Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/5362b40e-d987-4a9d-8f30-59c3b7075db1.roa
File:                     5362b40e-d987-4a9d-8f30-59c3b7075db1.roa (raw, json)
Hash identifier:          vqy7X0Uz/a2cwj/ltqlUcPW2ALQlmvbmrkpmPIWBIhg=
Subject key identifier:   1B:4E:B1:34:68:82:F4:5F:78:21:F0:C9:62:8B:BE:2D:B4:20:E7:70
Certificate issuer:       /CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
Certificate serial:       049D9489F33DF0043C5CBB132B22A03437892EDE
Authority key identifier: 2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/5362b40e-d987-4a9d-8f30-59c3b7075db1.roa
Signing time:             Tue 19 May 2026 04:20:49 +0000
ROA not before:           Tue 19 May 2026 04:20:49 +0000
ROA not after:            Mon 17 Aug 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:f0f0:5530::/44 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sat 13 Jun 2026 22:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            04:9d:94:89:f3:3d:f0:04:3c:5c:bb:13:2b:22:a0:34:37:89:2e:de
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
        Validity
            Not Before: May 19 04:20:49 2026 GMT
            Not After : Aug 17 23:59:59 2026 GMT
        Subject: serialNumber=2854c6ef8bb84ac2427ddc8ed65fd510590c585012af90335ffc17dee4bb6060, CN=fbb27576-cac2-4381-9a53-6c15e0dc26ff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8a:c2:8a:ad:0f:d6:01:d5:ce:42:2b:f5:30:7b:
                    19:81:c9:17:30:e6:58:24:d1:05:2b:a2:68:d4:c4:
                    30:a0:0f:27:fa:da:01:3e:ec:06:5a:b4:d1:99:9e:
                    5f:6d:ef:3a:6d:d3:88:ec:25:01:2a:9f:73:e6:67:
                    a6:74:f7:a8:38:ca:fb:80:c3:68:99:44:e8:5f:3b:
                    e5:03:bb:9b:b6:be:bf:eb:98:96:72:a7:7b:fd:36:
                    82:1d:83:c8:7b:85:94:69:84:78:f1:24:8d:7e:1f:
                    c0:4e:74:45:be:d1:fd:f5:97:ba:1f:b0:93:50:ba:
                    85:62:ee:64:cd:9d:6a:2c:c9:68:83:10:0b:bd:27:
                    7f:dc:cc:5a:db:10:72:2a:9f:03:1a:fd:b4:0d:45:
                    38:32:7c:62:7d:55:89:65:07:ec:60:5e:f5:e5:36:
                    3d:3c:14:c0:b4:aa:c1:0f:eb:a4:31:f4:0d:e8:45:
                    fb:a5:8e:5d:04:70:8b:b5:44:6c:57:a7:e4:6c:99:
                    62:a3:bc:4e:88:60:96:41:9c:c8:9f:a9:8e:04:9e:
                    b7:3c:1a:fc:46:d3:93:d9:25:ed:a4:bf:08:6b:97:
                    87:f8:5d:00:66:6d:f3:dc:84:e7:c9:cf:a1:7c:87:
                    04:2d:6a:b1:05:3a:22:38:84:e5:3a:ba:c3:69:cc:
                    3f:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1B:4E:B1:34:68:82:F4:5F:78:21:F0:C9:62:8B:BE:2D:B4:20:E7:70
            X509v3 Authority Key Identifier:
                keyid:2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/5362b40e-d987-4a9d-8f30-59c3b7075db1.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:f0f0:5530::/44

    Signature Algorithm: sha256WithRSAEncryption
         8f:5c:83:9a:f7:a7:42:67:c7:85:a2:4c:e7:59:21:df:2d:08:
         b7:64:02:7c:ea:a7:b0:8c:14:87:a9:49:58:57:69:ac:b2:d3:
         9e:95:73:63:96:2e:86:e9:d4:cc:c2:20:62:60:a8:d9:36:c0:
         63:99:57:a9:4a:57:ed:b6:d5:19:78:f1:b5:8d:92:c3:ef:99:
         f7:bc:d9:9e:2c:36:d6:da:72:b8:90:d1:06:f3:75:53:f5:2f:
         37:78:07:9c:c5:ef:0e:22:f5:c2:a9:34:5d:0d:c8:03:40:c0:
         2f:8e:b8:bf:33:48:2f:0c:2c:62:62:29:60:cb:78:14:de:90:
         f6:9b:74:35:72:ec:c9:57:d5:2b:ff:97:2e:f9:c7:f0:7c:4e:
         72:c6:b9:c2:11:a0:2a:2b:17:7e:b6:a3:c1:1b:c0:55:86:28:
         77:41:7d:f2:0e:66:88:13:27:aa:77:3f:a6:33:d6:5d:6f:ea:
         fb:54:1d:7d:9c:f7:86:97:90:a0:54:61:79:b8:f6:c7:19:3f:
         d1:a9:4f:89:c8:2e:7b:f4:a2:0b:c7:7d:3e:3e:d6:d8:68:7a:
         9d:71:86:62:54:f1:dc:22:8c:7c:ae:e0:7d:1f:d2:63:0b:e6:
         75:3b:55:7d:be:06:53:59:a9:64:4b:42:7b:f1:0f:8c:97:1a:
         9f:00:07:c3
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUBJ2UifM98AQ8XLsTKyKgNDeJLt4wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyYjU4NDVjMzA3ZDBiZjYxYjEzNGI4YWI3MTE1NDU4MjZi
MTcwN2ZkNWYwYWY4NGRhMDgwHhcNMjYwNTE5MDQyMDQ5WhcNMjYwODE3MjM1OTU5
WjB6MUkwRwYDVQQFE0AyODU0YzZlZjhiYjg0YWMyNDI3ZGRjOGVkNjVmZDUxMDU5
MGM1ODUwMTJhZjkwMzM1ZmZjMTdkZWU0YmI2MDYwMS0wKwYDVQQDEyRmYmIyNzU3
Ni1jYWMyLTQzODEtOWE1My02YzE1ZTBkYzI2ZmYwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCKwoqtD9YB1c5CK/UwexmByRcw5lgk0QUromjUxDCgDyf6
2gE+7AZatNGZnl9t7zpt04jsJQEqn3PmZ6Z096g4yvuAw2iZROhfO+UDu5u2vr/r
mJZyp3v9NoIdg8h7hZRphHjxJI1+H8BOdEW+0f31l7ofsJNQuoVi7mTNnWosyWiD
EAu9J3/czFrbEHIqnwMa/bQNRTgyfGJ9VYllB+xgXvXlNj08FMC0qsEP66Qx9A3o
Rfuljl0EcIu1RGxXp+RsmWKjvE6IYJZBnMifqY4Enrc8GvxG05PZJe2kvwhrl4f4
XQBmbfPchOfJz6F8hwQtarEFOiI4hOU6usNpzD/JAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUG06xNGiC9F94IfDJYou+LbQg53AwHwYDVR0jBBgwFoAULhjiCKGCVxsJ
fdIjpxaeQOvpiT0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy82YTk1MzdhOC1h
Njg1LTRiNDgtOWZhOC04MzYyZTRmYzQ3YWUvYjU4NDVjMzA3ZDBiZjYxYjEzNGI4
YWI3MTE1NDU4MjZiMTcwN2ZkNWYwYWY4NGRhMDguY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTE3ZjNlZDctNThiNS00Nzk2LWJlMzctMTRk
NjJlNDhmMDU2LzUzNjJiNDBlLWQ5ODctNGE5ZC04ZjMwLTU5YzNiNzA3NWRiMS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzUxN2YzZWQ3LTU4YjUtNDc5Ni1iZTM3
LTE0ZDYyZTQ4ZjA1Ni9DX1liRTB1S3R4RlVXQ2F4Y0hfVjhLLUUyZ2cuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwQmAPDwVTAwDQYJKoZIhvcNAQELBQADggEBAI9cg5r3p0Jnx4WiTOdZId8t
CLdkAnzqp7CMFIepSVhXaayy056Vc2OWLobp1MzCIGJgqNk2wGOZV6lKV+221Rl4
8bWNksPvmfe82Z4sNtbacriQ0QbzdVP1Lzd4B5zF7w4i9cKpNF0NyANAwC+OuL8z
SC8MLGJiKWDLeBTekPabdDVy7MlX1Sv/ly75x/B8TnLGucIRoCorF362o8EbwFWG
KHdBffIOZogTJ6p3P6Yz1l1v6vtUHX2c94aXkKBUYXm49scZP9GpT4nILnv0ogvH
fT4+1thoep1xhmJU8dwijHyu4H0f0mML5nU7VX2+BlNZqWRLQnvxD4yXGp8AB8M=
-----END CERTIFICATE-----
Generated at Fri Jun 12 05:52:33 2026 by rpki-client