Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/9792e108-debf-40c4-b2dd-53503a2d1f5e.roa
File:                     9792e108-debf-40c4-b2dd-53503a2d1f5e.roa (raw, json)
Hash identifier:          qlWfBGB1tbiaTSal58djt4PAVSpSqZhuEHSbnO7THgc=
Subject key identifier:   B9:73:5D:F9:93:46:19:07:81:EE:3D:C3:54:D0:EE:69:7E:9E:21:80
Certificate issuer:       /CN=551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce
Certificate serial:       3435FA045F24A9886CDC90E23FA542DDC2972C60
Authority key identifier: E8:F3:C5:20:E2:0E:F2:5D:3A:B7:A2:16:BB:14:04:31:6A:37:38:F1
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/9792e108-debf-40c4-b2dd-53503a2d1f5e.roa
Signing time:             Fri 13 Feb 2026 11:31:54 +0000
ROA not before:           Fri 13 Feb 2026 11:31:54 +0000
ROA not after:            Thu 14 May 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:9000:2a70::/44 maxlen: 44
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/XnrVTgTwQuSsDp5lxW5Vx3R40s4.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/XnrVTgTwQuSsDp5lxW5Vx3R40s4.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/99f8fed2-292b-4722-b928-fee7bf0a5910.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/99f8fed2-292b-4722-b928-fee7bf0a5910.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/f60c9f32-a87c-4339-a2f3-6299a3b02e29.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/f60c9f32-a87c-4339-a2f3-6299a3b02e29.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 03 Mar 2026 21:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            34:35:fa:04:5f:24:a9:88:6c:dc:90:e2:3f:a5:42:dd:c2:97:2c:60
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce
        Validity
            Not Before: Feb 13 11:31:54 2026 GMT
            Not After : May 14 23:59:59 2026 GMT
        Subject: serialNumber=998efa22173ab65b327705aa6cfb12e9ee65be2fa115617ea31aefd272a2e5a4, CN=9f230fa9-aa2f-4020-ae2a-1a60374084b8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:de:38:f6:e1:d4:f6:f3:d1:8e:fb:fc:e5:d3:
                    e4:ce:33:2d:d3:4d:25:b8:bb:27:a3:df:d5:5b:3f:
                    b7:f5:5c:da:cc:48:d8:92:ed:48:13:c9:93:ea:1a:
                    1c:fa:4f:18:d4:5a:9d:11:63:90:70:6a:60:4e:d2:
                    48:52:a8:09:9d:ef:96:9f:2a:50:bf:c3:2e:95:91:
                    84:1f:14:2f:44:d1:22:e8:4d:3b:87:4e:7e:ba:77:
                    be:b8:8e:3f:e7:d7:3b:be:23:82:7e:5c:27:13:32:
                    62:e2:7a:15:53:2a:9c:1d:77:d3:c5:98:bf:ef:7f:
                    08:07:24:74:25:0c:47:cc:f9:01:5a:39:09:b1:61:
                    f9:81:4c:8d:90:78:70:b0:b5:cd:1d:bd:09:07:b6:
                    ea:94:cf:42:71:14:e0:e9:30:6f:bc:e4:e8:5c:8a:
                    cd:a9:de:45:4d:f6:48:68:5d:4f:eb:35:fd:7c:8f:
                    bc:59:6f:72:12:a9:10:c1:be:97:98:12:44:56:76:
                    68:4b:3e:92:f2:3c:c0:b4:31:be:61:2d:6b:47:a2:
                    7f:63:3c:27:98:a0:f5:ef:68:72:50:87:77:34:b1:
                    62:a7:00:3a:ea:10:de:15:f6:65:ef:b4:06:39:cf:
                    73:45:b6:df:a1:83:e5:6e:31:95:e6:d4:df:32:d0:
                    49:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B9:73:5D:F9:93:46:19:07:81:EE:3D:C3:54:D0:EE:69:7E:9E:21:80
            X509v3 Authority Key Identifier:
                keyid:E8:F3:C5:20:E2:0E:F2:5D:3A:B7:A2:16:BB:14:04:31:6A:37:38:F1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/9792e108-debf-40c4-b2dd-53503a2d1f5e.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/XnrVTgTwQuSsDp5lxW5Vx3R40s4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:9000:2a70::/44

    Signature Algorithm: sha256WithRSAEncryption
         0f:44:6d:25:da:40:3e:2b:51:e9:8a:ca:c7:7b:d4:a2:d3:a2:
         5a:8c:50:28:cb:57:15:2b:2d:ba:d9:e2:4b:31:6f:a4:b1:dc:
         70:15:e9:d5:cd:fe:c2:0b:d2:a6:9f:d1:5d:ad:be:4a:6a:d0:
         ef:dd:bb:54:d3:1d:43:eb:4c:ab:8d:d6:04:75:da:cd:da:ae:
         03:d5:45:5e:6c:5a:eb:ed:9a:2d:b1:32:90:18:a4:53:13:0c:
         a1:de:ae:30:f2:0c:6a:48:7a:5f:d7:51:c9:41:24:e1:88:5b:
         a4:83:e5:e4:3a:63:d9:a5:55:73:38:41:a9:36:16:55:fd:fa:
         9b:af:dc:cc:fb:71:b5:8d:04:f8:4d:75:96:de:75:40:ef:83:
         66:50:6e:76:0c:01:29:f1:2f:32:3c:02:1a:2e:99:7a:f8:24:
         02:c6:36:9a:7b:58:66:93:a0:b6:a7:6d:24:fb:6b:eb:ed:0d:
         25:c5:4b:80:c1:b1:19:4a:81:d4:ab:e6:24:cf:90:23:8f:9f:
         ca:b3:68:19:d2:51:23:bf:12:63:6a:8e:3d:fb:27:c0:54:d3:
         df:35:ad:64:47:3b:3d:06:e6:45:9e:d4:02:cf:31:8f:9e:ab:
         41:89:52:75:7a:4a:97:14:b8:db:fb:bf:b6:8d:62:ce:02:f5:
         70:5d:92:a3
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUNDX6BF8kqYhs3JDiP6VC3cKXLGAwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNTUxMjA5MDI3ZjVlN2FkNTRlMDRmMDQyZTRhYzBlOWU2
NWM1NmU1NWM3NzQ3OGQyY2UwHhcNMjYwMjEzMTEzMTU0WhcNMjYwNTE0MjM1OTU5
WjB6MUkwRwYDVQQFE0A5OThlZmEyMjE3M2FiNjViMzI3NzA1YWE2Y2ZiMTJlOWVl
NjViZTJmYTExNTYxN2VhMzFhZWZkMjcyYTJlNWE0MS0wKwYDVQQDEyQ5ZjIzMGZh
OS1hYTJmLTQwMjAtYWUyYS0xYTYwMzc0MDg0YjgwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDW3jj24dT289GO+/zl0+TOMy3TTSW4uyej39VbP7f1XNrM
SNiS7UgTyZPqGhz6TxjUWp0RY5BwamBO0khSqAmd75afKlC/wy6VkYQfFC9E0SLo
TTuHTn66d764jj/n1zu+I4J+XCcTMmLiehVTKpwdd9PFmL/vfwgHJHQlDEfM+QFa
OQmxYfmBTI2QeHCwtc0dvQkHtuqUz0JxFODpMG+85Ohcis2p3kVN9khoXU/rNf18
j7xZb3ISqRDBvpeYEkRWdmhLPpLyPMC0Mb5hLWtHon9jPCeYoPXvaHJQh3c0sWKn
ADrqEN4V9mXvtAY5z3NFtt+hg+VuMZXm1N8y0EkBAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUuXNd+ZNGGQeB7j3DVNDuaX6eIYAwHwYDVR0jBBgwFoAU6PPFIOIO8l06
t6IWuxQEMWo3OPEwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
L2Y2MGM5ZjMyLWE4N2MtNDMzOS1hMmYzLTYyOTlhM2IwMmUyOS85OWY4ZmVkMi0y
OTJiLTQ3MjItYjkyOC1mZWU3YmYwYTU5MTAvNTUxMjA5MDI3ZjVlN2FkNTRlMDRm
MDQyZTRhYzBlOWU2NWM1NmU1NWM3NzQ3OGQyY2UuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZTc1MThhZjUtYTM0My00MjhkLWJmNzgtZjk4
MmI2ZTYwNTA1Lzk3OTJlMTA4LWRlYmYtNDBjNC1iMmRkLTUzNTAzYTJkMWY1ZS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2U3NTE4YWY1LWEzNDMtNDI4ZC1iZjc4
LWY5ODJiNmU2MDUwNS9YbnJWVGdUd1F1U3NEcDVseFc1VngzUjQwczQuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwQmAJAAKnAwDQYJKoZIhvcNAQELBQADggEBAA9EbSXaQD4rUemKysd71KLT
olqMUCjLVxUrLbrZ4ksxb6Sx3HAV6dXN/sIL0qaf0V2tvkpq0O/du1TTHUPrTKuN
1gR12s3argPVRV5sWuvtmi2xMpAYpFMTDKHerjDyDGpIel/XUclBJOGIW6SD5eQ6
Y9mlVXM4Qak2FlX9+puv3Mz7cbWNBPhNdZbedUDvg2ZQbnYMASnxLzI8AhoumXr4
JALGNpp7WGaToLanbST7a+vtDSXFS4DBsRlKgdSr5iTPkCOPn8qzaBnSUSO/EmNq
jj37J8BU0981rWRHOz0G5kWe1ALPMY+eq0GJUnV6SpcUuNv7v7aNYs4C9XBdkqM=
-----END CERTIFICATE-----