Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dfd7f6d3-e6e9-4987-9ae7-d052c5353898/66edf542-bd09-43ab-8640-a67a7cbe5a17.roa
File:                     66edf542-bd09-43ab-8640-a67a7cbe5a17.roa (raw, json)
Hash identifier:          DJaMsaBhmRctpIL5/HE3/ES2uOCC78Qj9N+KX6fzPe4=
Subject key identifier:   90:38:67:6E:39:48:94:13:5B:FD:FF:27:10:5E:F2:5C:72:67:9A:33
Certificate issuer:       /CN=0ee4583d84d9b4f0824cb80ba8fc1240b4794b515071e9751d
Certificate serial:       5F69BBEF1D6B6361B7138330394F77D2A628C8EF
Authority key identifier: 7D:84:47:C4:97:8A:0B:4C:73:9B:EB:F6:92:E2:4C:75:DD:3F:BC:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/b4e4fec5-3510-4017-90ef-8391412ecd6c/0ee4583d84d9b4f0824cb80ba8fc1240b4794b515071e9751d.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dfd7f6d3-e6e9-4987-9ae7-d052c5353898/66edf542-bd09-43ab-8640-a67a7cbe5a17.roa
Signing time:             Tue 17 Feb 2026 00:10:07 +0000
ROA not before:           Tue 17 Feb 2026 00:10:07 +0000
ROA not after:            Mon 18 May 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        2605:b140::/32 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dfd7f6d3-e6e9-4987-9ae7-d052c5353898/2bTwgky4C6j8EkC0eUtRUHHpdR0.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dfd7f6d3-e6e9-4987-9ae7-d052c5353898/2bTwgky4C6j8EkC0eUtRUHHpdR0.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/b4e4fec5-3510-4017-90ef-8391412ecd6c/0ee4583d84d9b4f0824cb80ba8fc1240b4794b515071e9751d.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/b4e4fec5-3510-4017-90ef-8391412ecd6c/b4e4fec5-3510-4017-90ef-8391412ecd6c.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/b4e4fec5-3510-4017-90ef-8391412ecd6c/b4e4fec5-3510-4017-90ef-8391412ecd6c.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/b4e4fec5-3510-4017-90ef-8391412ecd6c.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/f60c9f32-a87c-4339-a2f3-6299a3b02e29.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/f60c9f32-a87c-4339-a2f3-6299a3b02e29.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 03 Mar 2026 21:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5f:69:bb:ef:1d:6b:63:61:b7:13:83:30:39:4f:77:d2:a6:28:c8:ef
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0ee4583d84d9b4f0824cb80ba8fc1240b4794b515071e9751d
        Validity
            Not Before: Feb 17 00:10:07 2026 GMT
            Not After : May 18 23:59:59 2026 GMT
        Subject: serialNumber=5b732e1a9efc6df348fa497a4d5b4456c8ce35f7177a47f2c99ad5a3d971e022, CN=b0dbbb6a-5472-4b68-ae4d-401518603039
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:e5:96:ad:17:49:da:f1:cc:b3:7c:40:e8:0e:
                    46:6e:68:06:d8:ba:7c:c8:0f:92:17:a1:13:bf:18:
                    e2:1a:40:10:5c:1d:2d:aa:46:cf:66:8c:d5:4a:b2:
                    d9:74:34:30:2e:00:e0:75:8e:0d:6c:f0:b9:14:4e:
                    52:a3:76:f7:18:46:24:5d:0f:1c:5e:f6:a2:84:59:
                    5d:0a:f0:07:4e:3b:fe:b0:8d:f1:d4:c3:92:91:d0:
                    b6:8f:e1:38:53:8e:73:25:07:82:fe:65:ff:fc:3f:
                    fa:c3:cf:d4:01:1f:85:dd:8c:a1:cd:80:c2:59:36:
                    e4:2a:07:6d:6b:19:98:cf:a2:7f:a3:9d:59:bc:80:
                    36:e7:0f:61:32:1c:50:bc:d3:e6:16:e5:25:e9:f8:
                    a5:31:b5:94:82:e2:8a:68:dc:78:2c:81:3f:45:02:
                    91:91:e2:ff:6b:36:1b:d6:fa:61:d9:93:f1:3b:8c:
                    ef:99:02:97:15:e8:84:96:97:98:37:ca:ad:bb:44:
                    b8:e4:ff:c5:e6:2f:0a:f7:9e:f2:a8:26:d7:a8:ea:
                    3c:af:7b:40:e3:3b:68:98:a8:b3:91:1d:62:c0:2b:
                    77:6d:dd:15:2d:f5:30:64:5c:82:0b:f0:bd:da:b9:
                    e4:d9:f6:98:e1:8b:5e:96:f4:dd:a5:86:79:29:12:
                    f0:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                90:38:67:6E:39:48:94:13:5B:FD:FF:27:10:5E:F2:5C:72:67:9A:33
            X509v3 Authority Key Identifier:
                keyid:7D:84:47:C4:97:8A:0B:4C:73:9B:EB:F6:92:E2:4C:75:DD:3F:BC:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/b4e4fec5-3510-4017-90ef-8391412ecd6c/0ee4583d84d9b4f0824cb80ba8fc1240b4794b515071e9751d.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dfd7f6d3-e6e9-4987-9ae7-d052c5353898/66edf542-bd09-43ab-8640-a67a7cbe5a17.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dfd7f6d3-e6e9-4987-9ae7-d052c5353898/2bTwgky4C6j8EkC0eUtRUHHpdR0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2605:b140::/32

    Signature Algorithm: sha256WithRSAEncryption
         6d:bb:7c:bf:07:51:cf:4a:7a:a3:8d:74:3b:aa:60:ab:05:7d:
         7b:09:6b:a8:c0:8a:da:8a:0c:c7:c2:0d:a1:7f:7e:04:27:8b:
         5a:7e:d9:a9:e9:51:a4:d5:aa:1f:df:bc:7c:28:9c:b0:1f:a4:
         5b:d8:24:de:85:3d:1e:88:7e:a8:cf:02:80:6b:e5:48:97:36:
         cb:80:12:79:1c:d9:e6:bd:40:99:f1:3d:71:32:4c:b1:00:bf:
         d7:e8:f7:26:1c:82:1d:43:46:c2:75:62:0c:de:27:f2:a3:b5:
         07:03:90:0a:4c:3b:c0:14:65:5a:bb:1f:f6:a4:26:36:ac:d8:
         e2:6e:b2:35:16:d1:38:d6:a8:a8:ce:92:46:f6:7d:e1:d2:f1:
         3d:fa:13:b0:6a:a6:a5:35:b8:b0:ed:ff:b7:50:37:03:09:32:
         dc:1c:05:55:cf:b0:a7:d7:c4:b8:42:40:06:e1:a5:06:ed:7f:
         99:86:4d:68:72:0a:1c:5e:6b:3d:2b:b4:04:38:10:ba:6d:6c:
         f5:ff:ca:04:64:6d:bb:31:3a:ad:1d:23:4e:70:4b:d0:84:89:
         8a:15:29:58:13:6c:a8:dc:4b:45:88:fe:8b:a0:8b:e1:71:40:
         0d:a2:0b:62:69:e2:75:87:ec:de:2e:c2:90:cc:7a:a8:c2:15:
         c5:62:12:21
-----BEGIN CERTIFICATE-----
MIIF+TCCBOGgAwIBAgIUX2m77x1rY2G3E4MwOU930qYoyO8wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMGVlNDU4M2Q4NGQ5YjRmMDgyNGNiODBiYThmYzEyNDBi
NDc5NGI1MTUwNzFlOTc1MWQwHhcNMjYwMjE3MDAxMDA3WhcNMjYwNTE4MjM1OTU5
WjB6MUkwRwYDVQQFE0A1YjczMmUxYTllZmM2ZGYzNDhmYTQ5N2E0ZDViNDQ1NmM4
Y2UzNWY3MTc3YTQ3ZjJjOTlhZDVhM2Q5NzFlMDIyMS0wKwYDVQQDEyRiMGRiYmI2
YS01NDcyLTRiNjgtYWU0ZC00MDE1MTg2MDMwMzkwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDA5ZatF0na8cyzfEDoDkZuaAbYunzID5IXoRO/GOIaQBBc
HS2qRs9mjNVKstl0NDAuAOB1jg1s8LkUTlKjdvcYRiRdDxxe9qKEWV0K8AdOO/6w
jfHUw5KR0LaP4ThTjnMlB4L+Zf/8P/rDz9QBH4XdjKHNgMJZNuQqB21rGZjPon+j
nVm8gDbnD2EyHFC80+YW5SXp+KUxtZSC4opo3HgsgT9FApGR4v9rNhvW+mHZk/E7
jO+ZApcV6ISWl5g3yq27RLjk/8XmLwr3nvKoJteo6jyve0DjO2iYqLORHWLAK3dt
3RUt9TBkXIIL8L3aueTZ9pjhi16W9N2lhnkpEvAdAgMBAAGjggKyMIICrjAdBgNV
HQ4EFgQUkDhnbjlIlBNb/f8nEF7yXHJnmjMwHwYDVR0jBBgwFoAUfYRHxJeKC0xz
m+v2kuJMdd0/vK4wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
L2Y2MGM5ZjMyLWE4N2MtNDMzOS1hMmYzLTYyOTlhM2IwMmUyOS9iNGU0ZmVjNS0z
NTEwLTQwMTctOTBlZi04MzkxNDEyZWNkNmMvMGVlNDU4M2Q4NGQ5YjRmMDgyNGNi
ODBiYThmYzEyNDBiNDc5NGI1MTUwNzFlOTc1MWQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZGZkN2Y2ZDMtZTZlOS00OTg3LTlhZTctZDA1
MmM1MzUzODk4LzY2ZWRmNTQyLWJkMDktNDNhYi04NjQwLWE2N2E3Y2JlNWExNy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2RmZDdmNmQzLWU2ZTktNDk4Ny05YWU3
LWQwNTJjNTM1Mzg5OC8yYlR3Z2t5NEM2ajhFa0MwZVV0UlVISHBkUjAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgAC
MAcDBQAmBbFAMA0GCSqGSIb3DQEBCwUAA4IBAQBtu3y/B1HPSnqjjXQ7qmCrBX17
CWuowIraigzHwg2hf34EJ4taftmp6VGk1aof37x8KJywH6Rb2CTehT0eiH6ozwKA
a+VIlzbLgBJ5HNnmvUCZ8T1xMkyxAL/X6PcmHIIdQ0bCdWIM3ifyo7UHA5AKTDvA
FGVaux/2pCY2rNjibrI1FtE41qiozpJG9n3h0vE9+hOwaqalNbiw7f+3UDcDCTLc
HAVVz7Cn18S4QkAG4aUG7X+Zhk1ocgocXms9K7QEOBC6bWz1/8oEZG27MTqtHSNO
cEvQhImKFSlYE2yo3EtFiP6LoIvhcUANogtiaeJ1h+zeLsKQzHqowhXFYhIh
-----END CERTIFICATE-----