Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/2f059a21-d41b-4846-b7ae-7ea38c32fd4c/4aef75f4-87ef-46d3-96d7-dc53be178ebe.roa
File:                     4aef75f4-87ef-46d3-96d7-dc53be178ebe.roa (raw, json)
Hash identifier:          0mkknwvFDf89C8+MPN8MR2jcokUuJ39rkexZ7TV6bBs=
Subject key identifier:   CC:2A:38:7F:CA:2A:B0:85:1F:74:26:B9:25:AC:AD:98:6E:94:30:62
Certificate issuer:       /CN=c167a8b3a01f06717d2af62e3809072084c3af8f48948e40e2
Certificate serial:       228F18F1DACADA2C03FD72B9B7202A9E37B45F0C
Authority key identifier: 1E:5F:2D:62:F8:5A:D2:84:D4:D1:89:25:6B:88:69:E8:E9:11:28:38
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/0a3db4ff-9cd8-4d02-a027-6fa90494a3a1/c167a8b3a01f06717d2af62e3809072084c3af8f48948e40e2.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/2f059a21-d41b-4846-b7ae-7ea38c32fd4c/4aef75f4-87ef-46d3-96d7-dc53be178ebe.roa
Signing time:             Fri 13 Feb 2026 00:20:09 +0000
ROA not before:           Fri 13 Feb 2026 00:20:09 +0000
ROA not after:            Thu 14 May 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        2606:f40:fffc::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/2f059a21-d41b-4846-b7ae-7ea38c32fd4c/HwZxfSr2LjgJByCEw6-PSJSOQOI.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/2f059a21-d41b-4846-b7ae-7ea38c32fd4c/HwZxfSr2LjgJByCEw6-PSJSOQOI.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/0a3db4ff-9cd8-4d02-a027-6fa90494a3a1/c167a8b3a01f06717d2af62e3809072084c3af8f48948e40e2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/0a3db4ff-9cd8-4d02-a027-6fa90494a3a1/0a3db4ff-9cd8-4d02-a027-6fa90494a3a1.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/0a3db4ff-9cd8-4d02-a027-6fa90494a3a1/0a3db4ff-9cd8-4d02-a027-6fa90494a3a1.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/0a3db4ff-9cd8-4d02-a027-6fa90494a3a1.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/76fe11d4-d352-4994-8f6c-d6c91b0b8415.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/76fe11d4-d352-4994-8f6c-d6c91b0b8415.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 22 Feb 2026 07:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            22:8f:18:f1:da:ca:da:2c:03:fd:72:b9:b7:20:2a:9e:37:b4:5f:0c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c167a8b3a01f06717d2af62e3809072084c3af8f48948e40e2
        Validity
            Not Before: Feb 13 00:20:09 2026 GMT
            Not After : May 14 23:59:59 2026 GMT
        Subject: serialNumber=ef5fa2fdd392086ddd122a72f04e37549e21eaf1ddd02c026ca17c4f8cca9a95, CN=8f95e4d1-f14f-4d61-ae00-67e047d2f102
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:d7:9d:18:fc:ab:5d:9a:bf:e2:13:e1:ba:81:
                    4a:0a:8a:0d:ca:c7:3f:df:02:3f:e9:15:29:88:f6:
                    58:02:18:80:30:9f:b7:35:54:df:60:61:88:b6:5e:
                    2a:c0:30:fb:ec:4f:72:bf:26:dd:f7:3f:8b:69:66:
                    76:82:70:65:0b:d1:00:90:ae:1b:5a:1a:60:3e:99:
                    4c:12:ff:ae:b9:b1:df:48:8b:8c:99:4a:2c:c7:83:
                    17:7e:28:69:4d:63:35:80:7e:85:65:27:82:fb:43:
                    bf:b8:6e:72:ed:1a:96:8e:7b:a1:c4:d0:a4:cd:63:
                    50:4c:1b:75:7d:fd:bd:ef:7b:35:f0:57:5e:1a:8e:
                    20:2d:c8:ee:5e:14:90:09:73:31:ea:05:80:67:35:
                    94:4d:68:27:92:c0:6b:79:8f:ee:d6:e3:7f:10:86:
                    cd:19:7a:0c:00:82:22:ab:30:0b:6a:f6:a4:5c:20:
                    bb:11:71:26:6c:ed:c5:c8:d5:a3:d0:bc:54:eb:6a:
                    92:79:26:e7:06:c3:0e:c3:95:ad:c6:5c:6a:e5:79:
                    81:59:a7:7a:a3:98:46:6c:f6:7e:f7:22:7b:5d:7d:
                    f3:cc:59:89:98:a2:62:5c:e0:df:54:67:7c:82:dc:
                    2e:f6:ce:0d:3d:74:af:e8:63:49:42:aa:79:5c:8b:
                    97:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CC:2A:38:7F:CA:2A:B0:85:1F:74:26:B9:25:AC:AD:98:6E:94:30:62
            X509v3 Authority Key Identifier:
                keyid:1E:5F:2D:62:F8:5A:D2:84:D4:D1:89:25:6B:88:69:E8:E9:11:28:38

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/0a3db4ff-9cd8-4d02-a027-6fa90494a3a1/c167a8b3a01f06717d2af62e3809072084c3af8f48948e40e2.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/2f059a21-d41b-4846-b7ae-7ea38c32fd4c/4aef75f4-87ef-46d3-96d7-dc53be178ebe.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/2f059a21-d41b-4846-b7ae-7ea38c32fd4c/HwZxfSr2LjgJByCEw6-PSJSOQOI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2606:f40:fffc::/48

    Signature Algorithm: sha256WithRSAEncryption
         99:c5:85:30:98:d6:27:75:5d:60:84:16:dd:69:a3:85:fb:32:
         25:cd:ea:f8:7b:aa:b0:61:ec:48:bf:f9:2c:16:e4:9c:f9:04:
         5d:58:38:30:1c:57:1c:d5:d0:19:27:ae:49:a0:38:c5:05:3b:
         69:1d:70:7f:b0:5c:60:fc:30:f4:59:63:5a:55:b8:73:d7:66:
         ca:a7:3d:0b:53:40:63:6e:32:0b:70:12:d0:1e:80:fe:15:cd:
         b6:8d:32:9b:f3:1f:57:e2:8c:fc:27:e8:10:1e:27:74:d9:c5:
         ec:9b:8e:0a:98:d2:d3:6c:92:8d:3d:ca:33:55:9b:2b:36:7f:
         9e:a7:23:a2:b5:46:b1:a2:48:0d:13:dd:3b:4b:95:6d:b0:a6:
         f5:04:df:94:08:e7:6a:bf:88:d1:89:47:36:09:ca:e8:a4:3c:
         80:6a:d4:ea:79:b5:ec:74:22:a5:2f:24:e9:ce:ef:21:f0:5c:
         b9:e2:28:04:03:2a:fd:af:e4:d5:5b:c0:d2:ad:61:68:29:d0:
         d9:67:4f:a8:6e:be:88:b1:9b:76:08:89:98:9c:82:9e:03:fc:
         5a:83:c5:73:64:83:4a:b7:37:bb:52:f0:5f:04:d8:46:a3:4d:
         db:7e:be:86:a7:27:25:ca:d8:10:8e:1a:36:9f:b6:cf:77:5d:
         53:bb:68:49
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUIo8Y8drK2iwD/XK5tyAqnje0XwwwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyYzE2N2E4YjNhMDFmMDY3MTdkMmFmNjJlMzgwOTA3MjA4
NGMzYWY4ZjQ4OTQ4ZTQwZTIwHhcNMjYwMjEzMDAyMDA5WhcNMjYwNTE0MjM1OTU5
WjB6MUkwRwYDVQQFE0BlZjVmYTJmZGQzOTIwODZkZGQxMjJhNzJmMDRlMzc1NDll
MjFlYWYxZGRkMDJjMDI2Y2ExN2M0ZjhjY2E5YTk1MS0wKwYDVQQDEyQ4Zjk1ZTRk
MS1mMTRmLTRkNjEtYWUwMC02N2UwNDdkMmYxMDIwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCq150Y/Ktdmr/iE+G6gUoKig3Kxz/fAj/pFSmI9lgCGIAw
n7c1VN9gYYi2XirAMPvsT3K/Jt33P4tpZnaCcGUL0QCQrhtaGmA+mUwS/665sd9I
i4yZSizHgxd+KGlNYzWAfoVlJ4L7Q7+4bnLtGpaOe6HE0KTNY1BMG3V9/b3vezXw
V14ajiAtyO5eFJAJczHqBYBnNZRNaCeSwGt5j+7W438Qhs0ZegwAgiKrMAtq9qRc
ILsRcSZs7cXI1aPQvFTrapJ5JucGww7Dla3GXGrleYFZp3qjmEZs9n73IntdffPM
WYmYomJc4N9UZ3yC3C72zg09dK/oY0lCqnlci5frAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUzCo4f8oqsIUfdCa5JaytmG6UMGIwHwYDVR0jBBgwFoAUHl8tYvha0oTU
0Ykla4hp6OkRKDgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
Lzc2ZmUxMWQ0LWQzNTItNDk5NC04ZjZjLWQ2YzkxYjBiODQxNS8wYTNkYjRmZi05
Y2Q4LTRkMDItYTAyNy02ZmE5MDQ5NGEzYTEvYzE2N2E4YjNhMDFmMDY3MTdkMmFm
NjJlMzgwOTA3MjA4NGMzYWY4ZjQ4OTQ4ZTQwZTIuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMmYwNTlhMjEtZDQxYi00ODQ2LWI3YWUtN2Vh
MzhjMzJmZDRjLzRhZWY3NWY0LTg3ZWYtNDZkMy05NmQ3LWRjNTNiZTE3OGViZS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzJmMDU5YTIxLWQ0MWItNDg0Ni1iN2Fl
LTdlYTM4YzMyZmQ0Yy9Id1p4ZlNyMkxqZ0pCeUNFdzYtUFNKU09RT0kuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmBg9A//wwDQYJKoZIhvcNAQELBQADggEBAJnFhTCY1id1XWCEFt1po4X7
MiXN6vh7qrBh7Ei/+SwW5Jz5BF1YODAcVxzV0BknrkmgOMUFO2kdcH+wXGD8MPRZ
Y1pVuHPXZsqnPQtTQGNuMgtwEtAegP4VzbaNMpvzH1fijPwn6BAeJ3TZxeybjgqY
0tNsko09yjNVmys2f56nI6K1RrGiSA0T3TtLlW2wpvUE35QI52q/iNGJRzYJyuik
PIBq1Op5tex0IqUvJOnO7yHwXLniKAQDKv2v5NVbwNKtYWgp0NlnT6huvoixm3YI
iZicgp4D/FqDxXNkg0q3N7tS8F8E2EajTdt+voanJyXK2BCOGjafts93XVO7aEk=
-----END CERTIFICATE-----
Generated at Sat Feb 21 07:29:51 2026 by rpki-client