Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/a3dc9780-ee42-4415-930a-4d78bbb4e531.roa
File:                     a3dc9780-ee42-4415-930a-4d78bbb4e531.roa (raw, json)
Hash identifier:          HNEZ5a/t/cu6X5NZGQ6ZLg3jeZ8dP5vbpqrCDfzsT2w=
Subject key identifier:   1B:C6:8D:DE:39:9B:E5:74:DE:40:A4:1C:23:30:DD:83:80:EA:00:D0
Certificate issuer:       /CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
Certificate serial:       1131E3E6CACF941357557F3DA02913DB53D0E965
Authority key identifier: BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/a3dc9780-ee42-4415-930a-4d78bbb4e531.roa
Signing time:             Fri 13 Feb 2026 14:40:08 +0000
ROA not before:           Fri 13 Feb 2026 14:40:08 +0000
ROA not after:            Thu 14 May 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        2605:9cc0:c02::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 03 Mar 2026 18:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            11:31:e3:e6:ca:cf:94:13:57:55:7f:3d:a0:29:13:db:53:d0:e9:65
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
        Validity
            Not Before: Feb 13 14:40:08 2026 GMT
            Not After : May 14 23:59:59 2026 GMT
        Subject: serialNumber=d899255778f4102225bf9d1fed348ed31ac074c3792ee0e53e069c55f098aa59, CN=f7243785-46de-414b-9b8f-7a9699e979e2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:23:4b:d3:6a:f6:d6:bb:00:8e:a2:d1:99:59:
                    f3:6b:12:35:78:4c:4f:cd:c0:6c:62:c0:48:b0:69:
                    99:2e:b6:f8:d1:99:e7:0a:31:8f:46:2a:63:9e:c5:
                    f9:66:0e:e0:e5:60:a0:9e:90:7f:85:70:99:74:d2:
                    c7:d8:73:20:bb:48:c7:68:79:37:1f:b1:f9:5e:ed:
                    54:34:64:05:75:50:55:2b:81:8b:41:55:22:e9:67:
                    c3:f4:2b:4f:f2:63:c5:4f:c5:fe:fd:91:20:a5:64:
                    ad:71:a5:3d:f5:63:7e:99:76:a6:4b:96:20:95:d4:
                    3e:de:d4:b4:72:73:42:e3:ec:5d:04:da:cd:9b:ad:
                    be:32:56:cb:5f:21:3b:95:51:12:e5:85:e8:8d:fc:
                    d8:eb:f1:98:0a:63:4c:e6:67:eb:38:1a:65:37:eb:
                    6f:52:19:cf:4b:50:88:99:dc:1f:74:cc:6c:ae:6d:
                    ac:d0:bc:fc:02:37:96:a7:ce:37:5b:57:d7:37:a2:
                    7d:b6:39:ac:48:36:09:20:48:da:43:57:3c:ef:06:
                    7c:31:6d:0a:5c:4d:2c:ef:7f:aa:c1:94:86:a3:9a:
                    d8:33:99:8e:f0:ea:95:4e:5a:de:4f:45:22:d7:b2:
                    cf:21:a6:7b:b2:0b:dc:25:34:e8:7e:53:eb:95:95:
                    93:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1B:C6:8D:DE:39:9B:E5:74:DE:40:A4:1C:23:30:DD:83:80:EA:00:D0
            X509v3 Authority Key Identifier:
                keyid:BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/a3dc9780-ee42-4415-930a-4d78bbb4e531.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2605:9cc0:c02::/48

    Signature Algorithm: sha256WithRSAEncryption
         04:27:e4:dd:5b:a1:46:33:3d:0b:be:4a:fb:54:8d:03:d1:bf:
         1b:2c:bf:d2:b9:3b:e0:8c:12:c3:f5:bd:9b:2d:13:a2:1b:96:
         cd:03:9c:91:84:2d:4c:58:7f:a8:78:7e:95:06:0e:da:00:97:
         47:4b:53:0a:1c:0a:2e:32:60:60:bd:7b:0f:2f:43:e7:a5:42:
         09:3a:82:c7:1b:f2:c3:58:cc:8e:22:9d:95:f2:e8:49:2b:07:
         61:ff:ee:03:19:ff:c9:ea:10:f8:b4:f6:3e:08:80:0f:94:20:
         d9:54:13:e9:f8:f6:d3:1c:73:10:b0:a7:af:99:72:4f:61:ae:
         0d:cd:69:71:51:74:1f:34:f7:19:4a:2b:88:09:c2:97:c4:a8:
         66:c1:7f:ae:04:63:9d:13:b1:fa:a5:79:37:4f:e3:0e:d9:ca:
         54:7c:96:49:4f:f1:65:6f:a8:0b:11:20:d7:af:4c:4d:20:88:
         4f:25:ed:50:ad:0b:80:cb:8d:b6:5e:40:f2:2f:93:2b:6f:12:
         6d:f1:7e:49:9b:f9:c7:95:9b:db:1b:48:18:6a:47:a6:84:b0:
         17:2b:38:b5:69:14:ef:dc:c3:40:4e:60:d0:f8:2c:86:ec:68:
         28:fd:de:fa:a5:bb:c1:94:5b:7a:7f:e7:57:ac:55:3a:0e:6a:
         10:1a:c2:92
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUETHj5srPlBNXVX89oCkT21PQ6WUwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyOTdhYzAwMjhkNmVmYmRkYWZiN2Q5YzcxZTI5ZWI3MWMw
MDVlMzRmYzE5ZjFmN2M0MjQwHhcNMjYwMjEzMTQ0MDA4WhcNMjYwNTE0MjM1OTU5
WjB6MUkwRwYDVQQFE0BkODk5MjU1Nzc4ZjQxMDIyMjViZjlkMWZlZDM0OGVkMzFh
YzA3NGMzNzkyZWUwZTUzZTA2OWM1NWYwOThhYTU5MS0wKwYDVQQDEyRmNzI0Mzc4
NS00NmRlLTQxNGItOWI4Zi03YTk2OTllOTc5ZTIwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDEI0vTavbWuwCOotGZWfNrEjV4TE/NwGxiwEiwaZkutvjR
mecKMY9GKmOexflmDuDlYKCekH+FcJl00sfYcyC7SMdoeTcfsfle7VQ0ZAV1UFUr
gYtBVSLpZ8P0K0/yY8VPxf79kSClZK1xpT31Y36ZdqZLliCV1D7e1LRyc0Lj7F0E
2s2brb4yVstfITuVURLlheiN/Njr8ZgKY0zmZ+s4GmU3629SGc9LUIiZ3B90zGyu
bazQvPwCN5anzjdbV9c3on22OaxINgkgSNpDVzzvBnwxbQpcTSzvf6rBlIajmtgz
mY7w6pVOWt5PRSLXss8hpnuyC9wlNOh+U+uVlZMjAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUG8aN3jmb5XTeQKQcIzDdg4DqANAwHwYDVR0jBBgwFoAUugzhfiM/vHHU
MKvawsMMeQS2oOcwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy9kM2VhNmVhYi1m
NDFmLTRlNDYtYThmNi0zZGE0YTEyOGQ3OGMvOTdhYzAwMjhkNmVmYmRkYWZiN2Q5
YzcxZTI5ZWI3MWMwMDVlMzRmYzE5ZjFmN2M0MjQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTQ2MDJmYjAtYTlkNC00ZjlmLWIwY2EtYmUy
YTEzOWVhOTJiL2EzZGM5NzgwLWVlNDItNDQxNS05MzBhLTRkNzhiYmI0ZTUzMS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzU0NjAyZmIwLWE5ZDQtNGY5Zi1iMGNh
LWJlMmExMzllYTkyYi83NzNhLTMyY2NlS2V0eHdBWGpUOEdmSDN4Q1EuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmBZzADAIwDQYJKoZIhvcNAQELBQADggEBAAQn5N1boUYzPQu+SvtUjQPR
vxssv9K5O+CMEsP1vZstE6Ibls0DnJGELUxYf6h4fpUGDtoAl0dLUwocCi4yYGC9
ew8vQ+elQgk6gscb8sNYzI4inZXy6EkrB2H/7gMZ/8nqEPi09j4IgA+UINlUE+n4
9tMccxCwp6+Zck9hrg3NaXFRdB809xlKK4gJwpfEqGbBf64EY50TsfqleTdP4w7Z
ylR8lklP8WVvqAsRINevTE0giE8l7VCtC4DLjbZeQPIvkytvEm3xfkmb+ceVm9sb
SBhqR6aEsBcrOLVpFO/cw0BOYND4LIbsaCj93vqlu8GUW3p/51esVToOahAawpI=
-----END CERTIFICATE-----