Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/b5aa5f11-3651-4731-abba-86c6917919bc.roa
File:                     b5aa5f11-3651-4731-abba-86c6917919bc.roa (raw, json)
Hash identifier:          HqSHnhpQyyr2fyNGnYim/bBsTtRV1C5mPq/3EHjPM48=
Subject key identifier:   67:C8:82:9C:F1:BF:50:A2:04:00:69:F3:51:7A:8F:EC:21:1E:47:75
Certificate issuer:       /CN=551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce
Certificate serial:       37B487F61F8C069C106F1F60A4C06256A0889B2A
Authority key identifier: E8:F3:C5:20:E2:0E:F2:5D:3A:B7:A2:16:BB:14:04:31:6A:37:38:F1
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/b5aa5f11-3651-4731-abba-86c6917919bc.roa
Signing time:             Fri 13 Feb 2026 12:20:11 +0000
ROA not before:           Fri 13 Feb 2026 12:20:11 +0000
ROA not after:            Thu 14 May 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:9000:39c4::/47 maxlen: 47
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/XnrVTgTwQuSsDp5lxW5Vx3R40s4.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/XnrVTgTwQuSsDp5lxW5Vx3R40s4.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/99f8fed2-292b-4722-b928-fee7bf0a5910.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/99f8fed2-292b-4722-b928-fee7bf0a5910.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/f60c9f32-a87c-4339-a2f3-6299a3b02e29.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/f60c9f32-a87c-4339-a2f3-6299a3b02e29.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 03 Mar 2026 21:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            37:b4:87:f6:1f:8c:06:9c:10:6f:1f:60:a4:c0:62:56:a0:88:9b:2a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce
        Validity
            Not Before: Feb 13 12:20:11 2026 GMT
            Not After : May 14 23:59:59 2026 GMT
        Subject: serialNumber=b8c5822ef9ed45b21732112b82b32be6d27636689e86ba31f266c4dadfc62b20, CN=9f230fa9-aa2f-4020-ae2a-1a60374084b8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f4:31:b7:f6:bd:3d:e9:f2:ca:82:c0:75:17:50:
                    45:21:2a:a9:d8:23:55:6e:0f:58:44:ec:0f:c6:fd:
                    0a:19:0d:e4:7b:f0:ef:b8:8b:57:a5:a1:e2:7a:af:
                    e5:d2:c5:11:54:39:ba:db:7d:e7:75:27:c1:86:e9:
                    b2:f5:f6:66:9b:cf:65:f3:12:de:5b:44:73:e1:39:
                    30:a4:9d:c2:a7:6f:2f:a2:96:3b:e2:55:aa:2b:c0:
                    2d:0b:33:33:62:b6:79:c0:00:b1:26:af:ef:8d:a7:
                    12:32:21:c5:8e:47:ea:1b:fa:94:08:39:1e:d1:50:
                    55:5f:99:d7:5a:f1:1d:d1:51:38:9f:74:ca:83:9f:
                    79:3b:3a:55:12:62:93:a3:0a:ce:ae:b7:bd:98:eb:
                    d1:23:2f:2c:9d:66:18:07:31:81:9b:cb:39:54:9e:
                    77:80:ba:5e:f4:09:88:5f:8e:53:6b:88:ff:aa:9f:
                    38:3b:0e:ac:6d:c9:6e:35:a9:e6:45:01:3d:4c:b8:
                    fe:20:3b:72:19:38:62:9e:82:6f:a6:24:79:0b:57:
                    9a:1c:cc:7b:d6:6e:15:91:c3:c1:ef:a6:13:92:b9:
                    69:f4:a4:eb:e1:81:54:5e:1b:2d:ea:de:6a:06:2d:
                    7a:23:07:70:df:a0:9d:0b:10:e7:55:40:c8:b8:30:
                    9f:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                67:C8:82:9C:F1:BF:50:A2:04:00:69:F3:51:7A:8F:EC:21:1E:47:75
            X509v3 Authority Key Identifier:
                keyid:E8:F3:C5:20:E2:0E:F2:5D:3A:B7:A2:16:BB:14:04:31:6A:37:38:F1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/b5aa5f11-3651-4731-abba-86c6917919bc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/XnrVTgTwQuSsDp5lxW5Vx3R40s4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:9000:39c4::/47

    Signature Algorithm: sha256WithRSAEncryption
         64:c0:5a:48:41:9d:d8:3e:2c:ce:4c:4c:97:78:66:a4:e8:e1:
         4b:c4:fa:ca:42:62:51:ff:ac:14:2c:58:46:36:df:5e:a4:24:
         e4:db:cf:75:2f:b2:22:5c:8f:0d:5a:cf:23:3c:24:a3:6a:1c:
         0e:f5:07:58:e4:45:f6:b5:04:09:f1:64:d4:89:d4:06:4d:89:
         9c:ff:d6:04:f7:ab:fc:08:14:ac:da:89:d7:32:75:22:2b:2c:
         74:07:8e:ad:44:a2:98:43:1e:03:20:bc:62:b7:b8:d2:cd:d5:
         fb:b3:63:e2:15:e5:0b:41:25:6f:9f:3c:de:c7:03:ea:b1:8b:
         3f:03:d6:4e:f2:9a:f7:60:64:17:32:13:b6:1e:10:a6:da:ea:
         cd:32:8f:74:f0:a7:a7:b4:6c:0f:03:92:54:2c:6b:85:d9:42:
         ec:9d:5d:2f:89:c4:e4:97:97:79:ba:36:00:a0:83:ce:3e:99:
         57:1f:f2:0d:ec:11:0c:52:85:b7:8e:17:47:3f:c4:4a:6f:f1:
         e6:59:ca:a5:34:13:4a:42:36:ed:85:d7:ce:58:b1:54:4c:ed:
         5b:84:6b:88:6b:b7:43:14:f9:b7:6d:ee:a1:96:b0:f4:f7:4b:
         da:61:8d:89:fe:53:89:e4:ff:53:50:2b:01:ff:2b:ea:50:57:
         ef:5f:ff:ed
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUN7SH9h+MBpwQbx9gpMBiVqCImyowDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNTUxMjA5MDI3ZjVlN2FkNTRlMDRmMDQyZTRhYzBlOWU2
NWM1NmU1NWM3NzQ3OGQyY2UwHhcNMjYwMjEzMTIyMDExWhcNMjYwNTE0MjM1OTU5
WjB6MUkwRwYDVQQFE0BiOGM1ODIyZWY5ZWQ0NWIyMTczMjExMmI4MmIzMmJlNmQy
NzYzNjY4OWU4NmJhMzFmMjY2YzRkYWRmYzYyYjIwMS0wKwYDVQQDEyQ5ZjIzMGZh
OS1hYTJmLTQwMjAtYWUyYS0xYTYwMzc0MDg0YjgwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQD0Mbf2vT3p8sqCwHUXUEUhKqnYI1VuD1hE7A/G/QoZDeR7
8O+4i1eloeJ6r+XSxRFUObrbfed1J8GG6bL19mabz2XzEt5bRHPhOTCkncKnby+i
ljviVaorwC0LMzNitnnAALEmr++NpxIyIcWOR+ob+pQIOR7RUFVfmdda8R3RUTif
dMqDn3k7OlUSYpOjCs6ut72Y69EjLyydZhgHMYGbyzlUnneAul70CYhfjlNriP+q
nzg7DqxtyW41qeZFAT1MuP4gO3IZOGKegm+mJHkLV5oczHvWbhWRw8HvphOSuWn0
pOvhgVReGy3q3moGLXojB3DfoJ0LEOdVQMi4MJ/7AgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUZ8iCnPG/UKIEAGnzUXqP7CEeR3UwHwYDVR0jBBgwFoAU6PPFIOIO8l06
t6IWuxQEMWo3OPEwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
L2Y2MGM5ZjMyLWE4N2MtNDMzOS1hMmYzLTYyOTlhM2IwMmUyOS85OWY4ZmVkMi0y
OTJiLTQ3MjItYjkyOC1mZWU3YmYwYTU5MTAvNTUxMjA5MDI3ZjVlN2FkNTRlMDRm
MDQyZTRhYzBlOWU2NWM1NmU1NWM3NzQ3OGQyY2UuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZTc1MThhZjUtYTM0My00MjhkLWJmNzgtZjk4
MmI2ZTYwNTA1L2I1YWE1ZjExLTM2NTEtNDczMS1hYmJhLTg2YzY5MTc5MTliYy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2U3NTE4YWY1LWEzNDMtNDI4ZC1iZjc4
LWY5ODJiNmU2MDUwNS9YbnJWVGdUd1F1U3NEcDVseFc1VngzUjQwczQuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwEmAJAAOcQwDQYJKoZIhvcNAQELBQADggEBAGTAWkhBndg+LM5MTJd4ZqTo
4UvE+spCYlH/rBQsWEY2316kJOTbz3UvsiJcjw1azyM8JKNqHA71B1jkRfa1BAnx
ZNSJ1AZNiZz/1gT3q/wIFKzaidcydSIrLHQHjq1EophDHgMgvGK3uNLN1fuzY+IV
5QtBJW+fPN7HA+qxiz8D1k7ymvdgZBcyE7YeEKba6s0yj3Twp6e0bA8DklQsa4XZ
QuydXS+JxOSXl3m6NgCgg84+mVcf8g3sEQxShbeOF0c/xEpv8eZZyqU0E0pCNu2F
185YsVRM7VuEa4hrt0MU+bdt7qGWsPT3S9phjYn+U4nk/1NQKwH/K+pQV+9f/+0=
-----END CERTIFICATE-----