:6d:
                    15:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7F:1F:25:6C:49:84:EF:26:AC:B2:26:51:09:F6:37:F9:26:62:CA:E7
            X509v3 Authority Key Identifier:
                keyid:2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/f8738a51-4689-46b8-a472-d4d0afaca2d7.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:f0f0:4::/48

    Signature Algorithm: sha256WithRSAEncryption
         a1:f8:37:8d:df:ea:0d:ac:00:c4:db:8a:e3:5c:02:ec:3a:a0:
         0a:f1:90:ba:97:b5:d6:92:fb:de:fb:d6:8c:b8:bb:d4:a1:4a:
         17:6b:41:a9:ec:b8:a8:f8:2c:20:33:ac:44:a6:25:06:05:c6:
         b3:05:8d:36:09:b1:a3:4c:a8:d1:6d:96:d7:3b:47:5d:8f:33:
         7e:82:30:56:6a:46:ec:f5:dd:f5:62:25:63:1c:2a:ab:96:9b:
         ff:5c:33:ac:82:0f:8c:53:01:e9:30:f0:07:32:54:2c:39:82:
         58:11:8f:7b:ce:56:0b:20:41:5d:c0:be:d9:94:df:a4:1b:ce:
         6c:00:70:93:3f:9d:b4:c8:2b:74:dc:c2:3e:64:00:bb:b4:ca:
         f0:e4:0e:d9:f5:27:1d:8a:d9:04:ec:45:50:09:d6:1c:b3:dc:
         97:fb:72:be:e8:96:e9:0c:01:ec:54:48:a6:2f:e7:64:40:4e:
         3c:36:a4:8d:de:d3:d6:51:d0:e1:a2:42:82:a5:e8:67:f5:1a:
         a5:de:8d:ee:fe:63:3e:bc:6a:2d:67:09:57:0a:80:9a:7d:70:
         58:40:42:28:40:8e:74:fc:cc:64:27:9d:29:54:bb:95:79:fe:
         aa:e3:85:cb:d9:6c:41:00:05:27:6b:e3:35:02:54:46:d8:fb:
         57:83:4f:f2
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUaVFzV6IEOIKSK5DbzG+ph4tH6LcwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyYjU4NDVjMzA3ZDBiZjYxYjEzNGI4YWI3MTE1NDU4MjZi
MTcwN2ZkNWYwYWY4NGRhMDgwHhcNMjYwMjEzMTUwMDQ1WhcNMjYwNTE0MjM1OTU5
WjB6MUkwRwYDVQQFE0A4MzU4Y2Q0NmZiYTBhYWFjZjJiM2JlNTg2YTQ1NWZmYTM2
OTI4ZWMyZWRiNTBjZjc2YjZlMzhlMDc5Y2MxMjU1MS0wKwYDVQQDEyRmYmIyNzU3
Ni1jYWMyLTQzODEtOWE1My02YzE1ZTBkYzI2ZmYwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDJ37yhZ0Ql3xB+tM1jHkOuTQ5NWMWD7iZtcpJJE46KcdZk
Os3vM+wvKmO4skTWktNzR5gaGfoc6CEUL9/f0TudFnt8Bwdw9T02T2eZSysy74VQ
zudvhbF5yhcUC1JVRV/94YFagQKN4Xxo/iarRwcxOCsJdvsGHMeTat0VxfTtueHt
02Da/+gNUifQcC1tsE9ZPBfpkMF9VOl8/3NElItYStJE8dAvExsrC0ZR/NzA5mpE
JDex+CFJIDuqNkIlABR7M+EyyS0X8uaj2Ygpx24ywmZTwgUDJ7WClPnmzdvM5ar4
4MJpi2AjJlZMpFC2RA3oFXJc1NHPyjSTnNr2bRW1AgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUfx8lbEmE7yassiZRCfY3+SZiyucwHwYDVR0jBBgwFoAULhjiCKGCVxsJ
fdIjpxaeQOvpiT0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy82YTk1MzdhOC1h
Njg1LTRiNDgtOWZhOC04MzYyZTRmYzQ3YWUvYjU4NDVjMzA3ZDBiZjYxYjEzNGI4
YWI3MTE1NDU4MjZiMTcwN2ZkNWYwYWY4NGRhMDguY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTE3ZjNlZDctNThiNS00Nzk2LWJlMzctMTRk
NjJlNDhmMDU2L2Y4NzM4YTUxLTQ2ODktNDZiOC1hNDcyLWQ0ZDBhZmFjYTJkNy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzUxN2YzZWQ3LTU4YjUtNDc5Ni1iZTM3
LTE0ZDYyZTQ4ZjA1Ni9DX1liRTB1S3R4RlVXQ2F4Y0hfVjhLLUUyZ2cuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmAPDwAAQwDQYJKoZIhvcNAQELBQADggEBAKH4N43f6g2sAMTbiuNcAuw6
oArxkLqXtdaS+9771oy4u9ShShdrQansuKj4LCAzrESmJQYFxrMFjTYJsaNMqNFt
ltc7R12PM36CMFZqRuz13fViJWMcKquWm/9cM6yCD4xTAekw8AcyVCw5glgRj3vO
VgsgQV3AvtmU36QbzmwAcJM/nbTIK3Tcwj5kALu0yvDkDtn1Jx2K2QTsRVAJ1hyz
3Jf7cr7olukMAexUSKYv52RATjw2pI3e09ZR0OGiQoKl6Gf1GqXeje7+Yz68ai1n
CVcKgJp9cFhAQihAjnT8zGQnnSlUu5V5/qrjhcvZbEEABSdr4zUCVEbY+1eDT/I=
-----END CERTIFICATE-----