Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/f4089a21-6948-4717-91d7-87a692ca9139.roa
File:                     f4089a21-6948-4717-91d7-87a692ca9139.roa (raw, json)
Hash identifier:          z/Rj3lXbf9ZRnQv7FD735neQ5nM3jE7Gd+/UX8GEnhQ=
Subject key identifier:   5A:63:BC:7E:52:69:45:86:A5:C3:26:60:62:E5:F8:E8:C4:1B:85:F3
Certificate issuer:       /CN=551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce
Certificate serial:       5B13CA975162300F2BCA3FCF102FF96637D39038
Authority key identifier: E8:F3:C5:20:E2:0E:F2:5D:3A:B7:A2:16:BB:14:04:31:6A:37:38:F1
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/f4089a21-6948-4717-91d7-87a692ca9139.roa
Signing time:             Fri 13 Feb 2026 05:51:46 +0000
ROA not before:           Fri 13 Feb 2026 05:51:46 +0000
ROA not after:            Thu 14 May 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:9000:38fe::/47 maxlen: 47
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/XnrVTgTwQuSsDp5lxW5Vx3R40s4.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/XnrVTgTwQuSsDp5lxW5Vx3R40s4.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/99f8fed2-292b-4722-b928-fee7bf0a5910.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/99f8fed2-292b-4722-b928-fee7bf0a5910.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/f60c9f32-a87c-4339-a2f3-6299a3b02e29.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/f60c9f32-a87c-4339-a2f3-6299a3b02e29.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 03 Mar 2026 21:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5b:13:ca:97:51:62:30:0f:2b:ca:3f:cf:10:2f:f9:66:37:d3:90:38
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce
        Validity
            Not Before: Feb 13 05:51:46 2026 GMT
            Not After : May 14 23:59:59 2026 GMT
        Subject: serialNumber=d0820cc430c476100f222e3ea878f201fd36ee0d7873b533d63fb64232b01ff3, CN=9f230fa9-aa2f-4020-ae2a-1a60374084b8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:ee:e2:69:45:7b:40:c5:42:51:ea:01:21:2d:
                    40:fa:0f:ef:42:72:56:3d:c5:80:ca:9f:ec:04:a6:
                    3e:f2:f2:0a:c1:66:e2:9d:2e:13:99:26:1f:ce:b5:
                    d2:62:d2:f2:38:3e:93:3a:38:89:99:c7:63:fc:0f:
                    f1:0b:d6:b7:d2:3d:c9:b4:d0:c0:6f:ca:5e:03:e7:
                    72:d1:ce:27:82:f9:ec:b2:00:1d:65:bf:6c:b5:0a:
                    1d:ab:76:5b:e4:fc:0a:d3:10:d5:b2:7a:8b:d6:7a:
                    5e:c9:33:47:0d:81:57:8d:63:e1:96:4c:e4:c2:0b:
                    bd:92:e6:b4:0d:15:da:4a:e1:f6:ef:e5:39:f8:53:
                    95:ee:1e:6e:16:d6:e9:b9:9d:92:2f:de:6f:46:38:
                    7d:8b:2b:b3:c7:91:cc:3b:fa:5b:0e:f6:af:ce:f9:
                    04:33:94:56:08:3d:bf:4b:a5:e7:8c:96:4e:c9:d0:
                    ce:e9:03:e1:79:a4:81:e2:7f:a6:6a:d1:8f:96:9e:
                    45:24:c0:b9:df:70:42:8c:06:6a:c4:0b:f6:b0:93:
                    fe:62:ba:b4:86:b2:ed:fa:c1:bb:c2:49:39:d3:9d:
                    90:e3:a9:80:c6:f0:b7:6a:fd:17:87:51:ca:31:21:
                    6a:e9:3c:0c:af:f2:32:41:87:f7:1c:2b:56:4d:f0:
                    39:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5A:63:BC:7E:52:69:45:86:A5:C3:26:60:62:E5:F8:E8:C4:1B:85:F3
            X509v3 Authority Key Identifier:
                keyid:E8:F3:C5:20:E2:0E:F2:5D:3A:B7:A2:16:BB:14:04:31:6A:37:38:F1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/f4089a21-6948-4717-91d7-87a692ca9139.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/XnrVTgTwQuSsDp5lxW5Vx3R40s4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:9000:38fe::/47

    Signature Algorithm: sha256WithRSAEncryption
         b2:62:a0:9a:27:07:06:d5:14:68:da:aa:5f:29:8e:04:90:ff:
         9a:d5:66:63:49:3f:4d:61:61:cb:ca:e4:90:9d:ef:11:96:9f:
         68:d8:55:ea:a9:4e:37:ac:67:f0:bd:0c:8f:db:46:cc:ce:07:
         13:21:f7:39:2b:c5:f6:38:5b:d3:d8:0a:bf:0a:d3:2d:a6:b4:
         47:8d:4c:81:46:32:22:9a:74:6f:53:74:37:ba:ca:83:d5:94:
         85:e0:a2:24:5d:74:d1:66:cc:2f:97:35:bb:b4:87:e1:b1:45:
         52:f6:74:84:52:59:5e:31:af:70:35:47:3b:cf:da:e6:f5:0c:
         09:57:31:14:e1:39:dc:46:fb:b2:37:94:81:d7:d2:58:89:8e:
         a2:00:17:0e:6d:89:dd:9e:ed:c2:31:66:f7:d5:8c:47:c7:7a:
         f7:7d:db:b0:a7:a4:62:7d:2c:ab:14:5d:cb:72:8f:21:3d:7c:
         09:9a:4b:a2:9e:e9:9a:33:1a:3f:79:54:a5:0e:1a:d4:fe:b6:
         85:49:39:d3:65:aa:30:10:dd:3a:e4:37:a7:74:f8:ea:f3:6e:
         97:36:a8:bc:d7:65:7e:1d:f6:1f:97:23:ff:49:16:21:32:0b:
         4e:55:d5:38:e4:3f:b3:6b:f4:9c:b7:34:8f:a3:6f:84:e1:cf:
         4a:52:56:a3
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUWxPKl1FiMA8ryj/PEC/5ZjfTkDgwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNTUxMjA5MDI3ZjVlN2FkNTRlMDRmMDQyZTRhYzBlOWU2
NWM1NmU1NWM3NzQ3OGQyY2UwHhcNMjYwMjEzMDU1MTQ2WhcNMjYwNTE0MjM1OTU5
WjB6MUkwRwYDVQQFE0BkMDgyMGNjNDMwYzQ3NjEwMGYyMjJlM2VhODc4ZjIwMWZk
MzZlZTBkNzg3M2I1MzNkNjNmYjY0MjMyYjAxZmYzMS0wKwYDVQQDEyQ5ZjIzMGZh
OS1hYTJmLTQwMjAtYWUyYS0xYTYwMzc0MDg0YjgwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCZ7uJpRXtAxUJR6gEhLUD6D+9CclY9xYDKn+wEpj7y8grB
ZuKdLhOZJh/OtdJi0vI4PpM6OImZx2P8D/EL1rfSPcm00MBvyl4D53LRzieC+eyy
AB1lv2y1Ch2rdlvk/ArTENWyeovWel7JM0cNgVeNY+GWTOTCC72S5rQNFdpK4fbv
5Tn4U5XuHm4W1um5nZIv3m9GOH2LK7PHkcw7+lsO9q/O+QQzlFYIPb9LpeeMlk7J
0M7pA+F5pIHif6Zq0Y+WnkUkwLnfcEKMBmrEC/awk/5iurSGsu36wbvCSTnTnZDj
qYDG8Ldq/ReHUcoxIWrpPAyv8jJBh/ccK1ZN8Dm1AgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUWmO8flJpRYalwyZgYuX46MQbhfMwHwYDVR0jBBgwFoAU6PPFIOIO8l06
t6IWuxQEMWo3OPEwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
L2Y2MGM5ZjMyLWE4N2MtNDMzOS1hMmYzLTYyOTlhM2IwMmUyOS85OWY4ZmVkMi0y
OTJiLTQ3MjItYjkyOC1mZWU3YmYwYTU5MTAvNTUxMjA5MDI3ZjVlN2FkNTRlMDRm
MDQyZTRhYzBlOWU2NWM1NmU1NWM3NzQ3OGQyY2UuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZTc1MThhZjUtYTM0My00MjhkLWJmNzgtZjk4
MmI2ZTYwNTA1L2Y0MDg5YTIxLTY5NDgtNDcxNy05MWQ3LTg3YTY5MmNhOTEzOS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2U3NTE4YWY1LWEzNDMtNDI4ZC1iZjc4
LWY5ODJiNmU2MDUwNS9YbnJWVGdUd1F1U3NEcDVseFc1VngzUjQwczQuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwEmAJAAOP4wDQYJKoZIhvcNAQELBQADggEBALJioJonBwbVFGjaql8pjgSQ
/5rVZmNJP01hYcvK5JCd7xGWn2jYVeqpTjesZ/C9DI/bRszOBxMh9zkrxfY4W9PY
Cr8K0y2mtEeNTIFGMiKadG9TdDe6yoPVlIXgoiRddNFmzC+XNbu0h+GxRVL2dIRS
WV4xr3A1RzvP2ub1DAlXMRThOdxG+7I3lIHX0liJjqIAFw5tid2e7cIxZvfVjEfH
evd927CnpGJ9LKsUXctyjyE9fAmaS6Ke6ZozGj95VKUOGtT+toVJOdNlqjAQ3Trk
N6d0+Orzbpc2qLzXZX4d9h+XI/9JFiEyC05V1TjkP7Nr9Jy3NI+jb4Thz0pSVqM=
-----END CERTIFICATE-----