Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/66c1aa02-bd40-4e8d-b18b-2428b500a010.roa
File:                     66c1aa02-bd40-4e8d-b18b-2428b500a010.roa (raw, json)
Hash identifier:          +qwycrTapq/bmcsLz4bMVwUYeNfvsSYPB2YwUbuTFMo=
Subject key identifier:   FF:13:58:29:EC:4B:E4:F9:5F:A5:1D:0D:D0:93:8A:05:53:9B:6F:CC
Certificate issuer:       /CN=551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce
Certificate serial:       67117AA0DA50221BFEE23EE1AEF957C5F14EEBE7
Authority key identifier: E8:F3:C5:20:E2:0E:F2:5D:3A:B7:A2:16:BB:14:04:31:6A:37:38:F1
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/66c1aa02-bd40-4e8d-b18b-2428b500a010.roa
Signing time:             Thu 12 Feb 2026 00:31:54 +0000
ROA not before:           Thu 12 Feb 2026 00:31:54 +0000
ROA not after:            Wed 13 May 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:9000:2d70::/47 maxlen: 47
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/XnrVTgTwQuSsDp5lxW5Vx3R40s4.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/XnrVTgTwQuSsDp5lxW5Vx3R40s4.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/99f8fed2-292b-4722-b928-fee7bf0a5910.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/99f8fed2-292b-4722-b928-fee7bf0a5910.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/f60c9f32-a87c-4339-a2f3-6299a3b02e29.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/f60c9f32-a87c-4339-a2f3-6299a3b02e29.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 03 Mar 2026 21:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            67:11:7a:a0:da:50:22:1b:fe:e2:3e:e1:ae:f9:57:c5:f1:4e:eb:e7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce
        Validity
            Not Before: Feb 12 00:31:54 2026 GMT
            Not After : May 13 23:59:59 2026 GMT
        Subject: serialNumber=152915d8a8a02178cb7e09d389a27b117752c4b9c14087feb98ab4a59f2b5cb2, CN=9f230fa9-aa2f-4020-ae2a-1a60374084b8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:fa:c0:ae:bf:b7:2a:0c:06:1c:c9:32:a7:98:
                    b6:83:cd:d6:0f:91:01:72:77:95:a8:a6:2b:b0:ad:
                    b3:47:be:a3:a0:a5:b8:c1:5c:f0:ef:5c:90:ec:e1:
                    20:b8:a3:9a:97:e1:d0:40:8b:3d:cc:2c:16:76:28:
                    c2:38:03:d0:66:42:90:a1:ab:cb:e1:e9:b6:95:10:
                    1a:d5:74:7e:da:c4:6d:15:cd:48:56:6f:64:30:a0:
                    2e:e9:42:da:02:39:28:1f:e2:5e:74:86:f0:fa:bf:
                    8a:80:86:71:39:89:69:74:e1:5f:06:78:b8:63:cd:
                    e2:fb:e1:b2:8a:e9:22:0a:b2:39:8f:82:a5:0a:44:
                    fc:ba:ea:e7:1f:e3:cd:5b:40:2e:5a:79:2e:98:02:
                    a6:96:43:50:1b:3e:26:2a:46:05:4c:34:b8:a2:67:
                    5b:75:84:9e:13:fa:f9:c2:a8:ca:2a:5c:59:fd:21:
                    7d:97:44:03:5a:4c:ad:df:b3:df:8e:79:e9:33:43:
                    09:0f:5a:1b:19:59:95:50:76:76:35:d7:6c:a3:6d:
                    af:59:f0:bf:ec:40:cd:8b:3c:9e:2d:8d:81:94:4c:
                    74:0f:a1:d4:3d:ba:a0:60:95:8e:c8:5d:3d:38:6b:
                    26:a2:29:84:b1:7f:93:93:cc:e0:8f:10:49:f1:56:
                    7b:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FF:13:58:29:EC:4B:E4:F9:5F:A5:1D:0D:D0:93:8A:05:53:9B:6F:CC
            X509v3 Authority Key Identifier:
                keyid:E8:F3:C5:20:E2:0E:F2:5D:3A:B7:A2:16:BB:14:04:31:6A:37:38:F1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/66c1aa02-bd40-4e8d-b18b-2428b500a010.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/XnrVTgTwQuSsDp5lxW5Vx3R40s4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:9000:2d70::/47

    Signature Algorithm: sha256WithRSAEncryption
         67:dc:65:9c:f5:2e:89:c0:f1:2f:d5:1f:d9:9b:02:94:a1:4f:
         98:15:2e:6a:5e:31:a9:fc:d4:cf:76:6b:a3:4d:d0:4e:24:39:
         60:38:92:94:e5:9b:02:b2:90:fb:10:c9:80:db:8d:bc:d5:0b:
         8b:9d:df:35:09:5f:18:f9:87:16:59:0d:ae:b8:1e:bc:19:ee:
         cc:5d:3e:0d:0e:ae:46:ec:a1:9a:bb:79:f3:71:36:0f:68:95:
         68:83:63:dc:e1:38:7a:ee:a4:a0:19:bb:8e:b2:ba:66:23:5a:
         90:fb:88:a3:d0:11:36:62:53:6f:1a:c4:9f:4a:4a:65:d2:66:
         86:db:d2:c3:be:e4:21:e2:f3:bb:7b:db:12:9e:63:1f:90:e1:
         27:03:32:f8:24:92:08:5f:ef:59:15:6d:18:69:f1:43:bf:42:
         c7:3b:4c:27:fd:7d:52:5d:37:94:04:3f:6f:08:2e:92:fa:bb:
         dc:18:6f:f0:e4:05:76:19:fe:77:4f:05:dd:7b:ab:b8:f4:ce:
         0b:f0:ac:71:62:6c:e9:64:ae:42:d6:3a:e0:a1:2b:b9:13:0a:
         f0:47:c8:5d:cf:d2:be:a9:01:fc:4c:9e:4f:b6:5a:59:84:f9:
         f5:53:87:5f:4b:f0:7d:f9:2c:12:fb:df:a4:df:6f:f7:6f:ff:
         75:b2:61:06
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUZxF6oNpQIhv+4j7hrvlXxfFO6+cwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNTUxMjA5MDI3ZjVlN2FkNTRlMDRmMDQyZTRhYzBlOWU2
NWM1NmU1NWM3NzQ3OGQyY2UwHhcNMjYwMjEyMDAzMTU0WhcNMjYwNTEzMjM1OTU5
WjB6MUkwRwYDVQQFE0AxNTI5MTVkOGE4YTAyMTc4Y2I3ZTA5ZDM4OWEyN2IxMTc3
NTJjNGI5YzE0MDg3ZmViOThhYjRhNTlmMmI1Y2IyMS0wKwYDVQQDEyQ5ZjIzMGZh
OS1hYTJmLTQwMjAtYWUyYS0xYTYwMzc0MDg0YjgwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDQ+sCuv7cqDAYcyTKnmLaDzdYPkQFyd5WopiuwrbNHvqOg
pbjBXPDvXJDs4SC4o5qX4dBAiz3MLBZ2KMI4A9BmQpChq8vh6baVEBrVdH7axG0V
zUhWb2QwoC7pQtoCOSgf4l50hvD6v4qAhnE5iWl04V8GeLhjzeL74bKK6SIKsjmP
gqUKRPy66ucf481bQC5aeS6YAqaWQ1AbPiYqRgVMNLiiZ1t1hJ4T+vnCqMoqXFn9
IX2XRANaTK3fs9+OeekzQwkPWhsZWZVQdnY112yjba9Z8L/sQM2LPJ4tjYGUTHQP
odQ9uqBglY7IXT04ayaiKYSxf5OTzOCPEEnxVntjAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQU/xNYKexL5PlfpR0N0JOKBVObb8wwHwYDVR0jBBgwFoAU6PPFIOIO8l06
t6IWuxQEMWo3OPEwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
L2Y2MGM5ZjMyLWE4N2MtNDMzOS1hMmYzLTYyOTlhM2IwMmUyOS85OWY4ZmVkMi0y
OTJiLTQ3MjItYjkyOC1mZWU3YmYwYTU5MTAvNTUxMjA5MDI3ZjVlN2FkNTRlMDRm
MDQyZTRhYzBlOWU2NWM1NmU1NWM3NzQ3OGQyY2UuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZTc1MThhZjUtYTM0My00MjhkLWJmNzgtZjk4
MmI2ZTYwNTA1LzY2YzFhYTAyLWJkNDAtNGU4ZC1iMThiLTI0MjhiNTAwYTAxMC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2U3NTE4YWY1LWEzNDMtNDI4ZC1iZjc4
LWY5ODJiNmU2MDUwNS9YbnJWVGdUd1F1U3NEcDVseFc1VngzUjQwczQuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwEmAJAALXAwDQYJKoZIhvcNAQELBQADggEBAGfcZZz1LonA8S/VH9mbApSh
T5gVLmpeMan81M92a6NN0E4kOWA4kpTlmwKykPsQyYDbjbzVC4ud3zUJXxj5hxZZ
Da64HrwZ7sxdPg0OrkbsoZq7efNxNg9olWiDY9zhOHrupKAZu46yumYjWpD7iKPQ
ETZiU28axJ9KSmXSZobb0sO+5CHi87t72xKeYx+Q4ScDMvgkkghf71kVbRhp8UO/
Qsc7TCf9fVJdN5QEP28ILpL6u9wYb/DkBXYZ/ndPBd17q7j0zgvwrHFibOlkrkLW
OuChK7kTCvBHyF3P0r6pAfxMnk+2WlmE+fVTh19L8H35LBL736Tfb/dv/3WyYQY=
-----END CERTIFICATE-----