Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/c1ee6c2d-7f53-4481-b8da-641cef8cc51b.roa
File:                     c1ee6c2d-7f53-4481-b8da-641cef8cc51b.roa (raw, json)
Hash identifier:          So/dCYMmPDf2fP2q2qjpoeElo5DgxsWjR08PU7l8eVM=
Subject key identifier:   8E:D0:AE:05:51:ED:DC:B6:58:04:14:32:45:73:98:FC:A8:2C:E6:04
Certificate issuer:       /CN=551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce
Certificate serial:       5CDC2047A79C2E9246C531999B4B22F34C61144D
Authority key identifier: E8:F3:C5:20:E2:0E:F2:5D:3A:B7:A2:16:BB:14:04:31:6A:37:38:F1
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/c1ee6c2d-7f53-4481-b8da-641cef8cc51b.roa
Signing time:             Fri 13 Feb 2026 02:01:57 +0000
ROA not before:           Fri 13 Feb 2026 02:01:57 +0000
ROA not after:            Thu 14 May 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:9000:a200::/40 maxlen: 40
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/XnrVTgTwQuSsDp5lxW5Vx3R40s4.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/XnrVTgTwQuSsDp5lxW5Vx3R40s4.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/99f8fed2-292b-4722-b928-fee7bf0a5910.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/99f8fed2-292b-4722-b928-fee7bf0a5910.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/f60c9f32-a87c-4339-a2f3-6299a3b02e29.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/f60c9f32-a87c-4339-a2f3-6299a3b02e29.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 03 Mar 2026 21:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5c:dc:20:47:a7:9c:2e:92:46:c5:31:99:9b:4b:22:f3:4c:61:14:4d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce
        Validity
            Not Before: Feb 13 02:01:57 2026 GMT
            Not After : May 14 23:59:59 2026 GMT
        Subject: serialNumber=0407c619ddfc98915d77cfea0076aaa4ed238aec09e48def2bbe5b980862b2ba, CN=9f230fa9-aa2f-4020-ae2a-1a60374084b8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:7a:0f:e6:8f:1e:62:5a:40:93:dc:7f:c3:43:
                    00:70:2d:69:d2:a9:ad:d8:f1:14:75:38:37:0b:d5:
                    83:42:54:f6:01:b0:d0:41:01:88:b6:98:dd:3e:b7:
                    98:8e:2a:8b:a5:41:8f:43:32:da:2c:6a:dc:2e:d3:
                    b9:31:08:76:81:6c:c5:45:fc:f7:c3:d7:c9:e1:83:
                    b9:b8:4b:3f:0b:b2:d0:61:91:dd:76:03:63:f1:e4:
                    0d:be:15:48:34:32:12:01:58:30:51:41:3f:b8:9a:
                    1a:e2:a8:f0:31:2e:36:48:b6:01:88:64:0e:fc:38:
                    15:14:c3:4e:4b:a5:ad:28:db:61:69:d0:16:52:82:
                    2a:01:96:30:34:b4:f8:14:7b:d3:8a:bc:3a:2a:9f:
                    7f:32:35:c1:ad:34:79:34:01:44:24:9a:1d:b9:02:
                    b0:8a:e6:c0:37:6c:65:29:be:e6:e4:fd:3b:d2:a4:
                    be:3d:13:7a:3b:2b:11:61:1e:40:6f:48:fe:3c:0c:
                    f4:b2:7f:7e:80:8b:32:a1:70:0b:1f:c6:c0:01:c9:
                    83:4f:ca:17:a9:73:6b:f8:6d:84:d1:04:1b:b9:a1:
                    1c:82:c2:a9:21:45:2e:3d:ae:61:61:99:da:ff:65:
                    11:d3:69:be:ab:fa:6f:2b:df:e6:f3:30:fc:e4:07:
                    b2:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8E:D0:AE:05:51:ED:DC:B6:58:04:14:32:45:73:98:FC:A8:2C:E6:04
            X509v3 Authority Key Identifier:
                keyid:E8:F3:C5:20:E2:0E:F2:5D:3A:B7:A2:16:BB:14:04:31:6A:37:38:F1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/c1ee6c2d-7f53-4481-b8da-641cef8cc51b.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/XnrVTgTwQuSsDp5lxW5Vx3R40s4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:9000:a200::/40

    Signature Algorithm: sha256WithRSAEncryption
         09:cd:f4:6f:92:97:0f:af:9d:3f:21:02:c9:fa:32:77:12:e4:
         0c:8b:72:2f:df:b4:69:a9:df:c3:78:e3:46:12:0a:fd:66:f4:
         8e:83:4c:44:94:8f:a8:3a:44:e1:ee:4e:28:74:45:60:c7:a5:
         74:ee:8c:3d:43:12:a9:b9:f1:a0:c3:f1:71:38:9c:f5:11:2c:
         9e:c7:60:65:0c:cc:92:ab:5f:ad:33:2b:ed:2a:45:93:40:b0:
         cd:3d:85:77:e8:e9:73:44:59:de:ac:45:c5:67:01:3b:75:66:
         aa:89:e2:30:0a:bf:f8:5c:10:ee:21:19:f5:9b:55:85:a9:35:
         59:64:ed:ce:97:5f:dc:ee:5d:5c:5f:07:66:7e:07:9b:0e:25:
         f1:33:1f:8a:56:e5:2d:e4:71:36:9b:06:49:e2:6b:98:15:ea:
         ea:a9:01:f0:da:4b:96:47:85:ce:a4:40:fe:38:49:4b:13:c9:
         47:70:af:32:bf:69:85:ac:be:e2:b2:bb:18:7d:50:49:1a:24:
         cb:20:08:6f:d8:4e:22:b0:11:a9:94:5c:b2:ef:f3:c5:30:6f:
         a2:b9:66:ba:03:94:ec:16:90:bb:8c:89:f0:99:47:93:b7:56:
         32:f5:b9:39:d8:ac:a1:c5:e6:19:d4:3e:d9:ac:12:5c:f1:12:
         2c:2c:84:b9
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUXNwgR6ecLpJGxTGZm0si80xhFE0wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNTUxMjA5MDI3ZjVlN2FkNTRlMDRmMDQyZTRhYzBlOWU2
NWM1NmU1NWM3NzQ3OGQyY2UwHhcNMjYwMjEzMDIwMTU3WhcNMjYwNTE0MjM1OTU5
WjB6MUkwRwYDVQQFE0AwNDA3YzYxOWRkZmM5ODkxNWQ3N2NmZWEwMDc2YWFhNGVk
MjM4YWVjMDllNDhkZWYyYmJlNWI5ODA4NjJiMmJhMS0wKwYDVQQDEyQ5ZjIzMGZh
OS1hYTJmLTQwMjAtYWUyYS0xYTYwMzc0MDg0YjgwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCaeg/mjx5iWkCT3H/DQwBwLWnSqa3Y8RR1ODcL1YNCVPYB
sNBBAYi2mN0+t5iOKoulQY9DMtosatwu07kxCHaBbMVF/PfD18nhg7m4Sz8LstBh
kd12A2Px5A2+FUg0MhIBWDBRQT+4mhriqPAxLjZItgGIZA78OBUUw05Lpa0o22Fp
0BZSgioBljA0tPgUe9OKvDoqn38yNcGtNHk0AUQkmh25ArCK5sA3bGUpvubk/TvS
pL49E3o7KxFhHkBvSP48DPSyf36AizKhcAsfxsAByYNPyhepc2v4bYTRBBu5oRyC
wqkhRS49rmFhmdr/ZRHTab6r+m8r3+bzMPzkB7IrAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUjtCuBVHt3LZYBBQyRXOY/Kgs5gQwHwYDVR0jBBgwFoAU6PPFIOIO8l06
t6IWuxQEMWo3OPEwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
L2Y2MGM5ZjMyLWE4N2MtNDMzOS1hMmYzLTYyOTlhM2IwMmUyOS85OWY4ZmVkMi0y
OTJiLTQ3MjItYjkyOC1mZWU3YmYwYTU5MTAvNTUxMjA5MDI3ZjVlN2FkNTRlMDRm
MDQyZTRhYzBlOWU2NWM1NmU1NWM3NzQ3OGQyY2UuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZTc1MThhZjUtYTM0My00MjhkLWJmNzgtZjk4
MmI2ZTYwNTA1L2MxZWU2YzJkLTdmNTMtNDQ4MS1iOGRhLTY0MWNlZjhjYzUxYi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2U3NTE4YWY1LWEzNDMtNDI4ZC1iZjc4
LWY5ODJiNmU2MDUwNS9YbnJWVGdUd1F1U3NEcDVseFc1VngzUjQwczQuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgAmAJAAojANBgkqhkiG9w0BAQsFAAOCAQEACc30b5KXD6+dPyECyfoydxLk
DItyL9+0aanfw3jjRhIK/Wb0joNMRJSPqDpE4e5OKHRFYMeldO6MPUMSqbnxoMPx
cTic9REsnsdgZQzMkqtfrTMr7SpFk0CwzT2Fd+jpc0RZ3qxFxWcBO3VmqoniMAq/
+FwQ7iEZ9ZtVhak1WWTtzpdf3O5dXF8HZn4Hmw4l8TMfilblLeRxNpsGSeJrmBXq
6qkB8NpLlkeFzqRA/jhJSxPJR3CvMr9phay+4rK7GH1QSRokyyAIb9hOIrARqZRc
su/zxTBvorlmugOU7BaQu4yJ8JlHk7dWMvW5OdisocXmGdQ+2awSXPESLCyEuQ==
-----END CERTIFICATE-----