Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/1cd45df2-5b12-4252-84ab-afd54fb0596a.roa
File:                     1cd45df2-5b12-4252-84ab-afd54fb0596a.roa (raw, json)
Hash identifier:          wmu3N1MnYqZsKCHDw8RoJg5/zP5Khlt752TNLLJHXC0=
Subject key identifier:   56:78:B0:4A:4F:38:6E:2F:50:AC:FC:AF:1B:83:A1:3D:22:7E:09:26
Certificate issuer:       /CN=551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce
Certificate serial:       2F6AA370C9ADE908364DABD0E9C435933234F37B
Authority key identifier: E8:F3:C5:20:E2:0E:F2:5D:3A:B7:A2:16:BB:14:04:31:6A:37:38:F1
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/1cd45df2-5b12-4252-84ab-afd54fb0596a.roa
Signing time:             Fri 13 Feb 2026 13:21:26 +0000
ROA not before:           Fri 13 Feb 2026 13:21:26 +0000
ROA not after:            Thu 14 May 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:9000:2c8c::/46 maxlen: 46
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/XnrVTgTwQuSsDp5lxW5Vx3R40s4.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/XnrVTgTwQuSsDp5lxW5Vx3R40s4.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/99f8fed2-292b-4722-b928-fee7bf0a5910.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/99f8fed2-292b-4722-b928-fee7bf0a5910.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/f60c9f32-a87c-4339-a2f3-6299a3b02e29.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/f60c9f32-a87c-4339-a2f3-6299a3b02e29.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 03 Mar 2026 21:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2f:6a:a3:70:c9:ad:e9:08:36:4d:ab:d0:e9:c4:35:93:32:34:f3:7b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce
        Validity
            Not Before: Feb 13 13:21:26 2026 GMT
            Not After : May 14 23:59:59 2026 GMT
        Subject: serialNumber=3f32fb661460407f61480914c85fa591cc63d0aab526742fe81ea46fb337830e, CN=9f230fa9-aa2f-4020-ae2a-1a60374084b8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:d8:b2:74:f0:97:e7:1e:38:e6:56:fc:a8:01:
                    90:4e:13:96:43:8c:0f:01:a7:93:f1:8a:80:20:09:
                    a1:e5:b3:c2:02:65:26:2f:ec:e3:21:8b:2d:ca:fe:
                    89:0f:b9:62:c3:c5:08:7c:37:35:79:22:80:1c:6e:
                    5c:12:52:1f:2d:cd:79:9f:a9:f7:36:34:bb:17:a3:
                    42:3b:70:16:5f:ec:1f:6e:81:27:a8:ad:82:b2:eb:
                    9a:21:62:d8:13:94:25:e7:2e:8f:d3:e6:a8:a5:fe:
                    71:43:68:e3:c9:60:19:b8:44:7d:8b:8f:5e:e2:40:
                    5b:3a:98:cf:ea:e8:84:0d:90:53:e6:57:9c:d3:31:
                    14:11:47:2b:98:bc:fc:92:28:96:26:86:04:d0:63:
                    e8:ed:8f:28:73:64:c6:2b:82:2a:2e:c2:40:af:e9:
                    45:09:8e:14:52:4a:de:0f:da:14:d9:af:00:a9:2d:
                    12:db:3f:e5:7c:30:9a:8e:0f:31:d3:23:fb:87:44:
                    21:5e:8b:49:90:e7:2a:81:ac:ed:fb:49:28:d5:01:
                    58:79:4a:3b:cc:2a:b6:f5:1e:5b:62:4a:7e:c5:fb:
                    02:13:41:4c:90:17:29:5f:fe:7d:78:43:14:61:e9:
                    b8:bd:59:36:5b:f3:05:c8:be:12:3e:3e:22:f8:81:
                    a1:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                56:78:B0:4A:4F:38:6E:2F:50:AC:FC:AF:1B:83:A1:3D:22:7E:09:26
            X509v3 Authority Key Identifier:
                keyid:E8:F3:C5:20:E2:0E:F2:5D:3A:B7:A2:16:BB:14:04:31:6A:37:38:F1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/1cd45df2-5b12-4252-84ab-afd54fb0596a.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/XnrVTgTwQuSsDp5lxW5Vx3R40s4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:9000:2c8c::/46

    Signature Algorithm: sha256WithRSAEncryption
         92:ee:54:70:22:67:83:97:78:cc:b0:17:9f:60:20:52:d7:c6:
         b4:20:cd:dd:6b:d7:87:52:9c:de:4b:86:08:cd:d8:cb:45:76:
         45:51:41:ec:f8:97:b2:76:96:63:71:54:61:0b:a8:78:92:59:
         47:25:5d:6a:11:10:73:99:db:43:51:75:c9:b8:d9:ef:53:27:
         42:9c:f1:b2:46:09:10:6f:83:81:a0:cb:dd:70:fc:10:90:b4:
         39:3d:14:b0:52:5b:5e:95:db:b4:26:39:58:4b:87:84:be:78:
         d5:ae:8f:b6:a0:87:fe:d6:74:80:06:32:28:0e:d8:2d:ca:33:
         bb:52:61:d8:72:28:7e:39:3a:8f:b9:4b:29:59:5c:00:b4:52:
         bf:d3:87:f2:01:ba:79:9a:30:06:e9:3c:09:8c:44:8a:d1:96:
         c7:c1:66:95:f5:0c:6a:64:7d:95:22:20:00:5a:40:39:cb:3e:
         9a:b7:53:8b:eb:e3:5f:20:54:29:d0:ef:5c:70:2b:9c:75:06:
         ae:55:ee:1c:14:65:07:2b:e4:2d:a1:fa:8f:1f:b2:4d:30:4d:
         10:da:93:66:66:cf:75:ea:8a:02:2c:02:f2:61:1c:d2:25:e3:
         9e:6b:e5:77:78:31:91:f2:f2:f2:ac:67:68:19:6a:13:56:a2:
         47:f8:02:08
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUL2qjcMmt6Qg2TavQ6cQ1kzI083swDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNTUxMjA5MDI3ZjVlN2FkNTRlMDRmMDQyZTRhYzBlOWU2
NWM1NmU1NWM3NzQ3OGQyY2UwHhcNMjYwMjEzMTMyMTI2WhcNMjYwNTE0MjM1OTU5
WjB6MUkwRwYDVQQFE0AzZjMyZmI2NjE0NjA0MDdmNjE0ODA5MTRjODVmYTU5MWNj
NjNkMGFhYjUyNjc0MmZlODFlYTQ2ZmIzMzc4MzBlMS0wKwYDVQQDEyQ5ZjIzMGZh
OS1hYTJmLTQwMjAtYWUyYS0xYTYwMzc0MDg0YjgwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC82LJ08JfnHjjmVvyoAZBOE5ZDjA8Bp5PxioAgCaHls8IC
ZSYv7OMhiy3K/okPuWLDxQh8NzV5IoAcblwSUh8tzXmfqfc2NLsXo0I7cBZf7B9u
gSeorYKy65ohYtgTlCXnLo/T5qil/nFDaOPJYBm4RH2Lj17iQFs6mM/q6IQNkFPm
V5zTMRQRRyuYvPySKJYmhgTQY+jtjyhzZMYrgiouwkCv6UUJjhRSSt4P2hTZrwCp
LRLbP+V8MJqODzHTI/uHRCFei0mQ5yqBrO37SSjVAVh5SjvMKrb1HltiSn7F+wIT
QUyQFylf/n14QxRh6bi9WTZb8wXIvhI+PiL4gaGlAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUVniwSk84bi9QrPyvG4OhPSJ+CSYwHwYDVR0jBBgwFoAU6PPFIOIO8l06
t6IWuxQEMWo3OPEwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
L2Y2MGM5ZjMyLWE4N2MtNDMzOS1hMmYzLTYyOTlhM2IwMmUyOS85OWY4ZmVkMi0y
OTJiLTQ3MjItYjkyOC1mZWU3YmYwYTU5MTAvNTUxMjA5MDI3ZjVlN2FkNTRlMDRm
MDQyZTRhYzBlOWU2NWM1NmU1NWM3NzQ3OGQyY2UuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZTc1MThhZjUtYTM0My00MjhkLWJmNzgtZjk4
MmI2ZTYwNTA1LzFjZDQ1ZGYyLTViMTItNDI1Mi04NGFiLWFmZDU0ZmIwNTk2YS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2U3NTE4YWY1LWEzNDMtNDI4ZC1iZjc4
LWY5ODJiNmU2MDUwNS9YbnJWVGdUd1F1U3NEcDVseFc1VngzUjQwczQuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwImAJAALIwwDQYJKoZIhvcNAQELBQADggEBAJLuVHAiZ4OXeMywF59gIFLX
xrQgzd1r14dSnN5LhgjN2MtFdkVRQez4l7J2lmNxVGELqHiSWUclXWoREHOZ20NR
dcm42e9TJ0Kc8bJGCRBvg4Ggy91w/BCQtDk9FLBSW16V27QmOVhLh4S+eNWuj7ag
h/7WdIAGMigO2C3KM7tSYdhyKH45Oo+5SylZXAC0Ur/Th/IBunmaMAbpPAmMRIrR
lsfBZpX1DGpkfZUiIABaQDnLPpq3U4vr418gVCnQ71xwK5x1Bq5V7hwUZQcr5C2h
+o8fsk0wTRDak2Zmz3XqigIsAvJhHNIl455r5Xd4MZHy8vKsZ2gZahNWokf4Agg=
-----END CERTIFICATE-----
Generated at Sun Mar 1 22:14:48 2026 by rpki-client