Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/1471cd7d-f4dc-4f9e-9097-188dfdebcc7e.roa
File:                     1471cd7d-f4dc-4f9e-9097-188dfdebcc7e.roa (raw, json)
Hash identifier:          qMtZnj3Fq2wLvElbWbJxUDyCMkifXOR7MH7/J5AP1hg=
Subject key identifier:   DF:72:85:14:4E:35:2A:EB:85:13:C7:4D:A9:5B:32:B2:D1:07:08:81
Certificate issuer:       /CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
Certificate serial:       1674F12495A4E6E676C98C91996EAAC590DC1F34
Authority key identifier: BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/1471cd7d-f4dc-4f9e-9097-188dfdebcc7e.roa
Signing time:             Tue 17 Feb 2026 02:50:06 +0000
ROA not before:           Tue 17 Feb 2026 02:50:06 +0000
ROA not after:            Mon 18 May 2026 23:59:59 +0000
asID:                     14618
IP address blocks:        2605:9cc0:402::/47 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 24 Feb 2026 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            16:74:f1:24:95:a4:e6:e6:76:c9:8c:91:99:6e:aa:c5:90:dc:1f:34
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
        Validity
            Not Before: Feb 17 02:50:06 2026 GMT
            Not After : May 18 23:59:59 2026 GMT
        Subject: serialNumber=79a6c2c19db0399c05cbde50fc9f8685cb923fb88a5ab31c6e77ca50f2196f8e, CN=f7243785-46de-414b-9b8f-7a9699e979e2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:79:2b:e9:cb:6c:1a:df:0d:3a:51:21:d1:79:
                    05:eb:ff:a5:43:e7:7e:f2:35:81:e2:2f:0c:49:bb:
                    41:69:5d:20:26:83:8b:e0:e7:e4:d9:be:02:91:4b:
                    03:bb:ba:ec:89:e6:f1:17:c8:0d:f9:68:d3:1b:46:
                    f1:d7:eb:d8:cd:12:c2:91:da:19:14:46:92:6d:9b:
                    b9:6a:9d:df:fd:77:dc:9e:ac:89:79:71:92:e7:b6:
                    bb:ad:ec:db:fc:cd:58:9d:cc:2f:aa:75:b3:72:e8:
                    83:66:54:62:7e:4e:47:f2:b5:dc:e8:61:94:71:93:
                    ae:e8:0e:5d:1b:d5:ef:5d:c3:55:f1:e9:9c:37:34:
                    e6:3e:75:48:62:13:09:fd:cc:03:33:b1:a8:a4:86:
                    19:e1:92:e9:16:03:a0:dd:d9:33:ef:e7:59:9a:e7:
                    eb:f0:7f:4d:9f:89:4a:13:5b:d5:06:82:a1:ab:8f:
                    34:de:c7:cf:bb:20:b0:02:e3:8b:f5:bc:b6:84:36:
                    a9:f3:d5:67:05:e3:fc:aa:30:f1:cb:50:e8:5c:f2:
                    7c:0f:c8:71:ad:7b:0a:4f:a3:21:cc:10:ab:0b:19:
                    a1:62:81:25:6e:e8:48:40:7b:28:f6:93:1d:f2:75:
                    6b:5a:d3:e3:77:35:19:ef:61:b3:b9:7f:fa:61:df:
                    25:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DF:72:85:14:4E:35:2A:EB:85:13:C7:4D:A9:5B:32:B2:D1:07:08:81
            X509v3 Authority Key Identifier:
                keyid:BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/1471cd7d-f4dc-4f9e-9097-188dfdebcc7e.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2605:9cc0:402::/47

    Signature Algorithm: sha256WithRSAEncryption
         59:45:5a:65:ae:2b:23:e9:53:7b:b7:b9:cc:74:e5:26:98:41:
         7a:f3:38:82:a5:bf:fd:e4:3e:fe:7d:c9:55:06:36:9d:c2:e0:
         7b:c8:82:76:dd:83:c6:8c:97:5a:74:37:35:8b:57:ae:9a:8f:
         da:cc:e8:67:fd:43:98:e9:c1:ba:4e:f2:7f:1c:e5:b5:99:06:
         cd:85:17:69:bd:b6:0b:0a:c1:52:66:72:60:66:92:96:64:01:
         d0:25:bd:36:c6:3f:24:c4:7e:e7:e1:57:e4:11:bb:e0:19:94:
         e7:2f:be:17:33:4f:3f:0a:94:88:99:b5:d6:01:0a:95:3e:17:
         2b:99:fa:a3:89:72:2d:d6:7d:5c:05:5a:de:04:c0:76:ee:2e:
         e1:ca:59:5a:84:d1:d2:10:7b:14:6b:91:9f:b7:ed:17:c3:9e:
         35:d5:33:72:42:17:82:e8:67:f7:a7:85:54:20:62:da:e5:62:
         d2:8b:a7:53:83:92:cb:2a:61:04:c8:c5:64:e5:d6:c7:fe:31:
         d6:bf:ad:70:ef:ab:9f:0d:ea:8d:f4:9b:f5:5f:07:ad:15:cd:
         40:20:a7:9c:cf:e6:39:5d:21:a3:b1:1e:17:4a:13:a0:78:50:
         8f:8a:ad:a3:d5:40:4c:42:e1:4c:69:36:f2:52:b4:bf:a5:05:
         08:e5:0a:98
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUFnTxJJWk5uZ2yYyRmW6qxZDcHzQwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyOTdhYzAwMjhkNmVmYmRkYWZiN2Q5YzcxZTI5ZWI3MWMw
MDVlMzRmYzE5ZjFmN2M0MjQwHhcNMjYwMjE3MDI1MDA2WhcNMjYwNTE4MjM1OTU5
WjB6MUkwRwYDVQQFE0A3OWE2YzJjMTlkYjAzOTljMDVjYmRlNTBmYzlmODY4NWNi
OTIzZmI4OGE1YWIzMWM2ZTc3Y2E1MGYyMTk2ZjhlMS0wKwYDVQQDEyRmNzI0Mzc4
NS00NmRlLTQxNGItOWI4Zi03YTk2OTllOTc5ZTIwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDIeSvpy2wa3w06USHReQXr/6VD537yNYHiLwxJu0FpXSAm
g4vg5+TZvgKRSwO7uuyJ5vEXyA35aNMbRvHX69jNEsKR2hkURpJtm7lqnd/9d9ye
rIl5cZLntrut7Nv8zVidzC+qdbNy6INmVGJ+TkfytdzoYZRxk67oDl0b1e9dw1Xx
6Zw3NOY+dUhiEwn9zAMzsaikhhnhkukWA6Dd2TPv51ma5+vwf02fiUoTW9UGgqGr
jzTex8+7ILAC44v1vLaENqnz1WcF4/yqMPHLUOhc8nwPyHGtewpPoyHMEKsLGaFi
gSVu6EhAeyj2kx3ydWta0+N3NRnvYbO5f/ph3yUzAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQU33KFFE41KuuFE8dNqVsystEHCIEwHwYDVR0jBBgwFoAUugzhfiM/vHHU
MKvawsMMeQS2oOcwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy9kM2VhNmVhYi1m
NDFmLTRlNDYtYThmNi0zZGE0YTEyOGQ3OGMvOTdhYzAwMjhkNmVmYmRkYWZiN2Q5
YzcxZTI5ZWI3MWMwMDVlMzRmYzE5ZjFmN2M0MjQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTQ2MDJmYjAtYTlkNC00ZjlmLWIwY2EtYmUy
YTEzOWVhOTJiLzE0NzFjZDdkLWY0ZGMtNGY5ZS05MDk3LTE4OGRmZGViY2M3ZS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzU0NjAyZmIwLWE5ZDQtNGY5Zi1iMGNh
LWJlMmExMzllYTkyYi83NzNhLTMyY2NlS2V0eHdBWGpUOEdmSDN4Q1EuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwEmBZzABAIwDQYJKoZIhvcNAQELBQADggEBAFlFWmWuKyPpU3u3ucx05SaY
QXrzOIKlv/3kPv59yVUGNp3C4HvIgnbdg8aMl1p0NzWLV66aj9rM6Gf9Q5jpwbpO
8n8c5bWZBs2FF2m9tgsKwVJmcmBmkpZkAdAlvTbGPyTEfufhV+QRu+AZlOcvvhcz
Tz8KlIiZtdYBCpU+FyuZ+qOJci3WfVwFWt4EwHbuLuHKWVqE0dIQexRrkZ+37RfD
njXVM3JCF4LoZ/enhVQgYtrlYtKLp1ODkssqYQTIxWTl1sf+Mda/rXDvq58N6o30
m/VfB60VzUAgp5zP5jldIaOxHhdKE6B4UI+KraPVQExC4UxpNvJStL+lBQjlCpg=
-----END CERTIFICATE-----