Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/fb70ca06-580a-405a-b7f5-742c6792f162.roa
File:                     fb70ca06-580a-405a-b7f5-742c6792f162.roa (raw, json)
Hash identifier:          TyjRW6d3k7A83iAn+FD9uYbRaKezsslGdbN8Wr0zCjQ=
Subject key identifier:   77:1D:90:B6:FD:2B:30:28:12:C3:B1:E1:BE:07:45:08:DE:72:BC:67
Certificate issuer:       /CN=551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce
Certificate serial:       769A3DCCF9AA7B588EAE8FEEE1011AE334E2CFB5
Authority key identifier: E8:F3:C5:20:E2:0E:F2:5D:3A:B7:A2:16:BB:14:04:31:6A:37:38:F1
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/fb70ca06-580a-405a-b7f5-742c6792f162.roa
Signing time:             Fri 13 Feb 2026 05:41:02 +0000
ROA not before:           Fri 13 Feb 2026 05:41:02 +0000
ROA not after:            Thu 14 May 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:9000:2a68::/46 maxlen: 46
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/XnrVTgTwQuSsDp5lxW5Vx3R40s4.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/XnrVTgTwQuSsDp5lxW5Vx3R40s4.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/99f8fed2-292b-4722-b928-fee7bf0a5910.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/99f8fed2-292b-4722-b928-fee7bf0a5910.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/f60c9f32-a87c-4339-a2f3-6299a3b02e29.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/f60c9f32-a87c-4339-a2f3-6299a3b02e29.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 03 Mar 2026 21:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            76:9a:3d:cc:f9:aa:7b:58:8e:ae:8f:ee:e1:01:1a:e3:34:e2:cf:b5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce
        Validity
            Not Before: Feb 13 05:41:02 2026 GMT
            Not After : May 14 23:59:59 2026 GMT
        Subject: serialNumber=f759a50d9385a9fc2dafba0cbed307b2e069623bfda081f907c7f4f1f9acb6f8, CN=9f230fa9-aa2f-4020-ae2a-1a60374084b8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f8:b0:eb:f3:91:2f:16:4a:af:8d:c9:5a:1c:fd:
                    65:c4:8b:0e:79:d8:40:f0:ed:a5:9d:86:d7:cd:8c:
                    73:69:7b:dc:83:73:41:b4:bf:89:bf:76:d3:d4:8b:
                    3a:8f:c7:ec:93:0d:2e:31:6d:a5:34:17:f7:8d:7e:
                    3e:18:c2:58:d3:b6:d5:74:9c:b6:d9:a3:0e:41:e4:
                    a3:f8:56:40:79:f5:4e:ab:c3:46:35:ea:c7:36:28:
                    2c:05:a7:37:1d:f4:17:99:53:6e:1c:f0:99:5f:e9:
                    fa:70:11:5d:04:cd:2c:49:e2:a5:5f:5b:ce:14:5b:
                    41:30:60:48:a7:4a:0b:59:fd:cd:7d:c9:da:70:25:
                    88:ed:33:d5:ac:54:97:c5:15:13:9d:63:65:83:bc:
                    01:bc:72:d3:17:62:45:cf:0f:b1:8e:e2:a1:0e:11:
                    b7:4f:2c:9d:21:c9:71:80:3a:72:32:d9:ac:07:55:
                    34:8b:20:85:bc:62:0a:cc:9b:88:cb:8d:3e:55:ba:
                    c4:be:85:97:03:2c:4d:5c:8a:88:bc:d7:a5:34:b4:
                    90:69:a6:43:90:41:e8:2b:80:2b:58:6f:2e:d8:72:
                    be:60:17:78:ae:75:25:92:04:45:5d:f6:e3:c5:09:
                    e9:d6:3e:0f:4d:85:a6:ba:78:35:79:7c:ec:55:13:
                    69:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                77:1D:90:B6:FD:2B:30:28:12:C3:B1:E1:BE:07:45:08:DE:72:BC:67
            X509v3 Authority Key Identifier:
                keyid:E8:F3:C5:20:E2:0E:F2:5D:3A:B7:A2:16:BB:14:04:31:6A:37:38:F1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/fb70ca06-580a-405a-b7f5-742c6792f162.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/XnrVTgTwQuSsDp5lxW5Vx3R40s4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:9000:2a68::/46

    Signature Algorithm: sha256WithRSAEncryption
         34:51:06:09:1e:20:19:b9:b0:30:b4:86:d5:98:52:22:58:88:
         2f:fd:0d:86:f1:b8:e1:ac:47:95:bb:b1:92:92:bf:c4:d5:b0:
         c8:32:37:8b:bc:30:8c:d8:b9:19:5e:a4:6b:d4:76:06:51:12:
         e7:11:6f:62:d2:8a:e7:d5:80:d1:19:53:10:d3:e9:db:24:8b:
         88:e7:16:64:f4:bf:8f:8d:2f:58:ae:b5:a4:f1:af:26:b2:44:
         88:4c:69:df:52:79:70:d8:dd:fa:a4:d9:3f:28:fb:a7:52:8b:
         aa:62:80:82:81:86:fd:ab:f3:78:0a:40:cb:50:10:cf:10:02:
         b8:17:0c:6c:5c:ad:a2:dd:b7:4f:c2:ea:fd:e3:ae:8a:a3:42:
         aa:1a:10:82:be:64:e5:d7:0b:89:06:47:d1:22:bd:bf:33:91:
         8f:a6:dc:28:6d:37:f0:73:8a:36:48:45:8e:28:97:e0:cb:db:
         2d:28:e1:db:80:cd:37:cd:4f:c1:5a:00:ee:64:79:8d:e3:f5:
         1e:aa:5f:ae:5c:59:2b:c9:87:1b:f6:56:73:f8:04:40:4d:cf:
         43:99:19:5d:eb:ea:f6:47:55:76:5b:a6:e3:db:73:ba:23:e7:
         2b:54:b7:da:4a:64:33:6c:af:1e:d9:82:2e:9b:ae:94:9a:21:
         cd:1b:c7:65
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUdpo9zPmqe1iOro/u4QEa4zTiz7UwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNTUxMjA5MDI3ZjVlN2FkNTRlMDRmMDQyZTRhYzBlOWU2
NWM1NmU1NWM3NzQ3OGQyY2UwHhcNMjYwMjEzMDU0MTAyWhcNMjYwNTE0MjM1OTU5
WjB6MUkwRwYDVQQFE0BmNzU5YTUwZDkzODVhOWZjMmRhZmJhMGNiZWQzMDdiMmUw
Njk2MjNiZmRhMDgxZjkwN2M3ZjRmMWY5YWNiNmY4MS0wKwYDVQQDEyQ5ZjIzMGZh
OS1hYTJmLTQwMjAtYWUyYS0xYTYwMzc0MDg0YjgwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQD4sOvzkS8WSq+NyVoc/WXEiw552EDw7aWdhtfNjHNpe9yD
c0G0v4m/dtPUizqPx+yTDS4xbaU0F/eNfj4YwljTttV0nLbZow5B5KP4VkB59U6r
w0Y16sc2KCwFpzcd9BeZU24c8Jlf6fpwEV0EzSxJ4qVfW84UW0EwYEinSgtZ/c19
ydpwJYjtM9WsVJfFFROdY2WDvAG8ctMXYkXPD7GO4qEOEbdPLJ0hyXGAOnIy2awH
VTSLIIW8YgrMm4jLjT5VusS+hZcDLE1cioi816U0tJBppkOQQegrgCtYby7Ycr5g
F3iudSWSBEVd9uPFCenWPg9Nhaa6eDV5fOxVE2kPAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUdx2Qtv0rMCgSw7HhvgdFCN5yvGcwHwYDVR0jBBgwFoAU6PPFIOIO8l06
t6IWuxQEMWo3OPEwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
L2Y2MGM5ZjMyLWE4N2MtNDMzOS1hMmYzLTYyOTlhM2IwMmUyOS85OWY4ZmVkMi0y
OTJiLTQ3MjItYjkyOC1mZWU3YmYwYTU5MTAvNTUxMjA5MDI3ZjVlN2FkNTRlMDRm
MDQyZTRhYzBlOWU2NWM1NmU1NWM3NzQ3OGQyY2UuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZTc1MThhZjUtYTM0My00MjhkLWJmNzgtZjk4
MmI2ZTYwNTA1L2ZiNzBjYTA2LTU4MGEtNDA1YS1iN2Y1LTc0MmM2NzkyZjE2Mi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2U3NTE4YWY1LWEzNDMtNDI4ZC1iZjc4
LWY5ODJiNmU2MDUwNS9YbnJWVGdUd1F1U3NEcDVseFc1VngzUjQwczQuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwImAJAAKmgwDQYJKoZIhvcNAQELBQADggEBADRRBgkeIBm5sDC0htWYUiJY
iC/9DYbxuOGsR5W7sZKSv8TVsMgyN4u8MIzYuRlepGvUdgZREucRb2LSiufVgNEZ
UxDT6dski4jnFmT0v4+NL1iutaTxryayRIhMad9SeXDY3fqk2T8o+6dSi6pigIKB
hv2r83gKQMtQEM8QArgXDGxcraLdt0/C6v3jroqjQqoaEIK+ZOXXC4kGR9Eivb8z
kY+m3ChtN/BzijZIRY4ol+DL2y0o4duAzTfNT8FaAO5keY3j9R6qX65cWSvJhxv2
VnP4BEBNz0OZGV3r6vZHVXZbpuPbc7oj5ytUt9pKZDNsrx7Zgi6brpSaIc0bx2U=
-----END CERTIFICATE-----