Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/b1486a91-525f-4b45-825d-339746e01817.roa
File:                     b1486a91-525f-4b45-825d-339746e01817.roa (raw, json)
Hash identifier:          /yK5dQTPzjNjXA7yYntUydhT9jM0VI9txonbJV0efhA=
Subject key identifier:   64:8E:56:B3:34:3C:DE:DD:64:2A:6B:A3:07:9B:23:56:F2:61:D5:18
Certificate issuer:       /CN=551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce
Certificate serial:       70B5D76196CB829E152BE2D7F0B784AD229A4E26
Authority key identifier: E8:F3:C5:20:E2:0E:F2:5D:3A:B7:A2:16:BB:14:04:31:6A:37:38:F1
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/b1486a91-525f-4b45-825d-339746e01817.roa
Signing time:             Fri 13 Feb 2026 07:10:37 +0000
ROA not before:           Fri 13 Feb 2026 07:10:37 +0000
ROA not after:            Thu 14 May 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:9000:3930::/46 maxlen: 46
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/XnrVTgTwQuSsDp5lxW5Vx3R40s4.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/XnrVTgTwQuSsDp5lxW5Vx3R40s4.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/99f8fed2-292b-4722-b928-fee7bf0a5910.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/99f8fed2-292b-4722-b928-fee7bf0a5910.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/f60c9f32-a87c-4339-a2f3-6299a3b02e29.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/f60c9f32-a87c-4339-a2f3-6299a3b02e29.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 03 Mar 2026 21:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            70:b5:d7:61:96:cb:82:9e:15:2b:e2:d7:f0:b7:84:ad:22:9a:4e:26
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce
        Validity
            Not Before: Feb 13 07:10:37 2026 GMT
            Not After : May 14 23:59:59 2026 GMT
        Subject: serialNumber=c5a21361d402a794f00c02d33d76a7ed8c0557c6cc8e7564c7ba611dfcccf0d7, CN=9f230fa9-aa2f-4020-ae2a-1a60374084b8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:95:f3:a0:13:fe:ed:94:53:22:3e:82:88:77:
                    03:43:72:27:9f:5a:a7:20:d4:a8:82:e6:6e:57:2a:
                    eb:94:29:d9:04:1c:3b:7f:ff:a3:38:1d:77:e8:c3:
                    6c:db:2d:e6:0e:30:e0:e9:a7:be:0a:88:32:d2:2c:
                    b2:3f:f2:76:75:9d:1a:93:a7:79:cb:4e:79:29:3b:
                    91:a3:77:a8:43:d5:86:00:a5:48:4a:c0:51:e3:f9:
                    13:49:67:cb:de:56:f3:60:4b:3a:20:8c:6a:4d:46:
                    f3:08:b7:0d:f1:01:21:f2:16:0b:9b:86:b3:2e:1b:
                    57:1e:3d:47:de:fb:ec:d8:4f:9f:b0:3c:76:4c:a2:
                    da:1f:79:8b:91:89:9c:78:0f:6f:0c:4a:f5:e0:49:
                    c2:e2:e2:30:b2:b1:e3:28:44:f0:eb:6b:b1:14:5e:
                    b4:6c:a9:3e:4b:2f:78:fd:34:8b:f8:46:b0:35:b4:
                    97:9e:23:2c:0b:7f:c4:33:70:90:f3:02:47:65:4d:
                    73:5d:90:96:5a:9b:c8:b3:08:68:b2:50:b2:8a:f4:
                    69:5d:17:f2:a2:ea:f7:3c:46:a6:ca:e4:42:58:66:
                    7a:8f:f0:03:7a:ef:7f:60:b7:51:77:d4:26:6d:0f:
                    46:b2:6e:11:0b:d6:75:9d:68:7c:3a:6c:ba:c5:5b:
                    c3:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                64:8E:56:B3:34:3C:DE:DD:64:2A:6B:A3:07:9B:23:56:F2:61:D5:18
            X509v3 Authority Key Identifier:
                keyid:E8:F3:C5:20:E2:0E:F2:5D:3A:B7:A2:16:BB:14:04:31:6A:37:38:F1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/b1486a91-525f-4b45-825d-339746e01817.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/XnrVTgTwQuSsDp5lxW5Vx3R40s4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:9000:3930::/46

    Signature Algorithm: sha256WithRSAEncryption
         50:19:87:de:e3:7e:cf:a7:1d:18:9a:38:c7:ae:b6:16:a9:ab:
         18:5e:14:5f:2c:24:cb:11:61:ea:14:91:ac:65:53:72:a0:aa:
         1f:cf:4c:8c:f6:f9:96:f9:23:eb:47:10:4b:93:ad:49:f4:d4:
         da:d2:54:f3:37:36:ab:5b:36:7e:9f:b4:e7:75:a0:7f:b5:38:
         4e:6e:36:94:2a:db:61:7e:ed:e2:d7:4f:a3:a0:b7:1f:60:36:
         bd:c8:2c:49:df:85:f9:bf:29:9d:d5:88:3c:ef:47:67:ff:73:
         71:ba:d0:af:3c:cd:79:a2:f4:67:b9:4e:63:f6:84:b2:b8:b5:
         67:6b:cb:89:08:c2:15:a5:66:66:ee:79:06:eb:7f:24:76:ce:
         dd:e0:32:cd:48:e3:bd:bd:ce:47:40:15:da:b3:4d:ea:3f:19:
         fd:40:e0:08:2f:be:e8:38:c7:1b:13:58:ff:e6:c6:db:cd:66:
         e7:61:9f:a7:c2:6d:1e:4c:81:41:e9:18:6b:25:a4:a8:ed:db:
         e9:30:92:a2:43:a2:d8:a6:b6:2b:f9:c5:a1:60:2d:8f:a5:8f:
         90:29:3c:62:10:a4:c8:be:ff:6d:50:6d:fe:78:0d:d3:3d:2c:
         01:75:32:d8:d9:7b:dc:be:80:9e:98:ae:97:a0:e8:07:52:f3:
         e5:3d:04:c1
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUcLXXYZbLgp4VK+LX8LeErSKaTiYwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNTUxMjA5MDI3ZjVlN2FkNTRlMDRmMDQyZTRhYzBlOWU2
NWM1NmU1NWM3NzQ3OGQyY2UwHhcNMjYwMjEzMDcxMDM3WhcNMjYwNTE0MjM1OTU5
WjB6MUkwRwYDVQQFE0BjNWEyMTM2MWQ0MDJhNzk0ZjAwYzAyZDMzZDc2YTdlZDhj
MDU1N2M2Y2M4ZTc1NjRjN2JhNjExZGZjY2NmMGQ3MS0wKwYDVQQDEyQ5ZjIzMGZh
OS1hYTJmLTQwMjAtYWUyYS0xYTYwMzc0MDg0YjgwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCjlfOgE/7tlFMiPoKIdwNDciefWqcg1KiC5m5XKuuUKdkE
HDt//6M4HXfow2zbLeYOMODpp74KiDLSLLI/8nZ1nRqTp3nLTnkpO5Gjd6hD1YYA
pUhKwFHj+RNJZ8veVvNgSzogjGpNRvMItw3xASHyFgubhrMuG1cePUfe++zYT5+w
PHZMotofeYuRiZx4D28MSvXgScLi4jCyseMoRPDra7EUXrRsqT5LL3j9NIv4RrA1
tJeeIywLf8QzcJDzAkdlTXNdkJZam8izCGiyULKK9GldF/Ki6vc8RqbK5EJYZnqP
8AN6739gt1F31CZtD0aybhEL1nWdaHw6bLrFW8NfAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUZI5WszQ83t1kKmujB5sjVvJh1RgwHwYDVR0jBBgwFoAU6PPFIOIO8l06
t6IWuxQEMWo3OPEwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
L2Y2MGM5ZjMyLWE4N2MtNDMzOS1hMmYzLTYyOTlhM2IwMmUyOS85OWY4ZmVkMi0y
OTJiLTQ3MjItYjkyOC1mZWU3YmYwYTU5MTAvNTUxMjA5MDI3ZjVlN2FkNTRlMDRm
MDQyZTRhYzBlOWU2NWM1NmU1NWM3NzQ3OGQyY2UuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZTc1MThhZjUtYTM0My00MjhkLWJmNzgtZjk4
MmI2ZTYwNTA1L2IxNDg2YTkxLTUyNWYtNGI0NS04MjVkLTMzOTc0NmUwMTgxNy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2U3NTE4YWY1LWEzNDMtNDI4ZC1iZjc4
LWY5ODJiNmU2MDUwNS9YbnJWVGdUd1F1U3NEcDVseFc1VngzUjQwczQuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwImAJAAOTAwDQYJKoZIhvcNAQELBQADggEBAFAZh97jfs+nHRiaOMeuthap
qxheFF8sJMsRYeoUkaxlU3Kgqh/PTIz2+Zb5I+tHEEuTrUn01NrSVPM3NqtbNn6f
tOd1oH+1OE5uNpQq22F+7eLXT6Ogtx9gNr3ILEnfhfm/KZ3ViDzvR2f/c3G60K88
zXmi9Ge5TmP2hLK4tWdry4kIwhWlZmbueQbrfyR2zt3gMs1I4729zkdAFdqzTeo/
Gf1A4Agvvug4xxsTWP/mxtvNZudhn6fCbR5MgUHpGGslpKjt2+kwkqJDotimtiv5
xaFgLY+lj5ApPGIQpMi+/21Qbf54DdM9LAF1MtjZe9y+gJ6Yrpeg6AdS8+U9BME=
-----END CERTIFICATE-----