Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/470405d8-1807-43a0-9860-deef62b50d3b.roa
File:                     470405d8-1807-43a0-9860-deef62b50d3b.roa (raw, json)
Hash identifier:          hPw9UGYlRNLyi2pVvqJZ3Z+nmqQBpfIDtzs/fNWAsQM=
Subject key identifier:   3B:39:50:F8:00:29:7B:90:E8:4A:48:F6:97:F4:41:34:E1:3A:80:8F
Certificate issuer:       /CN=551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce
Certificate serial:       14B0E0631FCAFE8757DD9F09C0A8A85C158CFFF8
Authority key identifier: E8:F3:C5:20:E2:0E:F2:5D:3A:B7:A2:16:BB:14:04:31:6A:37:38:F1
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/470405d8-1807-43a0-9860-deef62b50d3b.roa
Signing time:             Thu 12 Feb 2026 01:51:52 +0000
ROA not before:           Thu 12 Feb 2026 01:51:52 +0000
ROA not after:            Wed 13 May 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:9000:2aa8::/47 maxlen: 47
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/XnrVTgTwQuSsDp5lxW5Vx3R40s4.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/XnrVTgTwQuSsDp5lxW5Vx3R40s4.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/99f8fed2-292b-4722-b928-fee7bf0a5910.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/99f8fed2-292b-4722-b928-fee7bf0a5910.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/f60c9f32-a87c-4339-a2f3-6299a3b02e29.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/f60c9f32-a87c-4339-a2f3-6299a3b02e29.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 03 Mar 2026 21:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            14:b0:e0:63:1f:ca:fe:87:57:dd:9f:09:c0:a8:a8:5c:15:8c:ff:f8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce
        Validity
            Not Before: Feb 12 01:51:52 2026 GMT
            Not After : May 13 23:59:59 2026 GMT
        Subject: serialNumber=17e2b2d7bbfde35b519b8281aa53798df1015383ba85adde6258a4e8ccd063d9, CN=9f230fa9-aa2f-4020-ae2a-1a60374084b8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:dd:0f:f1:6a:f1:96:57:bd:5d:33:28:65:26:
                    84:74:40:df:79:ed:93:07:2b:1f:5b:b5:d9:df:89:
                    b7:cd:d2:42:81:da:44:48:6e:63:21:3f:3d:fa:4a:
                    39:bc:67:b3:1f:8d:e4:61:ae:93:20:7e:96:45:3f:
                    6e:d3:b6:87:94:e7:5e:b2:30:ef:f0:8c:b4:1c:19:
                    63:80:63:89:c8:b3:67:e7:0d:3a:2e:ce:dc:13:82:
                    8d:70:ac:f6:22:18:32:f5:6f:d2:9b:6d:73:96:f3:
                    5a:35:ae:f0:e8:47:b1:08:d5:21:5b:35:32:13:d6:
                    11:0b:c4:58:e7:b8:ac:23:9e:3d:d7:aa:0a:dc:c4:
                    12:d1:ab:4d:39:91:41:f6:6e:cd:b1:02:19:0d:70:
                    a3:5e:06:88:b0:e8:90:4f:49:8c:3b:85:57:8f:91:
                    7c:07:3f:d3:d8:0c:b3:01:43:d2:43:bd:17:59:ff:
                    ed:83:6f:9d:c6:c2:b2:c6:aa:4a:f0:38:6f:d7:a6:
                    05:0a:ee:81:7d:4e:13:44:54:96:46:53:c4:31:ea:
                    24:11:c4:84:01:9a:bb:03:91:a6:91:4f:5d:05:0a:
                    be:ee:1e:3e:6c:e3:4c:f0:98:e1:1d:42:38:e0:f9:
                    b4:3e:c6:e1:58:e2:32:62:b7:b9:a8:da:f6:3a:6c:
                    80:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3B:39:50:F8:00:29:7B:90:E8:4A:48:F6:97:F4:41:34:E1:3A:80:8F
            X509v3 Authority Key Identifier:
                keyid:E8:F3:C5:20:E2:0E:F2:5D:3A:B7:A2:16:BB:14:04:31:6A:37:38:F1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/470405d8-1807-43a0-9860-deef62b50d3b.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/XnrVTgTwQuSsDp5lxW5Vx3R40s4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:9000:2aa8::/47

    Signature Algorithm: sha256WithRSAEncryption
         b2:d1:61:aa:e3:88:e7:e7:ac:8b:fe:22:ab:b4:e3:3f:26:55:
         40:6d:6b:01:c1:f5:8e:a9:92:31:44:62:1f:9f:97:dc:69:23:
         a1:50:82:fe:95:3f:83:80:10:60:07:e5:54:3a:68:6d:df:5a:
         2a:7e:56:9a:e1:bf:ef:76:ff:43:95:ba:02:1b:ae:4b:ff:31:
         6b:af:03:91:6e:6d:a7:f2:cf:97:ff:16:88:38:71:71:42:eb:
         73:6d:d7:bd:e3:9d:9a:15:b2:12:3a:0b:e3:fc:a9:19:89:b3:
         29:95:d5:e3:6d:56:bc:64:df:1b:f1:d0:95:2d:9b:75:d5:51:
         62:f7:97:24:f1:e3:1e:ae:35:3a:e8:2a:50:49:85:d5:5d:26:
         2e:2d:52:61:2c:3d:6e:37:21:00:01:73:66:32:1b:7a:82:eb:
         88:88:dd:a1:bd:48:44:bd:eb:0c:a9:76:39:10:8f:c6:88:8c:
         61:15:07:73:55:da:8c:3a:69:c0:f9:1b:da:b1:73:a3:bf:f7:
         f6:fa:bb:3e:03:19:d4:dc:28:1d:f4:b6:7a:8c:13:ab:56:ad:
         5c:2f:4d:7b:dd:76:12:38:e3:08:7c:4a:b9:91:b7:42:52:c3:
         c9:74:a5:3e:7d:a7:de:6d:ec:dd:85:83:ab:bb:ec:5b:3a:de:
         c7:e2:33:ad
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUFLDgYx/K/odX3Z8JwKioXBWM//gwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNTUxMjA5MDI3ZjVlN2FkNTRlMDRmMDQyZTRhYzBlOWU2
NWM1NmU1NWM3NzQ3OGQyY2UwHhcNMjYwMjEyMDE1MTUyWhcNMjYwNTEzMjM1OTU5
WjB6MUkwRwYDVQQFE0AxN2UyYjJkN2JiZmRlMzViNTE5YjgyODFhYTUzNzk4ZGYx
MDE1MzgzYmE4NWFkZGU2MjU4YTRlOGNjZDA2M2Q5MS0wKwYDVQQDEyQ5ZjIzMGZh
OS1hYTJmLTQwMjAtYWUyYS0xYTYwMzc0MDg0YjgwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCx3Q/xavGWV71dMyhlJoR0QN957ZMHKx9btdnfibfN0kKB
2kRIbmMhPz36Sjm8Z7MfjeRhrpMgfpZFP27TtoeU516yMO/wjLQcGWOAY4nIs2fn
DTouztwTgo1wrPYiGDL1b9KbbXOW81o1rvDoR7EI1SFbNTIT1hELxFjnuKwjnj3X
qgrcxBLRq005kUH2bs2xAhkNcKNeBoiw6JBPSYw7hVePkXwHP9PYDLMBQ9JDvRdZ
/+2Db53GwrLGqkrwOG/XpgUK7oF9ThNEVJZGU8Qx6iQRxIQBmrsDkaaRT10FCr7u
Hj5s40zwmOEdQjjg+bQ+xuFY4jJit7mo2vY6bICjAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUOzlQ+AApe5DoSkj2l/RBNOE6gI8wHwYDVR0jBBgwFoAU6PPFIOIO8l06
t6IWuxQEMWo3OPEwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
L2Y2MGM5ZjMyLWE4N2MtNDMzOS1hMmYzLTYyOTlhM2IwMmUyOS85OWY4ZmVkMi0y
OTJiLTQ3MjItYjkyOC1mZWU3YmYwYTU5MTAvNTUxMjA5MDI3ZjVlN2FkNTRlMDRm
MDQyZTRhYzBlOWU2NWM1NmU1NWM3NzQ3OGQyY2UuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZTc1MThhZjUtYTM0My00MjhkLWJmNzgtZjk4
MmI2ZTYwNTA1LzQ3MDQwNWQ4LTE4MDctNDNhMC05ODYwLWRlZWY2MmI1MGQzYi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2U3NTE4YWY1LWEzNDMtNDI4ZC1iZjc4
LWY5ODJiNmU2MDUwNS9YbnJWVGdUd1F1U3NEcDVseFc1VngzUjQwczQuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwEmAJAAKqgwDQYJKoZIhvcNAQELBQADggEBALLRYarjiOfnrIv+Iqu04z8m
VUBtawHB9Y6pkjFEYh+fl9xpI6FQgv6VP4OAEGAH5VQ6aG3fWip+Vprhv+92/0OV
ugIbrkv/MWuvA5Fubafyz5f/Fog4cXFC63Nt173jnZoVshI6C+P8qRmJsymV1eNt
Vrxk3xvx0JUtm3XVUWL3lyTx4x6uNTroKlBJhdVdJi4tUmEsPW43IQABc2YyG3qC
64iI3aG9SES96wypdjkQj8aIjGEVB3NV2ow6acD5G9qxc6O/9/b6uz4DGdTcKB30
tnqME6tWrVwvTXvddhI44wh8SrmRt0JSw8l0pT59p95t7N2Fg6u77Fs63sfiM60=
-----END CERTIFICATE-----
Generated at Sun Mar 1 22:24:41 2026 by rpki-client