Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/f17d8872-8ade-4926-8a1a-5c28ad427892.roa
File:                     f17d8872-8ade-4926-8a1a-5c28ad427892.roa (raw, json)
Hash identifier:          aZKrANNHInRnge+7EomLSI+j3UMAY/MerhwJSLkC4Ew=
Subject key identifier:   2F:F2:13:DC:F6:BE:59:BA:9D:32:4B:A4:6B:51:6E:FD:C9:C9:46:2E
Certificate issuer:       /CN=551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce
Certificate serial:       32CE2ED9320383665FC808DBE6B9847FB49E43EF
Authority key identifier: E8:F3:C5:20:E2:0E:F2:5D:3A:B7:A2:16:BB:14:04:31:6A:37:38:F1
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/f17d8872-8ade-4926-8a1a-5c28ad427892.roa
Signing time:             Fri 13 Feb 2026 05:40:30 +0000
ROA not before:           Fri 13 Feb 2026 05:40:30 +0000
ROA not after:            Thu 14 May 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:9000:3bc0::/46 maxlen: 46
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/XnrVTgTwQuSsDp5lxW5Vx3R40s4.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/XnrVTgTwQuSsDp5lxW5Vx3R40s4.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/99f8fed2-292b-4722-b928-fee7bf0a5910.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/99f8fed2-292b-4722-b928-fee7bf0a5910.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/f60c9f32-a87c-4339-a2f3-6299a3b02e29.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/f60c9f32-a87c-4339-a2f3-6299a3b02e29.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 03 Mar 2026 21:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            32:ce:2e:d9:32:03:83:66:5f:c8:08:db:e6:b9:84:7f:b4:9e:43:ef
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce
        Validity
            Not Before: Feb 13 05:40:30 2026 GMT
            Not After : May 14 23:59:59 2026 GMT
        Subject: serialNumber=95c40f40f42d8088b112bde88fe0c4145dbba72ff812ed87e8ebc64f8a14b15c, CN=9f230fa9-aa2f-4020-ae2a-1a60374084b8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:69:ee:4a:a8:e9:55:a2:1f:12:02:9d:9e:75:
                    49:73:c6:cd:82:67:95:68:56:93:55:f1:7a:cb:8e:
                    b1:a3:ab:cf:20:81:ba:68:fc:86:f8:ec:20:7a:c7:
                    70:02:b0:e3:cc:26:ca:71:23:0c:03:37:fb:f4:9b:
                    e8:c3:f5:8b:3e:ff:bf:c7:1d:40:41:24:bf:a0:e9:
                    0f:71:ae:e8:62:8e:68:98:83:23:27:d6:d8:7f:43:
                    cb:8c:76:8f:5b:a2:cd:09:7a:01:24:f9:6e:68:87:
                    c3:73:a4:e6:c6:e2:39:7c:96:c7:c4:b6:b4:cb:35:
                    99:08:47:22:e8:82:df:95:bb:c2:54:f7:41:21:43:
                    f6:72:5e:96:1b:6f:85:c0:61:52:ca:7a:b2:04:f7:
                    5f:0d:a0:b1:09:22:40:51:0a:3a:74:e6:ce:f4:08:
                    0f:c2:e1:45:c0:3e:a0:d4:bd:3c:55:97:a3:57:81:
                    5d:5d:a2:a1:c7:fd:95:e5:f2:30:37:21:cc:2b:7d:
                    e2:da:0c:6e:f8:4f:88:4a:f5:3e:ea:c6:30:46:09:
                    1e:bb:33:2e:ca:26:d7:02:2d:21:51:c8:8d:7f:9b:
                    e5:c6:ef:03:bc:e9:a4:87:a7:49:f2:32:24:7c:2c:
                    fe:21:bc:75:c1:12:44:4b:94:85:54:e8:1d:a1:b6:
                    58:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2F:F2:13:DC:F6:BE:59:BA:9D:32:4B:A4:6B:51:6E:FD:C9:C9:46:2E
            X509v3 Authority Key Identifier:
                keyid:E8:F3:C5:20:E2:0E:F2:5D:3A:B7:A2:16:BB:14:04:31:6A:37:38:F1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/f17d8872-8ade-4926-8a1a-5c28ad427892.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/XnrVTgTwQuSsDp5lxW5Vx3R40s4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:9000:3bc0::/46

    Signature Algorithm: sha256WithRSAEncryption
         0e:20:b6:cc:5a:1f:0e:72:1e:7c:42:67:ef:b1:6d:fc:b2:86:
         13:0d:76:b2:1a:24:34:c1:51:69:62:95:6d:2b:3f:8f:d0:d4:
         26:67:06:30:c6:45:35:86:5f:d3:1e:5f:d5:8f:a7:36:09:d9:
         3b:42:bf:62:75:89:52:53:54:30:12:d2:a5:8a:2e:3e:88:c9:
         90:4d:4d:a2:6f:95:54:d2:14:0f:cd:35:96:0c:a6:87:a7:a7:
         32:24:a0:7d:1a:47:48:6d:5c:e4:c8:c7:68:42:46:00:3c:fd:
         94:a1:c1:2b:a9:f3:c1:86:72:39:26:52:81:26:29:a7:c2:a4:
         02:20:04:15:6b:20:e6:68:d0:85:8d:b4:82:c8:ea:d5:23:4b:
         9c:97:8e:98:fd:00:43:78:fe:21:91:c9:b4:c8:2a:de:cb:f5:
         9f:ba:59:b9:ed:44:a6:a2:26:93:dd:82:4c:6a:d0:a4:ca:9f:
         34:c3:fe:e9:69:45:4b:b8:4f:7c:14:b7:10:35:a5:31:1a:da:
         ea:fe:09:b5:41:6d:78:e4:36:e7:79:a6:c4:3b:dd:04:45:0b:
         d0:7f:42:35:76:da:b0:37:0b:60:2f:23:44:13:6d:9f:ae:7a:
         02:42:31:87:49:63:e2:bc:37:47:df:60:e7:16:05:01:79:ac:
         2f:2a:d4:b8
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUMs4u2TIDg2ZfyAjb5rmEf7SeQ+8wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNTUxMjA5MDI3ZjVlN2FkNTRlMDRmMDQyZTRhYzBlOWU2
NWM1NmU1NWM3NzQ3OGQyY2UwHhcNMjYwMjEzMDU0MDMwWhcNMjYwNTE0MjM1OTU5
WjB6MUkwRwYDVQQFE0A5NWM0MGY0MGY0MmQ4MDg4YjExMmJkZTg4ZmUwYzQxNDVk
YmJhNzJmZjgxMmVkODdlOGViYzY0ZjhhMTRiMTVjMS0wKwYDVQQDEyQ5ZjIzMGZh
OS1hYTJmLTQwMjAtYWUyYS0xYTYwMzc0MDg0YjgwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCwae5KqOlVoh8SAp2edUlzxs2CZ5VoVpNV8XrLjrGjq88g
gbpo/Ib47CB6x3ACsOPMJspxIwwDN/v0m+jD9Ys+/7/HHUBBJL+g6Q9xruhijmiY
gyMn1th/Q8uMdo9bos0JegEk+W5oh8NzpObG4jl8lsfEtrTLNZkIRyLogt+Vu8JU
90EhQ/ZyXpYbb4XAYVLKerIE918NoLEJIkBRCjp05s70CA/C4UXAPqDUvTxVl6NX
gV1doqHH/ZXl8jA3IcwrfeLaDG74T4hK9T7qxjBGCR67My7KJtcCLSFRyI1/m+XG
7wO86aSHp0nyMiR8LP4hvHXBEkRLlIVU6B2htljzAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUL/IT3Pa+WbqdMkuka1Fu/cnJRi4wHwYDVR0jBBgwFoAU6PPFIOIO8l06
t6IWuxQEMWo3OPEwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
L2Y2MGM5ZjMyLWE4N2MtNDMzOS1hMmYzLTYyOTlhM2IwMmUyOS85OWY4ZmVkMi0y
OTJiLTQ3MjItYjkyOC1mZWU3YmYwYTU5MTAvNTUxMjA5MDI3ZjVlN2FkNTRlMDRm
MDQyZTRhYzBlOWU2NWM1NmU1NWM3NzQ3OGQyY2UuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZTc1MThhZjUtYTM0My00MjhkLWJmNzgtZjk4
MmI2ZTYwNTA1L2YxN2Q4ODcyLThhZGUtNDkyNi04YTFhLTVjMjhhZDQyNzg5Mi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2U3NTE4YWY1LWEzNDMtNDI4ZC1iZjc4
LWY5ODJiNmU2MDUwNS9YbnJWVGdUd1F1U3NEcDVseFc1VngzUjQwczQuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwImAJAAO8AwDQYJKoZIhvcNAQELBQADggEBAA4gtsxaHw5yHnxCZ++xbfyy
hhMNdrIaJDTBUWlilW0rP4/Q1CZnBjDGRTWGX9MeX9WPpzYJ2TtCv2J1iVJTVDAS
0qWKLj6IyZBNTaJvlVTSFA/NNZYMpoenpzIkoH0aR0htXOTIx2hCRgA8/ZShwSup
88GGcjkmUoEmKafCpAIgBBVrIOZo0IWNtILI6tUjS5yXjpj9AEN4/iGRybTIKt7L
9Z+6WbntRKaiJpPdgkxq0KTKnzTD/ulpRUu4T3wUtxA1pTEa2ur+CbVBbXjkNud5
psQ73QRFC9B/QjV22rA3C2AvI0QTbZ+uegJCMYdJY+K8N0ffYOcWBQF5rC8q1Lg=
-----END CERTIFICATE-----