Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/2f059a21-d41b-4846-b7ae-7ea38c32fd4c/fc5db440-703f-41bb-9333-57381c72d267.roa
File:                     fc5db440-703f-41bb-9333-57381c72d267.roa (raw, json)
Hash identifier:          i58dAl6rPt1ponqB/DYi2wsPBddvR3FkOZ48R6/ksgg=
Subject key identifier:   38:4A:98:19:F1:4F:FD:FF:EB:79:64:FD:E1:C7:0F:7E:70:9B:6B:B9
Certificate issuer:       /CN=c167a8b3a01f06717d2af62e3809072084c3af8f48948e40e2
Certificate serial:       5CC02F6078C16D848E5F88E71D4923562AE6732B
Authority key identifier: 1E:5F:2D:62:F8:5A:D2:84:D4:D1:89:25:6B:88:69:E8:E9:11:28:38
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/0a3db4ff-9cd8-4d02-a027-6fa90494a3a1/c167a8b3a01f06717d2af62e3809072084c3af8f48948e40e2.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/2f059a21-d41b-4846-b7ae-7ea38c32fd4c/fc5db440-703f-41bb-9333-57381c72d267.roa
Signing time:             Thu 14 May 2026 21:47:25 +0000
ROA not before:           Thu 14 May 2026 21:47:25 +0000
ROA not after:            Wed 12 Aug 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        2605:8380:700::/40 maxlen: 40
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/2f059a21-d41b-4846-b7ae-7ea38c32fd4c/HwZxfSr2LjgJByCEw6-PSJSOQOI.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/2f059a21-d41b-4846-b7ae-7ea38c32fd4c/HwZxfSr2LjgJByCEw6-PSJSOQOI.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/0a3db4ff-9cd8-4d02-a027-6fa90494a3a1/c167a8b3a01f06717d2af62e3809072084c3af8f48948e40e2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/0a3db4ff-9cd8-4d02-a027-6fa90494a3a1/0a3db4ff-9cd8-4d02-a027-6fa90494a3a1.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/0a3db4ff-9cd8-4d02-a027-6fa90494a3a1/0a3db4ff-9cd8-4d02-a027-6fa90494a3a1.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/0a3db4ff-9cd8-4d02-a027-6fa90494a3a1.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/76fe11d4-d352-4994-8f6c-d6c91b0b8415.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/76fe11d4-d352-4994-8f6c-d6c91b0b8415.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 24 May 2026 21:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5c:c0:2f:60:78:c1:6d:84:8e:5f:88:e7:1d:49:23:56:2a:e6:73:2b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c167a8b3a01f06717d2af62e3809072084c3af8f48948e40e2
        Validity
            Not Before: May 14 21:47:25 2026 GMT
            Not After : Aug 12 23:59:59 2026 GMT
        Subject: serialNumber=d753a4026e9af8ec98c4e5c3178a0530c4f7ed75d85dedce8963046cc8c2fbb4, CN=8f95e4d1-f14f-4d61-ae00-67e047d2f102
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:e4:9a:43:20:f8:3d:c7:4c:cd:07:6a:46:11:
                    2b:a3:6e:34:d9:bf:8c:b3:90:77:1c:2f:3e:06:e3:
                    63:e1:dd:0d:90:76:b8:60:b2:c0:63:aa:c4:52:fc:
                    61:02:8e:96:e2:98:c9:a1:8e:13:ce:2f:b7:bb:56:
                    d2:0c:1d:53:87:be:0d:3a:ee:4c:b6:04:4a:9c:4b:
                    f5:a5:01:f1:05:ab:4e:7e:52:fa:da:56:6d:45:4c:
                    04:2e:d8:9c:d8:95:95:f4:35:63:cd:45:2e:e1:a5:
                    26:17:e8:d5:a8:2a:c3:a1:c8:24:6a:97:da:e9:82:
                    24:a5:14:fb:a5:71:b3:42:90:ab:95:9a:d4:21:f9:
                    c0:eb:53:81:b5:a6:8a:81:24:ba:67:93:80:35:13:
                    f2:70:ac:54:f6:5e:48:7c:1c:9a:7e:4b:59:be:ed:
                    e2:ef:81:0d:8b:81:fa:2a:d3:82:bc:54:37:61:f1:
                    ff:f1:88:c0:09:a2:1c:ee:f0:9c:3a:6c:a8:24:36:
                    f6:b6:be:b2:0a:a7:89:5f:56:77:c6:fc:c4:99:14:
                    84:76:5c:df:7d:29:8e:49:3c:ee:5c:c5:ea:4f:3a:
                    0f:8a:38:5d:79:cd:66:98:a5:85:d6:64:da:aa:ce:
                    df:72:c8:41:26:71:2b:97:6d:56:32:a9:92:b6:00:
                    bd:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                38:4A:98:19:F1:4F:FD:FF:EB:79:64:FD:E1:C7:0F:7E:70:9B:6B:B9
            X509v3 Authority Key Identifier:
                keyid:1E:5F:2D:62:F8:5A:D2:84:D4:D1:89:25:6B:88:69:E8:E9:11:28:38

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/0a3db4ff-9cd8-4d02-a027-6fa90494a3a1/c167a8b3a01f06717d2af62e3809072084c3af8f48948e40e2.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/2f059a21-d41b-4846-b7ae-7ea38c32fd4c/fc5db440-703f-41bb-9333-57381c72d267.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/2f059a21-d41b-4846-b7ae-7ea38c32fd4c/HwZxfSr2LjgJByCEw6-PSJSOQOI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2605:8380:700::/40

    Signature Algorithm: sha256WithRSAEncryption
         1a:44:58:26:75:75:81:65:10:fa:a9:df:78:50:85:d8:1f:df:
         2f:44:c4:e0:ee:b1:b4:79:b0:07:0d:86:66:6d:b1:22:f6:6d:
         7b:44:7b:02:64:c8:e6:43:53:fa:af:54:18:d3:e0:b1:e4:9c:
         b1:18:47:d3:da:9f:a2:bf:60:a9:14:6d:3d:63:ed:e0:cd:9d:
         9e:b2:d6:ca:61:69:f6:67:ff:4d:94:af:d2:09:ea:94:55:94:
         0e:16:4a:5c:de:27:19:d2:77:0c:66:38:ea:66:f9:3d:d8:f6:
         40:41:d1:cb:8a:56:97:df:38:be:61:8d:52:5b:6f:17:84:ca:
         de:24:d7:4f:3b:c6:1b:c8:21:3a:6d:aa:75:63:86:8d:b0:41:
         85:df:91:45:8e:46:14:52:57:4e:b4:6f:06:02:8d:be:49:3f:
         28:36:5a:70:2c:22:40:51:56:04:b3:3b:58:ec:b9:98:ec:4f:
         18:ce:83:37:f1:81:61:9e:59:f6:e4:bc:03:0e:d5:3f:0b:b6:
         b0:a8:1e:c1:38:ca:6d:ce:85:ab:8d:8b:f9:cf:79:ef:4f:8c:
         b5:a4:fc:3a:95:37:b8:d8:e9:b6:d4:24:46:6a:fd:26:9e:01:
         9d:c9:66:15:77:3b:53:d8:38:98:c3:90:a9:63:95:38:38:bc:
         1f:bc:a6:ed
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUXMAvYHjBbYSOX4jnHUkjVirmcyswDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyYzE2N2E4YjNhMDFmMDY3MTdkMmFmNjJlMzgwOTA3MjA4
NGMzYWY4ZjQ4OTQ4ZTQwZTIwHhcNMjYwNTE0MjE0NzI1WhcNMjYwODEyMjM1OTU5
WjB6MUkwRwYDVQQFE0BkNzUzYTQwMjZlOWFmOGVjOThjNGU1YzMxNzhhMDUzMGM0
ZjdlZDc1ZDg1ZGVkY2U4OTYzMDQ2Y2M4YzJmYmI0MS0wKwYDVQQDEyQ4Zjk1ZTRk
MS1mMTRmLTRkNjEtYWUwMC02N2UwNDdkMmYxMDIwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDQ5JpDIPg9x0zNB2pGESujbjTZv4yzkHccLz4G42Ph3Q2Q
drhgssBjqsRS/GECjpbimMmhjhPOL7e7VtIMHVOHvg067ky2BEqcS/WlAfEFq05+
UvraVm1FTAQu2JzYlZX0NWPNRS7hpSYX6NWoKsOhyCRql9rpgiSlFPulcbNCkKuV
mtQh+cDrU4G1poqBJLpnk4A1E/JwrFT2Xkh8HJp+S1m+7eLvgQ2Lgfoq04K8VDdh
8f/xiMAJohzu8Jw6bKgkNva2vrIKp4lfVnfG/MSZFIR2XN99KY5JPO5cxepPOg+K
OF15zWaYpYXWZNqqzt9yyEEmcSuXbVYyqZK2AL3/AgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUOEqYGfFP/f/reWT94ccPfnCba7kwHwYDVR0jBBgwFoAUHl8tYvha0oTU
0Ykla4hp6OkRKDgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
Lzc2ZmUxMWQ0LWQzNTItNDk5NC04ZjZjLWQ2YzkxYjBiODQxNS8wYTNkYjRmZi05
Y2Q4LTRkMDItYTAyNy02ZmE5MDQ5NGEzYTEvYzE2N2E4YjNhMDFmMDY3MTdkMmFm
NjJlMzgwOTA3MjA4NGMzYWY4ZjQ4OTQ4ZTQwZTIuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMmYwNTlhMjEtZDQxYi00ODQ2LWI3YWUtN2Vh
MzhjMzJmZDRjL2ZjNWRiNDQwLTcwM2YtNDFiYi05MzMzLTU3MzgxYzcyZDI2Ny5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzJmMDU5YTIxLWQ0MWItNDg0Ni1iN2Fl
LTdlYTM4YzMyZmQ0Yy9Id1p4ZlNyMkxqZ0pCeUNFdzYtUFNKU09RT0kuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgAmBYOABzANBgkqhkiG9w0BAQsFAAOCAQEAGkRYJnV1gWUQ+qnfeFCF2B/f
L0TE4O6xtHmwBw2GZm2xIvZte0R7AmTI5kNT+q9UGNPgseScsRhH09qfor9gqRRt
PWPt4M2dnrLWymFp9mf/TZSv0gnqlFWUDhZKXN4nGdJ3DGY46mb5Pdj2QEHRy4pW
l984vmGNUltvF4TK3iTXTzvGG8ghOm2qdWOGjbBBhd+RRY5GFFJXTrRvBgKNvkk/
KDZacCwiQFFWBLM7WOy5mOxPGM6DN/GBYZ5Z9uS8Aw7VPwu2sKgewTjKbc6Fq42L
+c9570+MtaT8OpU3uNjpttQkRmr9Jp4BnclmFXc7U9g4mMOQqWOVODi8H7ym7Q==
-----END CERTIFICATE-----