Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/6518566b-18e5-45c5-80d1-6487492b934f.roa
File:                     6518566b-18e5-45c5-80d1-6487492b934f.roa (raw, json)
Hash identifier:          nh3v2uOkqggUPRTrPTB4ueg5YFPxD8m6HmtojpjMuxo=
Subject key identifier:   67:C2:4B:8C:18:53:5A:23:6E:2D:FB:DB:21:F4:D7:21:C7:A0:9E:9C
Certificate issuer:       /CN=551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce
Certificate serial:       7C51448BD7715E575C151B00FF84807D187152CE
Authority key identifier: E8:F3:C5:20:E2:0E:F2:5D:3A:B7:A2:16:BB:14:04:31:6A:37:38:F1
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/6518566b-18e5-45c5-80d1-6487492b934f.roa
Signing time:             Thu 12 Feb 2026 03:21:42 +0000
ROA not before:           Thu 12 Feb 2026 03:21:42 +0000
ROA not after:            Wed 13 May 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:9000:28e4::/47 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/XnrVTgTwQuSsDp5lxW5Vx3R40s4.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/XnrVTgTwQuSsDp5lxW5Vx3R40s4.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/99f8fed2-292b-4722-b928-fee7bf0a5910.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/99f8fed2-292b-4722-b928-fee7bf0a5910.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/f60c9f32-a87c-4339-a2f3-6299a3b02e29.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/f60c9f32-a87c-4339-a2f3-6299a3b02e29.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 03 Mar 2026 21:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7c:51:44:8b:d7:71:5e:57:5c:15:1b:00:ff:84:80:7d:18:71:52:ce
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce
        Validity
            Not Before: Feb 12 03:21:42 2026 GMT
            Not After : May 13 23:59:59 2026 GMT
        Subject: serialNumber=74c20aeec7aebb1cdf86e0d88f5994e2abf9cc3dc0d824384d57a2aaf8eff6c3, CN=9f230fa9-aa2f-4020-ae2a-1a60374084b8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:ff:22:2b:1d:cc:ba:ce:fc:63:7f:00:7c:a4:
                    86:a2:7b:be:46:b3:35:7e:c1:eb:b7:51:e3:4d:b7:
                    0c:ae:95:8a:f0:15:76:7c:15:d9:e2:90:8b:7e:de:
                    48:b1:ba:40:a8:c4:c4:5d:ce:e2:07:cf:cc:7b:c4:
                    d3:bc:b8:40:f5:15:74:3b:41:7c:24:fc:a5:52:18:
                    37:ad:19:47:ec:43:98:1b:a7:81:3a:ab:84:00:b7:
                    e5:10:cc:cf:bd:a6:6f:44:30:f3:56:5f:00:07:76:
                    9c:50:5e:af:97:14:da:e9:67:d6:b2:38:6e:de:39:
                    41:a8:2f:00:f4:77:d8:3a:3c:da:6f:a5:1a:f3:7a:
                    b8:31:76:87:50:01:53:4f:8f:63:70:87:69:c8:d0:
                    79:e9:32:ec:95:d5:be:72:7e:cf:c5:d2:1c:c5:3a:
                    76:ab:46:60:b7:64:63:9f:93:24:ae:6e:f9:54:27:
                    2c:57:8b:3b:83:04:d7:51:cb:28:81:80:fa:df:37:
                    1d:db:8a:6c:82:b3:f8:33:9f:0e:bc:35:44:a7:fd:
                    81:c7:e1:8c:4b:ec:27:39:e8:e1:c1:e1:d8:73:ee:
                    a8:1c:da:fd:f3:50:52:30:8f:72:2d:ab:54:11:b2:
                    ef:a2:40:3b:fc:85:f7:37:c9:8d:4c:f4:75:b1:b2:
                    d7:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                67:C2:4B:8C:18:53:5A:23:6E:2D:FB:DB:21:F4:D7:21:C7:A0:9E:9C
            X509v3 Authority Key Identifier:
                keyid:E8:F3:C5:20:E2:0E:F2:5D:3A:B7:A2:16:BB:14:04:31:6A:37:38:F1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/6518566b-18e5-45c5-80d1-6487492b934f.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/XnrVTgTwQuSsDp5lxW5Vx3R40s4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:9000:28e4::/47

    Signature Algorithm: sha256WithRSAEncryption
         80:c6:7a:d6:42:73:4a:75:7c:27:68:83:3e:33:ce:2f:ae:4b:
         83:46:1a:f4:3e:ed:af:13:68:86:80:3c:ef:78:ef:95:76:db:
         21:95:2c:35:05:c3:fb:80:ab:4d:30:96:92:a4:93:82:a6:56:
         3b:ef:6f:f9:33:0f:a0:89:00:f7:7b:99:76:b4:41:6b:28:97:
         1a:bd:de:8a:6f:5a:b1:a9:b0:81:78:f3:69:99:03:1d:00:65:
         75:d1:09:72:f4:bb:59:70:1e:9f:ef:e4:70:d3:20:e8:49:69:
         8e:e6:de:5f:d6:cd:7f:7d:a9:bf:8f:32:fc:85:ac:38:21:49:
         af:a1:ba:a2:47:65:88:56:95:f7:3f:e1:06:69:20:25:d3:8a:
         e1:29:f4:14:77:e6:35:94:cb:37:dc:72:ae:c9:53:86:88:13:
         76:d4:17:0d:f5:c5:be:0c:44:7e:62:81:c2:9a:fd:fa:91:3a:
         a9:d1:4c:19:2b:a3:cd:7f:85:a2:05:0e:8e:63:4b:0d:c6:de:
         4a:77:d9:ea:54:ac:a7:d0:ac:85:b5:68:a7:da:7c:78:cf:00:
         80:5e:ad:2c:b8:ea:31:4f:74:73:eb:ff:47:46:7c:62:5c:7f:
         8f:f9:72:09:63:0f:41:a9:3c:fc:ff:0e:9f:78:0c:29:5a:3c:
         88:75:d6:97
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUfFFEi9dxXldcFRsA/4SAfRhxUs4wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNTUxMjA5MDI3ZjVlN2FkNTRlMDRmMDQyZTRhYzBlOWU2
NWM1NmU1NWM3NzQ3OGQyY2UwHhcNMjYwMjEyMDMyMTQyWhcNMjYwNTEzMjM1OTU5
WjB6MUkwRwYDVQQFE0A3NGMyMGFlZWM3YWViYjFjZGY4NmUwZDg4ZjU5OTRlMmFi
ZjljYzNkYzBkODI0Mzg0ZDU3YTJhYWY4ZWZmNmMzMS0wKwYDVQQDEyQ5ZjIzMGZh
OS1hYTJmLTQwMjAtYWUyYS0xYTYwMzc0MDg0YjgwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCY/yIrHcy6zvxjfwB8pIaie75GszV+weu3UeNNtwyulYrw
FXZ8FdnikIt+3kixukCoxMRdzuIHz8x7xNO8uED1FXQ7QXwk/KVSGDetGUfsQ5gb
p4E6q4QAt+UQzM+9pm9EMPNWXwAHdpxQXq+XFNrpZ9ayOG7eOUGoLwD0d9g6PNpv
pRrzergxdodQAVNPj2Nwh2nI0HnpMuyV1b5yfs/F0hzFOnarRmC3ZGOfkySubvlU
JyxXizuDBNdRyyiBgPrfNx3bimyCs/gznw68NUSn/YHH4YxL7Cc56OHB4dhz7qgc
2v3zUFIwj3Itq1QRsu+iQDv8hfc3yY1M9HWxstcrAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUZ8JLjBhTWiNuLfvbIfTXIcegnpwwHwYDVR0jBBgwFoAU6PPFIOIO8l06
t6IWuxQEMWo3OPEwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
L2Y2MGM5ZjMyLWE4N2MtNDMzOS1hMmYzLTYyOTlhM2IwMmUyOS85OWY4ZmVkMi0y
OTJiLTQ3MjItYjkyOC1mZWU3YmYwYTU5MTAvNTUxMjA5MDI3ZjVlN2FkNTRlMDRm
MDQyZTRhYzBlOWU2NWM1NmU1NWM3NzQ3OGQyY2UuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZTc1MThhZjUtYTM0My00MjhkLWJmNzgtZjk4
MmI2ZTYwNTA1LzY1MTg1NjZiLTE4ZTUtNDVjNS04MGQxLTY0ODc0OTJiOTM0Zi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2U3NTE4YWY1LWEzNDMtNDI4ZC1iZjc4
LWY5ODJiNmU2MDUwNS9YbnJWVGdUd1F1U3NEcDVseFc1VngzUjQwczQuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwEmAJAAKOQwDQYJKoZIhvcNAQELBQADggEBAIDGetZCc0p1fCdogz4zzi+u
S4NGGvQ+7a8TaIaAPO9475V22yGVLDUFw/uAq00wlpKkk4KmVjvvb/kzD6CJAPd7
mXa0QWsolxq93opvWrGpsIF482mZAx0AZXXRCXL0u1lwHp/v5HDTIOhJaY7m3l/W
zX99qb+PMvyFrDghSa+huqJHZYhWlfc/4QZpICXTiuEp9BR35jWUyzfccq7JU4aI
E3bUFw31xb4MRH5igcKa/fqROqnRTBkro81/haIFDo5jSw3G3kp32epUrKfQrIW1
aKfafHjPAIBerSy46jFPdHPr/0dGfGJcf4/5cgljD0GpPPz/Dp94DClaPIh11pc=
-----END CERTIFICATE-----
Generated at Sun Mar 1 22:27:05 2026 by rpki-client