Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/69755fd2-2bf9-468e-a4b8-8294aacd571a.roa
File:                     69755fd2-2bf9-468e-a4b8-8294aacd571a.roa (raw, json)
Hash identifier:          /uSP9fnEp42mLJDU3067kiZOikHihYuZfjOWCszFuqo=
Subject key identifier:   2A:A1:20:3D:3D:96:C5:77:16:05:15:8F:EF:1A:94:66:5F:E6:D2:F9
Certificate issuer:       /CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
Certificate serial:       59490CE7ADD80E548338FEC70A86647685EC083B
Authority key identifier: BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/69755fd2-2bf9-468e-a4b8-8294aacd571a.roa
Signing time:             Tue 17 Feb 2026 02:40:51 +0000
ROA not before:           Tue 17 Feb 2026 02:40:51 +0000
ROA not after:            Mon 18 May 2026 23:59:59 +0000
asID:                     14618
IP address blocks:        2605:9cc0:c08::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 03 Mar 2026 18:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            59:49:0c:e7:ad:d8:0e:54:83:38:fe:c7:0a:86:64:76:85:ec:08:3b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
        Validity
            Not Before: Feb 17 02:40:51 2026 GMT
            Not After : May 18 23:59:59 2026 GMT
        Subject: serialNumber=1cd9056d8e4ddd8ab7e07e87419e7aa3d333ac4354453a4c2cfc5a11a4937e57, CN=f7243785-46de-414b-9b8f-7a9699e979e2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:b2:1c:4d:cb:b2:3b:85:c8:cf:60:55:f5:1d:
                    3e:df:cb:c9:54:86:25:35:76:c0:4c:c2:4f:f2:74:
                    e3:2e:b9:4d:09:c6:e1:c2:77:a3:9d:9a:8f:e0:f7:
                    14:51:b3:d3:bb:8a:93:05:60:c6:fc:e2:6b:e0:e1:
                    28:92:f4:fb:f2:f8:18:04:3e:52:e6:3f:ac:a6:e2:
                    47:d1:af:f2:fd:29:a1:a4:21:aa:5e:e4:b6:12:89:
                    88:50:40:a7:89:90:5b:ff:ac:e0:d1:47:59:33:de:
                    11:25:04:ee:87:71:b2:f0:2d:77:bd:a0:60:44:42:
                    a1:f4:7e:54:88:dc:c9:83:a6:c2:49:0e:80:36:ef:
                    2d:95:aa:ff:f5:5c:1d:f2:1f:49:3e:d0:e3:b8:c7:
                    ed:19:c8:20:fe:50:b9:88:a9:7e:1b:3b:ec:71:aa:
                    a4:4c:c0:ab:aa:38:20:dc:98:08:34:e1:a5:e3:19:
                    f5:5d:b7:ca:f9:05:2d:ab:f9:94:83:6b:df:f6:37:
                    91:a1:bc:38:f4:64:d5:8e:97:0a:b9:2b:1b:4d:32:
                    0c:53:fe:46:5c:3b:87:c9:01:36:63:04:0b:e9:0b:
                    9e:e4:69:54:0a:50:f5:0c:b7:4e:c0:78:c8:30:1d:
                    88:db:72:50:82:b0:3d:37:59:1f:b7:d2:7b:3c:50:
                    02:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2A:A1:20:3D:3D:96:C5:77:16:05:15:8F:EF:1A:94:66:5F:E6:D2:F9
            X509v3 Authority Key Identifier:
                keyid:BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/69755fd2-2bf9-468e-a4b8-8294aacd571a.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2605:9cc0:c08::/48

    Signature Algorithm: sha256WithRSAEncryption
         27:a5:af:ce:1f:b9:8d:0e:0c:3b:80:41:c1:0b:4f:1d:6a:0b:
         1d:25:c1:c2:9d:9e:ad:f6:a7:91:2d:00:20:27:95:ca:2e:3c:
         6f:77:32:7b:e8:01:c0:eb:f2:e3:e3:fe:d3:8e:3a:39:9e:2d:
         5f:64:09:75:4f:59:6b:f3:f5:ca:a4:16:b7:bc:0f:30:1a:44:
         d9:e3:83:0d:26:08:91:49:f9:e8:ef:75:34:ea:15:76:99:f5:
         f4:df:88:c9:a1:ff:bf:01:84:ad:92:b0:a6:f4:a9:37:a7:c7:
         1a:94:aa:6e:67:0b:29:f5:0c:86:4a:68:f7:91:bf:1d:4d:80:
         2b:1c:10:6b:5d:6d:b2:93:aa:17:be:e5:87:c5:03:e5:58:95:
         da:da:de:18:7b:42:95:76:d0:d4:e4:5a:4b:7d:be:94:f1:3b:
         88:c3:65:98:6e:8d:34:33:60:d8:07:41:6c:e8:bf:78:9c:40:
         89:31:00:51:9c:b9:4f:04:69:f4:fa:2a:48:33:c0:a9:6d:8d:
         61:25:48:c0:5e:97:eb:f1:a0:f8:48:e6:f9:56:23:80:d9:c7:
         cb:80:9c:f3:38:b6:b1:49:ab:ef:a9:1f:f4:5c:7e:49:b4:40:
         36:08:ca:c8:40:ee:0f:f5:73:30:44:f3:6e:36:b3:e5:3e:3d:
         80:d1:9b:68
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUWUkM563YDlSDOP7HCoZkdoXsCDswDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyOTdhYzAwMjhkNmVmYmRkYWZiN2Q5YzcxZTI5ZWI3MWMw
MDVlMzRmYzE5ZjFmN2M0MjQwHhcNMjYwMjE3MDI0MDUxWhcNMjYwNTE4MjM1OTU5
WjB6MUkwRwYDVQQFE0AxY2Q5MDU2ZDhlNGRkZDhhYjdlMDdlODc0MTllN2FhM2Qz
MzNhYzQzNTQ0NTNhNGMyY2ZjNWExMWE0OTM3ZTU3MS0wKwYDVQQDEyRmNzI0Mzc4
NS00NmRlLTQxNGItOWI4Zi03YTk2OTllOTc5ZTIwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC1shxNy7I7hcjPYFX1HT7fy8lUhiU1dsBMwk/ydOMuuU0J
xuHCd6Odmo/g9xRRs9O7ipMFYMb84mvg4SiS9Pvy+BgEPlLmP6ym4kfRr/L9KaGk
Iape5LYSiYhQQKeJkFv/rODRR1kz3hElBO6HcbLwLXe9oGBEQqH0flSI3MmDpsJJ
DoA27y2Vqv/1XB3yH0k+0OO4x+0ZyCD+ULmIqX4bO+xxqqRMwKuqOCDcmAg04aXj
GfVdt8r5BS2r+ZSDa9/2N5GhvDj0ZNWOlwq5KxtNMgxT/kZcO4fJATZjBAvpC57k
aVQKUPUMt07AeMgwHYjbclCCsD03WR+30ns8UAJhAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUKqEgPT2WxXcWBRWP7xqUZl/m0vkwHwYDVR0jBBgwFoAUugzhfiM/vHHU
MKvawsMMeQS2oOcwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy9kM2VhNmVhYi1m
NDFmLTRlNDYtYThmNi0zZGE0YTEyOGQ3OGMvOTdhYzAwMjhkNmVmYmRkYWZiN2Q5
YzcxZTI5ZWI3MWMwMDVlMzRmYzE5ZjFmN2M0MjQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTQ2MDJmYjAtYTlkNC00ZjlmLWIwY2EtYmUy
YTEzOWVhOTJiLzY5NzU1ZmQyLTJiZjktNDY4ZS1hNGI4LTgyOTRhYWNkNTcxYS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzU0NjAyZmIwLWE5ZDQtNGY5Zi1iMGNh
LWJlMmExMzllYTkyYi83NzNhLTMyY2NlS2V0eHdBWGpUOEdmSDN4Q1EuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmBZzADAgwDQYJKoZIhvcNAQELBQADggEBACelr84fuY0ODDuAQcELTx1q
Cx0lwcKdnq32p5EtACAnlcouPG93MnvoAcDr8uPj/tOOOjmeLV9kCXVPWWvz9cqk
Fre8DzAaRNnjgw0mCJFJ+ejvdTTqFXaZ9fTfiMmh/78BhK2SsKb0qTenxxqUqm5n
Cyn1DIZKaPeRvx1NgCscEGtdbbKTqhe+5YfFA+VYldra3hh7QpV20NTkWkt9vpTx
O4jDZZhujTQzYNgHQWzov3icQIkxAFGcuU8EafT6KkgzwKltjWElSMBel+vxoPhI
5vlWI4DZx8uAnPM4trFJq++pH/Rcfkm0QDYIyshA7g/1czBE8242s+U+PYDRm2g=
-----END CERTIFICATE-----