Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/1c53f083-e781-42f5-819e-5a86e7bdf537.roa
File:                     1c53f083-e781-42f5-819e-5a86e7bdf537.roa (raw, json)
Hash identifier:          xHrEW+6E0GRq3XPxlaK+/PYDA9PFJA+8AMvrfevxPNw=
Subject key identifier:   A4:C0:37:D5:A4:51:35:99:45:5C:AC:C8:1C:CA:B2:AE:74:8F:19:A1
Certificate issuer:       /CN=551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce
Certificate serial:       2B3CA62BCB85C60F43E66C85CBD0C2DB01D84FC1
Authority key identifier: E8:F3:C5:20:E2:0E:F2:5D:3A:B7:A2:16:BB:14:04:31:6A:37:38:F1
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/1c53f083-e781-42f5-819e-5a86e7bdf537.roa
Signing time:             Thu 12 Feb 2026 03:21:41 +0000
ROA not before:           Thu 12 Feb 2026 03:21:41 +0000
ROA not after:            Wed 13 May 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:9000:32b4::/47 maxlen: 47
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/XnrVTgTwQuSsDp5lxW5Vx3R40s4.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/XnrVTgTwQuSsDp5lxW5Vx3R40s4.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/99f8fed2-292b-4722-b928-fee7bf0a5910.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/99f8fed2-292b-4722-b928-fee7bf0a5910.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/f60c9f32-a87c-4339-a2f3-6299a3b02e29.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/f60c9f32-a87c-4339-a2f3-6299a3b02e29.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 03 Mar 2026 21:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2b:3c:a6:2b:cb:85:c6:0f:43:e6:6c:85:cb:d0:c2:db:01:d8:4f:c1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce
        Validity
            Not Before: Feb 12 03:21:41 2026 GMT
            Not After : May 13 23:59:59 2026 GMT
        Subject: serialNumber=d4d75278da367b8f208ce50f69beb8fe4f92788ee49d33473e1bfdafb643b6bf, CN=9f230fa9-aa2f-4020-ae2a-1a60374084b8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:77:ac:30:57:70:f7:d1:18:29:ff:ba:71:1b:
                    d2:43:c5:73:28:35:e5:b4:fc:5c:c5:7e:fd:0f:ec:
                    4d:24:98:90:0f:2a:8f:ca:ef:b2:56:04:4b:84:ae:
                    b9:a2:45:cc:ef:05:1b:16:c5:0d:31:f1:94:58:41:
                    ed:27:a2:11:f4:69:e2:13:08:61:80:1c:d6:26:da:
                    ca:1b:80:9e:1d:7a:7c:37:b9:36:fa:27:5f:3e:5b:
                    aa:49:8a:bc:71:85:73:50:3e:d1:f4:c6:b4:2f:4e:
                    3e:10:fe:b2:e0:46:5a:cc:cf:6b:27:82:c2:38:12:
                    26:6f:ba:11:f8:53:ad:37:12:db:27:f2:45:89:50:
                    cc:07:89:04:47:96:2d:88:6c:18:ac:e3:07:d4:a4:
                    3c:3d:e7:45:d7:d2:31:92:60:c2:81:db:af:92:82:
                    8b:d1:06:9e:a4:23:d3:2a:ca:b1:11:9a:c6:f6:c6:
                    7f:23:5d:77:2f:04:65:97:9e:bd:5d:15:95:8f:7b:
                    45:b9:a1:13:ae:81:d6:20:cb:bd:ee:f0:d2:09:e4:
                    df:48:d6:4d:2b:1f:db:1b:c4:56:aa:de:39:44:93:
                    29:e6:d8:1a:3e:2d:19:4d:8b:2d:29:69:f1:20:f9:
                    8b:af:d2:55:1d:9b:40:5d:4e:22:26:5b:ab:81:e5:
                    9c:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A4:C0:37:D5:A4:51:35:99:45:5C:AC:C8:1C:CA:B2:AE:74:8F:19:A1
            X509v3 Authority Key Identifier:
                keyid:E8:F3:C5:20:E2:0E:F2:5D:3A:B7:A2:16:BB:14:04:31:6A:37:38:F1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/1c53f083-e781-42f5-819e-5a86e7bdf537.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/XnrVTgTwQuSsDp5lxW5Vx3R40s4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:9000:32b4::/47

    Signature Algorithm: sha256WithRSAEncryption
         88:d3:7a:bf:ab:7c:84:6e:30:07:a3:0d:15:c0:22:19:fd:d0:
         8b:0d:a8:7d:11:3f:70:16:ee:82:82:83:cd:b3:41:49:c3:cc:
         8e:3e:c8:2b:c2:5b:df:34:27:27:dc:b4:44:27:d2:7e:2e:34:
         dc:69:fe:09:32:24:d9:f0:eb:c3:4a:e8:38:56:17:3c:74:06:
         34:da:d0:7c:02:17:8c:5f:c7:fa:0e:12:d4:de:df:65:a1:51:
         4a:5b:c6:26:ee:0a:bf:1b:8f:a2:2c:b8:df:2a:11:a5:0e:77:
         45:91:d4:75:30:ed:16:43:6c:a3:77:d3:00:15:91:09:bd:d9:
         09:49:59:06:fe:d1:b4:d9:f6:01:83:52:43:22:d5:22:12:4a:
         ea:c3:6f:00:69:74:88:ff:bb:ec:40:8f:25:65:c9:3c:00:22:
         10:7d:69:ae:ba:95:11:e9:74:6f:fb:b9:c5:a3:00:04:66:93:
         b2:43:9d:16:56:48:65:15:e1:10:98:cd:77:70:3f:06:80:f5:
         c9:00:ba:00:d1:e7:7e:eb:16:4e:0c:55:75:b5:7a:46:2a:6b:
         dd:bf:d8:a2:8e:e6:7b:51:bc:0b:69:4b:83:bc:1a:9e:1b:28:
         c1:9d:53:35:ec:bc:6b:88:bd:ce:09:e3:2a:c2:55:ae:63:d5:
         4a:6f:c4:aa
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUKzymK8uFxg9D5myFy9DC2wHYT8EwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNTUxMjA5MDI3ZjVlN2FkNTRlMDRmMDQyZTRhYzBlOWU2
NWM1NmU1NWM3NzQ3OGQyY2UwHhcNMjYwMjEyMDMyMTQxWhcNMjYwNTEzMjM1OTU5
WjB6MUkwRwYDVQQFE0BkNGQ3NTI3OGRhMzY3YjhmMjA4Y2U1MGY2OWJlYjhmZTRm
OTI3ODhlZTQ5ZDMzNDczZTFiZmRhZmI2NDNiNmJmMS0wKwYDVQQDEyQ5ZjIzMGZh
OS1hYTJmLTQwMjAtYWUyYS0xYTYwMzc0MDg0YjgwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCsd6wwV3D30Rgp/7pxG9JDxXMoNeW0/FzFfv0P7E0kmJAP
Ko/K77JWBEuErrmiRczvBRsWxQ0x8ZRYQe0nohH0aeITCGGAHNYm2sobgJ4denw3
uTb6J18+W6pJirxxhXNQPtH0xrQvTj4Q/rLgRlrMz2sngsI4EiZvuhH4U603Etsn
8kWJUMwHiQRHli2IbBis4wfUpDw950XX0jGSYMKB26+SgovRBp6kI9MqyrERmsb2
xn8jXXcvBGWXnr1dFZWPe0W5oROugdYgy73u8NIJ5N9I1k0rH9sbxFaq3jlEkynm
2Bo+LRlNiy0pafEg+Yuv0lUdm0BdTiImW6uB5ZyTAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUpMA31aRRNZlFXKzIHMqyrnSPGaEwHwYDVR0jBBgwFoAU6PPFIOIO8l06
t6IWuxQEMWo3OPEwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
L2Y2MGM5ZjMyLWE4N2MtNDMzOS1hMmYzLTYyOTlhM2IwMmUyOS85OWY4ZmVkMi0y
OTJiLTQ3MjItYjkyOC1mZWU3YmYwYTU5MTAvNTUxMjA5MDI3ZjVlN2FkNTRlMDRm
MDQyZTRhYzBlOWU2NWM1NmU1NWM3NzQ3OGQyY2UuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZTc1MThhZjUtYTM0My00MjhkLWJmNzgtZjk4
MmI2ZTYwNTA1LzFjNTNmMDgzLWU3ODEtNDJmNS04MTllLTVhODZlN2JkZjUzNy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2U3NTE4YWY1LWEzNDMtNDI4ZC1iZjc4
LWY5ODJiNmU2MDUwNS9YbnJWVGdUd1F1U3NEcDVseFc1VngzUjQwczQuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwEmAJAAMrQwDQYJKoZIhvcNAQELBQADggEBAIjTer+rfIRuMAejDRXAIhn9
0IsNqH0RP3AW7oKCg82zQUnDzI4+yCvCW980JyfctEQn0n4uNNxp/gkyJNnw68NK
6DhWFzx0BjTa0HwCF4xfx/oOEtTe32WhUUpbxibuCr8bj6IsuN8qEaUOd0WR1HUw
7RZDbKN30wAVkQm92QlJWQb+0bTZ9gGDUkMi1SISSurDbwBpdIj/u+xAjyVlyTwA
IhB9aa66lRHpdG/7ucWjAARmk7JDnRZWSGUV4RCYzXdwPwaA9ckAugDR537rFk4M
VXW1ekYqa92/2KKO5ntRvAtpS4O8Gp4bKMGdUzXsvGuIvc4J4yrCVa5j1UpvxKo=
-----END CERTIFICATE-----