Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/68a65e6a-c8cb-43a3-ba7c-7c5cb5ad42d7.roa
File:                     68a65e6a-c8cb-43a3-ba7c-7c5cb5ad42d7.roa (raw, json)
Hash identifier:          0j6HwZAeXfrCVvG+nJaNse0jKhQFM3vF1ciKnnbrC+o=
Subject key identifier:   8C:77:9F:1C:64:96:B3:29:60:50:80:A6:0A:67:96:F2:49:2F:2B:54
Certificate issuer:       /CN=551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce
Certificate serial:       4428C04020158761CA8F8BF56BA85732F13EC4BD
Authority key identifier: E8:F3:C5:20:E2:0E:F2:5D:3A:B7:A2:16:BB:14:04:31:6A:37:38:F1
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/68a65e6a-c8cb-43a3-ba7c-7c5cb5ad42d7.roa
Signing time:             Fri 13 Feb 2026 02:40:52 +0000
ROA not before:           Fri 13 Feb 2026 02:40:52 +0000
ROA not after:            Thu 14 May 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:9000:38c8::/46 maxlen: 46
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/XnrVTgTwQuSsDp5lxW5Vx3R40s4.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/XnrVTgTwQuSsDp5lxW5Vx3R40s4.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/99f8fed2-292b-4722-b928-fee7bf0a5910.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/99f8fed2-292b-4722-b928-fee7bf0a5910.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/f60c9f32-a87c-4339-a2f3-6299a3b02e29.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/f60c9f32-a87c-4339-a2f3-6299a3b02e29.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 03 Mar 2026 21:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            44:28:c0:40:20:15:87:61:ca:8f:8b:f5:6b:a8:57:32:f1:3e:c4:bd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce
        Validity
            Not Before: Feb 13 02:40:52 2026 GMT
            Not After : May 14 23:59:59 2026 GMT
        Subject: serialNumber=183fe9d3d90374863423d21eac775959c8622d6b0803e8d3a4e06679997ffaa1, CN=9f230fa9-aa2f-4020-ae2a-1a60374084b8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:be:5e:40:78:ca:54:99:49:b9:3e:47:f2:64:
                    14:db:67:9a:34:2a:d0:a6:6b:e3:5a:00:c5:55:9b:
                    05:3d:ce:c0:78:01:31:17:84:66:6f:75:4c:fe:7d:
                    1c:a5:63:13:a6:08:18:56:8a:03:0f:a0:d4:a3:9e:
                    76:81:db:c1:62:93:ed:be:8c:49:0b:9c:ab:85:64:
                    26:c4:2c:16:6c:dc:c1:ed:79:b9:da:af:7c:47:4b:
                    8d:94:0f:97:94:86:7e:cc:5e:ea:1c:90:a3:48:b0:
                    81:ad:1a:5c:11:03:df:e4:26:9f:e0:33:5b:08:b7:
                    8b:96:6f:dd:6e:26:cb:ae:0c:8a:f9:bd:d5:0d:f3:
                    9e:0f:98:eb:54:37:0d:7d:ca:65:e1:32:41:1c:c6:
                    d9:d7:7b:16:05:91:a0:fa:92:a2:0c:f8:78:51:af:
                    42:95:85:6d:39:25:38:a8:4e:56:71:b0:ce:30:a2:
                    bf:e8:c0:47:30:23:47:82:36:1b:2a:1c:9a:63:f3:
                    b9:cb:02:cd:90:68:4e:8e:86:94:44:e1:ea:87:22:
                    be:c1:15:23:bd:41:cb:59:d7:2a:a3:2b:a7:ab:fd:
                    b2:48:86:a6:2f:9d:2b:6f:fd:50:9f:70:12:70:c7:
                    d9:df:d9:c6:4e:9d:31:47:ca:94:d4:58:5e:26:ec:
                    74:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8C:77:9F:1C:64:96:B3:29:60:50:80:A6:0A:67:96:F2:49:2F:2B:54
            X509v3 Authority Key Identifier:
                keyid:E8:F3:C5:20:E2:0E:F2:5D:3A:B7:A2:16:BB:14:04:31:6A:37:38:F1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/68a65e6a-c8cb-43a3-ba7c-7c5cb5ad42d7.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/XnrVTgTwQuSsDp5lxW5Vx3R40s4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:9000:38c8::/46

    Signature Algorithm: sha256WithRSAEncryption
         b0:99:c7:d5:d2:41:89:dc:2c:21:cb:b2:81:fc:d4:cf:29:43:
         59:de:0b:2c:6e:ae:83:20:13:75:d6:e2:97:be:fe:2b:dd:43:
         11:0e:ac:bd:82:2a:06:79:02:9c:76:29:94:2a:56:6c:c3:b3:
         e0:78:23:e1:f6:f2:d7:54:c6:e7:88:59:d4:37:8e:fa:b4:71:
         99:9e:2a:4a:18:78:27:87:91:8f:d9:42:53:0e:93:01:fe:ff:
         a8:91:b4:14:e8:49:8c:1e:70:84:21:54:25:75:19:01:36:d1:
         d2:ce:3a:4f:0b:39:bf:bc:f7:6f:59:e3:94:34:18:f8:99:5c:
         8e:c4:7c:e1:35:02:b3:68:65:9a:da:05:c1:c3:3e:9a:20:7b:
         d8:3f:6f:86:14:71:31:23:3e:61:d7:28:1c:c1:cd:76:ce:60:
         5a:aa:b8:c6:ce:7d:3e:4e:6f:b2:22:80:e8:cf:66:81:53:33:
         33:49:58:33:0b:e0:60:ab:95:bd:04:d4:54:b5:05:2d:90:26:
         0e:5a:69:09:ca:ca:b0:eb:b3:5b:e7:d4:85:c6:7d:76:d2:9d:
         83:6d:8a:62:49:c0:b5:24:11:03:c8:f0:1c:5f:b6:4b:fd:3c:
         c6:fa:7b:c8:23:9e:e8:ec:b4:0a:f3:d3:9e:d7:f0:a5:d6:16:
         84:84:c7:a8
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIURCjAQCAVh2HKj4v1a6hXMvE+xL0wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNTUxMjA5MDI3ZjVlN2FkNTRlMDRmMDQyZTRhYzBlOWU2
NWM1NmU1NWM3NzQ3OGQyY2UwHhcNMjYwMjEzMDI0MDUyWhcNMjYwNTE0MjM1OTU5
WjB6MUkwRwYDVQQFE0AxODNmZTlkM2Q5MDM3NDg2MzQyM2QyMWVhYzc3NTk1OWM4
NjIyZDZiMDgwM2U4ZDNhNGUwNjY3OTk5N2ZmYWExMS0wKwYDVQQDEyQ5ZjIzMGZh
OS1hYTJmLTQwMjAtYWUyYS0xYTYwMzc0MDg0YjgwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCzvl5AeMpUmUm5PkfyZBTbZ5o0KtCma+NaAMVVmwU9zsB4
ATEXhGZvdUz+fRylYxOmCBhWigMPoNSjnnaB28Fik+2+jEkLnKuFZCbELBZs3MHt
ebnar3xHS42UD5eUhn7MXuockKNIsIGtGlwRA9/kJp/gM1sIt4uWb91uJsuuDIr5
vdUN854PmOtUNw19ymXhMkEcxtnXexYFkaD6kqIM+HhRr0KVhW05JTioTlZxsM4w
or/owEcwI0eCNhsqHJpj87nLAs2QaE6OhpRE4eqHIr7BFSO9QctZ1yqjK6er/bJI
hqYvnStv/VCfcBJwx9nf2cZOnTFHypTUWF4m7HT5AgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUjHefHGSWsylgUICmCmeW8kkvK1QwHwYDVR0jBBgwFoAU6PPFIOIO8l06
t6IWuxQEMWo3OPEwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
L2Y2MGM5ZjMyLWE4N2MtNDMzOS1hMmYzLTYyOTlhM2IwMmUyOS85OWY4ZmVkMi0y
OTJiLTQ3MjItYjkyOC1mZWU3YmYwYTU5MTAvNTUxMjA5MDI3ZjVlN2FkNTRlMDRm
MDQyZTRhYzBlOWU2NWM1NmU1NWM3NzQ3OGQyY2UuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZTc1MThhZjUtYTM0My00MjhkLWJmNzgtZjk4
MmI2ZTYwNTA1LzY4YTY1ZTZhLWM4Y2ItNDNhMy1iYTdjLTdjNWNiNWFkNDJkNy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2U3NTE4YWY1LWEzNDMtNDI4ZC1iZjc4
LWY5ODJiNmU2MDUwNS9YbnJWVGdUd1F1U3NEcDVseFc1VngzUjQwczQuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwImAJAAOMgwDQYJKoZIhvcNAQELBQADggEBALCZx9XSQYncLCHLsoH81M8p
Q1neCyxuroMgE3XW4pe+/ivdQxEOrL2CKgZ5Apx2KZQqVmzDs+B4I+H28tdUxueI
WdQ3jvq0cZmeKkoYeCeHkY/ZQlMOkwH+/6iRtBToSYwecIQhVCV1GQE20dLOOk8L
Ob+8929Z45Q0GPiZXI7EfOE1ArNoZZraBcHDPpoge9g/b4YUcTEjPmHXKBzBzXbO
YFqquMbOfT5Ob7IigOjPZoFTMzNJWDML4GCrlb0E1FS1BS2QJg5aaQnKyrDrs1vn
1IXGfXbSnYNtimJJwLUkEQPI8Bxftkv9PMb6e8gjnujstArz057X8KXWFoSEx6g=
-----END CERTIFICATE-----