Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/4406d065-cc1a-4ae8-a860-3a0481d554af.roa
File:                     4406d065-cc1a-4ae8-a860-3a0481d554af.roa (raw, json)
Hash identifier:          djsj4lxkzZsLThvfXbwJJO0Ok1RgDIrRV5rQ4Uu+JAo=
Subject key identifier:   5C:A6:30:66:B1:E9:E7:68:8C:7A:B9:73:0E:0A:85:B4:5C:71:4F:0C
Certificate issuer:       /CN=551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce
Certificate serial:       63943E0D9C81C1397ADBEAC5FB702B70E8C4EBC9
Authority key identifier: E8:F3:C5:20:E2:0E:F2:5D:3A:B7:A2:16:BB:14:04:31:6A:37:38:F1
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/4406d065-cc1a-4ae8-a860-3a0481d554af.roa
Signing time:             Fri 13 Feb 2026 07:21:53 +0000
ROA not before:           Fri 13 Feb 2026 07:21:53 +0000
ROA not after:            Thu 14 May 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:9000:33f2::/47 maxlen: 47
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/XnrVTgTwQuSsDp5lxW5Vx3R40s4.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/XnrVTgTwQuSsDp5lxW5Vx3R40s4.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/99f8fed2-292b-4722-b928-fee7bf0a5910.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/99f8fed2-292b-4722-b928-fee7bf0a5910.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/f60c9f32-a87c-4339-a2f3-6299a3b02e29.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/f60c9f32-a87c-4339-a2f3-6299a3b02e29.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 03 Mar 2026 21:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            63:94:3e:0d:9c:81:c1:39:7a:db:ea:c5:fb:70:2b:70:e8:c4:eb:c9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce
        Validity
            Not Before: Feb 13 07:21:53 2026 GMT
            Not After : May 14 23:59:59 2026 GMT
        Subject: serialNumber=002095c6ccd7f5a6cc366d55e92c6b0c320743802fb55554c7fe0a778bc42391, CN=9f230fa9-aa2f-4020-ae2a-1a60374084b8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:bd:2b:4a:ee:7b:93:c7:12:c8:a2:90:8b:ff:
                    e8:cf:da:6c:76:0a:53:6c:8e:5f:ca:22:84:82:08:
                    23:30:f6:32:0c:2a:17:5c:12:f6:e6:ef:be:6a:62:
                    fb:ce:ca:82:19:ed:44:cb:55:59:aa:f5:f4:29:55:
                    02:5a:8d:46:be:21:a1:36:6c:15:49:f7:d6:9d:92:
                    f4:21:62:57:0e:8b:c8:60:1d:ea:20:18:d3:93:76:
                    63:4c:eb:61:ad:50:95:72:86:bb:0e:d4:b7:79:9e:
                    a0:2a:73:b5:99:e1:78:a4:d4:db:e6:48:0d:c2:d0:
                    c3:7b:92:e3:0a:46:5a:66:74:48:33:f4:5a:30:dc:
                    b7:89:16:df:11:88:07:49:a1:a4:5e:07:d0:78:72:
                    90:2d:62:01:82:3c:0d:d9:73:7f:e5:bd:b5:6c:a5:
                    0c:5f:44:eb:75:38:80:45:83:66:4b:c8:4b:a6:28:
                    84:c4:80:e2:1e:3c:cb:fc:49:9a:6a:5a:3b:a2:d1:
                    25:b1:12:73:c4:f8:f1:f4:75:6c:e4:c2:e0:13:09:
                    fd:65:9b:40:92:2f:19:ff:c0:7b:38:59:a6:c1:8a:
                    4f:92:55:14:01:92:c5:f1:18:4c:b9:68:79:cf:6f:
                    eb:8a:e7:bf:1c:b8:9b:7f:11:96:e4:2b:51:63:54:
                    76:af
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5C:A6:30:66:B1:E9:E7:68:8C:7A:B9:73:0E:0A:85:B4:5C:71:4F:0C
            X509v3 Authority Key Identifier:
                keyid:E8:F3:C5:20:E2:0E:F2:5D:3A:B7:A2:16:BB:14:04:31:6A:37:38:F1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/4406d065-cc1a-4ae8-a860-3a0481d554af.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/XnrVTgTwQuSsDp5lxW5Vx3R40s4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:9000:33f2::/47

    Signature Algorithm: sha256WithRSAEncryption
         b4:49:12:64:a9:01:4e:2f:c5:93:6e:99:26:56:75:df:37:73:
         1d:d3:9f:0e:a1:1e:dd:18:f7:81:7f:45:36:70:70:df:d9:df:
         52:ee:8f:7e:c3:1e:37:0f:41:6d:0a:fe:f6:5a:f6:17:6a:1a:
         e0:bf:53:12:48:91:0f:18:01:81:f6:f3:d2:69:57:79:9f:98:
         6b:53:04:b8:8b:a0:64:d2:0e:d6:c3:e8:b0:27:e1:97:fc:95:
         7f:fa:57:77:13:63:93:5f:08:a7:cc:70:7c:af:86:69:6d:bd:
         dd:98:86:c5:4e:04:b8:33:6d:24:0b:80:1a:ca:9e:59:ee:f0:
         03:db:6e:c1:92:f8:28:44:9f:e9:9c:0e:29:fd:5f:9b:db:d8:
         ce:47:a6:9f:fe:5c:66:b5:6e:42:dd:58:87:e6:51:8c:79:fa:
         5a:95:88:92:0c:9a:16:1e:1e:5a:66:54:72:80:d3:4b:d8:16:
         2d:68:8e:1e:b6:e7:f3:3a:bf:be:34:6c:c9:eb:90:b7:ad:25:
         78:3a:a4:a0:28:79:c2:cc:8e:6c:94:3d:a4:23:a1:9a:f5:8b:
         64:0d:dd:30:0d:4a:3f:2e:68:34:78:3e:ee:47:0c:c9:68:63:
         22:36:f2:ad:25:d5:13:86:9d:f1:2a:82:67:a2:c9:43:61:70:
         09:9d:22:a3
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUY5Q+DZyBwTl62+rF+3ArcOjE68kwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNTUxMjA5MDI3ZjVlN2FkNTRlMDRmMDQyZTRhYzBlOWU2
NWM1NmU1NWM3NzQ3OGQyY2UwHhcNMjYwMjEzMDcyMTUzWhcNMjYwNTE0MjM1OTU5
WjB6MUkwRwYDVQQFE0AwMDIwOTVjNmNjZDdmNWE2Y2MzNjZkNTVlOTJjNmIwYzMy
MDc0MzgwMmZiNTU1NTRjN2ZlMGE3NzhiYzQyMzkxMS0wKwYDVQQDEyQ5ZjIzMGZh
OS1hYTJmLTQwMjAtYWUyYS0xYTYwMzc0MDg0YjgwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC4vStK7nuTxxLIopCL/+jP2mx2ClNsjl/KIoSCCCMw9jIM
KhdcEvbm775qYvvOyoIZ7UTLVVmq9fQpVQJajUa+IaE2bBVJ99adkvQhYlcOi8hg
HeogGNOTdmNM62GtUJVyhrsO1Ld5nqAqc7WZ4Xik1NvmSA3C0MN7kuMKRlpmdEgz
9Fow3LeJFt8RiAdJoaReB9B4cpAtYgGCPA3Zc3/lvbVspQxfROt1OIBFg2ZLyEum
KITEgOIePMv8SZpqWjui0SWxEnPE+PH0dWzkwuATCf1lm0CSLxn/wHs4WabBik+S
VRQBksXxGEy5aHnPb+uK578cuJt/EZbkK1FjVHavAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUXKYwZrHp52iMerlzDgqFtFxxTwwwHwYDVR0jBBgwFoAU6PPFIOIO8l06
t6IWuxQEMWo3OPEwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
L2Y2MGM5ZjMyLWE4N2MtNDMzOS1hMmYzLTYyOTlhM2IwMmUyOS85OWY4ZmVkMi0y
OTJiLTQ3MjItYjkyOC1mZWU3YmYwYTU5MTAvNTUxMjA5MDI3ZjVlN2FkNTRlMDRm
MDQyZTRhYzBlOWU2NWM1NmU1NWM3NzQ3OGQyY2UuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZTc1MThhZjUtYTM0My00MjhkLWJmNzgtZjk4
MmI2ZTYwNTA1LzQ0MDZkMDY1LWNjMWEtNGFlOC1hODYwLTNhMDQ4MWQ1NTRhZi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2U3NTE4YWY1LWEzNDMtNDI4ZC1iZjc4
LWY5ODJiNmU2MDUwNS9YbnJWVGdUd1F1U3NEcDVseFc1VngzUjQwczQuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwEmAJAAM/IwDQYJKoZIhvcNAQELBQADggEBALRJEmSpAU4vxZNumSZWdd83
cx3Tnw6hHt0Y94F/RTZwcN/Z31Luj37DHjcPQW0K/vZa9hdqGuC/UxJIkQ8YAYH2
89JpV3mfmGtTBLiLoGTSDtbD6LAn4Zf8lX/6V3cTY5NfCKfMcHyvhmltvd2YhsVO
BLgzbSQLgBrKnlnu8APbbsGS+ChEn+mcDin9X5vb2M5Hpp/+XGa1bkLdWIfmUYx5
+lqViJIMmhYeHlpmVHKA00vYFi1ojh625/M6v740bMnrkLetJXg6pKAoecLMjmyU
PaQjoZr1i2QN3TANSj8uaDR4Pu5HDMloYyI28q0l1ROGnfEqgmeiyUNhcAmdIqM=
-----END CERTIFICATE-----