Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/a935398c-657b-422c-b139-f778e1300e1b.roa
File:                     a935398c-657b-422c-b139-f778e1300e1b.roa (raw, json)
Hash identifier:          P0jXmdEsN7XP2YJMTWYNciBp4s3KNZlsahgltePO5w0=
Subject key identifier:   55:5C:ED:AF:05:D2:64:88:45:C2:68:00:A3:F1:32:C8:5F:36:15:43
Certificate issuer:       /CN=551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce
Certificate serial:       19BA77261050D4CE078DA7528CF77F7BF1272B0E
Authority key identifier: E8:F3:C5:20:E2:0E:F2:5D:3A:B7:A2:16:BB:14:04:31:6A:37:38:F1
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/a935398c-657b-422c-b139-f778e1300e1b.roa
Signing time:             Fri 13 Feb 2026 06:30:12 +0000
ROA not before:           Fri 13 Feb 2026 06:30:12 +0000
ROA not after:            Thu 14 May 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:9000:398c::/47 maxlen: 47
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/XnrVTgTwQuSsDp5lxW5Vx3R40s4.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/XnrVTgTwQuSsDp5lxW5Vx3R40s4.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/99f8fed2-292b-4722-b928-fee7bf0a5910.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/99f8fed2-292b-4722-b928-fee7bf0a5910.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/f60c9f32-a87c-4339-a2f3-6299a3b02e29.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/f60c9f32-a87c-4339-a2f3-6299a3b02e29.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 03 Mar 2026 21:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            19:ba:77:26:10:50:d4:ce:07:8d:a7:52:8c:f7:7f:7b:f1:27:2b:0e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce
        Validity
            Not Before: Feb 13 06:30:12 2026 GMT
            Not After : May 14 23:59:59 2026 GMT
        Subject: serialNumber=e911b247e00f6e2f474bee877c4187b93955514bc6e9c04dc1066bbd00af2a0b, CN=9f230fa9-aa2f-4020-ae2a-1a60374084b8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e5:08:85:63:b3:65:89:4f:83:ec:66:d5:cc:1c:
                    e4:24:2c:b8:a9:73:d8:66:16:c2:a5:cc:74:f7:b1:
                    26:bb:06:de:04:20:49:4a:df:f4:58:ed:d1:a0:2c:
                    1e:c1:54:d8:6c:85:e2:0a:3b:ba:30:d6:cc:8e:09:
                    87:49:5e:50:fc:09:8e:16:da:84:a1:b7:04:f1:b7:
                    4d:dd:7e:88:08:99:e2:ff:10:f5:05:e9:82:7c:88:
                    ed:ff:18:a5:87:05:2f:bd:de:ef:f1:bb:2b:d7:d2:
                    ca:08:77:a8:85:c9:ec:31:23:60:42:62:fa:02:78:
                    2a:37:2e:9b:3a:29:92:69:f9:8a:e6:e1:e4:73:07:
                    f0:29:01:98:48:9e:8c:8e:c1:ad:c3:a4:97:ee:9a:
                    34:95:bd:01:cd:72:c2:87:40:e4:a8:6d:f0:c9:3f:
                    48:0b:5e:93:f6:b1:c9:86:a3:bc:29:58:ec:97:ab:
                    8d:50:b4:e7:74:5f:31:90:b8:9b:6b:49:e4:d7:aa:
                    b2:b6:53:e6:90:b8:d5:48:2b:16:92:70:c9:e3:0c:
                    e5:12:a7:a9:c4:cd:53:04:bb:5a:57:f0:d0:b9:8f:
                    79:67:b2:25:26:ba:71:79:4d:dd:07:41:67:c7:5d:
                    e5:67:72:d0:5d:44:95:e9:4c:42:c5:b6:ce:bd:cf:
                    2b:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                55:5C:ED:AF:05:D2:64:88:45:C2:68:00:A3:F1:32:C8:5F:36:15:43
            X509v3 Authority Key Identifier:
                keyid:E8:F3:C5:20:E2:0E:F2:5D:3A:B7:A2:16:BB:14:04:31:6A:37:38:F1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/a935398c-657b-422c-b139-f778e1300e1b.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/XnrVTgTwQuSsDp5lxW5Vx3R40s4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:9000:398c::/47

    Signature Algorithm: sha256WithRSAEncryption
         55:5e:eb:bc:7e:df:ee:d3:9d:a0:82:cb:ad:23:26:74:91:3b:
         62:47:e4:63:ec:27:b2:b4:53:70:d0:40:67:9a:aa:be:c6:84:
         d3:21:b5:1e:a0:8f:67:c4:17:84:8f:e8:4f:49:0b:cb:fe:5e:
         50:ba:1e:50:8f:5c:70:b5:19:ad:5b:36:ec:97:17:7b:c6:99:
         6e:b3:2e:0b:4e:76:29:49:eb:3c:90:b0:47:20:bd:f2:68:97:
         a7:48:05:b7:50:bf:dd:03:d1:7b:bd:21:b2:8a:24:1a:b1:02:
         d0:79:2a:65:3e:1a:ba:e3:aa:da:39:df:75:f2:ff:13:21:3f:
         64:9a:89:7a:8d:f4:e8:83:b0:08:a9:97:0e:7e:49:1e:cb:a1:
         eb:7f:71:7e:06:42:05:e0:c7:24:7d:e3:82:b7:53:ba:23:b8:
         38:34:0a:41:32:f0:f6:17:31:7a:eb:cd:fa:35:65:74:37:23:
         74:d6:f5:98:af:1d:b5:e3:9b:7b:e3:ca:85:74:7f:1b:31:53:
         e1:75:18:14:34:d2:94:ae:23:a1:39:fc:06:fd:c5:68:f8:c5:
         8d:03:b1:e2:3d:4b:b1:d0:64:2f:2b:19:c4:3b:f9:36:11:ae:
         fc:db:1d:4f:88:3a:ea:04:0d:16:64:e5:2e:89:48:1f:0e:ca:
         1d:92:56:ec
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUGbp3JhBQ1M4HjadSjPd/e/EnKw4wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNTUxMjA5MDI3ZjVlN2FkNTRlMDRmMDQyZTRhYzBlOWU2
NWM1NmU1NWM3NzQ3OGQyY2UwHhcNMjYwMjEzMDYzMDEyWhcNMjYwNTE0MjM1OTU5
WjB6MUkwRwYDVQQFE0BlOTExYjI0N2UwMGY2ZTJmNDc0YmVlODc3YzQxODdiOTM5
NTU1MTRiYzZlOWMwNGRjMTA2NmJiZDAwYWYyYTBiMS0wKwYDVQQDEyQ5ZjIzMGZh
OS1hYTJmLTQwMjAtYWUyYS0xYTYwMzc0MDg0YjgwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDlCIVjs2WJT4PsZtXMHOQkLLipc9hmFsKlzHT3sSa7Bt4E
IElK3/RY7dGgLB7BVNhsheIKO7ow1syOCYdJXlD8CY4W2oShtwTxt03dfogImeL/
EPUF6YJ8iO3/GKWHBS+93u/xuyvX0soId6iFyewxI2BCYvoCeCo3Lps6KZJp+Yrm
4eRzB/ApAZhInoyOwa3DpJfumjSVvQHNcsKHQOSobfDJP0gLXpP2scmGo7wpWOyX
q41QtOd0XzGQuJtrSeTXqrK2U+aQuNVIKxaScMnjDOUSp6nEzVMEu1pX8NC5j3ln
siUmunF5Td0HQWfHXeVnctBdRJXpTELFts69zyubAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUVVztrwXSZIhFwmgAo/EyyF82FUMwHwYDVR0jBBgwFoAU6PPFIOIO8l06
t6IWuxQEMWo3OPEwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
L2Y2MGM5ZjMyLWE4N2MtNDMzOS1hMmYzLTYyOTlhM2IwMmUyOS85OWY4ZmVkMi0y
OTJiLTQ3MjItYjkyOC1mZWU3YmYwYTU5MTAvNTUxMjA5MDI3ZjVlN2FkNTRlMDRm
MDQyZTRhYzBlOWU2NWM1NmU1NWM3NzQ3OGQyY2UuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZTc1MThhZjUtYTM0My00MjhkLWJmNzgtZjk4
MmI2ZTYwNTA1L2E5MzUzOThjLTY1N2ItNDIyYy1iMTM5LWY3NzhlMTMwMGUxYi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2U3NTE4YWY1LWEzNDMtNDI4ZC1iZjc4
LWY5ODJiNmU2MDUwNS9YbnJWVGdUd1F1U3NEcDVseFc1VngzUjQwczQuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwEmAJAAOYwwDQYJKoZIhvcNAQELBQADggEBAFVe67x+3+7TnaCCy60jJnSR
O2JH5GPsJ7K0U3DQQGeaqr7GhNMhtR6gj2fEF4SP6E9JC8v+XlC6HlCPXHC1Ga1b
NuyXF3vGmW6zLgtOdilJ6zyQsEcgvfJol6dIBbdQv90D0Xu9IbKKJBqxAtB5KmU+
Grrjqto533Xy/xMhP2SaiXqN9OiDsAiplw5+SR7Loet/cX4GQgXgxyR944K3U7oj
uDg0CkEy8PYXMXrrzfo1ZXQ3I3TW9ZivHbXjm3vjyoV0fxsxU+F1GBQ00pSuI6E5
/Ab9xWj4xY0DseI9S7HQZC8rGcQ7+TYRrvzbHU+IOuoEDRZk5S6JSB8Oyh2SVuw=
-----END CERTIFICATE-----
Generated at Sun Mar 1 22:37:30 2026 by rpki-client