Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/de4d95c0-a265-4a8d-8389-93e45c5eee2f.roa
File:                     de4d95c0-a265-4a8d-8389-93e45c5eee2f.roa (raw, json)
Hash identifier:          EGuzruqQpMOZZN3GM8/MxRLE2qwbyrKFhHVl1Sm2rb8=
Subject key identifier:   05:7E:E8:A5:78:54:2C:5F:9B:D5:B1:E6:FC:7E:3F:DC:12:74:DB:E7
Certificate issuer:       /CN=551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce
Certificate serial:       3F5066167AF4EEEAA52765B0283415734B0D2AED
Authority key identifier: E8:F3:C5:20:E2:0E:F2:5D:3A:B7:A2:16:BB:14:04:31:6A:37:38:F1
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/de4d95c0-a265-4a8d-8389-93e45c5eee2f.roa
Signing time:             Fri 13 Feb 2026 02:31:24 +0000
ROA not before:           Fri 13 Feb 2026 02:31:24 +0000
ROA not after:            Thu 14 May 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:9000:3f9a::/47 maxlen: 47
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/XnrVTgTwQuSsDp5lxW5Vx3R40s4.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/XnrVTgTwQuSsDp5lxW5Vx3R40s4.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/99f8fed2-292b-4722-b928-fee7bf0a5910.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/99f8fed2-292b-4722-b928-fee7bf0a5910.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/f60c9f32-a87c-4339-a2f3-6299a3b02e29.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/f60c9f32-a87c-4339-a2f3-6299a3b02e29.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 03 Mar 2026 21:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3f:50:66:16:7a:f4:ee:ea:a5:27:65:b0:28:34:15:73:4b:0d:2a:ed
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce
        Validity
            Not Before: Feb 13 02:31:24 2026 GMT
            Not After : May 14 23:59:59 2026 GMT
        Subject: serialNumber=7cdf21e9d546271d64647cab19fc137ffaca58f1ce96acf4d8a856d8169ab847, CN=9f230fa9-aa2f-4020-ae2a-1a60374084b8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e3:64:2f:0a:95:0f:dd:0a:e4:9e:3b:8f:fe:fd:
                    eb:d3:d9:ff:58:d4:2c:e9:d9:1c:2e:63:41:35:9a:
                    7f:53:8a:cf:cf:a7:3d:9b:fe:7c:3b:df:2f:5d:16:
                    8c:81:e3:f3:12:cd:ab:af:f6:72:15:67:7f:94:37:
                    31:d1:c1:41:7d:42:6c:97:5a:49:aa:b5:f8:09:62:
                    a8:2d:04:8a:d5:59:95:67:b1:33:c4:6a:0f:5d:8c:
                    06:c4:93:c9:1d:f3:a4:f0:d6:0d:52:3d:ba:e7:34:
                    64:2d:bc:e4:7a:84:a6:7a:61:0c:95:d9:53:12:d8:
                    e2:08:31:39:6a:83:6c:1e:31:40:f6:7f:f2:4f:c5:
                    b7:2a:9a:ca:eb:e7:9e:67:04:89:c3:02:bf:7a:9f:
                    ac:16:f1:0e:78:17:2d:0d:53:66:e3:ab:8d:4d:9f:
                    a8:9d:cd:ec:1b:1d:1a:97:c4:6d:37:5e:1b:20:06:
                    8d:8c:4c:f2:2b:41:7e:e3:38:db:d5:88:97:6b:6e:
                    07:14:85:e4:5a:d2:0c:69:88:25:df:57:ee:37:11:
                    43:04:60:c8:0e:5f:28:84:67:1a:68:a3:cf:60:de:
                    6f:f9:e6:f4:c8:d1:4f:af:13:6b:cd:a3:0e:c9:34:
                    75:da:fd:a1:f9:40:21:ba:d2:17:a3:f7:67:29:38:
                    23:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                05:7E:E8:A5:78:54:2C:5F:9B:D5:B1:E6:FC:7E:3F:DC:12:74:DB:E7
            X509v3 Authority Key Identifier:
                keyid:E8:F3:C5:20:E2:0E:F2:5D:3A:B7:A2:16:BB:14:04:31:6A:37:38:F1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/de4d95c0-a265-4a8d-8389-93e45c5eee2f.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/XnrVTgTwQuSsDp5lxW5Vx3R40s4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:9000:3f9a::/47

    Signature Algorithm: sha256WithRSAEncryption
         3f:7c:09:c8:f9:2e:d3:7c:43:b4:ee:45:e8:20:57:89:a6:b8:
         6d:0b:1a:cc:ed:e7:da:ad:ec:fe:21:12:2b:c0:45:7e:22:11:
         09:4d:0c:b0:34:04:e3:58:1b:e8:54:04:02:1e:94:e8:da:eb:
         d6:c8:b7:e3:eb:2b:f0:7c:5b:36:0c:87:65:2e:cb:49:3a:32:
         b4:f2:92:05:c9:9e:51:b4:f3:6f:55:25:8e:75:97:af:06:97:
         c9:10:6e:2a:84:26:6f:5e:22:e5:b2:5b:f2:4d:ad:43:d8:af:
         c9:86:d1:00:92:8a:5f:22:a9:73:ef:a5:0e:93:62:c8:fd:de:
         84:2b:f6:a5:92:d3:a6:b4:4f:a2:6b:a2:22:65:7a:f5:4d:59:
         50:2b:b8:1b:37:02:9d:a7:11:97:63:91:98:4a:83:d3:71:07:
         58:c5:4a:89:20:00:81:43:ad:f2:bc:0d:4f:f1:23:c4:da:26:
         93:20:22:1a:8d:ee:55:0f:7c:85:91:16:88:d2:df:d2:be:7e:
         f9:3f:5c:8c:cb:c3:5b:37:19:0b:93:4c:bb:07:ed:ce:34:4a:
         ef:c8:87:4e:9a:4e:48:90:4c:2a:b7:c3:f3:5c:5b:b1:09:f0:
         60:d9:a1:84:58:82:99:fb:be:79:eb:b6:3b:6e:f2:1a:a5:80:
         58:11:83:c4
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUP1BmFnr07uqlJ2WwKDQVc0sNKu0wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNTUxMjA5MDI3ZjVlN2FkNTRlMDRmMDQyZTRhYzBlOWU2
NWM1NmU1NWM3NzQ3OGQyY2UwHhcNMjYwMjEzMDIzMTI0WhcNMjYwNTE0MjM1OTU5
WjB6MUkwRwYDVQQFE0A3Y2RmMjFlOWQ1NDYyNzFkNjQ2NDdjYWIxOWZjMTM3ZmZh
Y2E1OGYxY2U5NmFjZjRkOGE4NTZkODE2OWFiODQ3MS0wKwYDVQQDEyQ5ZjIzMGZh
OS1hYTJmLTQwMjAtYWUyYS0xYTYwMzc0MDg0YjgwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDjZC8KlQ/dCuSeO4/+/evT2f9Y1Czp2RwuY0E1mn9Tis/P
pz2b/nw73y9dFoyB4/MSzauv9nIVZ3+UNzHRwUF9QmyXWkmqtfgJYqgtBIrVWZVn
sTPEag9djAbEk8kd86Tw1g1SPbrnNGQtvOR6hKZ6YQyV2VMS2OIIMTlqg2weMUD2
f/JPxbcqmsrr555nBInDAr96n6wW8Q54Fy0NU2bjq41Nn6idzewbHRqXxG03Xhsg
Bo2MTPIrQX7jONvViJdrbgcUheRa0gxpiCXfV+43EUMEYMgOXyiEZxpoo89g3m/5
5vTI0U+vE2vNow7JNHXa/aH5QCG60hej92cpOCN7AgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUBX7opXhULF+b1bHm/H4/3BJ02+cwHwYDVR0jBBgwFoAU6PPFIOIO8l06
t6IWuxQEMWo3OPEwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
L2Y2MGM5ZjMyLWE4N2MtNDMzOS1hMmYzLTYyOTlhM2IwMmUyOS85OWY4ZmVkMi0y
OTJiLTQ3MjItYjkyOC1mZWU3YmYwYTU5MTAvNTUxMjA5MDI3ZjVlN2FkNTRlMDRm
MDQyZTRhYzBlOWU2NWM1NmU1NWM3NzQ3OGQyY2UuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZTc1MThhZjUtYTM0My00MjhkLWJmNzgtZjk4
MmI2ZTYwNTA1L2RlNGQ5NWMwLWEyNjUtNGE4ZC04Mzg5LTkzZTQ1YzVlZWUyZi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2U3NTE4YWY1LWEzNDMtNDI4ZC1iZjc4
LWY5ODJiNmU2MDUwNS9YbnJWVGdUd1F1U3NEcDVseFc1VngzUjQwczQuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwEmAJAAP5owDQYJKoZIhvcNAQELBQADggEBAD98Ccj5LtN8Q7TuReggV4mm
uG0LGszt59qt7P4hEivARX4iEQlNDLA0BONYG+hUBAIelOja69bIt+PrK/B8WzYM
h2Uuy0k6MrTykgXJnlG0829VJY51l68Gl8kQbiqEJm9eIuWyW/JNrUPYr8mG0QCS
il8iqXPvpQ6TYsj93oQr9qWS06a0T6JroiJlevVNWVAruBs3Ap2nEZdjkZhKg9Nx
B1jFSokgAIFDrfK8DU/xI8TaJpMgIhqN7lUPfIWRFojS39K+fvk/XIzLw1s3GQuT
TLsH7c40Su/Ih06aTkiQTCq3w/NcW7EJ8GDZoYRYgpn7vnnrtjtu8hqlgFgRg8Q=
-----END CERTIFICATE-----