Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/b06fa14a-ad24-4938-aa6a-12b73e6be05e.roa
File:                     b06fa14a-ad24-4938-aa6a-12b73e6be05e.roa (raw, json)
Hash identifier:          v6qzbQlaG9AhJPuZVWsydpgaYy9jSgaeQOasVBnrpw4=
Subject key identifier:   ED:E6:53:1B:E5:D0:0B:7B:32:CD:75:BF:06:46:D4:B5:41:3C:BA:77
Certificate issuer:       /CN=551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce
Certificate serial:       69D717AF78BD0536BCFA6A0D0E072F903907A40D
Authority key identifier: E8:F3:C5:20:E2:0E:F2:5D:3A:B7:A2:16:BB:14:04:31:6A:37:38:F1
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/b06fa14a-ad24-4938-aa6a-12b73e6be05e.roa
Signing time:             Fri 13 Feb 2026 07:20:49 +0000
ROA not before:           Fri 13 Feb 2026 07:20:49 +0000
ROA not after:            Thu 14 May 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:9000:2b78::/46 maxlen: 46
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/XnrVTgTwQuSsDp5lxW5Vx3R40s4.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/XnrVTgTwQuSsDp5lxW5Vx3R40s4.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/99f8fed2-292b-4722-b928-fee7bf0a5910.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/99f8fed2-292b-4722-b928-fee7bf0a5910.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/f60c9f32-a87c-4339-a2f3-6299a3b02e29.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/f60c9f32-a87c-4339-a2f3-6299a3b02e29.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 03 Mar 2026 21:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            69:d7:17:af:78:bd:05:36:bc:fa:6a:0d:0e:07:2f:90:39:07:a4:0d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce
        Validity
            Not Before: Feb 13 07:20:49 2026 GMT
            Not After : May 14 23:59:59 2026 GMT
        Subject: serialNumber=14be7d6b9dcc424bcf1308becb16df5ec9f7c408690176d3a7394056f112cb8b, CN=9f230fa9-aa2f-4020-ae2a-1a60374084b8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f0:61:89:a9:db:7a:93:ec:1d:97:61:c3:3b:0f:
                    df:d1:3e:b3:e0:2a:4b:fc:c0:7b:93:25:c4:dc:a2:
                    c4:46:19:39:9d:2a:95:95:c3:5c:82:92:32:11:72:
                    ee:bc:70:d7:ac:60:3b:2a:70:9d:45:9b:2c:7d:52:
                    47:a5:62:d2:e7:d5:e6:67:eb:41:33:ac:1d:43:25:
                    79:ea:21:ca:67:19:c2:f6:1d:69:bb:7a:63:6e:ed:
                    b3:76:06:94:d1:62:c3:88:1f:50:f1:a2:54:ca:1a:
                    8e:21:d4:f9:0a:6a:3c:b4:da:05:2c:82:73:6c:9e:
                    d2:9a:13:ee:87:ba:26:b7:58:93:cc:3a:9e:0e:dd:
                    e0:0f:1c:05:54:38:da:99:e2:a8:11:93:d3:99:41:
                    8e:7a:8c:ad:47:fb:6c:a9:9d:40:9a:5c:ed:cd:88:
                    58:63:b9:e1:26:7e:a2:37:46:00:45:ea:d2:67:c0:
                    ad:ef:0d:70:59:65:11:3c:f7:86:4d:e2:9f:75:7f:
                    b5:fd:33:93:d2:36:0f:26:60:d1:08:62:4d:82:1f:
                    ef:21:1d:27:19:91:78:72:0f:e7:c5:df:47:d2:ba:
                    6e:3a:21:32:b0:c7:e1:c2:12:a5:42:17:7a:9c:d6:
                    02:45:bc:99:c1:d0:2d:d2:23:f3:2b:cb:55:06:95:
                    d4:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                ED:E6:53:1B:E5:D0:0B:7B:32:CD:75:BF:06:46:D4:B5:41:3C:BA:77
            X509v3 Authority Key Identifier:
                keyid:E8:F3:C5:20:E2:0E:F2:5D:3A:B7:A2:16:BB:14:04:31:6A:37:38:F1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/b06fa14a-ad24-4938-aa6a-12b73e6be05e.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/XnrVTgTwQuSsDp5lxW5Vx3R40s4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:9000:2b78::/46

    Signature Algorithm: sha256WithRSAEncryption
         b0:cf:59:31:bf:35:56:cd:c3:42:51:c7:d9:1d:b4:ed:ce:05:
         0d:80:3f:7a:71:45:96:82:fa:11:13:8f:88:b7:1b:51:7d:52:
         95:9f:e4:54:5b:86:da:99:f2:e2:44:97:85:61:02:f0:96:44:
         30:f4:a7:3a:18:53:8a:5d:18:2c:b6:20:28:23:6d:ef:2d:a2:
         05:a4:b4:ec:48:23:cf:63:59:95:a0:e3:dd:3d:e2:d3:2a:bc:
         a3:98:51:82:c8:19:a2:53:b3:ac:74:d9:7b:79:ec:f9:3b:fe:
         44:4a:b5:62:f2:a6:12:b7:68:b5:d3:1d:aa:97:24:82:41:29:
         ba:5f:44:10:8e:f4:e5:5d:72:1a:49:c9:b0:a6:eb:26:67:1f:
         35:a8:99:aa:9c:1c:e6:49:45:07:f1:ca:9f:73:50:b7:8c:78:
         4a:a7:4f:ea:4a:92:ec:96:a6:17:a5:42:8f:28:8d:0a:7d:8a:
         42:65:03:8e:2f:7c:99:08:cf:bf:9c:fe:68:12:40:45:d9:f3:
         30:37:3f:3a:aa:9a:85:68:77:09:8c:ac:88:c2:26:84:48:d8:
         c1:39:7a:19:d3:db:ac:1f:db:c6:c7:ec:01:7a:79:ee:9e:34:
         b2:9d:e1:91:71:e0:fc:fe:50:2c:c7:29:96:60:ff:40:e9:b4:
         ab:6e:7f:46
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUadcXr3i9BTa8+moNDgcvkDkHpA0wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNTUxMjA5MDI3ZjVlN2FkNTRlMDRmMDQyZTRhYzBlOWU2
NWM1NmU1NWM3NzQ3OGQyY2UwHhcNMjYwMjEzMDcyMDQ5WhcNMjYwNTE0MjM1OTU5
WjB6MUkwRwYDVQQFE0AxNGJlN2Q2YjlkY2M0MjRiY2YxMzA4YmVjYjE2ZGY1ZWM5
ZjdjNDA4NjkwMTc2ZDNhNzM5NDA1NmYxMTJjYjhiMS0wKwYDVQQDEyQ5ZjIzMGZh
OS1hYTJmLTQwMjAtYWUyYS0xYTYwMzc0MDg0YjgwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDwYYmp23qT7B2XYcM7D9/RPrPgKkv8wHuTJcTcosRGGTmd
KpWVw1yCkjIRcu68cNesYDsqcJ1Fmyx9UkelYtLn1eZn60EzrB1DJXnqIcpnGcL2
HWm7emNu7bN2BpTRYsOIH1DxolTKGo4h1PkKajy02gUsgnNsntKaE+6Huia3WJPM
Op4O3eAPHAVUONqZ4qgRk9OZQY56jK1H+2ypnUCaXO3NiFhjueEmfqI3RgBF6tJn
wK3vDXBZZRE894ZN4p91f7X9M5PSNg8mYNEIYk2CH+8hHScZkXhyD+fF30fSum46
ITKwx+HCEqVCF3qc1gJFvJnB0C3SI/Mry1UGldSfAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQU7eZTG+XQC3syzXW/BkbUtUE8uncwHwYDVR0jBBgwFoAU6PPFIOIO8l06
t6IWuxQEMWo3OPEwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
L2Y2MGM5ZjMyLWE4N2MtNDMzOS1hMmYzLTYyOTlhM2IwMmUyOS85OWY4ZmVkMi0y
OTJiLTQ3MjItYjkyOC1mZWU3YmYwYTU5MTAvNTUxMjA5MDI3ZjVlN2FkNTRlMDRm
MDQyZTRhYzBlOWU2NWM1NmU1NWM3NzQ3OGQyY2UuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZTc1MThhZjUtYTM0My00MjhkLWJmNzgtZjk4
MmI2ZTYwNTA1L2IwNmZhMTRhLWFkMjQtNDkzOC1hYTZhLTEyYjczZTZiZTA1ZS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2U3NTE4YWY1LWEzNDMtNDI4ZC1iZjc4
LWY5ODJiNmU2MDUwNS9YbnJWVGdUd1F1U3NEcDVseFc1VngzUjQwczQuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwImAJAAK3gwDQYJKoZIhvcNAQELBQADggEBALDPWTG/NVbNw0JRx9kdtO3O
BQ2AP3pxRZaC+hETj4i3G1F9UpWf5FRbhtqZ8uJEl4VhAvCWRDD0pzoYU4pdGCy2
ICgjbe8togWktOxII89jWZWg49094tMqvKOYUYLIGaJTs6x02Xt57Pk7/kRKtWLy
phK3aLXTHaqXJIJBKbpfRBCO9OVdchpJybCm6yZnHzWomaqcHOZJRQfxyp9zULeM
eEqnT+pKkuyWphelQo8ojQp9ikJlA44vfJkIz7+c/mgSQEXZ8zA3PzqqmoVodwmM
rIjCJoRI2ME5ehnT26wf28bH7AF6ee6eNLKd4ZFx4Pz+UCzHKZZg/0DptKtuf0Y=
-----END CERTIFICATE-----