Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/515dc9ad-18de-4cdb-bbaa-296a369e8dfa.roa
File:                     515dc9ad-18de-4cdb-bbaa-296a369e8dfa.roa (raw, json)
Hash identifier:          n8bg+hm8urhJHmXnYWGjQqJawzajnKEgBr0fJgDx6yg=
Subject key identifier:   DB:3B:FB:AD:44:48:8E:76:CF:47:CE:48:B9:EF:76:43:DE:91:88:21
Certificate issuer:       /CN=551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce
Certificate serial:       0904A1A1D46BDEBA412DF4E4137C5DC578AA2B7E
Authority key identifier: E8:F3:C5:20:E2:0E:F2:5D:3A:B7:A2:16:BB:14:04:31:6A:37:38:F1
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/515dc9ad-18de-4cdb-bbaa-296a369e8dfa.roa
Signing time:             Fri 13 Feb 2026 13:40:44 +0000
ROA not before:           Fri 13 Feb 2026 13:40:44 +0000
ROA not after:            Thu 14 May 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:9000:3760::/44 maxlen: 44
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/XnrVTgTwQuSsDp5lxW5Vx3R40s4.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/XnrVTgTwQuSsDp5lxW5Vx3R40s4.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/99f8fed2-292b-4722-b928-fee7bf0a5910.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/99f8fed2-292b-4722-b928-fee7bf0a5910.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/f60c9f32-a87c-4339-a2f3-6299a3b02e29.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/f60c9f32-a87c-4339-a2f3-6299a3b02e29.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 03 Mar 2026 21:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            09:04:a1:a1:d4:6b:de:ba:41:2d:f4:e4:13:7c:5d:c5:78:aa:2b:7e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce
        Validity
            Not Before: Feb 13 13:40:44 2026 GMT
            Not After : May 14 23:59:59 2026 GMT
        Subject: serialNumber=fa69f9b72b292dea4cbfa20e5563527e567860b0ae014bd49147abb8bd3d737f, CN=9f230fa9-aa2f-4020-ae2a-1a60374084b8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:7c:8f:e7:02:89:e9:59:9b:c9:44:89:ac:c7:
                    ec:ab:71:20:e5:59:45:02:29:14:15:ae:2a:c9:a1:
                    06:c6:bc:7a:ec:e1:5f:73:e3:04:91:22:94:30:f4:
                    47:f5:af:d6:da:9d:5a:f3:b5:43:98:ed:c4:39:cb:
                    42:3b:75:f2:e4:f3:88:cc:82:40:72:d9:73:96:f5:
                    f9:89:dd:71:f6:eb:49:52:58:a5:ab:19:40:a7:28:
                    8c:65:a4:7f:ea:c8:6f:03:d0:6c:e5:d7:7a:ea:46:
                    6e:0f:a2:e3:f3:05:bc:8e:8c:a8:ec:40:81:26:67:
                    29:5b:b2:a3:cf:f0:d2:d7:31:c0:6c:d7:21:25:eb:
                    cc:25:49:54:6d:f6:c8:b2:79:dd:37:51:78:16:ef:
                    60:f3:44:92:e3:1c:8d:c5:1b:e7:dc:87:01:16:68:
                    11:01:3c:6e:2d:9a:c1:d0:6f:1f:a7:d2:fe:4a:1b:
                    2f:43:bb:39:a7:91:66:35:ef:27:8d:5b:9a:4b:20:
                    51:10:26:93:9e:9e:32:d7:c8:e4:28:cb:cf:8b:8e:
                    59:23:00:e8:23:f5:4e:3b:a8:c5:2d:88:50:70:b5:
                    85:61:3b:12:ab:b3:44:4f:94:eb:f4:4e:be:65:99:
                    6c:9f:4b:3e:49:f0:3c:ad:22:56:64:47:a7:62:1d:
                    b7:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DB:3B:FB:AD:44:48:8E:76:CF:47:CE:48:B9:EF:76:43:DE:91:88:21
            X509v3 Authority Key Identifier:
                keyid:E8:F3:C5:20:E2:0E:F2:5D:3A:B7:A2:16:BB:14:04:31:6A:37:38:F1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/515dc9ad-18de-4cdb-bbaa-296a369e8dfa.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/XnrVTgTwQuSsDp5lxW5Vx3R40s4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:9000:3760::/44

    Signature Algorithm: sha256WithRSAEncryption
         95:84:fc:3d:28:05:b4:3f:e9:65:3a:c4:64:01:59:39:18:dc:
         f7:d8:e7:7b:f9:49:ea:63:0d:45:20:e4:fe:79:fc:6d:1f:c0:
         05:a0:08:0b:24:f1:ce:ff:d7:ae:dd:ff:29:36:55:1a:bf:77:
         a8:61:91:49:06:fb:73:33:1c:0a:07:98:74:58:13:80:6d:79:
         5d:f6:dc:81:47:18:7e:b6:5c:ec:92:96:87:08:3a:fc:04:d5:
         89:ef:eb:8b:97:6f:28:99:a3:05:c0:60:45:a5:47:54:86:4a:
         e7:0c:20:76:8f:9d:9e:4d:a5:b4:2d:e0:64:e8:05:ee:54:a1:
         df:db:39:66:95:47:fb:9f:3f:30:cc:c0:cc:d4:e9:35:eb:5f:
         ef:b7:f9:ba:48:4a:13:45:1b:9a:da:7e:31:19:ff:53:02:89:
         40:0f:34:cc:9c:87:bf:72:09:2b:4d:40:f4:17:66:50:3c:e1:
         ca:32:a0:fb:d2:df:4b:e0:0d:ab:17:e9:3e:d0:3e:33:af:e7:
         52:d4:3a:1f:6c:7a:82:7a:67:7f:c1:7e:cf:63:19:75:54:54:
         a0:12:30:b2:f8:ff:42:22:be:df:03:42:de:7f:06:9d:ef:5e:
         07:90:73:eb:e1:7c:1e:28:54:b8:91:e0:8b:7d:92:f5:7b:13:
         79:92:2b:9b
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUCQShodRr3rpBLfTkE3xdxXiqK34wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNTUxMjA5MDI3ZjVlN2FkNTRlMDRmMDQyZTRhYzBlOWU2
NWM1NmU1NWM3NzQ3OGQyY2UwHhcNMjYwMjEzMTM0MDQ0WhcNMjYwNTE0MjM1OTU5
WjB6MUkwRwYDVQQFE0BmYTY5ZjliNzJiMjkyZGVhNGNiZmEyMGU1NTYzNTI3ZTU2
Nzg2MGIwYWUwMTRiZDQ5MTQ3YWJiOGJkM2Q3MzdmMS0wKwYDVQQDEyQ5ZjIzMGZh
OS1hYTJmLTQwMjAtYWUyYS0xYTYwMzc0MDg0YjgwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDDfI/nAonpWZvJRImsx+yrcSDlWUUCKRQVrirJoQbGvHrs
4V9z4wSRIpQw9Ef1r9banVrztUOY7cQ5y0I7dfLk84jMgkBy2XOW9fmJ3XH260lS
WKWrGUCnKIxlpH/qyG8D0Gzl13rqRm4PouPzBbyOjKjsQIEmZylbsqPP8NLXMcBs
1yEl68wlSVRt9siyed03UXgW72DzRJLjHI3FG+fchwEWaBEBPG4tmsHQbx+n0v5K
Gy9DuzmnkWY17yeNW5pLIFEQJpOenjLXyOQoy8+LjlkjAOgj9U47qMUtiFBwtYVh
OxKrs0RPlOv0Tr5lmWyfSz5J8DytIlZkR6diHbcjAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQU2zv7rURIjnbPR85Iue92Q96RiCEwHwYDVR0jBBgwFoAU6PPFIOIO8l06
t6IWuxQEMWo3OPEwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
L2Y2MGM5ZjMyLWE4N2MtNDMzOS1hMmYzLTYyOTlhM2IwMmUyOS85OWY4ZmVkMi0y
OTJiLTQ3MjItYjkyOC1mZWU3YmYwYTU5MTAvNTUxMjA5MDI3ZjVlN2FkNTRlMDRm
MDQyZTRhYzBlOWU2NWM1NmU1NWM3NzQ3OGQyY2UuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZTc1MThhZjUtYTM0My00MjhkLWJmNzgtZjk4
MmI2ZTYwNTA1LzUxNWRjOWFkLTE4ZGUtNGNkYi1iYmFhLTI5NmEzNjllOGRmYS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2U3NTE4YWY1LWEzNDMtNDI4ZC1iZjc4
LWY5ODJiNmU2MDUwNS9YbnJWVGdUd1F1U3NEcDVseFc1VngzUjQwczQuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwQmAJAAN2AwDQYJKoZIhvcNAQELBQADggEBAJWE/D0oBbQ/6WU6xGQBWTkY
3PfY53v5SepjDUUg5P55/G0fwAWgCAsk8c7/167d/yk2VRq/d6hhkUkG+3MzHAoH
mHRYE4BteV323IFHGH62XOySlocIOvwE1Ynv64uXbyiZowXAYEWlR1SGSucMIHaP
nZ5NpbQt4GToBe5Uod/bOWaVR/ufPzDMwMzU6TXrX++3+bpIShNFG5rafjEZ/1MC
iUAPNMych79yCStNQPQXZlA84coyoPvS30vgDasX6T7QPjOv51LUOh9seoJ6Z3/B
fs9jGXVUVKASMLL4/0Iivt8DQt5/Bp3vXgeQc+vhfB4oVLiR4It9kvV7E3mSK5s=
-----END CERTIFICATE-----