Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/6185c540-11db-46e2-a246-1b3da16bdb61.roa
File:                     6185c540-11db-46e2-a246-1b3da16bdb61.roa (raw, json)
Hash identifier:          rzGDdszQmTYf5FkHDxJUy7mj1XaRuMI6grECfUK5rME=
Subject key identifier:   CA:41:FA:06:3D:91:90:05:3B:A3:C7:D2:B2:8E:89:D7:A2:73:EB:5D
Certificate issuer:       /CN=551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce
Certificate serial:       7D9CD8EE6527BC6E65EDADE049378C1BCD3E4C24
Authority key identifier: E8:F3:C5:20:E2:0E:F2:5D:3A:B7:A2:16:BB:14:04:31:6A:37:38:F1
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/6185c540-11db-46e2-a246-1b3da16bdb61.roa
Signing time:             Fri 13 Feb 2026 09:00:54 +0000
ROA not before:           Fri 13 Feb 2026 09:00:54 +0000
ROA not after:            Thu 14 May 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:9000:2c10::/44 maxlen: 44
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/XnrVTgTwQuSsDp5lxW5Vx3R40s4.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/XnrVTgTwQuSsDp5lxW5Vx3R40s4.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/99f8fed2-292b-4722-b928-fee7bf0a5910.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/99f8fed2-292b-4722-b928-fee7bf0a5910.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/f60c9f32-a87c-4339-a2f3-6299a3b02e29.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/f60c9f32-a87c-4339-a2f3-6299a3b02e29.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 03 Mar 2026 21:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7d:9c:d8:ee:65:27:bc:6e:65:ed:ad:e0:49:37:8c:1b:cd:3e:4c:24
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce
        Validity
            Not Before: Feb 13 09:00:54 2026 GMT
            Not After : May 14 23:59:59 2026 GMT
        Subject: serialNumber=aa903f9a65bdbd6b56f58477abe7653a4c659d8ce6f296d44afb4f6e49864a84, CN=9f230fa9-aa2f-4020-ae2a-1a60374084b8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:17:1e:34:33:f6:71:63:a5:03:34:e3:de:cb:
                    5c:45:7b:b0:2a:a2:ce:48:5d:27:8a:ae:44:a0:93:
                    bd:5e:42:31:05:61:d2:42:4f:d8:f9:87:90:56:98:
                    d1:72:b3:3f:f5:27:04:60:71:97:27:f1:af:d0:8c:
                    2f:ef:89:59:3d:c3:0e:8c:1f:64:b9:b1:b7:d8:da:
                    75:0e:2b:1a:6c:8c:46:f9:10:45:2c:14:d7:27:91:
                    59:2f:1e:7d:8c:7e:48:56:61:cc:2d:72:50:06:b3:
                    cd:f0:a0:20:e1:37:39:65:57:98:05:78:d9:5a:3c:
                    8a:56:7c:8b:2f:6f:28:48:0d:62:68:ec:66:02:bf:
                    e6:ff:3b:2e:2a:06:b3:89:0c:e9:34:7f:fd:9c:97:
                    5e:ea:78:a3:a8:51:fb:db:bf:0b:18:e1:f6:90:9b:
                    1e:1b:25:7c:87:3a:79:22:e1:74:f1:11:22:f1:0e:
                    76:5d:c5:f5:26:94:e0:81:aa:2a:a2:f2:84:5e:80:
                    2b:e4:18:58:e1:ac:16:88:11:8d:98:5a:e3:7c:e1:
                    f3:0c:32:c0:bf:a8:79:15:20:91:4c:40:a1:b0:dd:
                    84:fb:0f:5e:f3:39:2d:57:ae:89:9a:dd:ea:f9:53:
                    2d:cc:e9:a6:e1:a1:e4:3f:81:81:10:e9:eb:95:30:
                    f3:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CA:41:FA:06:3D:91:90:05:3B:A3:C7:D2:B2:8E:89:D7:A2:73:EB:5D
            X509v3 Authority Key Identifier:
                keyid:E8:F3:C5:20:E2:0E:F2:5D:3A:B7:A2:16:BB:14:04:31:6A:37:38:F1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/6185c540-11db-46e2-a246-1b3da16bdb61.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/XnrVTgTwQuSsDp5lxW5Vx3R40s4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:9000:2c10::/44

    Signature Algorithm: sha256WithRSAEncryption
         71:15:be:df:48:36:00:9e:70:31:d7:3b:b0:15:6c:a8:c0:71:
         ea:48:3b:74:08:06:f2:f8:3d:b4:91:fe:cc:99:c3:b7:21:3d:
         b6:7b:62:77:e0:32:c8:40:bc:e7:ae:a5:6a:20:56:a6:21:8d:
         a6:61:02:8a:9d:45:89:ae:17:c0:fb:90:40:4c:b7:4c:b8:44:
         6f:a3:e2:0a:b5:c5:94:83:df:68:cb:14:70:5d:09:12:b4:05:
         6f:e4:92:48:bd:b2:11:2c:dd:54:cf:f9:d4:27:e3:9a:91:b4:
         6f:8e:97:a2:80:f4:a4:04:af:ba:90:67:5a:cc:86:01:31:32:
         9e:ef:7b:86:40:07:bd:56:5d:2a:52:d8:0a:63:48:49:3f:b3:
         50:01:a7:3f:37:e6:1b:f8:2c:60:70:d3:31:58:e1:36:a6:4e:
         fc:a5:e0:0d:9c:ca:1d:3a:23:bc:1c:0f:d7:f8:ce:ef:e2:5c:
         d2:79:8e:4f:ea:cf:b9:4d:3b:32:26:f5:5d:af:c6:d7:2d:5b:
         81:22:40:93:45:2b:37:11:d5:f6:40:24:73:d3:3e:c1:f1:d2:
         91:59:76:a5:3e:c8:63:18:bf:01:b8:68:5b:97:36:df:5a:e6:
         b6:cb:8b:7b:e8:55:fe:dd:cb:04:ac:9a:cb:8e:5b:a7:30:4a:
         d3:79:4c:f4
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUfZzY7mUnvG5l7a3gSTeMG80+TCQwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNTUxMjA5MDI3ZjVlN2FkNTRlMDRmMDQyZTRhYzBlOWU2
NWM1NmU1NWM3NzQ3OGQyY2UwHhcNMjYwMjEzMDkwMDU0WhcNMjYwNTE0MjM1OTU5
WjB6MUkwRwYDVQQFE0BhYTkwM2Y5YTY1YmRiZDZiNTZmNTg0NzdhYmU3NjUzYTRj
NjU5ZDhjZTZmMjk2ZDQ0YWZiNGY2ZTQ5ODY0YTg0MS0wKwYDVQQDEyQ5ZjIzMGZh
OS1hYTJmLTQwMjAtYWUyYS0xYTYwMzc0MDg0YjgwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCSFx40M/ZxY6UDNOPey1xFe7Aqos5IXSeKrkSgk71eQjEF
YdJCT9j5h5BWmNFysz/1JwRgcZcn8a/QjC/viVk9ww6MH2S5sbfY2nUOKxpsjEb5
EEUsFNcnkVkvHn2MfkhWYcwtclAGs83woCDhNzllV5gFeNlaPIpWfIsvbyhIDWJo
7GYCv+b/Oy4qBrOJDOk0f/2cl17qeKOoUfvbvwsY4faQmx4bJXyHOnki4XTxESLx
DnZdxfUmlOCBqiqi8oRegCvkGFjhrBaIEY2YWuN84fMMMsC/qHkVIJFMQKGw3YT7
D17zOS1Xroma3er5Uy3M6abhoeQ/gYEQ6euVMPP3AgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUykH6Bj2RkAU7o8fSso6J16Jz610wHwYDVR0jBBgwFoAU6PPFIOIO8l06
t6IWuxQEMWo3OPEwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
L2Y2MGM5ZjMyLWE4N2MtNDMzOS1hMmYzLTYyOTlhM2IwMmUyOS85OWY4ZmVkMi0y
OTJiLTQ3MjItYjkyOC1mZWU3YmYwYTU5MTAvNTUxMjA5MDI3ZjVlN2FkNTRlMDRm
MDQyZTRhYzBlOWU2NWM1NmU1NWM3NzQ3OGQyY2UuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZTc1MThhZjUtYTM0My00MjhkLWJmNzgtZjk4
MmI2ZTYwNTA1LzYxODVjNTQwLTExZGItNDZlMi1hMjQ2LTFiM2RhMTZiZGI2MS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2U3NTE4YWY1LWEzNDMtNDI4ZC1iZjc4
LWY5ODJiNmU2MDUwNS9YbnJWVGdUd1F1U3NEcDVseFc1VngzUjQwczQuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwQmAJAALBAwDQYJKoZIhvcNAQELBQADggEBAHEVvt9INgCecDHXO7AVbKjA
cepIO3QIBvL4PbSR/syZw7chPbZ7YnfgMshAvOeupWogVqYhjaZhAoqdRYmuF8D7
kEBMt0y4RG+j4gq1xZSD32jLFHBdCRK0BW/kkki9shEs3VTP+dQn45qRtG+Ol6KA
9KQEr7qQZ1rMhgExMp7ve4ZAB71WXSpS2ApjSEk/s1ABpz835hv4LGBw0zFY4Tam
Tvyl4A2cyh06I7wcD9f4zu/iXNJ5jk/qz7lNOzIm9V2vxtctW4EiQJNFKzcR1fZA
JHPTPsHx0pFZdqU+yGMYvwG4aFuXNt9a5rbLi3voVf7dywSsmsuOW6cwStN5TPQ=
-----END CERTIFICATE-----