Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/268e8257-e346-4e07-8464-979a1442b57f.roa
File:                     268e8257-e346-4e07-8464-979a1442b57f.roa (raw, json)
Hash identifier:          QI/cqNa2YabYuC4qyELxxRRNQpLbbBWdCxLDx5vpOzs=
Subject key identifier:   85:00:ED:AA:38:FF:0E:70:07:1E:C7:16:59:26:83:26:4A:81:81:15
Certificate issuer:       /CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
Certificate serial:       6E5F8B3993CDF460BD820661A2C78B2727DBFB9C
Authority key identifier: 2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/268e8257-e346-4e07-8464-979a1442b57f.roa
Signing time:             Wed 01 Jul 2026 07:17:55 +0000
ROA not before:           Wed 01 Jul 2026 07:17:55 +0000
ROA not after:            Tue 29 Sep 2026 23:59:59 +0000
asID:                     14618
IP address blocks:        2600:f0fb:c000::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sat 04 Jul 2026 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6e:5f:8b:39:93:cd:f4:60:bd:82:06:61:a2:c7:8b:27:27:db:fb:9c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
        Validity
            Not Before: Jul  1 07:17:55 2026 GMT
            Not After : Sep 29 23:59:59 2026 GMT
        Subject: serialNumber=be69b3cb461eee6ede86374e494f73dd27f040104980e9528629890a79194570, CN=fbb27576-cac2-4381-9a53-6c15e0dc26ff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:6f:b5:37:7d:d5:f0:67:8e:dd:f4:ec:84:ed:
                    39:30:fa:25:06:0c:88:b0:ce:84:f8:4e:b4:6d:c7:
                    c3:3f:85:13:bd:8a:d9:c9:f4:69:0e:92:e2:27:40:
                    bb:78:a0:7d:97:40:26:7d:4f:dc:c9:48:bb:e6:a4:
                    d8:19:8b:dc:c9:af:0a:19:42:a2:4f:7e:54:e6:56:
                    79:59:2f:d9:34:4c:5c:f8:9d:ad:4f:fb:7e:20:a6:
                    e8:81:7f:ae:b4:6c:aa:ce:a6:e0:2b:8a:aa:12:51:
                    73:d3:b4:43:2c:e5:17:1c:5e:30:1f:1d:73:bb:1c:
                    7e:1e:59:d6:1e:c6:ac:8b:2c:af:0d:73:3c:60:67:
                    73:ce:05:99:d5:29:20:a2:ac:26:b1:b9:6c:8f:33:
                    34:95:03:41:5d:77:ac:ac:d6:0a:92:0b:2a:3d:42:
                    aa:85:66:e9:7d:28:ea:8c:fb:d4:b5:5f:90:b6:c0:
                    d1:5a:a4:55:0f:46:7c:8c:ab:12:4b:d8:60:13:99:
                    a9:e8:c3:2d:64:d9:0e:36:35:e9:06:bd:f7:5e:15:
                    c3:80:0f:e2:c4:dc:81:05:50:3c:f6:da:82:76:8d:
                    f5:5b:80:a6:88:4e:8b:74:40:75:56:c2:c9:48:13:
                    d1:82:28:27:b7:8e:66:50:fb:ce:01:98:e1:54:8c:
                    ba:83
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                85:00:ED:AA:38:FF:0E:70:07:1E:C7:16:59:26:83:26:4A:81:81:15
            X509v3 Authority Key Identifier:
                keyid:2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/268e8257-e346-4e07-8464-979a1442b57f.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:f0fb:c000::/48

    Signature Algorithm: sha256WithRSAEncryption
         54:20:8e:13:50:a1:1b:7a:d8:33:67:29:d9:6d:27:7f:f0:75:
         f6:22:47:f6:6c:c5:17:3c:d5:2f:23:ba:18:e9:c3:28:c1:82:
         6b:22:b2:3f:47:51:c5:11:8a:c7:34:48:68:26:38:17:99:9d:
         0b:ae:3f:74:50:37:54:b6:53:2b:e2:35:c4:34:06:19:9e:08:
         27:19:1e:50:ff:eb:5e:b8:e1:7d:12:95:9a:76:29:c3:1b:44:
         29:db:fc:31:6d:41:0b:63:87:49:75:f8:e3:ac:16:57:ae:25:
         74:ce:2c:6e:83:6e:c0:49:c9:62:91:91:1f:3b:18:8d:36:ae:
         c6:ce:3d:47:63:19:2f:0a:73:ff:0f:78:c2:b7:d1:a5:f8:60:
         29:dc:3c:cf:32:a1:18:74:86:fd:b6:46:41:b2:29:6a:d4:60:
         94:1a:2a:a3:2b:36:e1:53:eb:2d:03:bc:4d:88:a8:af:d6:a3:
         18:e1:1d:9f:46:96:32:eb:3b:b5:5e:80:0c:5d:b0:ca:ba:44:
         de:f5:05:01:a0:7e:eb:fd:45:01:32:47:8c:31:c9:a8:8e:09:
         fa:f1:34:d1:af:b6:8b:36:b4:aa:9c:be:ec:01:6d:8e:0a:6e:
         5d:77:a9:da:43:ba:74:ea:dc:91:0d:97:9a:db:f6:f9:3b:0f:
         98:a0:83:9c
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUbl+LOZPN9GC9ggZhoseLJyfb+5wwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyYjU4NDVjMzA3ZDBiZjYxYjEzNGI4YWI3MTE1NDU4MjZi
MTcwN2ZkNWYwYWY4NGRhMDgwHhcNMjYwNzAxMDcxNzU1WhcNMjYwOTI5MjM1OTU5
WjB6MUkwRwYDVQQFE0BiZTY5YjNjYjQ2MWVlZTZlZGU4NjM3NGU0OTRmNzNkZDI3
ZjA0MDEwNDk4MGU5NTI4NjI5ODkwYTc5MTk0NTcwMS0wKwYDVQQDEyRmYmIyNzU3
Ni1jYWMyLTQzODEtOWE1My02YzE1ZTBkYzI2ZmYwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDXb7U3fdXwZ47d9OyE7Tkw+iUGDIiwzoT4TrRtx8M/hRO9
itnJ9GkOkuInQLt4oH2XQCZ9T9zJSLvmpNgZi9zJrwoZQqJPflTmVnlZL9k0TFz4
na1P+34gpuiBf660bKrOpuAriqoSUXPTtEMs5RccXjAfHXO7HH4eWdYexqyLLK8N
czxgZ3POBZnVKSCirCaxuWyPMzSVA0Fdd6ys1gqSCyo9QqqFZul9KOqM+9S1X5C2
wNFapFUPRnyMqxJL2GATmanowy1k2Q42NekGvfdeFcOAD+LE3IEFUDz22oJ2jfVb
gKaITot0QHVWwslIE9GCKCe3jmZQ+84BmOFUjLqDAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUhQDtqjj/DnAHHscWWSaDJkqBgRUwHwYDVR0jBBgwFoAULhjiCKGCVxsJ
fdIjpxaeQOvpiT0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy82YTk1MzdhOC1h
Njg1LTRiNDgtOWZhOC04MzYyZTRmYzQ3YWUvYjU4NDVjMzA3ZDBiZjYxYjEzNGI4
YWI3MTE1NDU4MjZiMTcwN2ZkNWYwYWY4NGRhMDguY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTE3ZjNlZDctNThiNS00Nzk2LWJlMzctMTRk
NjJlNDhmMDU2LzI2OGU4MjU3LWUzNDYtNGUwNy04NDY0LTk3OWExNDQyYjU3Zi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzUxN2YzZWQ3LTU4YjUtNDc5Ni1iZTM3
LTE0ZDYyZTQ4ZjA1Ni9DX1liRTB1S3R4RlVXQ2F4Y0hfVjhLLUUyZ2cuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmAPD7wAAwDQYJKoZIhvcNAQELBQADggEBAFQgjhNQoRt62DNnKdltJ3/w
dfYiR/ZsxRc81S8juhjpwyjBgmsisj9HUcURisc0SGgmOBeZnQuuP3RQN1S2Uyvi
NcQ0BhmeCCcZHlD/61644X0SlZp2KcMbRCnb/DFtQQtjh0l1+OOsFleuJXTOLG6D
bsBJyWKRkR87GI02rsbOPUdjGS8Kc/8PeMK30aX4YCncPM8yoRh0hv22RkGyKWrU
YJQaKqMrNuFT6y0DvE2IqK/WoxjhHZ9GljLrO7VegAxdsMq6RN71BQGgfuv9RQEy
R4wxyaiOCfrxNNGvtos2tKqcvuwBbY4Kbl13qdpDunTq3JENl5rb9vk7D5igg5w=
-----END CERTIFICATE-----
Generated at Fri Jul 3 14:49:31 2026 by rpki-client