Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/bc863268-4db2-48c6-acc3-545284f9289f.roa
File:                     bc863268-4db2-48c6-acc3-545284f9289f.roa (raw, json)
Hash identifier:          ol6UsZl9qqj3Q/rspZKfmc2GD28sD4I6cXAcJRaejXI=
Subject key identifier:   53:D8:C9:B9:98:A4:28:1F:8C:38:5A:02:C9:63:F8:5F:1F:25:33:50
Certificate issuer:       /CN=551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce
Certificate serial:       326A9E79D6ECD5F04605AD47C23D0F93BD8BBBAA
Authority key identifier: E8:F3:C5:20:E2:0E:F2:5D:3A:B7:A2:16:BB:14:04:31:6A:37:38:F1
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/bc863268-4db2-48c6-acc3-545284f9289f.roa
Signing time:             Fri 13 Feb 2026 01:50:07 +0000
ROA not before:           Fri 13 Feb 2026 01:50:07 +0000
ROA not after:            Thu 14 May 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:9000:3c44::/47 maxlen: 47
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/XnrVTgTwQuSsDp5lxW5Vx3R40s4.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/XnrVTgTwQuSsDp5lxW5Vx3R40s4.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/99f8fed2-292b-4722-b928-fee7bf0a5910.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/99f8fed2-292b-4722-b928-fee7bf0a5910.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/f60c9f32-a87c-4339-a2f3-6299a3b02e29.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/f60c9f32-a87c-4339-a2f3-6299a3b02e29.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 03 Mar 2026 21:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            32:6a:9e:79:d6:ec:d5:f0:46:05:ad:47:c2:3d:0f:93:bd:8b:bb:aa
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce
        Validity
            Not Before: Feb 13 01:50:07 2026 GMT
            Not After : May 14 23:59:59 2026 GMT
        Subject: serialNumber=cafae11978f6cd19b5ccff7be96b30c278f8e75fcff5ed5798fad0efd5dcdecc, CN=9f230fa9-aa2f-4020-ae2a-1a60374084b8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:73:55:cb:b7:d2:39:a7:dd:64:ff:08:55:de:
                    cd:3f:da:30:ac:e8:53:f3:34:92:ad:a9:86:5a:da:
                    dd:16:65:ff:c2:67:a5:a8:6b:e8:bd:36:cd:42:55:
                    76:ec:62:b3:a6:69:1b:29:fd:93:f8:94:9c:7d:a5:
                    02:9b:10:0b:d4:4c:43:e8:de:51:10:7f:23:3f:1d:
                    bb:fd:5b:e0:e2:ce:02:99:83:5d:30:7d:2e:58:2c:
                    22:34:05:54:46:b8:71:ef:56:ab:93:51:ce:37:10:
                    1f:c6:0b:e7:df:e4:f3:34:a3:20:ab:9a:fa:5b:51:
                    fa:d0:aa:35:00:59:20:b1:b5:55:fa:cd:45:79:82:
                    f9:3f:1e:03:a9:a0:96:ae:90:6c:30:0b:6a:d8:ef:
                    6a:2d:ef:5e:cd:4a:f4:7b:3b:c1:62:32:08:45:10:
                    3f:39:73:c6:48:c1:fd:38:2f:1b:cb:24:71:96:99:
                    46:64:38:5b:de:3a:06:2e:94:ba:6c:f3:81:9e:9b:
                    de:79:00:ec:ad:83:b2:dc:b1:e4:97:7e:41:84:5d:
                    45:d5:cc:53:6b:c8:b4:45:3d:30:0b:e2:71:5d:90:
                    ea:6d:d1:07:3d:3a:e4:4b:55:ea:d5:d2:98:6d:d6:
                    8e:71:c8:dd:86:05:81:cb:eb:8a:34:7a:cd:d5:a3:
                    5c:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                53:D8:C9:B9:98:A4:28:1F:8C:38:5A:02:C9:63:F8:5F:1F:25:33:50
            X509v3 Authority Key Identifier:
                keyid:E8:F3:C5:20:E2:0E:F2:5D:3A:B7:A2:16:BB:14:04:31:6A:37:38:F1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/bc863268-4db2-48c6-acc3-545284f9289f.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/XnrVTgTwQuSsDp5lxW5Vx3R40s4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:9000:3c44::/47

    Signature Algorithm: sha256WithRSAEncryption
         09:db:a3:b2:4a:4c:b5:5a:fa:ac:36:d2:52:2f:0b:c2:55:e6:
         45:7f:3c:20:2e:7f:d0:bb:e3:5c:68:a6:32:22:a4:69:87:70:
         6a:af:8f:d7:99:17:51:f5:71:07:e5:6e:96:8d:fc:77:7a:f4:
         8f:f8:cb:25:7d:f1:03:97:0a:36:eb:51:b9:94:29:d1:d6:af:
         1e:1f:5c:0d:72:b5:21:b1:45:02:f1:43:87:91:7c:88:07:a5:
         8a:0e:47:79:7e:c2:97:56:2f:1f:9a:26:54:10:d2:04:62:95:
         f1:83:ca:22:89:ea:9d:ec:70:00:9a:c3:3a:a5:1a:d5:a0:d5:
         55:8a:ac:99:75:77:d0:a1:45:b0:3e:12:a7:6a:c1:1b:c0:f5:
         a5:6d:1a:4b:01:cf:71:5d:2f:8a:db:98:17:d1:0c:52:12:96:
         66:f5:4d:8a:82:09:ac:51:61:40:9f:c8:f8:59:83:ab:fb:1d:
         b6:f6:b6:70:c7:21:af:5b:72:1c:93:dd:8c:d3:95:02:73:2a:
         d4:0e:c8:60:0b:aa:4b:f7:37:32:66:f6:e3:27:44:09:94:b0:
         d8:37:b0:4a:1a:fb:19:95:95:60:94:d5:70:3c:e1:24:e4:92:
         48:ea:f4:b2:4a:a8:67:65:c9:37:6c:66:3d:de:c6:b9:4d:70:
         ca:87:d6:1d
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUMmqeedbs1fBGBa1Hwj0Pk72Lu6owDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNTUxMjA5MDI3ZjVlN2FkNTRlMDRmMDQyZTRhYzBlOWU2
NWM1NmU1NWM3NzQ3OGQyY2UwHhcNMjYwMjEzMDE1MDA3WhcNMjYwNTE0MjM1OTU5
WjB6MUkwRwYDVQQFE0BjYWZhZTExOTc4ZjZjZDE5YjVjY2ZmN2JlOTZiMzBjMjc4
ZjhlNzVmY2ZmNWVkNTc5OGZhZDBlZmQ1ZGNkZWNjMS0wKwYDVQQDEyQ5ZjIzMGZh
OS1hYTJmLTQwMjAtYWUyYS0xYTYwMzc0MDg0YjgwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCjc1XLt9I5p91k/whV3s0/2jCs6FPzNJKtqYZa2t0WZf/C
Z6Woa+i9Ns1CVXbsYrOmaRsp/ZP4lJx9pQKbEAvUTEPo3lEQfyM/Hbv9W+DizgKZ
g10wfS5YLCI0BVRGuHHvVquTUc43EB/GC+ff5PM0oyCrmvpbUfrQqjUAWSCxtVX6
zUV5gvk/HgOpoJaukGwwC2rY72ot717NSvR7O8FiMghFED85c8ZIwf04LxvLJHGW
mUZkOFveOgYulLps84Gem955AOytg7LcseSXfkGEXUXVzFNryLRFPTAL4nFdkOpt
0Qc9OuRLVerV0pht1o5xyN2GBYHL64o0es3Vo1z7AgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUU9jJuZikKB+MOFoCyWP4Xx8lM1AwHwYDVR0jBBgwFoAU6PPFIOIO8l06
t6IWuxQEMWo3OPEwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
L2Y2MGM5ZjMyLWE4N2MtNDMzOS1hMmYzLTYyOTlhM2IwMmUyOS85OWY4ZmVkMi0y
OTJiLTQ3MjItYjkyOC1mZWU3YmYwYTU5MTAvNTUxMjA5MDI3ZjVlN2FkNTRlMDRm
MDQyZTRhYzBlOWU2NWM1NmU1NWM3NzQ3OGQyY2UuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZTc1MThhZjUtYTM0My00MjhkLWJmNzgtZjk4
MmI2ZTYwNTA1L2JjODYzMjY4LTRkYjItNDhjNi1hY2MzLTU0NTI4NGY5Mjg5Zi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2U3NTE4YWY1LWEzNDMtNDI4ZC1iZjc4
LWY5ODJiNmU2MDUwNS9YbnJWVGdUd1F1U3NEcDVseFc1VngzUjQwczQuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwEmAJAAPEQwDQYJKoZIhvcNAQELBQADggEBAAnbo7JKTLVa+qw20lIvC8JV
5kV/PCAuf9C741xopjIipGmHcGqvj9eZF1H1cQflbpaN/Hd69I/4yyV98QOXCjbr
UbmUKdHWrx4fXA1ytSGxRQLxQ4eRfIgHpYoOR3l+wpdWLx+aJlQQ0gRilfGDyiKJ
6p3scACawzqlGtWg1VWKrJl1d9ChRbA+EqdqwRvA9aVtGksBz3FdL4rbmBfRDFIS
lmb1TYqCCaxRYUCfyPhZg6v7Hbb2tnDHIa9bchyT3YzTlQJzKtQOyGALqkv3NzJm
9uMnRAmUsNg3sEoa+xmVlWCU1XA84STkkkjq9LJKqGdlyTdsZj3exrlNcMqH1h0=
-----END CERTIFICATE-----