Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/9453109a-5870-4f75-951d-87a2f3817426.roa
File:                     9453109a-5870-4f75-951d-87a2f3817426.roa (raw, json)
Hash identifier:          3LBygvTReNHGtYrKa2isFF+64R6fUAfxkHBI2NJnWLQ=
Subject key identifier:   E3:F8:C2:29:19:11:87:63:7B:73:62:D4:77:68:3D:EB:06:BA:14:E1
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       3206FFFDFA0630C83E861F6E621A52678DB795FA
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/9453109a-5870-4f75-951d-87a2f3817426.roa
Signing time:             Sat 27 Jun 2026 06:32:13 +0000
ROA not before:           Sat 27 Jun 2026 06:32:13 +0000
ROA not after:            Fri 25 Sep 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        64.66.128.0/18 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 02 Jul 2026 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            32:06:ff:fd:fa:06:30:c8:3e:86:1f:6e:62:1a:52:67:8d:b7:95:fa
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jun 27 06:32:13 2026 GMT
            Not After : Sep 25 23:59:59 2026 GMT
        Subject: serialNumber=9fac7491b31eeb50a8c3a0fe97e6b4ca5c1c0cb9ad04a69b49e4bc6ed5cee63c, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:5c:b5:72:ca:fa:0f:7a:4d:af:9b:e2:6d:46:
                    e3:a5:6e:8f:e7:21:b1:17:ca:76:19:e9:cf:71:b8:
                    4a:ba:65:82:8f:6d:84:eb:12:7c:b4:37:e5:f5:9b:
                    7d:d2:d4:b0:08:26:de:60:3f:98:12:43:de:d1:fb:
                    09:89:f8:98:3f:f7:49:09:4e:39:ee:2e:db:d6:a3:
                    f6:76:d5:09:14:0c:45:3a:99:3c:f9:8e:a3:43:32:
                    e3:b7:ef:3e:f4:f2:17:13:e7:3e:13:97:99:ac:9a:
                    00:ad:ce:d6:58:d0:ec:0b:1f:e5:c6:2c:cb:53:c6:
                    39:93:dd:09:64:5e:48:4e:8e:d0:34:8b:29:17:37:
                    f6:2f:d0:8a:23:fd:e3:c5:f3:2d:2e:b0:86:af:a3:
                    31:7d:fa:d9:f9:30:af:7c:99:30:71:3d:c2:4f:27:
                    52:6b:65:40:d3:42:d9:f1:58:ea:42:d8:f0:cb:af:
                    74:00:c5:38:cb:5a:b5:51:49:42:a5:28:74:df:1c:
                    0b:5c:70:58:a4:14:88:c4:90:7e:ac:a5:33:e5:55:
                    a5:ee:7c:bd:d8:48:fa:a5:fd:c5:f5:c1:ca:d9:fe:
                    4d:a2:59:20:e7:41:f1:d3:43:70:f4:0e:6c:5b:2e:
                    7d:60:0d:47:a8:c5:b0:56:b6:c8:13:4f:b8:33:f6:
                    ed:7f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E3:F8:C2:29:19:11:87:63:7B:73:62:D4:77:68:3D:EB:06:BA:14:E1
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/9453109a-5870-4f75-951d-87a2f3817426.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  64.66.128.0/18

    Signature Algorithm: sha256WithRSAEncryption
         86:2a:0b:21:9a:e6:38:9d:7b:9d:d4:8d:38:fb:ec:66:57:d5:
         04:7a:61:4a:e2:b1:d1:19:8d:e3:90:c1:2f:80:3a:b1:eb:74:
         19:72:c1:4c:26:8d:4d:96:12:c9:d8:6d:4f:a4:40:18:34:11:
         84:63:d1:4f:ad:e9:6a:26:f6:3d:b0:3a:41:e1:03:b1:8a:89:
         79:8c:0f:17:96:ce:80:a0:97:84:c4:ee:32:44:49:e2:ab:1a:
         67:a4:ba:e8:29:cc:35:c8:46:2e:09:4d:71:07:eb:55:01:84:
         26:ba:8d:1c:45:46:1d:b9:30:a4:1f:87:64:f7:3c:50:fc:03:
         ae:ae:bf:e4:c9:87:0f:43:04:54:6a:53:d9:71:bc:69:26:e7:
         5b:dc:7f:47:ed:59:13:5a:d6:9b:c8:b4:24:86:50:d7:6f:a9:
         db:85:da:30:8a:54:5e:ff:36:f1:57:92:3a:1b:a8:12:52:d7:
         ee:5a:95:3c:46:3c:cc:93:80:a6:d9:20:d1:4d:ee:72:41:84:
         b3:aa:4b:ac:67:dc:f5:93:34:85:79:e7:fd:7e:91:a6:69:61:
         d7:8d:8a:0d:e3:ec:f5:ac:07:69:a8:b8:61:84:98:8f:9d:3c:
         a5:27:de:1b:2f:6d:7d:0b:80:97:b4:59:fa:95:00:01:aa:d0:
         e7:96:32:a2
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUMgb//foGMMg+hh9uYhpSZ423lfowDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjYwNjI3MDYzMjEzWhcNMjYwOTI1MjM1OTU5
WjB6MUkwRwYDVQQFE0A5ZmFjNzQ5MWIzMWVlYjUwYThjM2EwZmU5N2U2YjRjYTVj
MWMwY2I5YWQwNGE2OWI0OWU0YmM2ZWQ1Y2VlNjNjMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCcXLVyyvoPek2vm+JtRuOlbo/nIbEXynYZ6c9xuEq6ZYKP
bYTrEny0N+X1m33S1LAIJt5gP5gSQ97R+wmJ+Jg/90kJTjnuLtvWo/Z21QkUDEU6
mTz5jqNDMuO37z708hcT5z4Tl5msmgCtztZY0OwLH+XGLMtTxjmT3QlkXkhOjtA0
iykXN/Yv0Ioj/ePF8y0usIavozF9+tn5MK98mTBxPcJPJ1JrZUDTQtnxWOpC2PDL
r3QAxTjLWrVRSUKlKHTfHAtccFikFIjEkH6spTPlVaXufL3YSPql/cX1wcrZ/k2i
WSDnQfHTQ3D0DmxbLn1gDUeoxbBWtsgTT7gz9u1/AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU4/jCKRkRh2N7c2LUd2g96wa6FOEwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzk0NTMxMDlhLTU4NzAtNGY3NS05NTFkLTg3YTJmMzgxNzQyNi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAZAQoAwDQYJKoZIhvcNAQELBQADggEBAIYqCyGa5jide53UjTj77GZX1QR6
YUrisdEZjeOQwS+AOrHrdBlywUwmjU2WEsnYbU+kQBg0EYRj0U+t6Wom9j2wOkHh
A7GKiXmMDxeWzoCgl4TE7jJESeKrGmekuugpzDXIRi4JTXEH61UBhCa6jRxFRh25
MKQfh2T3PFD8A66uv+TJhw9DBFRqU9lxvGkm51vcf0ftWRNa1pvItCSGUNdvqduF
2jCKVF7/NvFXkjobqBJS1+5alTxGPMyTgKbZINFN7nJBhLOqS6xn3PWTNIV55/1+
kaZpYdeNig3j7PWsB2mouGGEmI+dPKUn3hsvbX0LgJe0WfqVAAGq0OeWMqI=
-----END CERTIFICATE-----
Generated at Wed Jul 1 06:19:49 2026 by rpki-client