Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/be4049e0-3855-4073-a169-ee0057138c61.roa
File:                     be4049e0-3855-4073-a169-ee0057138c61.roa (raw, json)
Hash identifier:          6mmwVrZVBN5yhXqzzC6aX1k3UN7ZPVz3wYimJ/xfhy8=
Subject key identifier:   80:B3:43:D8:2D:2B:E2:DA:5E:7A:FF:57:2C:11:C4:07:64:24:8F:D2
Certificate issuer:       /CN=551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce
Certificate serial:       1B1C137B527B417859385B0EC81E92B483968B3A
Authority key identifier: E8:F3:C5:20:E2:0E:F2:5D:3A:B7:A2:16:BB:14:04:31:6A:37:38:F1
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/be4049e0-3855-4073-a169-ee0057138c61.roa
Signing time:             Fri 13 Feb 2026 07:00:08 +0000
ROA not before:           Fri 13 Feb 2026 07:00:08 +0000
ROA not after:            Thu 14 May 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:9000:339a::/47 maxlen: 47
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/XnrVTgTwQuSsDp5lxW5Vx3R40s4.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/XnrVTgTwQuSsDp5lxW5Vx3R40s4.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/99f8fed2-292b-4722-b928-fee7bf0a5910.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/99f8fed2-292b-4722-b928-fee7bf0a5910.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/f60c9f32-a87c-4339-a2f3-6299a3b02e29.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/f60c9f32-a87c-4339-a2f3-6299a3b02e29.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 03 Mar 2026 21:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1b:1c:13:7b:52:7b:41:78:59:38:5b:0e:c8:1e:92:b4:83:96:8b:3a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce
        Validity
            Not Before: Feb 13 07:00:08 2026 GMT
            Not After : May 14 23:59:59 2026 GMT
        Subject: serialNumber=041d4a20d18efabf5106e11c37f639ebbdac7e565e0cb70816acbb2e6e733bbe, CN=9f230fa9-aa2f-4020-ae2a-1a60374084b8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:5b:4b:a0:ce:90:07:da:ca:dd:3d:b8:1b:de:
                    f8:cc:19:71:2f:7f:33:bd:85:3d:57:7f:af:6c:1c:
                    18:a5:18:5a:8d:7f:3e:54:e9:d9:c6:63:96:ed:18:
                    a0:7e:4f:a6:da:2b:c4:b1:43:d5:e5:d5:4f:cf:6e:
                    a0:7e:e1:54:56:a3:68:a3:8a:e9:1e:40:b4:60:1c:
                    b5:09:ea:5d:ee:60:73:54:7f:39:63:8c:cd:c3:1d:
                    20:46:24:18:31:6f:42:b7:38:2f:f8:94:b5:69:a6:
                    24:3d:c5:84:0d:c8:ea:d1:dc:3a:71:f3:4c:6c:c1:
                    e4:86:43:bb:e4:f4:3a:a2:1c:6b:32:7b:b6:f2:49:
                    b9:5d:e0:71:c4:9b:cc:c4:83:eb:31:8b:0c:41:f6:
                    a5:1e:fd:2a:3c:02:b2:32:39:60:3a:a3:95:75:b9:
                    ac:b6:b6:e1:e3:0a:f0:ce:0a:19:ec:5c:b1:de:03:
                    fc:28:14:b6:37:ed:95:16:82:e7:de:4c:a7:c2:00:
                    dc:15:e0:4d:cf:2e:7b:41:6a:e0:40:a8:a9:83:ae:
                    f5:3b:9a:48:79:b3:60:2f:1b:6b:a8:35:00:46:7b:
                    c4:35:24:a7:57:db:0e:61:34:0b:ba:07:8c:5d:ef:
                    2c:af:b7:66:ec:b7:67:1f:c0:1e:30:38:89:08:89:
                    b8:2d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                80:B3:43:D8:2D:2B:E2:DA:5E:7A:FF:57:2C:11:C4:07:64:24:8F:D2
            X509v3 Authority Key Identifier:
                keyid:E8:F3:C5:20:E2:0E:F2:5D:3A:B7:A2:16:BB:14:04:31:6A:37:38:F1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/be4049e0-3855-4073-a169-ee0057138c61.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/XnrVTgTwQuSsDp5lxW5Vx3R40s4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:9000:339a::/47

    Signature Algorithm: sha256WithRSAEncryption
         6d:62:4a:74:d7:4b:c7:13:8e:79:0b:cc:e5:7c:62:94:32:c9:
         e8:37:31:b0:24:2b:c2:c7:53:31:1a:28:ae:6e:45:23:c4:c7:
         7c:a8:9b:40:dd:de:33:8a:df:56:70:46:84:87:fd:db:3a:ff:
         f8:53:4c:c5:f3:47:f4:94:0f:8d:3c:b8:97:6b:cb:7e:de:77:
         f1:ca:36:40:ef:cc:bf:1f:38:a7:d5:52:9b:d3:32:a7:c1:b9:
         51:dc:34:77:df:a8:11:7f:bd:7e:40:67:1a:b5:65:9a:7c:78:
         32:6b:03:c2:d5:8d:81:b0:64:f8:b9:20:61:2b:d1:f9:9a:f8:
         18:82:d0:f7:f7:cd:f3:ae:56:ae:d1:1e:5a:f7:06:61:da:fa:
         3b:18:13:ed:8a:ed:59:70:2e:d3:5b:dc:c8:61:a7:5e:0e:50:
         2d:f4:6f:48:55:42:da:8b:67:ad:a8:ee:88:32:fc:75:dc:5f:
         fe:90:33:0e:c9:4e:43:df:49:6a:d8:4f:97:27:b3:b8:ad:b7:
         e1:94:71:92:1a:94:40:5e:31:e1:db:32:ef:1e:0a:2d:5b:0d:
         8a:ab:2f:0e:86:7b:8e:ca:3d:97:d3:8f:89:aa:de:83:a1:24:
         8e:b4:b1:f6:ba:59:29:b2:f0:c8:73:db:90:c3:5f:f3:07:2e:
         1b:d0:ec:6f
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUGxwTe1J7QXhZOFsOyB6StIOWizowDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNTUxMjA5MDI3ZjVlN2FkNTRlMDRmMDQyZTRhYzBlOWU2
NWM1NmU1NWM3NzQ3OGQyY2UwHhcNMjYwMjEzMDcwMDA4WhcNMjYwNTE0MjM1OTU5
WjB6MUkwRwYDVQQFE0AwNDFkNGEyMGQxOGVmYWJmNTEwNmUxMWMzN2Y2MzllYmJk
YWM3ZTU2NWUwY2I3MDgxNmFjYmIyZTZlNzMzYmJlMS0wKwYDVQQDEyQ5ZjIzMGZh
OS1hYTJmLTQwMjAtYWUyYS0xYTYwMzc0MDg0YjgwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCpW0ugzpAH2srdPbgb3vjMGXEvfzO9hT1Xf69sHBilGFqN
fz5U6dnGY5btGKB+T6baK8SxQ9Xl1U/PbqB+4VRWo2ijiukeQLRgHLUJ6l3uYHNU
fzljjM3DHSBGJBgxb0K3OC/4lLVppiQ9xYQNyOrR3Dpx80xsweSGQ7vk9DqiHGsy
e7bySbld4HHEm8zEg+sxiwxB9qUe/So8ArIyOWA6o5V1uay2tuHjCvDOChnsXLHe
A/woFLY37ZUWgufeTKfCANwV4E3PLntBauBAqKmDrvU7mkh5s2AvG2uoNQBGe8Q1
JKdX2w5hNAu6B4xd7yyvt2bst2cfwB4wOIkIibgtAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUgLND2C0r4tpeev9XLBHEB2Qkj9IwHwYDVR0jBBgwFoAU6PPFIOIO8l06
t6IWuxQEMWo3OPEwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
L2Y2MGM5ZjMyLWE4N2MtNDMzOS1hMmYzLTYyOTlhM2IwMmUyOS85OWY4ZmVkMi0y
OTJiLTQ3MjItYjkyOC1mZWU3YmYwYTU5MTAvNTUxMjA5MDI3ZjVlN2FkNTRlMDRm
MDQyZTRhYzBlOWU2NWM1NmU1NWM3NzQ3OGQyY2UuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZTc1MThhZjUtYTM0My00MjhkLWJmNzgtZjk4
MmI2ZTYwNTA1L2JlNDA0OWUwLTM4NTUtNDA3My1hMTY5LWVlMDA1NzEzOGM2MS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2U3NTE4YWY1LWEzNDMtNDI4ZC1iZjc4
LWY5ODJiNmU2MDUwNS9YbnJWVGdUd1F1U3NEcDVseFc1VngzUjQwczQuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwEmAJAAM5owDQYJKoZIhvcNAQELBQADggEBAG1iSnTXS8cTjnkLzOV8YpQy
yeg3MbAkK8LHUzEaKK5uRSPEx3yom0Dd3jOK31ZwRoSH/ds6//hTTMXzR/SUD408
uJdry37ed/HKNkDvzL8fOKfVUpvTMqfBuVHcNHffqBF/vX5AZxq1ZZp8eDJrA8LV
jYGwZPi5IGEr0fma+BiC0Pf3zfOuVq7RHlr3BmHa+jsYE+2K7VlwLtNb3Mhhp14O
UC30b0hVQtqLZ62o7ogy/HXcX/6QMw7JTkPfSWrYT5cns7itt+GUcZIalEBeMeHb
Mu8eCi1bDYqrLw6Ge47KPZfTj4mq3oOhJI60sfa6WSmy8Mhz25DDX/MHLhvQ7G8=
-----END CERTIFICATE-----
Generated at Sun Mar 1 22:31:17 2026 by rpki-client