Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/088d5754-cda4-4d89-86f5-f70a4d75e7fc.roa
File:                     088d5754-cda4-4d89-86f5-f70a4d75e7fc.roa (raw, json)
Hash identifier:          zTofqqjWlBKhjShgCjFfsvlNfVZHh6c/3jLKbzqvmlM=
Subject key identifier:   A4:25:B1:0A:B4:7B:88:58:72:D0:8E:CA:25:8F:02:BB:A4:0E:C3:75
Certificate issuer:       /CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
Certificate serial:       074425EC74971AF1C8175CCE01D33878ACF363A0
Authority key identifier: BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/088d5754-cda4-4d89-86f5-f70a4d75e7fc.roa
Signing time:             Tue 17 Feb 2026 02:40:50 +0000
ROA not before:           Tue 17 Feb 2026 02:40:50 +0000
ROA not after:            Mon 18 May 2026 23:59:59 +0000
asID:                     14618
IP address blocks:        2605:9cc0:64c::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 03 Mar 2026 18:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            07:44:25:ec:74:97:1a:f1:c8:17:5c:ce:01:d3:38:78:ac:f3:63:a0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
        Validity
            Not Before: Feb 17 02:40:50 2026 GMT
            Not After : May 18 23:59:59 2026 GMT
        Subject: serialNumber=84c66d5fe86f90b786ff351bac1453f5dc61f39b8893bba10b7038c3bfcf0265, CN=f7243785-46de-414b-9b8f-7a9699e979e2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:ba:89:a5:e9:0d:4b:bd:59:3f:b3:34:6e:39:
                    ae:af:e6:1a:83:3f:9f:d0:fb:ab:c0:6d:44:98:47:
                    85:04:9d:6f:20:64:d9:9f:5a:c1:c5:e6:03:c2:d8:
                    65:9e:a7:10:6b:93:0b:33:55:6d:4a:1c:db:2e:a1:
                    ca:26:64:ed:39:5c:75:89:a8:4e:0e:6b:93:5f:8b:
                    29:5d:bf:e5:81:05:99:d1:18:ca:93:1a:0b:46:43:
                    06:ed:93:dc:af:41:0a:b6:5e:2a:ef:80:54:6f:38:
                    0a:f6:44:22:4b:66:23:11:99:f5:bd:83:8b:e2:9b:
                    1c:fc:d3:7b:06:ef:aa:77:9b:a3:f6:b7:70:ac:7c:
                    e9:fb:fb:8b:71:e6:93:95:c2:4b:fa:9c:b0:17:e5:
                    0a:db:53:8c:be:ba:27:b3:8d:73:dd:b5:03:fb:b8:
                    e2:17:d4:69:8d:f8:f7:d4:18:95:9e:ce:5b:de:42:
                    74:24:9d:9b:01:9e:ed:f9:a2:cd:3e:23:4b:a9:88:
                    3e:11:99:52:c9:69:8a:82:33:93:60:10:8a:3b:94:
                    25:33:45:52:b6:5e:87:3e:f0:87:f2:a8:98:dc:7c:
                    53:4d:a8:62:04:4a:3f:62:d8:23:ba:88:86:3b:40:
                    0a:d1:fd:f7:c8:52:76:1e:fb:45:e7:82:b9:b6:52:
                    fc:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A4:25:B1:0A:B4:7B:88:58:72:D0:8E:CA:25:8F:02:BB:A4:0E:C3:75
            X509v3 Authority Key Identifier:
                keyid:BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/088d5754-cda4-4d89-86f5-f70a4d75e7fc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2605:9cc0:64c::/48

    Signature Algorithm: sha256WithRSAEncryption
         45:b1:94:74:17:7c:fd:08:5d:be:52:28:13:01:da:76:e0:10:
         59:03:56:d8:5f:9d:2a:5b:9c:6f:02:e3:54:36:26:4a:82:36:
         92:ae:82:9f:5c:a7:cd:71:eb:e6:c8:55:dc:1d:6e:d6:ab:b4:
         cc:86:ee:58:e5:a7:52:71:83:7d:05:7e:94:c5:2f:26:e1:f6:
         b7:62:69:df:33:e8:51:28:45:94:e8:17:21:ae:0b:2d:a9:eb:
         64:29:8d:c4:cd:83:0e:00:cd:1f:fa:45:50:0a:50:dc:dd:78:
         e9:a6:b4:f2:58:f2:29:dd:c3:7f:09:2a:e5:9e:db:19:73:85:
         ca:0a:33:f7:8d:51:a6:62:86:42:20:27:da:56:5c:ca:2b:9b:
         b0:39:c1:c1:85:44:83:6d:aa:15:c8:ac:88:3e:4c:af:a1:11:
         4f:31:40:37:d0:96:c6:42:69:39:b7:28:12:3c:85:0b:2b:30:
         30:a4:9f:27:a8:1e:53:cd:2a:c2:f7:9b:f9:73:80:57:3a:e4:
         ac:14:83:4d:fb:2c:6a:25:af:54:7e:7e:4b:6a:af:3a:eb:6b:
         26:20:64:95:5d:dd:54:c7:2c:64:79:e4:c1:41:cf:9a:f0:46:
         69:6b:fd:f3:e2:5b:0b:8f:0f:a4:14:ff:e1:83:0c:8e:6f:5a:
         fa:eb:81:16
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUB0Ql7HSXGvHIF1zOAdM4eKzzY6AwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyOTdhYzAwMjhkNmVmYmRkYWZiN2Q5YzcxZTI5ZWI3MWMw
MDVlMzRmYzE5ZjFmN2M0MjQwHhcNMjYwMjE3MDI0MDUwWhcNMjYwNTE4MjM1OTU5
WjB6MUkwRwYDVQQFE0A4NGM2NmQ1ZmU4NmY5MGI3ODZmZjM1MWJhYzE0NTNmNWRj
NjFmMzliODg5M2JiYTEwYjcwMzhjM2JmY2YwMjY1MS0wKwYDVQQDEyRmNzI0Mzc4
NS00NmRlLTQxNGItOWI4Zi03YTk2OTllOTc5ZTIwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC7uoml6Q1LvVk/szRuOa6v5hqDP5/Q+6vAbUSYR4UEnW8g
ZNmfWsHF5gPC2GWepxBrkwszVW1KHNsuocomZO05XHWJqE4Oa5Nfiyldv+WBBZnR
GMqTGgtGQwbtk9yvQQq2XirvgFRvOAr2RCJLZiMRmfW9g4vimxz803sG76p3m6P2
t3CsfOn7+4tx5pOVwkv6nLAX5QrbU4y+uiezjXPdtQP7uOIX1GmN+PfUGJWezlve
QnQknZsBnu35os0+I0upiD4RmVLJaYqCM5NgEIo7lCUzRVK2Xoc+8IfyqJjcfFNN
qGIESj9i2CO6iIY7QArR/ffIUnYe+0Xngrm2UvyFAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUpCWxCrR7iFhy0I7KJY8Cu6QOw3UwHwYDVR0jBBgwFoAUugzhfiM/vHHU
MKvawsMMeQS2oOcwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy9kM2VhNmVhYi1m
NDFmLTRlNDYtYThmNi0zZGE0YTEyOGQ3OGMvOTdhYzAwMjhkNmVmYmRkYWZiN2Q5
YzcxZTI5ZWI3MWMwMDVlMzRmYzE5ZjFmN2M0MjQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTQ2MDJmYjAtYTlkNC00ZjlmLWIwY2EtYmUy
YTEzOWVhOTJiLzA4OGQ1NzU0LWNkYTQtNGQ4OS04NmY1LWY3MGE0ZDc1ZTdmYy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzU0NjAyZmIwLWE5ZDQtNGY5Zi1iMGNh
LWJlMmExMzllYTkyYi83NzNhLTMyY2NlS2V0eHdBWGpUOEdmSDN4Q1EuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmBZzABkwwDQYJKoZIhvcNAQELBQADggEBAEWxlHQXfP0IXb5SKBMB2nbg
EFkDVthfnSpbnG8C41Q2JkqCNpKugp9cp81x6+bIVdwdbtartMyG7ljlp1Jxg30F
fpTFLybh9rdiad8z6FEoRZToFyGuCy2p62QpjcTNgw4AzR/6RVAKUNzdeOmmtPJY
8indw38JKuWe2xlzhcoKM/eNUaZihkIgJ9pWXMorm7A5wcGFRINtqhXIrIg+TK+h
EU8xQDfQlsZCaTm3KBI8hQsrMDCknyeoHlPNKsL3m/lzgFc65KwUg037LGolr1R+
fktqrzrrayYgZJVd3VTHLGR55MFBz5rwRmlr/fPiWwuPD6QU/+GDDI5vWvrrgRY=
-----END CERTIFICATE-----