Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/bc0b3706-13a0-440b-8185-10daa8ac902d.roa
File:                     bc0b3706-13a0-440b-8185-10daa8ac902d.roa (raw, json)
Hash identifier:          vyJsCpON/fS4NDP5+eq1uSTIg16jeXwXOizZcVOl6LM=
Subject key identifier:   CC:8D:31:34:51:8F:78:60:5D:32:48:68:45:5A:F9:50:A6:AC:96:A1
Certificate issuer:       /CN=551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce
Certificate serial:       7ABAE5FC36EB2A59DFDD4D14B91D52E43D30D706
Authority key identifier: E8:F3:C5:20:E2:0E:F2:5D:3A:B7:A2:16:BB:14:04:31:6A:37:38:F1
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/bc0b3706-13a0-440b-8185-10daa8ac902d.roa
Signing time:             Fri 13 Feb 2026 13:40:45 +0000
ROA not before:           Fri 13 Feb 2026 13:40:45 +0000
ROA not after:            Thu 14 May 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:9000:3cbe::/47 maxlen: 47
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/XnrVTgTwQuSsDp5lxW5Vx3R40s4.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/XnrVTgTwQuSsDp5lxW5Vx3R40s4.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/99f8fed2-292b-4722-b928-fee7bf0a5910.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/99f8fed2-292b-4722-b928-fee7bf0a5910.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/f60c9f32-a87c-4339-a2f3-6299a3b02e29.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/f60c9f32-a87c-4339-a2f3-6299a3b02e29.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 03 Mar 2026 21:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7a:ba:e5:fc:36:eb:2a:59:df:dd:4d:14:b9:1d:52:e4:3d:30:d7:06
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce
        Validity
            Not Before: Feb 13 13:40:45 2026 GMT
            Not After : May 14 23:59:59 2026 GMT
        Subject: serialNumber=cfe91b50419e5e8d673ea3a6dd1573d6e4735f03a0a8e7f4ca49d140f8aec9f3, CN=9f230fa9-aa2f-4020-ae2a-1a60374084b8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:05:e1:be:74:a0:8d:12:48:fa:b8:d9:a4:6b:
                    bd:00:4f:10:03:19:64:c2:c2:ce:5d:c9:b2:c8:c0:
                    65:6c:16:bd:c2:27:05:47:b0:76:2d:ce:16:18:4d:
                    31:20:6f:fa:34:49:ff:af:cb:54:95:82:9b:c1:a3:
                    b3:89:97:b7:da:ca:0c:aa:de:60:6d:c8:35:8f:ae:
                    6a:be:b8:2f:dc:fb:86:51:4b:0c:77:53:dd:c5:3b:
                    8f:5a:96:50:4c:a1:68:75:a3:2f:3a:57:44:c7:00:
                    86:94:36:26:f2:ec:97:f0:5f:8e:bc:2e:8d:aa:a5:
                    a6:c7:50:74:1f:3a:46:31:51:cc:37:68:2c:54:d9:
                    e7:6e:70:a9:51:76:7c:56:e1:33:5b:cc:ca:ee:ba:
                    8d:dc:30:2b:5e:83:fc:5e:8a:d2:86:96:c2:6f:df:
                    39:11:b9:da:01:e2:ac:92:e7:92:88:ca:e9:c1:a2:
                    be:8c:43:b8:5e:40:67:99:24:aa:bf:9b:8e:ab:e6:
                    37:ce:11:8e:cc:30:cb:5f:ea:04:20:78:41:7b:12:
                    74:2d:17:d0:47:3a:66:0f:f8:3c:c8:e3:76:d8:ef:
                    c7:4a:53:ef:32:72:89:15:df:af:ed:e7:cc:8f:14:
                    3e:56:0e:22:5f:ee:1a:02:38:e8:fd:3c:9f:8f:13:
                    5b:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CC:8D:31:34:51:8F:78:60:5D:32:48:68:45:5A:F9:50:A6:AC:96:A1
            X509v3 Authority Key Identifier:
                keyid:E8:F3:C5:20:E2:0E:F2:5D:3A:B7:A2:16:BB:14:04:31:6A:37:38:F1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/bc0b3706-13a0-440b-8185-10daa8ac902d.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/XnrVTgTwQuSsDp5lxW5Vx3R40s4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:9000:3cbe::/47

    Signature Algorithm: sha256WithRSAEncryption
         09:9c:48:00:8e:af:7a:59:ef:12:c7:90:94:17:be:c6:38:51:
         9b:fd:c9:8a:a6:c4:0d:61:44:df:dd:eb:ab:a7:15:ff:d5:04:
         50:71:68:99:5c:d9:15:d9:a7:32:73:18:e0:a5:3d:84:55:53:
         99:de:82:fd:ac:c0:0d:65:16:9f:f6:bb:9a:16:ed:75:21:37:
         9a:6b:50:ad:e1:18:fb:90:de:64:e5:d9:a1:76:59:8a:e7:fe:
         0e:2c:72:38:e0:1a:68:d8:57:07:94:ca:eb:04:f5:35:c7:7a:
         9e:c2:4b:b9:cd:aa:11:5f:0e:b8:a0:c8:eb:73:55:58:35:61:
         b0:d8:b2:66:61:dc:84:1a:06:2d:5a:82:05:d4:2f:e1:30:8c:
         3b:bd:4c:a0:b3:19:cb:bf:e1:4d:2a:f8:9d:d2:c3:d9:0f:bb:
         75:07:cd:ce:e0:dc:e7:6b:38:3a:d2:ab:92:62:4e:c5:38:28:
         2b:96:6d:d5:f1:15:e2:00:e0:d1:8f:c3:09:ae:f8:e3:51:f8:
         f0:9a:8f:e0:17:71:64:53:e2:c3:54:06:b9:e8:9f:b5:95:8e:
         09:8f:ea:6c:34:ac:15:06:a9:b9:c3:18:11:d9:c1:b8:ee:89:
         a0:ac:50:68:99:a9:97:3f:cd:61:39:1c:95:31:54:7a:9f:79:
         42:93:28:3f
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUerrl/DbrKlnf3U0UuR1S5D0w1wYwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNTUxMjA5MDI3ZjVlN2FkNTRlMDRmMDQyZTRhYzBlOWU2
NWM1NmU1NWM3NzQ3OGQyY2UwHhcNMjYwMjEzMTM0MDQ1WhcNMjYwNTE0MjM1OTU5
WjB6MUkwRwYDVQQFE0BjZmU5MWI1MDQxOWU1ZThkNjczZWEzYTZkZDE1NzNkNmU0
NzM1ZjAzYTBhOGU3ZjRjYTQ5ZDE0MGY4YWVjOWYzMS0wKwYDVQQDEyQ5ZjIzMGZh
OS1hYTJmLTQwMjAtYWUyYS0xYTYwMzc0MDg0YjgwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCbBeG+dKCNEkj6uNmka70ATxADGWTCws5dybLIwGVsFr3C
JwVHsHYtzhYYTTEgb/o0Sf+vy1SVgpvBo7OJl7faygyq3mBtyDWPrmq+uC/c+4ZR
Swx3U93FO49allBMoWh1oy86V0THAIaUNiby7JfwX468Lo2qpabHUHQfOkYxUcw3
aCxU2educKlRdnxW4TNbzMruuo3cMCteg/xeitKGlsJv3zkRudoB4qyS55KIyunB
or6MQ7heQGeZJKq/m46r5jfOEY7MMMtf6gQgeEF7EnQtF9BHOmYP+DzI43bY78dK
U+8ycokV36/t58yPFD5WDiJf7hoCOOj9PJ+PE1sxAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUzI0xNFGPeGBdMkhoRVr5UKaslqEwHwYDVR0jBBgwFoAU6PPFIOIO8l06
t6IWuxQEMWo3OPEwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
L2Y2MGM5ZjMyLWE4N2MtNDMzOS1hMmYzLTYyOTlhM2IwMmUyOS85OWY4ZmVkMi0y
OTJiLTQ3MjItYjkyOC1mZWU3YmYwYTU5MTAvNTUxMjA5MDI3ZjVlN2FkNTRlMDRm
MDQyZTRhYzBlOWU2NWM1NmU1NWM3NzQ3OGQyY2UuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZTc1MThhZjUtYTM0My00MjhkLWJmNzgtZjk4
MmI2ZTYwNTA1L2JjMGIzNzA2LTEzYTAtNDQwYi04MTg1LTEwZGFhOGFjOTAyZC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2U3NTE4YWY1LWEzNDMtNDI4ZC1iZjc4
LWY5ODJiNmU2MDUwNS9YbnJWVGdUd1F1U3NEcDVseFc1VngzUjQwczQuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwEmAJAAPL4wDQYJKoZIhvcNAQELBQADggEBAAmcSACOr3pZ7xLHkJQXvsY4
UZv9yYqmxA1hRN/d66unFf/VBFBxaJlc2RXZpzJzGOClPYRVU5negv2swA1lFp/2
u5oW7XUhN5prUK3hGPuQ3mTl2aF2WYrn/g4scjjgGmjYVweUyusE9TXHep7CS7nN
qhFfDrigyOtzVVg1YbDYsmZh3IQaBi1aggXUL+EwjDu9TKCzGcu/4U0q+J3Sw9kP
u3UHzc7g3OdrODrSq5JiTsU4KCuWbdXxFeIA4NGPwwmu+ONR+PCaj+AXcWRT4sNU
Brnon7WVjgmP6mw0rBUGqbnDGBHZwbjuiaCsUGiZqZc/zWE5HJUxVHqfeUKTKD8=
-----END CERTIFICATE-----