Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/de8ad526-6ba2-4c6d-9f79-5882c208da3f.roa
File:                     de8ad526-6ba2-4c6d-9f79-5882c208da3f.roa (raw, json)
Hash identifier:          ObQSdO1PxIX4TukfNj3uiVdJsOUrkwjiP2CTpF7sygM=
Subject key identifier:   3F:C1:17:9F:3D:F0:75:6F:6E:3D:09:C6:3F:2E:7D:C4:DA:C0:8D:10
Certificate issuer:       /CN=551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce
Certificate serial:       1502834D2DEE27C0DD75922B6DF55547EC136681
Authority key identifier: E8:F3:C5:20:E2:0E:F2:5D:3A:B7:A2:16:BB:14:04:31:6A:37:38:F1
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/de8ad526-6ba2-4c6d-9f79-5882c208da3f.roa
Signing time:             Fri 13 Feb 2026 09:21:24 +0000
ROA not before:           Fri 13 Feb 2026 09:21:24 +0000
ROA not after:            Thu 14 May 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:9000:35e2::/47 maxlen: 47
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/XnrVTgTwQuSsDp5lxW5Vx3R40s4.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/XnrVTgTwQuSsDp5lxW5Vx3R40s4.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/99f8fed2-292b-4722-b928-fee7bf0a5910.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/99f8fed2-292b-4722-b928-fee7bf0a5910.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/f60c9f32-a87c-4339-a2f3-6299a3b02e29.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/f60c9f32-a87c-4339-a2f3-6299a3b02e29.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 03 Mar 2026 21:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            15:02:83:4d:2d:ee:27:c0:dd:75:92:2b:6d:f5:55:47:ec:13:66:81
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce
        Validity
            Not Before: Feb 13 09:21:24 2026 GMT
            Not After : May 14 23:59:59 2026 GMT
        Subject: serialNumber=d5f1d7c10bc3fadfa2f0cf602004802184902ed666cb201e06c24cd46a21224f, CN=9f230fa9-aa2f-4020-ae2a-1a60374084b8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:da:f6:17:a1:b9:21:05:2c:c2:26:b5:fd:d5:31:
                    1d:c0:10:fb:2a:61:c5:a9:9a:ff:9d:c7:ec:74:cc:
                    30:06:0b:3e:11:c2:32:a7:21:4b:f7:21:56:4f:b4:
                    4c:f5:d7:b4:ed:b7:05:17:87:38:bb:42:a1:2f:9f:
                    7c:9e:b5:75:4a:4a:19:f1:99:60:73:ce:37:c9:2d:
                    d3:1f:41:d9:ac:76:3d:96:eb:54:44:d3:df:f1:2c:
                    62:0d:08:df:36:37:54:c0:37:9a:9a:b6:ce:c5:f2:
                    af:49:9c:9d:19:e5:6b:fd:b9:2d:44:db:57:a6:72:
                    3f:90:8a:1a:17:5c:8e:d0:f5:44:d9:5b:11:ef:1b:
                    75:44:9f:d4:a5:d1:b1:44:0a:75:31:1c:a8:28:f6:
                    18:5a:91:ff:9d:d0:53:41:cd:97:c2:8e:a9:58:bd:
                    3a:fa:3e:2c:5c:07:bb:1c:6c:f8:e2:ba:40:d1:12:
                    25:25:2c:f8:04:82:5e:8f:a9:f6:a0:cd:70:fe:89:
                    f5:b0:db:48:fa:2d:30:06:4b:d2:99:a1:94:0d:b3:
                    12:91:c0:07:9d:47:8b:19:cd:0d:a9:87:16:0b:af:
                    fe:b3:8b:5f:1d:f5:c6:ac:97:fd:f4:4d:b1:46:d5:
                    ca:0f:cd:2a:21:bb:fa:45:93:35:98:00:ba:e6:4d:
                    4c:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3F:C1:17:9F:3D:F0:75:6F:6E:3D:09:C6:3F:2E:7D:C4:DA:C0:8D:10
            X509v3 Authority Key Identifier:
                keyid:E8:F3:C5:20:E2:0E:F2:5D:3A:B7:A2:16:BB:14:04:31:6A:37:38:F1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/de8ad526-6ba2-4c6d-9f79-5882c208da3f.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/XnrVTgTwQuSsDp5lxW5Vx3R40s4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:9000:35e2::/47

    Signature Algorithm: sha256WithRSAEncryption
         87:93:60:39:c8:ad:30:1b:50:95:f8:6a:ee:ab:92:3b:44:a3:
         e2:a8:6c:6a:1a:da:c9:40:96:06:b5:e2:ed:bb:66:bf:ba:b4:
         c1:22:23:fb:33:2c:dc:4a:ab:6b:d7:54:1d:b6:ea:35:8a:ec:
         17:aa:0b:a6:ab:b6:88:da:98:0a:30:a2:99:19:56:96:0b:eb:
         f3:04:f7:6e:25:7b:f6:d3:77:63:34:df:74:08:1a:d5:84:68:
         b6:43:8c:47:32:34:11:94:9c:e1:99:d0:68:51:5e:63:1d:62:
         1f:21:36:7b:b5:e8:6c:a5:2e:1c:b5:d2:cb:0b:f0:65:92:a9:
         21:08:c5:20:ed:e4:5e:5d:25:06:d4:81:30:65:ef:68:46:14:
         d2:17:a6:96:55:33:52:e0:72:e9:15:57:17:3f:af:66:ec:d6:
         4a:b2:3f:10:a8:5f:62:d5:a7:7c:30:7f:04:3e:4a:2a:16:ce:
         01:54:f8:8e:95:24:81:ce:3a:d8:87:14:a0:ee:08:ab:d2:03:
         3c:f5:70:58:e1:4c:19:fc:83:9d:95:ee:08:3a:71:d1:29:f0:
         b8:69:b7:43:ed:bc:f2:c9:9c:d1:8e:94:36:6f:78:ad:99:9e:
         4d:3a:00:59:15:78:5c:28:0f:89:5f:6a:d1:f7:89:07:ee:2f:
         d0:96:d5:c9
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUFQKDTS3uJ8DddZIrbfVVR+wTZoEwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNTUxMjA5MDI3ZjVlN2FkNTRlMDRmMDQyZTRhYzBlOWU2
NWM1NmU1NWM3NzQ3OGQyY2UwHhcNMjYwMjEzMDkyMTI0WhcNMjYwNTE0MjM1OTU5
WjB6MUkwRwYDVQQFE0BkNWYxZDdjMTBiYzNmYWRmYTJmMGNmNjAyMDA0ODAyMTg0
OTAyZWQ2NjZjYjIwMWUwNmMyNGNkNDZhMjEyMjRmMS0wKwYDVQQDEyQ5ZjIzMGZh
OS1hYTJmLTQwMjAtYWUyYS0xYTYwMzc0MDg0YjgwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDa9hehuSEFLMImtf3VMR3AEPsqYcWpmv+dx+x0zDAGCz4R
wjKnIUv3IVZPtEz117TttwUXhzi7QqEvn3yetXVKShnxmWBzzjfJLdMfQdmsdj2W
61RE09/xLGINCN82N1TAN5qats7F8q9JnJ0Z5Wv9uS1E21emcj+QihoXXI7Q9UTZ
WxHvG3VEn9Sl0bFECnUxHKgo9hhakf+d0FNBzZfCjqlYvTr6PixcB7scbPjiukDR
EiUlLPgEgl6PqfagzXD+ifWw20j6LTAGS9KZoZQNsxKRwAedR4sZzQ2phxYLr/6z
i18d9casl/30TbFG1coPzSohu/pFkzWYALrmTUw1AgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUP8EXnz3wdW9uPQnGPy59xNrAjRAwHwYDVR0jBBgwFoAU6PPFIOIO8l06
t6IWuxQEMWo3OPEwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
L2Y2MGM5ZjMyLWE4N2MtNDMzOS1hMmYzLTYyOTlhM2IwMmUyOS85OWY4ZmVkMi0y
OTJiLTQ3MjItYjkyOC1mZWU3YmYwYTU5MTAvNTUxMjA5MDI3ZjVlN2FkNTRlMDRm
MDQyZTRhYzBlOWU2NWM1NmU1NWM3NzQ3OGQyY2UuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZTc1MThhZjUtYTM0My00MjhkLWJmNzgtZjk4
MmI2ZTYwNTA1L2RlOGFkNTI2LTZiYTItNGM2ZC05Zjc5LTU4ODJjMjA4ZGEzZi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2U3NTE4YWY1LWEzNDMtNDI4ZC1iZjc4
LWY5ODJiNmU2MDUwNS9YbnJWVGdUd1F1U3NEcDVseFc1VngzUjQwczQuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwEmAJAANeIwDQYJKoZIhvcNAQELBQADggEBAIeTYDnIrTAbUJX4au6rkjtE
o+KobGoa2slAlga14u27Zr+6tMEiI/szLNxKq2vXVB226jWK7BeqC6artojamAow
opkZVpYL6/ME924le/bTd2M033QIGtWEaLZDjEcyNBGUnOGZ0GhRXmMdYh8hNnu1
6GylLhy10ssL8GWSqSEIxSDt5F5dJQbUgTBl72hGFNIXppZVM1LgcukVVxc/r2bs
1kqyPxCoX2LVp3wwfwQ+SioWzgFU+I6VJIHOOtiHFKDuCKvSAzz1cFjhTBn8g52V
7gg6cdEp8Lhpt0PtvPLJnNGOlDZveK2Znk06AFkVeFwoD4lfatH3iQfuL9CW1ck=
-----END CERTIFICATE-----