Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/d33290be-37c7-46e3-96d3-6c63e0826462.roa
File:                     d33290be-37c7-46e3-96d3-6c63e0826462.roa (raw, json)
Hash identifier:          78x3ODo9BKsHrEnfhO2xuEPywd+TlPgnFW6Yda8HGHY=
Subject key identifier:   36:D1:3F:D6:62:E1:A7:9E:BF:AF:2B:57:B0:D8:A5:D4:65:08:3F:DB
Certificate issuer:       /CN=551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce
Certificate serial:       597CB2860AAA8EB3C677E9F6CB543E4AA4FDE9B1
Authority key identifier: E8:F3:C5:20:E2:0E:F2:5D:3A:B7:A2:16:BB:14:04:31:6A:37:38:F1
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/d33290be-37c7-46e3-96d3-6c63e0826462.roa
Signing time:             Fri 13 Feb 2026 11:31:03 +0000
ROA not before:           Fri 13 Feb 2026 11:31:03 +0000
ROA not after:            Thu 14 May 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:9000:3a22::/47 maxlen: 47
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/XnrVTgTwQuSsDp5lxW5Vx3R40s4.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/XnrVTgTwQuSsDp5lxW5Vx3R40s4.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/99f8fed2-292b-4722-b928-fee7bf0a5910.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/99f8fed2-292b-4722-b928-fee7bf0a5910.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/f60c9f32-a87c-4339-a2f3-6299a3b02e29.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/f60c9f32-a87c-4339-a2f3-6299a3b02e29.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 03 Mar 2026 21:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            59:7c:b2:86:0a:aa:8e:b3:c6:77:e9:f6:cb:54:3e:4a:a4:fd:e9:b1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce
        Validity
            Not Before: Feb 13 11:31:03 2026 GMT
            Not After : May 14 23:59:59 2026 GMT
        Subject: serialNumber=66d83eda8161492c5e0c73d91a18ae4e5a09e8a0faac71b160e1662047695fcd, CN=9f230fa9-aa2f-4020-ae2a-1a60374084b8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:ff:72:c2:50:95:1c:aa:aa:d6:1a:59:a2:3c:
                    47:23:61:a8:0f:ab:8f:51:72:28:93:75:a7:a6:77:
                    14:e5:49:a0:2c:09:6a:7e:d5:d3:61:b8:bc:ef:de:
                    3a:37:99:f4:03:73:95:2c:1b:a1:99:08:3b:35:b8:
                    07:32:9f:b7:29:df:e2:0b:79:cd:f7:7d:5d:e0:87:
                    2f:a8:19:aa:dd:39:3a:b8:b4:59:ce:67:ab:f0:1f:
                    f1:32:32:c0:b4:5e:73:d6:3c:66:ef:6f:d6:86:60:
                    bf:fa:b1:78:26:2c:2c:b5:aa:c7:6c:76:58:57:67:
                    5f:b7:00:62:28:28:9a:03:6f:60:ed:42:c5:5b:ed:
                    54:44:12:5d:fc:ef:04:e2:7b:54:1b:f7:e0:b7:1a:
                    f9:45:3f:41:20:ca:95:ce:11:55:a4:53:43:04:ce:
                    48:91:02:c4:47:9f:18:6b:07:5c:fc:33:73:64:24:
                    6f:d3:4d:97:3c:ce:6a:65:65:5a:d9:b6:71:bd:29:
                    cf:23:8d:65:a5:2b:bd:2a:5d:ab:05:68:c0:15:07:
                    43:a1:b4:c0:94:cb:f1:6a:e7:30:77:d0:33:ac:25:
                    77:b2:8b:87:50:3a:8b:a1:be:2f:cb:77:59:0e:f3:
                    31:3e:c2:ff:f9:1e:36:84:40:ea:4f:fc:e7:09:61:
                    4a:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                36:D1:3F:D6:62:E1:A7:9E:BF:AF:2B:57:B0:D8:A5:D4:65:08:3F:DB
            X509v3 Authority Key Identifier:
                keyid:E8:F3:C5:20:E2:0E:F2:5D:3A:B7:A2:16:BB:14:04:31:6A:37:38:F1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/d33290be-37c7-46e3-96d3-6c63e0826462.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/XnrVTgTwQuSsDp5lxW5Vx3R40s4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:9000:3a22::/47

    Signature Algorithm: sha256WithRSAEncryption
         7c:4f:d2:1a:5d:46:c3:65:33:cf:b4:b9:9d:bc:98:5b:8f:5c:
         d1:fe:e3:0d:50:f9:0d:ba:17:b2:8a:ee:da:44:2b:f1:d6:91:
         72:5c:f7:4c:39:d8:98:cb:9b:71:2d:9d:c0:84:3d:ba:75:5a:
         b3:30:3e:cc:71:75:63:af:7f:1b:1e:fe:17:d6:dc:0e:3b:6a:
         22:5e:0c:61:d7:29:54:1a:5e:29:f8:ca:49:b8:78:fe:d4:7a:
         67:a9:f8:48:76:d7:4b:43:b5:68:01:4b:4e:bf:e1:4e:6a:df:
         eb:cd:a5:fa:6b:4e:df:14:dc:f6:54:4b:19:db:9f:5a:9c:4a:
         26:90:8e:a2:7c:d3:50:2b:57:a7:35:88:ac:ee:19:34:83:46:
         1e:4e:56:dd:6c:ef:e6:bc:07:6a:a7:b7:f4:34:e4:a1:e1:9f:
         3d:d2:7c:d0:fb:af:da:e8:df:17:5f:a4:96:34:84:cb:7e:c4:
         f7:14:35:69:2a:5f:a0:6a:6a:5f:e7:78:5d:6d:49:5a:56:39:
         6f:29:09:27:e9:33:de:af:82:d6:f6:58:8e:64:e0:ad:13:90:
         d0:8a:77:53:c0:7d:63:dc:94:8f:a2:31:ec:a2:8d:ce:6c:64:
         36:05:2c:09:29:a2:77:22:72:96:ac:4f:34:e8:15:6d:ac:de:
         3f:c1:00:09
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUWXyyhgqqjrPGd+n2y1Q+SqT96bEwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNTUxMjA5MDI3ZjVlN2FkNTRlMDRmMDQyZTRhYzBlOWU2
NWM1NmU1NWM3NzQ3OGQyY2UwHhcNMjYwMjEzMTEzMTAzWhcNMjYwNTE0MjM1OTU5
WjB6MUkwRwYDVQQFE0A2NmQ4M2VkYTgxNjE0OTJjNWUwYzczZDkxYTE4YWU0ZTVh
MDllOGEwZmFhYzcxYjE2MGUxNjYyMDQ3Njk1ZmNkMS0wKwYDVQQDEyQ5ZjIzMGZh
OS1hYTJmLTQwMjAtYWUyYS0xYTYwMzc0MDg0YjgwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC2/3LCUJUcqqrWGlmiPEcjYagPq49RciiTdaemdxTlSaAs
CWp+1dNhuLzv3jo3mfQDc5UsG6GZCDs1uAcyn7cp3+ILec33fV3ghy+oGardOTq4
tFnOZ6vwH/EyMsC0XnPWPGbvb9aGYL/6sXgmLCy1qsdsdlhXZ1+3AGIoKJoDb2Dt
QsVb7VREEl387wTie1Qb9+C3GvlFP0EgypXOEVWkU0MEzkiRAsRHnxhrB1z8M3Nk
JG/TTZc8zmplZVrZtnG9Kc8jjWWlK70qXasFaMAVB0OhtMCUy/Fq5zB30DOsJXey
i4dQOouhvi/Ld1kO8zE+wv/5HjaEQOpP/OcJYUpHAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUNtE/1mLhp56/rytXsNil1GUIP9swHwYDVR0jBBgwFoAU6PPFIOIO8l06
t6IWuxQEMWo3OPEwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
L2Y2MGM5ZjMyLWE4N2MtNDMzOS1hMmYzLTYyOTlhM2IwMmUyOS85OWY4ZmVkMi0y
OTJiLTQ3MjItYjkyOC1mZWU3YmYwYTU5MTAvNTUxMjA5MDI3ZjVlN2FkNTRlMDRm
MDQyZTRhYzBlOWU2NWM1NmU1NWM3NzQ3OGQyY2UuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZTc1MThhZjUtYTM0My00MjhkLWJmNzgtZjk4
MmI2ZTYwNTA1L2QzMzI5MGJlLTM3YzctNDZlMy05NmQzLTZjNjNlMDgyNjQ2Mi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2U3NTE4YWY1LWEzNDMtNDI4ZC1iZjc4
LWY5ODJiNmU2MDUwNS9YbnJWVGdUd1F1U3NEcDVseFc1VngzUjQwczQuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwEmAJAAOiIwDQYJKoZIhvcNAQELBQADggEBAHxP0hpdRsNlM8+0uZ28mFuP
XNH+4w1Q+Q26F7KK7tpEK/HWkXJc90w52JjLm3EtncCEPbp1WrMwPsxxdWOvfxse
/hfW3A47aiJeDGHXKVQaXin4ykm4eP7Uemep+Eh210tDtWgBS06/4U5q3+vNpfpr
Tt8U3PZUSxnbn1qcSiaQjqJ801ArV6c1iKzuGTSDRh5OVt1s7+a8B2qnt/Q05KHh
nz3SfND7r9ro3xdfpJY0hMt+xPcUNWkqX6Bqal/neF1tSVpWOW8pCSfpM96vgtb2
WI5k4K0TkNCKd1PAfWPclI+iMeyijc5sZDYFLAkponcicpasTzToFW2s3j/BAAk=
-----END CERTIFICATE-----