Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/b8c73aaf-778d-4957-a531-6735e14a860a.roa
File:                     b8c73aaf-778d-4957-a531-6735e14a860a.roa (raw, json)
Hash identifier:          NFUfaWhcerMWEyfQU/OY3tIlw/rQ0FKoVhL8Df2CQKE=
Subject key identifier:   7E:C3:FF:8A:5C:71:63:D6:EC:A4:9E:8B:D4:FD:3D:EF:58:96:E5:A0
Certificate issuer:       /CN=551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce
Certificate serial:       24766CAF0589B96BF750C9E09C3FE8BA52A486A0
Authority key identifier: E8:F3:C5:20:E2:0E:F2:5D:3A:B7:A2:16:BB:14:04:31:6A:37:38:F1
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/b8c73aaf-778d-4957-a531-6735e14a860a.roa
Signing time:             Fri 13 Feb 2026 09:41:36 +0000
ROA not before:           Fri 13 Feb 2026 09:41:36 +0000
ROA not after:            Thu 14 May 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:9000:3dd4::/46 maxlen: 46
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/XnrVTgTwQuSsDp5lxW5Vx3R40s4.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/XnrVTgTwQuSsDp5lxW5Vx3R40s4.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/99f8fed2-292b-4722-b928-fee7bf0a5910.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/99f8fed2-292b-4722-b928-fee7bf0a5910.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/f60c9f32-a87c-4339-a2f3-6299a3b02e29.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/f60c9f32-a87c-4339-a2f3-6299a3b02e29.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 03 Mar 2026 21:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            24:76:6c:af:05:89:b9:6b:f7:50:c9:e0:9c:3f:e8:ba:52:a4:86:a0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce
        Validity
            Not Before: Feb 13 09:41:36 2026 GMT
            Not After : May 14 23:59:59 2026 GMT
        Subject: serialNumber=b352f37e53f5297981bac9391de9fd78d2ae78366881da9e5bdc1c838e96c433, CN=9f230fa9-aa2f-4020-ae2a-1a60374084b8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:81:3e:13:4f:a5:8b:8e:14:1f:d9:b0:4d:fb:
                    8d:cb:9d:43:d6:50:da:95:ab:17:4f:82:05:20:9b:
                    d9:c1:3f:71:97:73:f9:7f:fe:0c:74:d5:ae:12:d6:
                    d3:32:43:e5:ed:57:dd:8b:13:03:b4:b1:21:b2:1a:
                    4b:0e:a4:23:0d:b5:b7:be:53:cb:a7:d5:92:33:1f:
                    3e:2e:83:68:dd:35:6a:db:97:b2:af:93:6d:82:65:
                    2b:5a:a2:2f:b3:ed:8c:6f:98:f6:47:90:17:16:c7:
                    22:4a:c3:47:0d:a5:fa:f2:39:e0:44:2d:79:15:82:
                    a5:29:29:42:8c:1f:d7:be:62:bd:f9:cd:5c:d1:3d:
                    50:6f:f3:97:62:4e:10:a7:04:0b:5a:9c:b4:de:62:
                    c7:35:ce:27:7d:65:8a:13:63:e4:5d:b4:46:32:7e:
                    73:3c:d9:2b:fd:3d:83:19:89:f8:d1:58:8f:04:91:
                    b7:5d:93:93:43:48:6e:0c:e6:46:e3:ad:c2:f5:59:
                    be:b5:c1:78:54:46:ed:7c:69:ba:79:22:b4:a7:8b:
                    24:de:4e:43:2e:17:ee:8b:48:ce:b5:dc:4a:aa:7d:
                    dc:20:74:18:00:dd:0c:20:4d:ae:10:48:93:86:53:
                    82:2f:15:d7:f9:7f:64:a6:45:f1:a2:9d:de:ed:19:
                    e1:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7E:C3:FF:8A:5C:71:63:D6:EC:A4:9E:8B:D4:FD:3D:EF:58:96:E5:A0
            X509v3 Authority Key Identifier:
                keyid:E8:F3:C5:20:E2:0E:F2:5D:3A:B7:A2:16:BB:14:04:31:6A:37:38:F1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/b8c73aaf-778d-4957-a531-6735e14a860a.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/XnrVTgTwQuSsDp5lxW5Vx3R40s4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:9000:3dd4::/46

    Signature Algorithm: sha256WithRSAEncryption
         44:c4:2e:84:e4:79:56:6d:3b:c3:d7:81:e1:82:1d:8f:4d:9d:
         56:58:ac:40:0f:31:c3:49:c2:40:4a:78:41:a5:ee:32:5c:7f:
         b1:53:fd:97:0c:17:d6:2d:cb:35:c2:f8:b2:35:99:28:ad:85:
         e7:36:db:dd:11:21:70:1a:ab:15:a0:f4:7b:77:c9:95:3d:9f:
         7c:8a:69:62:4b:fc:73:1f:88:35:1c:4f:be:08:47:87:0b:4c:
         2d:11:08:e9:14:6a:9c:23:74:91:7a:3d:cb:8b:80:04:db:85:
         b3:78:27:41:0c:7e:37:43:4a:2d:8d:a6:4d:55:7b:98:7c:f5:
         32:5b:57:54:45:7a:4d:53:60:69:cc:40:dc:db:80:a6:01:48:
         24:1d:31:99:51:83:cc:08:3b:b2:fc:fa:8f:ba:bb:22:cb:2d:
         26:53:a9:65:c4:18:d6:fe:4a:3c:65:03:f1:a6:e1:33:c1:12:
         ac:bd:c3:6e:fd:39:49:5c:87:3f:0d:f8:02:51:8f:c4:7e:40:
         00:4f:c8:63:fc:2d:f9:12:25:c7:ed:24:62:05:76:7b:fb:a5:
         81:6a:9b:df:fd:c0:5b:4b:04:94:0e:62:eb:ff:d2:97:df:74:
         8a:f5:da:14:eb:d8:32:9c:a3:1b:5c:b4:50:a2:d3:74:64:bf:
         7c:59:f0:f8
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUJHZsrwWJuWv3UMngnD/oulKkhqAwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNTUxMjA5MDI3ZjVlN2FkNTRlMDRmMDQyZTRhYzBlOWU2
NWM1NmU1NWM3NzQ3OGQyY2UwHhcNMjYwMjEzMDk0MTM2WhcNMjYwNTE0MjM1OTU5
WjB6MUkwRwYDVQQFE0BiMzUyZjM3ZTUzZjUyOTc5ODFiYWM5MzkxZGU5ZmQ3OGQy
YWU3ODM2Njg4MWRhOWU1YmRjMWM4MzhlOTZjNDMzMS0wKwYDVQQDEyQ5ZjIzMGZh
OS1hYTJmLTQwMjAtYWUyYS0xYTYwMzc0MDg0YjgwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCSgT4TT6WLjhQf2bBN+43LnUPWUNqVqxdPggUgm9nBP3GX
c/l//gx01a4S1tMyQ+XtV92LEwO0sSGyGksOpCMNtbe+U8un1ZIzHz4ug2jdNWrb
l7Kvk22CZStaoi+z7YxvmPZHkBcWxyJKw0cNpfryOeBELXkVgqUpKUKMH9e+Yr35
zVzRPVBv85diThCnBAtanLTeYsc1zid9ZYoTY+RdtEYyfnM82Sv9PYMZifjRWI8E
kbddk5NDSG4M5kbjrcL1Wb61wXhURu18abp5IrSniyTeTkMuF+6LSM613Eqqfdwg
dBgA3QwgTa4QSJOGU4IvFdf5f2SmRfGind7tGeHNAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUfsP/ilxxY9bspJ6L1P0971iW5aAwHwYDVR0jBBgwFoAU6PPFIOIO8l06
t6IWuxQEMWo3OPEwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
L2Y2MGM5ZjMyLWE4N2MtNDMzOS1hMmYzLTYyOTlhM2IwMmUyOS85OWY4ZmVkMi0y
OTJiLTQ3MjItYjkyOC1mZWU3YmYwYTU5MTAvNTUxMjA5MDI3ZjVlN2FkNTRlMDRm
MDQyZTRhYzBlOWU2NWM1NmU1NWM3NzQ3OGQyY2UuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZTc1MThhZjUtYTM0My00MjhkLWJmNzgtZjk4
MmI2ZTYwNTA1L2I4YzczYWFmLTc3OGQtNDk1Ny1hNTMxLTY3MzVlMTRhODYwYS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2U3NTE4YWY1LWEzNDMtNDI4ZC1iZjc4
LWY5ODJiNmU2MDUwNS9YbnJWVGdUd1F1U3NEcDVseFc1VngzUjQwczQuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwImAJAAPdQwDQYJKoZIhvcNAQELBQADggEBAETELoTkeVZtO8PXgeGCHY9N
nVZYrEAPMcNJwkBKeEGl7jJcf7FT/ZcMF9YtyzXC+LI1mSithec2290RIXAaqxWg
9Ht3yZU9n3yKaWJL/HMfiDUcT74IR4cLTC0RCOkUapwjdJF6PcuLgATbhbN4J0EM
fjdDSi2Npk1Ve5h89TJbV1RFek1TYGnMQNzbgKYBSCQdMZlRg8wIO7L8+o+6uyLL
LSZTqWXEGNb+SjxlA/Gm4TPBEqy9w279OUlchz8N+AJRj8R+QABPyGP8LfkSJcft
JGIFdnv7pYFqm9/9wFtLBJQOYuv/0pffdIr12hTr2DKcoxtctFCi03Rkv3xZ8Pg=
-----END CERTIFICATE-----