Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/d94f358b-6ffb-4f51-83e9-99c6b15c3f4b.roa
File:                     d94f358b-6ffb-4f51-83e9-99c6b15c3f4b.roa (raw, json)
Hash identifier:          h5NlnUHcadVnVw31WWH9Hn0smt523/5KqNbDg3ICSzI=
Subject key identifier:   E1:DF:33:A2:B0:DA:40:62:62:42:78:63:51:8A:99:02:D4:17:36:7D
Certificate issuer:       /CN=551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce
Certificate serial:       4409B7F86C7A539DB82332DF284AA9C0AA2C1AFB
Authority key identifier: E8:F3:C5:20:E2:0E:F2:5D:3A:B7:A2:16:BB:14:04:31:6A:37:38:F1
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/d94f358b-6ffb-4f51-83e9-99c6b15c3f4b.roa
Signing time:             Thu 12 Feb 2026 01:31:47 +0000
ROA not before:           Thu 12 Feb 2026 01:31:47 +0000
ROA not after:            Wed 13 May 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:9000:2996::/47 maxlen: 47
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/XnrVTgTwQuSsDp5lxW5Vx3R40s4.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/XnrVTgTwQuSsDp5lxW5Vx3R40s4.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/99f8fed2-292b-4722-b928-fee7bf0a5910.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/99f8fed2-292b-4722-b928-fee7bf0a5910.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/f60c9f32-a87c-4339-a2f3-6299a3b02e29.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/f60c9f32-a87c-4339-a2f3-6299a3b02e29.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 03 Mar 2026 21:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            44:09:b7:f8:6c:7a:53:9d:b8:23:32:df:28:4a:a9:c0:aa:2c:1a:fb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce
        Validity
            Not Before: Feb 12 01:31:47 2026 GMT
            Not After : May 13 23:59:59 2026 GMT
        Subject: serialNumber=f1b338ce7becee22c66b6728930098a0e83070f455404790701e66caa9b55ecf, CN=9f230fa9-aa2f-4020-ae2a-1a60374084b8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:4f:e4:ea:65:03:e7:04:1c:fc:ff:89:ff:ea:
                    9c:1d:fc:6c:32:02:e8:dc:5b:dc:b1:e4:12:0b:d5:
                    b5:95:23:63:d4:3a:85:ef:02:85:ba:dd:05:1e:bc:
                    08:73:17:1c:19:d3:97:4b:ae:a1:d4:75:9a:27:c2:
                    b3:be:7e:94:c1:81:af:28:99:d3:e6:29:78:a6:cc:
                    d0:b0:e4:b8:01:47:51:3c:36:fa:a0:75:4f:65:ac:
                    52:25:65:21:62:3b:fe:2f:e3:59:97:ff:81:5d:e2:
                    3d:a4:a2:10:61:75:1d:f8:46:53:28:af:c0:ca:7a:
                    a8:3f:3a:9c:30:aa:26:1a:ee:d9:ee:51:ec:5b:a2:
                    13:db:32:df:d5:46:54:f7:81:ba:93:6c:8f:91:36:
                    47:30:4a:9b:e4:f1:f1:bf:83:07:50:d8:15:24:70:
                    3e:45:eb:e5:9e:1c:ab:7a:63:ae:ed:9b:9a:47:0c:
                    71:03:54:7e:23:26:95:27:8b:6d:f8:7a:f8:5c:ec:
                    21:79:21:35:0f:5a:5d:b6:19:a5:3d:65:ed:bd:d5:
                    a0:25:9b:96:19:7f:62:08:50:4e:70:7e:76:7d:de:
                    4c:60:ca:30:fb:a7:6d:1f:ca:68:6b:db:c4:f5:76:
                    56:58:f6:1d:db:e3:e1:f1:99:e7:df:b5:4a:84:56:
                    90:83
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E1:DF:33:A2:B0:DA:40:62:62:42:78:63:51:8A:99:02:D4:17:36:7D
            X509v3 Authority Key Identifier:
                keyid:E8:F3:C5:20:E2:0E:F2:5D:3A:B7:A2:16:BB:14:04:31:6A:37:38:F1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/d94f358b-6ffb-4f51-83e9-99c6b15c3f4b.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/XnrVTgTwQuSsDp5lxW5Vx3R40s4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:9000:2996::/47

    Signature Algorithm: sha256WithRSAEncryption
         49:79:65:a0:f8:af:3c:18:26:9c:75:2c:6e:81:79:47:0e:c3:
         62:26:a2:13:a4:35:bc:30:26:8f:55:79:b4:b5:19:0d:f0:97:
         6c:2b:0a:15:b2:1a:65:2e:21:c7:2b:8f:1a:2c:e9:5d:86:71:
         ac:25:e0:ba:28:06:be:24:1f:51:5b:6b:39:b9:3b:3d:61:f7:
         41:52:42:c2:c1:5e:0b:ad:95:b2:01:63:fc:9d:72:ee:70:db:
         84:bd:a7:a1:37:02:68:88:aa:0e:b9:06:5a:e6:5d:d3:40:b4:
         36:33:98:6f:67:ee:84:04:4e:d9:71:03:7b:93:3e:da:95:b6:
         3b:de:7d:74:4b:63:ff:d2:01:13:54:09:df:39:6f:57:1f:d7:
         4e:1d:dc:43:f5:d2:c1:48:01:86:f7:9e:b6:23:b9:60:22:94:
         38:31:e3:c2:77:f1:9b:da:50:38:01:f3:89:ff:77:f5:85:f4:
         b2:f0:b7:70:75:fd:3b:cf:e2:d6:e7:fe:2f:fe:9e:f9:bd:37:
         9f:20:06:ca:7e:3b:2d:e4:f5:1e:cb:3b:e5:6b:c4:77:c5:dd:
         3e:3f:17:7b:f2:7c:2b:fe:1a:fd:fb:78:1a:19:94:ad:2c:a2:
         ca:df:38:2a:74:00:b2:3c:e5:07:9e:b7:9c:8a:8d:5b:63:eb:
         6d:8c:35:46
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIURAm3+Gx6U524IzLfKEqpwKosGvswDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNTUxMjA5MDI3ZjVlN2FkNTRlMDRmMDQyZTRhYzBlOWU2
NWM1NmU1NWM3NzQ3OGQyY2UwHhcNMjYwMjEyMDEzMTQ3WhcNMjYwNTEzMjM1OTU5
WjB6MUkwRwYDVQQFE0BmMWIzMzhjZTdiZWNlZTIyYzY2YjY3Mjg5MzAwOThhMGU4
MzA3MGY0NTU0MDQ3OTA3MDFlNjZjYWE5YjU1ZWNmMS0wKwYDVQQDEyQ5ZjIzMGZh
OS1hYTJmLTQwMjAtYWUyYS0xYTYwMzc0MDg0YjgwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCdT+TqZQPnBBz8/4n/6pwd/GwyAujcW9yx5BIL1bWVI2PU
OoXvAoW63QUevAhzFxwZ05dLrqHUdZonwrO+fpTBga8omdPmKXimzNCw5LgBR1E8
NvqgdU9lrFIlZSFiO/4v41mX/4Fd4j2kohBhdR34RlMor8DKeqg/OpwwqiYa7tnu
UexbohPbMt/VRlT3gbqTbI+RNkcwSpvk8fG/gwdQ2BUkcD5F6+WeHKt6Y67tm5pH
DHEDVH4jJpUni234evhc7CF5ITUPWl22GaU9Ze291aAlm5YZf2IIUE5wfnZ93kxg
yjD7p20fymhr28T1dlZY9h3b4+HxmefftUqEVpCDAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQU4d8zorDaQGJiQnhjUYqZAtQXNn0wHwYDVR0jBBgwFoAU6PPFIOIO8l06
t6IWuxQEMWo3OPEwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
L2Y2MGM5ZjMyLWE4N2MtNDMzOS1hMmYzLTYyOTlhM2IwMmUyOS85OWY4ZmVkMi0y
OTJiLTQ3MjItYjkyOC1mZWU3YmYwYTU5MTAvNTUxMjA5MDI3ZjVlN2FkNTRlMDRm
MDQyZTRhYzBlOWU2NWM1NmU1NWM3NzQ3OGQyY2UuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZTc1MThhZjUtYTM0My00MjhkLWJmNzgtZjk4
MmI2ZTYwNTA1L2Q5NGYzNThiLTZmZmItNGY1MS04M2U5LTk5YzZiMTVjM2Y0Yi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2U3NTE4YWY1LWEzNDMtNDI4ZC1iZjc4
LWY5ODJiNmU2MDUwNS9YbnJWVGdUd1F1U3NEcDVseFc1VngzUjQwczQuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwEmAJAAKZYwDQYJKoZIhvcNAQELBQADggEBAEl5ZaD4rzwYJpx1LG6BeUcO
w2ImohOkNbwwJo9VebS1GQ3wl2wrChWyGmUuIccrjxos6V2Gcawl4LooBr4kH1Fb
azm5Oz1h90FSQsLBXgutlbIBY/ydcu5w24S9p6E3AmiIqg65BlrmXdNAtDYzmG9n
7oQETtlxA3uTPtqVtjvefXRLY//SARNUCd85b1cf104d3EP10sFIAYb3nrYjuWAi
lDgx48J38ZvaUDgB84n/d/WF9LLwt3B1/TvP4tbn/i/+nvm9N58gBsp+Oy3k9R7L
O+VrxHfF3T4/F3vyfCv+Gv37eBoZlK0sosrfOCp0ALI85Qeet5yKjVtj622MNUY=
-----END CERTIFICATE-----
Generated at Sun Mar 1 22:19:29 2026 by rpki-client