Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/91de6a82-aedf-44f5-8836-e62e6681947d.roa
File:                     91de6a82-aedf-44f5-8836-e62e6681947d.roa (raw, json)
Hash identifier:          SW2bBuBtyutnppy93SxxvXRqGphfhYTX0s2mmPfyoZA=
Subject key identifier:   8D:6C:DA:4F:9D:01:1D:9C:A7:38:7F:7D:91:3A:92:78:10:1C:BA:00
Certificate issuer:       /CN=551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce
Certificate serial:       6EB7A312C55ACBE884F2E57DADEDF87D5DE3CB31
Authority key identifier: E8:F3:C5:20:E2:0E:F2:5D:3A:B7:A2:16:BB:14:04:31:6A:37:38:F1
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/91de6a82-aedf-44f5-8836-e62e6681947d.roa
Signing time:             Fri 13 Feb 2026 04:41:48 +0000
ROA not before:           Fri 13 Feb 2026 04:41:48 +0000
ROA not after:            Thu 14 May 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:9000:3ce8::/47 maxlen: 47
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/XnrVTgTwQuSsDp5lxW5Vx3R40s4.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/XnrVTgTwQuSsDp5lxW5Vx3R40s4.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/99f8fed2-292b-4722-b928-fee7bf0a5910.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/99f8fed2-292b-4722-b928-fee7bf0a5910.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/f60c9f32-a87c-4339-a2f3-6299a3b02e29.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/f60c9f32-a87c-4339-a2f3-6299a3b02e29.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 03 Mar 2026 21:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6e:b7:a3:12:c5:5a:cb:e8:84:f2:e5:7d:ad:ed:f8:7d:5d:e3:cb:31
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce
        Validity
            Not Before: Feb 13 04:41:48 2026 GMT
            Not After : May 14 23:59:59 2026 GMT
        Subject: serialNumber=488a0469a9486a77a6496c9149069f1b2833bf5fad16f04876c64842b9752888, CN=9f230fa9-aa2f-4020-ae2a-1a60374084b8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:f7:58:ec:47:7c:3a:5d:bb:30:36:e2:87:df:
                    f7:d9:a3:17:0c:ec:5f:85:80:85:82:df:e5:e1:fd:
                    21:33:5e:aa:05:87:a0:07:dd:09:b1:17:7c:dc:dc:
                    62:d3:8f:03:d1:bc:18:39:6d:81:6d:4f:e9:8b:60:
                    38:0b:4c:0a:b2:32:1d:1e:d3:a9:fa:7e:d0:50:c7:
                    13:1d:a5:0d:6e:23:17:18:06:1b:cf:22:09:c1:d2:
                    bf:51:9c:a0:fc:ea:df:e7:ac:4c:ce:68:bc:06:8a:
                    10:a4:9c:b7:10:e8:37:9d:11:73:35:3c:bc:fc:c9:
                    4a:82:9e:c3:f7:65:21:b0:ed:30:6d:3c:e7:b7:e9:
                    a0:2b:fa:6f:d9:32:2e:b0:45:c9:5b:fa:5d:85:10:
                    b0:2a:05:3f:48:76:ce:32:bc:ed:52:26:25:4a:ef:
                    68:f9:c3:e5:4b:37:25:1f:47:f1:c4:8b:c3:0e:51:
                    0a:de:aa:f8:ce:96:55:8d:c7:2c:87:27:89:6b:fe:
                    7d:5c:a8:70:f7:20:03:63:94:a8:e9:3f:6c:40:e2:
                    63:45:b7:d5:2c:19:eb:57:b0:54:26:00:4a:9b:f8:
                    0f:da:16:f8:c3:fd:20:f2:60:6f:bf:0f:99:40:a8:
                    d1:fc:43:a7:a8:56:09:72:1e:66:92:8b:c9:5e:2d:
                    c8:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8D:6C:DA:4F:9D:01:1D:9C:A7:38:7F:7D:91:3A:92:78:10:1C:BA:00
            X509v3 Authority Key Identifier:
                keyid:E8:F3:C5:20:E2:0E:F2:5D:3A:B7:A2:16:BB:14:04:31:6A:37:38:F1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/91de6a82-aedf-44f5-8836-e62e6681947d.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/XnrVTgTwQuSsDp5lxW5Vx3R40s4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:9000:3ce8::/47

    Signature Algorithm: sha256WithRSAEncryption
         9f:8e:55:bf:82:af:47:ce:fe:48:05:9d:f8:6a:2b:3d:9e:ca:
         55:c5:5c:ec:01:a5:24:71:65:c9:a0:92:ec:4b:f3:f6:b8:23:
         b3:bd:65:93:08:ce:be:40:60:40:23:b1:cc:e0:ba:8d:72:e5:
         17:65:19:09:ff:6f:25:38:4b:3c:e6:f6:74:24:97:9b:8b:fe:
         83:ee:fa:60:b4:bb:10:ac:93:84:7a:82:ac:b7:fc:08:e9:3e:
         42:15:ad:85:10:ea:69:64:6d:6d:b9:df:14:4d:a8:06:63:26:
         6f:01:46:25:fe:a1:b3:4b:10:67:f6:48:88:96:51:e5:09:90:
         b5:6d:2b:6d:5b:80:8f:37:c9:7d:d9:c7:8f:07:d8:e4:87:9c:
         a5:b1:4d:59:25:a6:fd:2b:ed:df:90:82:e3:67:9d:44:ef:ab:
         f7:a9:3b:fc:91:17:ef:aa:f6:5d:98:23:60:ac:6f:9f:fd:9a:
         26:e8:ad:e8:92:80:f9:71:f9:38:02:53:a4:cb:e3:c4:c2:bf:
         3e:d5:95:4e:69:ed:fb:bd:a1:fa:c4:b7:da:94:da:9d:61:16:
         58:b4:86:5c:1c:32:db:7e:a4:9b:fa:f5:6e:a1:fe:9c:03:c7:
         2c:bc:08:44:25:9e:98:21:f6:95:d5:33:a2:e6:b2:d8:38:20:
         c0:47:b3:dc
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUbrejEsVay+iE8uV9re34fV3jyzEwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNTUxMjA5MDI3ZjVlN2FkNTRlMDRmMDQyZTRhYzBlOWU2
NWM1NmU1NWM3NzQ3OGQyY2UwHhcNMjYwMjEzMDQ0MTQ4WhcNMjYwNTE0MjM1OTU5
WjB6MUkwRwYDVQQFE0A0ODhhMDQ2OWE5NDg2YTc3YTY0OTZjOTE0OTA2OWYxYjI4
MzNiZjVmYWQxNmYwNDg3NmM2NDg0MmI5NzUyODg4MS0wKwYDVQQDEyQ5ZjIzMGZh
OS1hYTJmLTQwMjAtYWUyYS0xYTYwMzc0MDg0YjgwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDI91jsR3w6XbswNuKH3/fZoxcM7F+FgIWC3+Xh/SEzXqoF
h6AH3QmxF3zc3GLTjwPRvBg5bYFtT+mLYDgLTAqyMh0e06n6ftBQxxMdpQ1uIxcY
BhvPIgnB0r9RnKD86t/nrEzOaLwGihCknLcQ6DedEXM1PLz8yUqCnsP3ZSGw7TBt
POe36aAr+m/ZMi6wRclb+l2FELAqBT9Ids4yvO1SJiVK72j5w+VLNyUfR/HEi8MO
UQreqvjOllWNxyyHJ4lr/n1cqHD3IANjlKjpP2xA4mNFt9UsGetXsFQmAEqb+A/a
FvjD/SDyYG+/D5lAqNH8Q6eoVglyHmaSi8leLcidAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUjWzaT50BHZynOH99kTqSeBAcugAwHwYDVR0jBBgwFoAU6PPFIOIO8l06
t6IWuxQEMWo3OPEwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
L2Y2MGM5ZjMyLWE4N2MtNDMzOS1hMmYzLTYyOTlhM2IwMmUyOS85OWY4ZmVkMi0y
OTJiLTQ3MjItYjkyOC1mZWU3YmYwYTU5MTAvNTUxMjA5MDI3ZjVlN2FkNTRlMDRm
MDQyZTRhYzBlOWU2NWM1NmU1NWM3NzQ3OGQyY2UuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZTc1MThhZjUtYTM0My00MjhkLWJmNzgtZjk4
MmI2ZTYwNTA1LzkxZGU2YTgyLWFlZGYtNDRmNS04ODM2LWU2MmU2NjgxOTQ3ZC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2U3NTE4YWY1LWEzNDMtNDI4ZC1iZjc4
LWY5ODJiNmU2MDUwNS9YbnJWVGdUd1F1U3NEcDVseFc1VngzUjQwczQuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwEmAJAAPOgwDQYJKoZIhvcNAQELBQADggEBAJ+OVb+Cr0fO/kgFnfhqKz2e
ylXFXOwBpSRxZcmgkuxL8/a4I7O9ZZMIzr5AYEAjsczguo1y5RdlGQn/byU4Szzm
9nQkl5uL/oPu+mC0uxCsk4R6gqy3/AjpPkIVrYUQ6mlkbW253xRNqAZjJm8BRiX+
obNLEGf2SIiWUeUJkLVtK21bgI83yX3Zx48H2OSHnKWxTVklpv0r7d+QguNnnUTv
q/epO/yRF++q9l2YI2Csb5/9miboreiSgPlx+TgCU6TL48TCvz7VlU5p7fu9ofrE
t9qU2p1hFli0hlwcMtt+pJv69W6h/pwDxyy8CEQlnpgh9pXVM6Lmstg4IMBHs9w=
-----END CERTIFICATE-----