Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/15c69da0-d471-4f52-b26d-a3639b01e410.roa
File:                     15c69da0-d471-4f52-b26d-a3639b01e410.roa (raw, json)
Hash identifier:          QwKkVVt/6rlLgbE1YV3qHJ2UPNqypwRRoPiZzvLpqXU=
Subject key identifier:   DC:AE:D9:73:77:6B:BC:B8:DD:99:36:5B:8F:46:EF:5E:68:52:11:7C
Certificate issuer:       /CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
Certificate serial:       3419A406A43E5E2FC47E2CC65A775DD2103E9EF0
Authority key identifier: BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/15c69da0-d471-4f52-b26d-a3639b01e410.roa
Signing time:             Tue 17 Feb 2026 02:30:15 +0000
ROA not before:           Tue 17 Feb 2026 02:30:15 +0000
ROA not after:            Mon 18 May 2026 23:59:59 +0000
asID:                     14618
IP address blocks:        2605:9cc0:c0e::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 24 Feb 2026 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            34:19:a4:06:a4:3e:5e:2f:c4:7e:2c:c6:5a:77:5d:d2:10:3e:9e:f0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
        Validity
            Not Before: Feb 17 02:30:15 2026 GMT
            Not After : May 18 23:59:59 2026 GMT
        Subject: serialNumber=7a30611e7c38586aff0fa25877eb006348260f45e96348fd0de2f4ce25a390dd, CN=f7243785-46de-414b-9b8f-7a9699e979e2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:57:10:56:53:07:9e:08:47:25:13:5b:48:6f:
                    2b:6d:00:d3:39:94:fc:1d:39:0d:04:94:b3:a4:4c:
                    a0:85:cd:ac:0d:77:77:27:be:e7:22:90:b1:3f:2b:
                    72:20:84:8d:48:a5:d1:31:ba:f5:60:6c:96:15:e0:
                    33:85:ca:6e:61:14:c9:d2:25:d1:52:5c:98:49:ad:
                    65:b6:47:78:09:74:d9:13:e9:a8:e8:5e:ca:78:0b:
                    33:6c:4b:5f:bd:6e:3c:15:95:c3:24:dd:19:9c:3e:
                    f6:2c:2b:ed:0a:f5:7e:f6:74:36:9a:25:e0:d2:a3:
                    70:f9:25:6d:4a:79:ab:2c:df:d2:40:26:74:80:d8:
                    5a:37:ad:43:06:49:83:8d:4a:a8:1e:d1:81:46:92:
                    69:fb:31:6f:a0:1c:05:ab:a6:6d:02:d0:db:60:18:
                    df:37:ab:c6:f3:53:5a:dc:54:20:ff:b9:05:b6:fc:
                    99:37:a1:06:84:6f:a5:3e:2c:8f:1a:d5:c7:5f:10:
                    05:f9:77:ba:14:d1:e6:30:29:14:e2:ce:c0:78:b1:
                    0a:9c:fc:46:4f:2c:9b:0e:57:29:79:ff:fc:c4:d6:
                    34:9d:ae:5a:ae:c7:5a:84:ab:c8:6b:83:d1:79:77:
                    7a:15:a4:00:67:cd:2a:7f:dc:de:db:eb:e9:23:2a:
                    53:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DC:AE:D9:73:77:6B:BC:B8:DD:99:36:5B:8F:46:EF:5E:68:52:11:7C
            X509v3 Authority Key Identifier:
                keyid:BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/15c69da0-d471-4f52-b26d-a3639b01e410.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2605:9cc0:c0e::/48

    Signature Algorithm: sha256WithRSAEncryption
         03:18:7b:e6:20:c3:95:7d:09:09:53:7d:93:75:4f:4c:87:0b:
         ac:43:68:d0:35:de:55:2c:fa:f1:73:33:27:83:e8:3e:60:39:
         93:6c:de:17:1e:80:d4:f2:25:5d:f4:7b:4c:3f:dc:84:c8:a2:
         d5:00:7b:5b:ef:46:11:c8:80:9a:43:35:2b:b1:71:11:1d:e8:
         b9:40:ec:c4:c5:d1:10:20:b5:44:1f:d9:4c:99:85:a4:9a:13:
         1c:81:45:73:39:26:a2:4b:bc:f1:b0:27:28:09:8f:92:18:7b:
         e4:42:08:25:04:75:b5:3a:47:eb:b1:51:73:94:11:69:b3:d8:
         6a:4f:25:f7:ad:25:44:1c:0a:24:03:f2:5f:33:44:de:ec:39:
         50:01:f6:0c:02:b6:69:46:69:4e:7d:db:57:18:c5:32:95:1c:
         ea:64:d3:3d:99:48:67:40:0a:cd:5f:bb:3e:70:2d:90:b5:64:
         3e:c5:7a:d3:7c:b0:6e:3b:20:17:72:41:4f:a1:07:33:48:75:
         77:29:84:f1:49:45:21:92:70:70:b9:ca:00:3e:ad:e9:ef:af:
         9d:e6:30:e6:02:b6:99:b6:9c:10:d0:8c:d4:4d:d4:c6:47:1c:
         00:90:2a:c6:71:a6:d6:9b:a2:c7:d4:c2:e1:ec:9e:be:34:8f:
         69:46:75:67
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUNBmkBqQ+Xi/EfizGWndd0hA+nvAwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyOTdhYzAwMjhkNmVmYmRkYWZiN2Q5YzcxZTI5ZWI3MWMw
MDVlMzRmYzE5ZjFmN2M0MjQwHhcNMjYwMjE3MDIzMDE1WhcNMjYwNTE4MjM1OTU5
WjB6MUkwRwYDVQQFE0A3YTMwNjExZTdjMzg1ODZhZmYwZmEyNTg3N2ViMDA2MzQ4
MjYwZjQ1ZTk2MzQ4ZmQwZGUyZjRjZTI1YTM5MGRkMS0wKwYDVQQDEyRmNzI0Mzc4
NS00NmRlLTQxNGItOWI4Zi03YTk2OTllOTc5ZTIwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCzVxBWUweeCEclE1tIbyttANM5lPwdOQ0ElLOkTKCFzawN
d3cnvucikLE/K3IghI1IpdExuvVgbJYV4DOFym5hFMnSJdFSXJhJrWW2R3gJdNkT
6ajoXsp4CzNsS1+9bjwVlcMk3RmcPvYsK+0K9X72dDaaJeDSo3D5JW1Keass39JA
JnSA2Fo3rUMGSYONSqge0YFGkmn7MW+gHAWrpm0C0NtgGN83q8bzU1rcVCD/uQW2
/Jk3oQaEb6U+LI8a1cdfEAX5d7oU0eYwKRTizsB4sQqc/EZPLJsOVyl5//zE1jSd
rlqux1qEq8hrg9F5d3oVpABnzSp/3N7b6+kjKlMNAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQU3K7Zc3drvLjdmTZbj0bvXmhSEXwwHwYDVR0jBBgwFoAUugzhfiM/vHHU
MKvawsMMeQS2oOcwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy9kM2VhNmVhYi1m
NDFmLTRlNDYtYThmNi0zZGE0YTEyOGQ3OGMvOTdhYzAwMjhkNmVmYmRkYWZiN2Q5
YzcxZTI5ZWI3MWMwMDVlMzRmYzE5ZjFmN2M0MjQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTQ2MDJmYjAtYTlkNC00ZjlmLWIwY2EtYmUy
YTEzOWVhOTJiLzE1YzY5ZGEwLWQ0NzEtNGY1Mi1iMjZkLWEzNjM5YjAxZTQxMC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzU0NjAyZmIwLWE5ZDQtNGY5Zi1iMGNh
LWJlMmExMzllYTkyYi83NzNhLTMyY2NlS2V0eHdBWGpUOEdmSDN4Q1EuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmBZzADA4wDQYJKoZIhvcNAQELBQADggEBAAMYe+Ygw5V9CQlTfZN1T0yH
C6xDaNA13lUs+vFzMyeD6D5gOZNs3hcegNTyJV30e0w/3ITIotUAe1vvRhHIgJpD
NSuxcREd6LlA7MTF0RAgtUQf2UyZhaSaExyBRXM5JqJLvPGwJygJj5IYe+RCCCUE
dbU6R+uxUXOUEWmz2GpPJfetJUQcCiQD8l8zRN7sOVAB9gwCtmlGaU5921cYxTKV
HOpk0z2ZSGdACs1fuz5wLZC1ZD7FetN8sG47IBdyQU+hBzNIdXcphPFJRSGScHC5
ygA+renvr53mMOYCtpm2nBDQjNRN1MZHHACQKsZxptabosfUwuHsnr40j2lGdWc=
-----END CERTIFICATE-----