Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/92991116-d845-4df9-8420-f53cfeb29735.roa
File:                     92991116-d845-4df9-8420-f53cfeb29735.roa (raw, json)
Hash identifier:          B8oTqqQ1Jil+mEDhCiXPKqovRacdf2boaEqlN4SCZyM=
Subject key identifier:   20:1E:57:9E:25:09:F5:08:DA:C2:C0:8D:29:A7:75:2C:36:34:4F:93
Certificate issuer:       /CN=551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce
Certificate serial:       13B55B849A0059A7671EE3E7D464239DE524DFCC
Authority key identifier: E8:F3:C5:20:E2:0E:F2:5D:3A:B7:A2:16:BB:14:04:31:6A:37:38:F1
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/92991116-d845-4df9-8420-f53cfeb29735.roa
Signing time:             Fri 13 Feb 2026 05:01:54 +0000
ROA not before:           Fri 13 Feb 2026 05:01:54 +0000
ROA not after:            Thu 14 May 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:9000:a800::/40 maxlen: 40
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/XnrVTgTwQuSsDp5lxW5Vx3R40s4.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/XnrVTgTwQuSsDp5lxW5Vx3R40s4.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/99f8fed2-292b-4722-b928-fee7bf0a5910.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/99f8fed2-292b-4722-b928-fee7bf0a5910.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/f60c9f32-a87c-4339-a2f3-6299a3b02e29.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/f60c9f32-a87c-4339-a2f3-6299a3b02e29.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 03 Mar 2026 21:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            13:b5:5b:84:9a:00:59:a7:67:1e:e3:e7:d4:64:23:9d:e5:24:df:cc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce
        Validity
            Not Before: Feb 13 05:01:54 2026 GMT
            Not After : May 14 23:59:59 2026 GMT
        Subject: serialNumber=0883dd89160906c4b1a73ff0a74a764098818236df4aa2e7871f813cf7eca965, CN=9f230fa9-aa2f-4020-ae2a-1a60374084b8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:9e:65:f2:71:4c:53:e0:bb:54:c6:71:57:3e:
                    02:37:6c:f1:b9:ae:13:9c:e2:c2:44:1e:ba:8b:67:
                    ce:93:fe:77:57:45:79:7f:95:23:a3:75:54:38:8c:
                    13:71:5a:60:26:a6:e8:ac:e8:70:01:2a:e8:5a:49:
                    87:db:04:bb:6c:e7:20:c7:f2:e0:e6:66:86:38:b6:
                    09:d1:0a:7f:cf:a5:6d:48:4f:4e:7c:c1:04:12:15:
                    75:64:f4:8f:14:89:82:3a:c4:63:e8:80:49:48:01:
                    ee:ea:f9:59:25:bb:32:3b:0d:ef:86:b4:84:6b:b1:
                    22:f8:b8:6a:6b:53:c3:03:e3:f9:ff:79:18:32:4d:
                    eb:db:49:3b:af:46:cd:48:e5:0b:c2:28:2d:a2:e0:
                    91:79:56:92:d2:e4:6a:b8:23:87:a9:0b:87:26:a0:
                    60:11:dc:24:b0:18:44:b9:a7:ad:3f:f7:14:95:94:
                    8b:07:6e:cd:19:60:dc:e5:2b:60:b4:f4:f7:f0:76:
                    1b:ba:11:7e:86:0d:3a:d7:24:88:d7:cb:1d:45:90:
                    3e:8d:94:87:d0:b6:77:2b:de:c7:b4:34:a0:75:be:
                    d9:f9:7d:a3:ef:f4:4b:eb:dd:0a:3c:82:ed:86:a4:
                    19:78:8a:20:de:5a:bf:57:c4:a0:02:74:f4:6b:fb:
                    89:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                20:1E:57:9E:25:09:F5:08:DA:C2:C0:8D:29:A7:75:2C:36:34:4F:93
            X509v3 Authority Key Identifier:
                keyid:E8:F3:C5:20:E2:0E:F2:5D:3A:B7:A2:16:BB:14:04:31:6A:37:38:F1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/92991116-d845-4df9-8420-f53cfeb29735.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/XnrVTgTwQuSsDp5lxW5Vx3R40s4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:9000:a800::/40

    Signature Algorithm: sha256WithRSAEncryption
         6e:60:a2:97:e9:4d:3c:42:79:15:02:9b:4b:f8:ba:5b:98:81:
         fb:07:64:98:5a:fe:23:c9:9d:0b:96:b4:9a:44:97:c5:a7:ed:
         7b:bf:39:a8:dc:4b:e2:09:f3:20:9e:e6:24:3b:45:55:b3:3a:
         38:53:ab:c9:ac:1a:6c:b4:78:f4:49:e2:f5:79:c5:14:62:49:
         d0:f1:41:a6:04:5e:8d:81:d3:99:5a:93:85:5b:45:10:a8:23:
         7b:c6:14:2d:99:bd:4a:43:6b:7b:c3:ee:9f:e3:37:b0:13:d6:
         b0:e4:25:b9:e6:8c:c6:6c:7c:c3:01:2a:f0:ec:d8:cd:c1:85:
         67:0c:d1:96:9e:3f:f5:1d:87:8a:cd:af:78:68:26:0e:59:a2:
         18:be:27:ae:6d:45:ca:75:36:30:4a:41:2d:79:cd:fb:73:90:
         11:5c:6b:23:23:b0:92:d7:25:f1:77:39:0d:89:41:dd:6b:bf:
         ca:68:8a:25:3f:80:a1:62:b3:27:43:c6:1e:d1:0f:76:c0:98:
         86:87:5f:ff:22:01:bc:a4:82:4f:45:85:35:c4:6a:7a:59:eb:
         2b:69:83:98:23:f8:c4:b3:9e:f0:f5:ea:20:db:e0:47:e6:22:
         ac:52:1d:b7:d2:42:f9:d1:e5:ff:de:5a:eb:2d:1d:55:08:d6:
         0c:17:dc:60
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUE7VbhJoAWadnHuPn1GQjneUk38wwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNTUxMjA5MDI3ZjVlN2FkNTRlMDRmMDQyZTRhYzBlOWU2
NWM1NmU1NWM3NzQ3OGQyY2UwHhcNMjYwMjEzMDUwMTU0WhcNMjYwNTE0MjM1OTU5
WjB6MUkwRwYDVQQFE0AwODgzZGQ4OTE2MDkwNmM0YjFhNzNmZjBhNzRhNzY0MDk4
ODE4MjM2ZGY0YWEyZTc4NzFmODEzY2Y3ZWNhOTY1MS0wKwYDVQQDEyQ5ZjIzMGZh
OS1hYTJmLTQwMjAtYWUyYS0xYTYwMzc0MDg0YjgwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDFnmXycUxT4LtUxnFXPgI3bPG5rhOc4sJEHrqLZ86T/ndX
RXl/lSOjdVQ4jBNxWmAmpuis6HABKuhaSYfbBLts5yDH8uDmZoY4tgnRCn/PpW1I
T058wQQSFXVk9I8UiYI6xGPogElIAe7q+VkluzI7De+GtIRrsSL4uGprU8MD4/n/
eRgyTevbSTuvRs1I5QvCKC2i4JF5VpLS5Gq4I4epC4cmoGAR3CSwGES5p60/9xSV
lIsHbs0ZYNzlK2C09Pfwdhu6EX6GDTrXJIjXyx1FkD6NlIfQtncr3se0NKB1vtn5
faPv9Evr3Qo8gu2GpBl4iiDeWr9XxKACdPRr+4kZAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUIB5XniUJ9QjawsCNKad1LDY0T5MwHwYDVR0jBBgwFoAU6PPFIOIO8l06
t6IWuxQEMWo3OPEwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
L2Y2MGM5ZjMyLWE4N2MtNDMzOS1hMmYzLTYyOTlhM2IwMmUyOS85OWY4ZmVkMi0y
OTJiLTQ3MjItYjkyOC1mZWU3YmYwYTU5MTAvNTUxMjA5MDI3ZjVlN2FkNTRlMDRm
MDQyZTRhYzBlOWU2NWM1NmU1NWM3NzQ3OGQyY2UuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZTc1MThhZjUtYTM0My00MjhkLWJmNzgtZjk4
MmI2ZTYwNTA1LzkyOTkxMTE2LWQ4NDUtNGRmOS04NDIwLWY1M2NmZWIyOTczNS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2U3NTE4YWY1LWEzNDMtNDI4ZC1iZjc4
LWY5ODJiNmU2MDUwNS9YbnJWVGdUd1F1U3NEcDVseFc1VngzUjQwczQuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgAmAJAAqDANBgkqhkiG9w0BAQsFAAOCAQEAbmCil+lNPEJ5FQKbS/i6W5iB
+wdkmFr+I8mdC5a0mkSXxafte785qNxL4gnzIJ7mJDtFVbM6OFOryawabLR49Eni
9XnFFGJJ0PFBpgRejYHTmVqThVtFEKgje8YULZm9SkNre8Pun+M3sBPWsOQlueaM
xmx8wwEq8OzYzcGFZwzRlp4/9R2His2veGgmDlmiGL4nrm1FynU2MEpBLXnN+3OQ
EVxrIyOwktcl8Xc5DYlB3Wu/ymiKJT+AoWKzJ0PGHtEPdsCYhodf/yIBvKSCT0WF
NcRqelnrK2mDmCP4xLOe8PXqINvgR+YirFIdt9JC+dHl/95a6y0dVQjWDBfcYA==
-----END CERTIFICATE-----