Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/4107f04a-eeeb-4c9f-bbd4-999d121a036d.roa
File:                     4107f04a-eeeb-4c9f-bbd4-999d121a036d.roa (raw, json)
Hash identifier:          ST5et15NQTljBtXQP3y+nwZOxMn3qnDUtC/eunwNbf8=
Subject key identifier:   11:18:BC:1D:9F:23:0C:0C:A8:49:3D:33:CE:EA:13:54:74:C9:38:C1
Certificate issuer:       /CN=551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce
Certificate serial:       3EE04D01C8283894293315C4F42F9BF78ED8F520
Authority key identifier: E8:F3:C5:20:E2:0E:F2:5D:3A:B7:A2:16:BB:14:04:31:6A:37:38:F1
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/4107f04a-eeeb-4c9f-bbd4-999d121a036d.roa
Signing time:             Fri 13 Feb 2026 02:10:13 +0000
ROA not before:           Fri 13 Feb 2026 02:10:13 +0000
ROA not after:            Thu 14 May 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:9000:29c8::/45 maxlen: 45
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/XnrVTgTwQuSsDp5lxW5Vx3R40s4.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/XnrVTgTwQuSsDp5lxW5Vx3R40s4.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/99f8fed2-292b-4722-b928-fee7bf0a5910.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/99f8fed2-292b-4722-b928-fee7bf0a5910.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/f60c9f32-a87c-4339-a2f3-6299a3b02e29.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/f60c9f32-a87c-4339-a2f3-6299a3b02e29.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 03 Mar 2026 21:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3e:e0:4d:01:c8:28:38:94:29:33:15:c4:f4:2f:9b:f7:8e:d8:f5:20
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce
        Validity
            Not Before: Feb 13 02:10:13 2026 GMT
            Not After : May 14 23:59:59 2026 GMT
        Subject: serialNumber=4700efb436dbf78f2a624ced65271b533a4648ac220bf2a422ef7623c8f98b7f, CN=9f230fa9-aa2f-4020-ae2a-1a60374084b8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:74:b8:74:d0:12:ee:9f:d0:5f:30:9a:59:03:
                    2a:6a:ed:eb:2b:1f:ba:eb:aa:af:21:f0:49:99:50:
                    dd:0f:f8:a1:06:42:69:85:a7:c9:1b:9b:d4:18:5e:
                    69:a7:2c:93:d1:1c:5c:28:73:3e:97:5d:1b:22:bb:
                    9a:02:64:97:7e:a1:c2:0a:ae:65:3a:a6:2e:ca:db:
                    b2:5d:1d:d7:cb:65:57:e5:bb:ae:99:92:15:93:71:
                    49:15:d9:10:ce:c5:01:b1:16:a6:16:96:47:f7:8b:
                    02:f7:7b:8d:d8:87:83:45:69:36:b3:19:7d:30:74:
                    92:de:64:24:f8:33:8e:1a:35:af:fd:51:d2:08:a2:
                    59:50:aa:67:6c:68:48:82:c5:f5:7b:0e:71:f4:10:
                    dd:02:d6:67:89:7c:6b:7c:3e:36:4b:19:d1:ed:d6:
                    22:04:c7:90:c4:c6:2c:ac:23:91:6a:82:77:67:a2:
                    25:89:af:bb:14:d3:00:35:94:2b:98:ab:ba:0b:da:
                    4c:2f:75:bb:5c:ea:14:0c:2c:c8:fa:de:a8:26:fb:
                    c9:00:6e:7a:0d:c7:16:0b:b9:57:d1:02:35:e1:16:
                    e0:76:8b:90:61:d5:8f:19:21:fb:41:f2:de:9b:b5:
                    de:79:79:ec:a6:f9:31:44:07:56:aa:46:01:4b:b9:
                    78:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                11:18:BC:1D:9F:23:0C:0C:A8:49:3D:33:CE:EA:13:54:74:C9:38:C1
            X509v3 Authority Key Identifier:
                keyid:E8:F3:C5:20:E2:0E:F2:5D:3A:B7:A2:16:BB:14:04:31:6A:37:38:F1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/4107f04a-eeeb-4c9f-bbd4-999d121a036d.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/XnrVTgTwQuSsDp5lxW5Vx3R40s4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:9000:29c8::/45

    Signature Algorithm: sha256WithRSAEncryption
         26:02:00:1d:f4:af:e2:71:44:dc:b3:61:f1:3d:a5:4f:78:9a:
         23:30:1e:24:4f:ed:12:89:dd:28:4f:7d:1b:9b:55:13:d9:d2:
         47:0e:88:e8:2e:a4:d5:72:8a:95:73:79:8c:e8:2e:65:86:f5:
         e4:c8:7a:0b:cb:2b:f5:c9:1d:75:35:6c:fb:c8:91:01:70:95:
         40:40:68:d2:4c:fa:b8:00:9f:55:91:19:b5:d8:2b:c9:3a:05:
         76:b5:ee:66:63:ad:26:c7:de:ce:bc:6f:af:f3:56:27:b9:1f:
         c3:ef:57:96:65:8c:5d:2b:14:30:c6:69:21:6f:39:91:2e:da:
         d2:7f:d5:fa:78:03:65:8e:b8:7a:cb:37:af:de:58:43:55:cf:
         7f:51:3f:28:bd:c1:d9:ae:9b:0b:29:16:45:60:18:d1:79:a8:
         08:a8:f2:aa:47:ee:af:91:49:ab:bc:ac:d6:7e:1b:c7:9a:dc:
         9f:08:95:0a:91:c5:ee:f4:97:99:90:79:db:cb:5c:8f:d7:38:
         2f:8b:48:a0:eb:6a:74:d0:18:40:89:f1:6f:60:fc:29:ad:2c:
         26:7e:81:c1:c8:fd:2f:4b:63:3e:7c:f9:2f:93:61:59:d8:a5:
         91:e5:04:e3:62:ac:b9:b4:d6:27:8d:6d:a9:79:ef:e1:a9:ef:
         14:49:1f:c8
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUPuBNAcgoOJQpMxXE9C+b947Y9SAwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNTUxMjA5MDI3ZjVlN2FkNTRlMDRmMDQyZTRhYzBlOWU2
NWM1NmU1NWM3NzQ3OGQyY2UwHhcNMjYwMjEzMDIxMDEzWhcNMjYwNTE0MjM1OTU5
WjB6MUkwRwYDVQQFE0A0NzAwZWZiNDM2ZGJmNzhmMmE2MjRjZWQ2NTI3MWI1MzNh
NDY0OGFjMjIwYmYyYTQyMmVmNzYyM2M4Zjk4YjdmMS0wKwYDVQQDEyQ5ZjIzMGZh
OS1hYTJmLTQwMjAtYWUyYS0xYTYwMzc0MDg0YjgwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCjdLh00BLun9BfMJpZAypq7esrH7rrqq8h8EmZUN0P+KEG
QmmFp8kbm9QYXmmnLJPRHFwocz6XXRsiu5oCZJd+ocIKrmU6pi7K27JdHdfLZVfl
u66ZkhWTcUkV2RDOxQGxFqYWlkf3iwL3e43Yh4NFaTazGX0wdJLeZCT4M44aNa/9
UdIIollQqmdsaEiCxfV7DnH0EN0C1meJfGt8PjZLGdHt1iIEx5DExiysI5Fqgndn
oiWJr7sU0wA1lCuYq7oL2kwvdbtc6hQMLMj63qgm+8kAbnoNxxYLuVfRAjXhFuB2
i5Bh1Y8ZIftB8t6btd55eeym+TFEB1aqRgFLuXgZAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUERi8HZ8jDAyoST0zzuoTVHTJOMEwHwYDVR0jBBgwFoAU6PPFIOIO8l06
t6IWuxQEMWo3OPEwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
L2Y2MGM5ZjMyLWE4N2MtNDMzOS1hMmYzLTYyOTlhM2IwMmUyOS85OWY4ZmVkMi0y
OTJiLTQ3MjItYjkyOC1mZWU3YmYwYTU5MTAvNTUxMjA5MDI3ZjVlN2FkNTRlMDRm
MDQyZTRhYzBlOWU2NWM1NmU1NWM3NzQ3OGQyY2UuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZTc1MThhZjUtYTM0My00MjhkLWJmNzgtZjk4
MmI2ZTYwNTA1LzQxMDdmMDRhLWVlZWItNGM5Zi1iYmQ0LTk5OWQxMjFhMDM2ZC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2U3NTE4YWY1LWEzNDMtNDI4ZC1iZjc4
LWY5ODJiNmU2MDUwNS9YbnJWVGdUd1F1U3NEcDVseFc1VngzUjQwczQuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwMmAJAAKcgwDQYJKoZIhvcNAQELBQADggEBACYCAB30r+JxRNyzYfE9pU94
miMwHiRP7RKJ3ShPfRubVRPZ0kcOiOgupNVyipVzeYzoLmWG9eTIegvLK/XJHXU1
bPvIkQFwlUBAaNJM+rgAn1WRGbXYK8k6BXa17mZjrSbH3s68b6/zVie5H8PvV5Zl
jF0rFDDGaSFvOZEu2tJ/1fp4A2WOuHrLN6/eWENVz39RPyi9wdmumwspFkVgGNF5
qAio8qpH7q+RSau8rNZ+G8ea3J8IlQqRxe70l5mQedvLXI/XOC+LSKDranTQGECJ
8W9g/CmtLCZ+gcHI/S9LYz58+S+TYVnYpZHlBONirLm01ieNbal57+Gp7xRJH8g=
-----END CERTIFICATE-----