Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/9fce038d-eca6-4de1-8340-94e0c0efb14d.roa
File:                     9fce038d-eca6-4de1-8340-94e0c0efb14d.roa (raw, json)
Hash identifier:          KAT4cLseLJpK8JImwNFMwkW3wpTbWl/sMjw5zVTV+H8=
Subject key identifier:   09:9D:BD:59:FF:98:CE:9F:12:FF:4D:C0:A9:F6:30:75:F8:52:18:23
Certificate issuer:       /CN=551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce
Certificate serial:       667FFFA566A1908C03EBFE4EF885980FC2E577F0
Authority key identifier: E8:F3:C5:20:E2:0E:F2:5D:3A:B7:A2:16:BB:14:04:31:6A:37:38:F1
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/9fce038d-eca6-4de1-8340-94e0c0efb14d.roa
Signing time:             Fri 13 Feb 2026 12:00:50 +0000
ROA not before:           Fri 13 Feb 2026 12:00:50 +0000
ROA not after:            Thu 14 May 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:9000:396e::/47 maxlen: 47
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/XnrVTgTwQuSsDp5lxW5Vx3R40s4.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/XnrVTgTwQuSsDp5lxW5Vx3R40s4.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/99f8fed2-292b-4722-b928-fee7bf0a5910.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/99f8fed2-292b-4722-b928-fee7bf0a5910.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/f60c9f32-a87c-4339-a2f3-6299a3b02e29.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/f60c9f32-a87c-4339-a2f3-6299a3b02e29.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 03 Mar 2026 21:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            66:7f:ff:a5:66:a1:90:8c:03:eb:fe:4e:f8:85:98:0f:c2:e5:77:f0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce
        Validity
            Not Before: Feb 13 12:00:50 2026 GMT
            Not After : May 14 23:59:59 2026 GMT
        Subject: serialNumber=be63bbafc6f7e525495acced208e16a0edbf6aadf6346ea74bbac5da91a852a3, CN=9f230fa9-aa2f-4020-ae2a-1a60374084b8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:85:55:42:18:2c:f5:1d:36:ff:62:50:ca:f7:
                    eb:39:64:96:31:13:97:7d:79:fb:fc:40:7f:8d:a8:
                    4b:37:2c:50:97:47:b4:08:1a:2a:36:2d:68:a6:ce:
                    c0:6d:96:b6:06:54:6e:d4:43:76:37:63:0a:d7:f7:
                    7a:36:b6:8b:93:bf:27:47:24:dd:88:bf:1c:00:e5:
                    79:31:19:c1:2c:33:97:88:14:25:ff:45:bc:e5:25:
                    5e:fe:50:1f:a2:2e:15:bc:2c:35:5a:1e:2e:df:27:
                    31:7c:f8:bf:d5:a3:d5:b3:3d:89:65:28:57:33:31:
                    e6:c1:17:d8:d2:70:a7:7c:f6:0e:72:56:76:7c:73:
                    dc:27:6a:29:01:36:30:c0:3e:3b:37:09:b3:cc:74:
                    6f:ef:aa:16:cf:68:77:fd:da:5a:5d:5e:bf:df:bf:
                    bc:6c:b5:b7:13:37:e1:8e:bf:07:f6:a0:5c:31:ef:
                    42:32:6d:6d:44:c2:4a:17:dc:95:71:1a:70:24:5b:
                    59:7e:4d:4a:bd:b6:db:94:b2:1b:ee:96:28:20:74:
                    aa:58:70:c6:40:b9:0d:ad:a7:8a:15:c6:22:5c:34:
                    6a:d7:22:ea:01:7d:78:19:92:97:0e:b2:16:07:47:
                    ee:2f:ee:b4:c5:aa:72:de:34:6c:5d:20:72:02:0c:
                    64:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                09:9D:BD:59:FF:98:CE:9F:12:FF:4D:C0:A9:F6:30:75:F8:52:18:23
            X509v3 Authority Key Identifier:
                keyid:E8:F3:C5:20:E2:0E:F2:5D:3A:B7:A2:16:BB:14:04:31:6A:37:38:F1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/9fce038d-eca6-4de1-8340-94e0c0efb14d.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/XnrVTgTwQuSsDp5lxW5Vx3R40s4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:9000:396e::/47

    Signature Algorithm: sha256WithRSAEncryption
         1d:b4:33:81:02:93:51:79:df:82:37:3f:64:8f:85:ed:6f:e6:
         a5:f9:7a:1a:9f:35:f2:e9:ba:d4:7b:18:17:6c:4a:05:91:24:
         01:7b:66:70:55:5c:03:a4:99:02:dc:62:9c:69:61:f5:a2:94:
         de:2e:75:b4:24:b8:41:8a:44:5f:7e:41:74:68:47:ae:10:ff:
         e9:96:9b:c5:e6:9c:e8:7c:3d:6f:44:18:a8:99:d5:b8:3c:c5:
         ba:c2:d5:66:1c:f3:c3:89:26:5b:9b:50:5a:dc:b9:49:45:b8:
         7d:05:73:e6:b5:96:f1:7f:14:94:9c:f9:04:90:6f:2e:84:fa:
         d6:dd:95:aa:c7:1d:b0:6a:99:84:28:1e:c1:5b:91:62:4a:53:
         ff:b3:40:a0:12:82:25:bd:ba:e1:ca:32:29:47:7a:17:2c:8d:
         78:d1:b1:4b:85:ba:5b:a5:c4:38:21:62:45:ae:27:42:dd:4d:
         5a:cc:15:1d:81:a2:12:b4:05:c5:77:dc:7f:ef:76:1b:ff:a9:
         cc:1d:34:91:3e:3c:6e:8e:dd:d3:ed:99:53:89:52:20:f8:5c:
         47:55:ac:3b:c5:cf:b3:29:54:7a:6c:45:11:2f:0c:d9:65:64:
         0c:e1:fb:db:f3:bf:9a:29:9d:58:b6:95:91:98:1d:c8:64:81:
         9c:40:c9:ab
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUZn//pWahkIwD6/5O+IWYD8Lld/AwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNTUxMjA5MDI3ZjVlN2FkNTRlMDRmMDQyZTRhYzBlOWU2
NWM1NmU1NWM3NzQ3OGQyY2UwHhcNMjYwMjEzMTIwMDUwWhcNMjYwNTE0MjM1OTU5
WjB6MUkwRwYDVQQFE0BiZTYzYmJhZmM2ZjdlNTI1NDk1YWNjZWQyMDhlMTZhMGVk
YmY2YWFkZjYzNDZlYTc0YmJhYzVkYTkxYTg1MmEzMS0wKwYDVQQDEyQ5ZjIzMGZh
OS1hYTJmLTQwMjAtYWUyYS0xYTYwMzc0MDg0YjgwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCihVVCGCz1HTb/YlDK9+s5ZJYxE5d9efv8QH+NqEs3LFCX
R7QIGio2LWimzsBtlrYGVG7UQ3Y3YwrX93o2touTvydHJN2IvxwA5XkxGcEsM5eI
FCX/RbzlJV7+UB+iLhW8LDVaHi7fJzF8+L/Vo9WzPYllKFczMebBF9jScKd89g5y
VnZ8c9wnaikBNjDAPjs3CbPMdG/vqhbPaHf92lpdXr/fv7xstbcTN+GOvwf2oFwx
70IybW1EwkoX3JVxGnAkW1l+TUq9ttuUshvuliggdKpYcMZAuQ2tp4oVxiJcNGrX
IuoBfXgZkpcOshYHR+4v7rTFqnLeNGxdIHICDGTLAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUCZ29Wf+Yzp8S/03AqfYwdfhSGCMwHwYDVR0jBBgwFoAU6PPFIOIO8l06
t6IWuxQEMWo3OPEwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
L2Y2MGM5ZjMyLWE4N2MtNDMzOS1hMmYzLTYyOTlhM2IwMmUyOS85OWY4ZmVkMi0y
OTJiLTQ3MjItYjkyOC1mZWU3YmYwYTU5MTAvNTUxMjA5MDI3ZjVlN2FkNTRlMDRm
MDQyZTRhYzBlOWU2NWM1NmU1NWM3NzQ3OGQyY2UuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZTc1MThhZjUtYTM0My00MjhkLWJmNzgtZjk4
MmI2ZTYwNTA1LzlmY2UwMzhkLWVjYTYtNGRlMS04MzQwLTk0ZTBjMGVmYjE0ZC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2U3NTE4YWY1LWEzNDMtNDI4ZC1iZjc4
LWY5ODJiNmU2MDUwNS9YbnJWVGdUd1F1U3NEcDVseFc1VngzUjQwczQuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwEmAJAAOW4wDQYJKoZIhvcNAQELBQADggEBAB20M4ECk1F534I3P2SPhe1v
5qX5ehqfNfLputR7GBdsSgWRJAF7ZnBVXAOkmQLcYpxpYfWilN4udbQkuEGKRF9+
QXRoR64Q/+mWm8XmnOh8PW9EGKiZ1bg8xbrC1WYc88OJJlubUFrcuUlFuH0Fc+a1
lvF/FJSc+QSQby6E+tbdlarHHbBqmYQoHsFbkWJKU/+zQKASgiW9uuHKMilHehcs
jXjRsUuFululxDghYkWuJ0LdTVrMFR2BohK0BcV33H/vdhv/qcwdNJE+PG6O3dPt
mVOJUiD4XEdVrDvFz7MpVHpsRREvDNllZAzh+9vzv5opnVi2lZGYHchkgZxAyas=
-----END CERTIFICATE-----