Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/1ee57736-539a-4e9f-8dd4-4ec06b255b5c.roa
File:                     1ee57736-539a-4e9f-8dd4-4ec06b255b5c.roa (raw, json)
Hash identifier:          Teye2Y8pgg90Ci9TeOY6sXgtQQaiAttuDf1mQkHL4z0=
Subject key identifier:   F6:9D:70:F9:91:0E:6A:32:22:34:F0:B6:8A:3D:BC:2B:17:19:2D:BF
Certificate issuer:       /CN=551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce
Certificate serial:       62C5DB7F0DCD2F37A9625BB833AA1FFB17BAC461
Authority key identifier: E8:F3:C5:20:E2:0E:F2:5D:3A:B7:A2:16:BB:14:04:31:6A:37:38:F1
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/1ee57736-539a-4e9f-8dd4-4ec06b255b5c.roa
Signing time:             Fri 13 Feb 2026 02:00:53 +0000
ROA not before:           Fri 13 Feb 2026 02:00:53 +0000
ROA not after:            Thu 14 May 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:9000:3cd2::/47 maxlen: 47
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/XnrVTgTwQuSsDp5lxW5Vx3R40s4.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/XnrVTgTwQuSsDp5lxW5Vx3R40s4.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/99f8fed2-292b-4722-b928-fee7bf0a5910.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/99f8fed2-292b-4722-b928-fee7bf0a5910.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/f60c9f32-a87c-4339-a2f3-6299a3b02e29.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/f60c9f32-a87c-4339-a2f3-6299a3b02e29.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 03 Mar 2026 21:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            62:c5:db:7f:0d:cd:2f:37:a9:62:5b:b8:33:aa:1f:fb:17:ba:c4:61
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce
        Validity
            Not Before: Feb 13 02:00:53 2026 GMT
            Not After : May 14 23:59:59 2026 GMT
        Subject: serialNumber=1a0c4918c10b080eeb78ca49b1461c4d68016059466abd328a092598dfb8705f, CN=9f230fa9-aa2f-4020-ae2a-1a60374084b8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:7a:3b:d8:c2:45:fc:72:ba:c2:67:b5:87:f7:
                    5f:f0:ca:e4:5d:4a:cd:13:75:99:df:07:1d:27:85:
                    1d:f0:c5:11:ef:d7:4b:c1:d8:41:35:6b:2e:36:2c:
                    d7:f3:8c:1a:be:5f:40:83:9b:8e:e7:35:fd:a3:d9:
                    38:f3:b5:66:0a:e7:11:19:0d:20:86:e0:76:ac:16:
                    0f:2a:ec:66:28:14:63:29:ec:67:6e:65:1c:43:ed:
                    c2:dd:51:54:ca:de:d3:f2:74:8f:24:94:81:d6:f0:
                    a5:9c:90:dd:77:af:45:b4:ac:8e:cc:7c:06:25:0e:
                    89:72:92:4c:ff:c3:2a:6e:60:2f:00:60:c9:ba:e0:
                    c4:2d:30:ea:00:a0:c1:99:db:a4:38:17:52:21:46:
                    03:a1:33:08:bd:a7:1a:10:4a:cc:be:cd:49:f4:3a:
                    f2:cb:4e:65:96:52:78:4a:24:04:3c:78:9d:2c:d7:
                    cb:de:cf:c4:64:82:ac:3e:12:58:f5:60:7b:9d:17:
                    dd:d7:a2:4e:32:98:22:ac:c5:52:e1:27:d0:1e:cf:
                    1a:bd:08:ff:00:2a:01:05:54:e2:a4:c5:b5:a7:09:
                    1c:59:ae:17:4b:8f:14:d0:f6:c5:d8:8a:f3:fe:cf:
                    7c:61:8a:75:e7:97:03:97:e5:33:73:0c:b1:ac:30:
                    c0:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F6:9D:70:F9:91:0E:6A:32:22:34:F0:B6:8A:3D:BC:2B:17:19:2D:BF
            X509v3 Authority Key Identifier:
                keyid:E8:F3:C5:20:E2:0E:F2:5D:3A:B7:A2:16:BB:14:04:31:6A:37:38:F1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/1ee57736-539a-4e9f-8dd4-4ec06b255b5c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/XnrVTgTwQuSsDp5lxW5Vx3R40s4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:9000:3cd2::/47

    Signature Algorithm: sha256WithRSAEncryption
         99:15:6e:f3:b4:0f:21:cf:d7:bb:cb:7f:ed:76:5d:b7:ea:da:
         26:82:2d:c5:27:ae:da:a4:4a:a0:7b:26:ae:e4:d0:35:7e:bb:
         ad:1c:65:fa:8d:a0:e4:c1:2e:b0:53:e5:2a:85:64:19:77:03:
         c0:86:b7:3d:c6:cc:0d:6f:af:8d:b4:86:ae:b8:7f:1f:71:0c:
         7b:32:7e:1f:6e:03:61:4e:d8:95:bf:6d:8b:0a:be:78:40:21:
         f3:82:b3:66:a6:28:ea:88:43:be:93:e6:52:60:04:57:c2:e2:
         11:9d:ce:f4:5b:91:65:55:dc:92:6e:44:96:cb:79:e9:f2:d9:
         af:cc:3c:07:7c:83:f1:15:50:7e:52:3a:9b:1e:9f:5b:2d:57:
         4b:96:a6:9e:17:6c:6f:45:1b:0f:92:d9:0e:be:10:96:dd:13:
         46:6c:50:06:84:37:31:de:71:be:f5:a3:55:de:3f:5a:8d:16:
         7d:c2:8e:16:e1:5c:ab:c6:46:3b:41:b1:86:99:99:77:dc:d9:
         e8:e7:c7:de:6a:36:67:77:13:51:18:9e:01:06:80:3b:d1:3e:
         35:ff:67:30:b7:80:4f:30:06:30:db:23:1b:36:08:32:9e:96:
         7e:12:ca:5c:ef:60:a9:ca:13:f0:07:dc:c5:36:4f:d5:0f:59:
         5d:5b:a7:80
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUYsXbfw3NLzepYlu4M6of+xe6xGEwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNTUxMjA5MDI3ZjVlN2FkNTRlMDRmMDQyZTRhYzBlOWU2
NWM1NmU1NWM3NzQ3OGQyY2UwHhcNMjYwMjEzMDIwMDUzWhcNMjYwNTE0MjM1OTU5
WjB6MUkwRwYDVQQFE0AxYTBjNDkxOGMxMGIwODBlZWI3OGNhNDliMTQ2MWM0ZDY4
MDE2MDU5NDY2YWJkMzI4YTA5MjU5OGRmYjg3MDVmMS0wKwYDVQQDEyQ5ZjIzMGZh
OS1hYTJmLTQwMjAtYWUyYS0xYTYwMzc0MDg0YjgwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDWejvYwkX8crrCZ7WH91/wyuRdSs0TdZnfBx0nhR3wxRHv
10vB2EE1ay42LNfzjBq+X0CDm47nNf2j2TjztWYK5xEZDSCG4HasFg8q7GYoFGMp
7GduZRxD7cLdUVTK3tPydI8klIHW8KWckN13r0W0rI7MfAYlDolykkz/wypuYC8A
YMm64MQtMOoAoMGZ26Q4F1IhRgOhMwi9pxoQSsy+zUn0OvLLTmWWUnhKJAQ8eJ0s
18vez8Rkgqw+Elj1YHudF93Xok4ymCKsxVLhJ9Aezxq9CP8AKgEFVOKkxbWnCRxZ
rhdLjxTQ9sXYivP+z3xhinXnlwOX5TNzDLGsMMCnAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQU9p1w+ZEOajIiNPC2ij28KxcZLb8wHwYDVR0jBBgwFoAU6PPFIOIO8l06
t6IWuxQEMWo3OPEwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
L2Y2MGM5ZjMyLWE4N2MtNDMzOS1hMmYzLTYyOTlhM2IwMmUyOS85OWY4ZmVkMi0y
OTJiLTQ3MjItYjkyOC1mZWU3YmYwYTU5MTAvNTUxMjA5MDI3ZjVlN2FkNTRlMDRm
MDQyZTRhYzBlOWU2NWM1NmU1NWM3NzQ3OGQyY2UuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZTc1MThhZjUtYTM0My00MjhkLWJmNzgtZjk4
MmI2ZTYwNTA1LzFlZTU3NzM2LTUzOWEtNGU5Zi04ZGQ0LTRlYzA2YjI1NWI1Yy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2U3NTE4YWY1LWEzNDMtNDI4ZC1iZjc4
LWY5ODJiNmU2MDUwNS9YbnJWVGdUd1F1U3NEcDVseFc1VngzUjQwczQuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwEmAJAAPNIwDQYJKoZIhvcNAQELBQADggEBAJkVbvO0DyHP17vLf+12Xbfq
2iaCLcUnrtqkSqB7Jq7k0DV+u60cZfqNoOTBLrBT5SqFZBl3A8CGtz3GzA1vr420
hq64fx9xDHsyfh9uA2FO2JW/bYsKvnhAIfOCs2amKOqIQ76T5lJgBFfC4hGdzvRb
kWVV3JJuRJbLeeny2a/MPAd8g/EVUH5SOpsen1stV0uWpp4XbG9FGw+S2Q6+EJbd
E0ZsUAaENzHecb71o1XeP1qNFn3CjhbhXKvGRjtBsYaZmXfc2ejnx95qNmd3E1EY
ngEGgDvRPjX/ZzC3gE8wBjDbIxs2CDKeln4SylzvYKnKE/AH3MU2T9UPWV1bp4A=
-----END CERTIFICATE-----