Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/6a64a335-1962-4306-9dd6-beb2565ad283.roa
File:                     6a64a335-1962-4306-9dd6-beb2565ad283.roa (raw, json)
Hash identifier:          PdfTzWUPx4OX/PM6NXdI3A0tYEiy2MmJ3rRQYedh7pg=
Subject key identifier:   8B:F9:F6:1F:5D:74:E9:58:A9:C3:5E:4B:0F:FF:86:51:D8:27:B3:6F
Certificate issuer:       /CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
Certificate serial:       61570262ADEE1148A38E99924B92A395090D13B8
Authority key identifier: 2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/6a64a335-1962-4306-9dd6-beb2565ad283.roa
Signing time:             Thu 18 Jun 2026 00:00:08 +0000
ROA not before:           Thu 18 Jun 2026 00:00:08 +0000
ROA not after:            Wed 16 Sep 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:f0f0:c00::/40 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sat 04 Jul 2026 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            61:57:02:62:ad:ee:11:48:a3:8e:99:92:4b:92:a3:95:09:0d:13:b8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
        Validity
            Not Before: Jun 18 00:00:08 2026 GMT
            Not After : Sep 16 23:59:59 2026 GMT
        Subject: serialNumber=1b0fd87866618e6e18dbabd29cc9da17229773b26ac8afdb909d790d6b6ef8ef, CN=fbb27576-cac2-4381-9a53-6c15e0dc26ff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:06:17:11:6c:02:5b:f6:1d:01:d2:d0:19:13:
                    6c:94:56:55:fd:f6:e3:e4:07:7a:fa:6f:1e:02:f6:
                    9d:af:37:af:0d:09:c6:a9:c6:9b:57:2e:a5:17:16:
                    4f:78:f0:ce:aa:16:76:fc:6b:01:a2:20:43:aa:92:
                    27:9a:a2:39:9f:84:49:1c:50:20:cb:f7:65:e9:ea:
                    d8:9e:42:c0:35:44:e3:d3:61:8d:96:7c:1f:6f:12:
                    02:0d:4d:1e:be:18:6d:7d:ed:23:e9:29:36:de:d4:
                    d0:ce:d1:0b:5f:88:e5:c9:3c:67:bd:82:22:e0:30:
                    c9:2f:aa:e0:40:c3:e5:80:e1:f1:e5:be:23:a3:60:
                    ee:d7:3f:37:67:c6:25:e5:1b:2c:44:06:d2:d8:39:
                    46:2e:e9:3d:a2:0f:b1:a3:8c:4e:cc:59:0e:bb:3d:
                    23:bb:86:03:a2:73:5c:3b:df:9c:63:66:12:ca:47:
                    9c:84:ba:95:e5:0c:7a:86:a0:39:18:e9:ec:0a:ae:
                    b3:e3:d7:aa:95:6d:ed:f6:3e:df:77:1c:86:66:4b:
                    40:d4:22:c3:b6:46:6d:f8:17:2a:06:53:54:ba:2b:
                    bb:29:23:ba:f5:9c:2c:f8:23:af:2f:cf:2d:c2:63:
                    d6:7b:7d:4b:a0:5d:4b:5b:66:23:1f:5a:8c:16:d8:
                    56:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8B:F9:F6:1F:5D:74:E9:58:A9:C3:5E:4B:0F:FF:86:51:D8:27:B3:6F
            X509v3 Authority Key Identifier:
                keyid:2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/6a64a335-1962-4306-9dd6-beb2565ad283.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:f0f0:c00::/40

    Signature Algorithm: sha256WithRSAEncryption
         51:aa:51:6c:dd:7b:b8:9c:79:5b:8f:5d:8c:74:96:84:66:19:
         6f:58:3f:a6:cf:77:05:a8:94:52:7f:6c:1b:98:3c:72:ef:83:
         5b:05:4c:53:df:44:a3:4a:cf:ce:12:21:b8:ed:75:56:eb:42:
         49:10:cd:9a:e7:fc:9c:e4:c7:76:1f:39:30:90:f6:fe:05:8b:
         b9:75:4a:96:be:a7:a1:ea:4b:55:95:c5:68:38:38:e6:d2:f4:
         d7:02:2a:4a:8f:65:58:fe:64:b9:64:b6:26:bd:5a:4a:fa:74:
         eb:95:87:85:0b:36:59:2e:54:0f:58:ca:9d:0e:0a:b1:4b:ba:
         d6:e5:78:84:44:c9:43:e1:10:bb:fb:83:cc:0e:ee:3d:d2:ed:
         cc:f9:2a:96:10:fe:cb:04:65:c7:0d:6a:06:30:27:a2:55:1b:
         db:bf:41:b5:de:0d:d3:a6:93:d6:9a:96:eb:3a:eb:92:e3:a5:
         bd:d6:51:7e:c5:fc:58:94:09:7a:b4:60:12:44:ce:5f:58:11:
         68:38:b9:d4:fa:39:b0:79:7a:90:9f:98:df:ba:38:9f:aa:a6:
         9b:a8:22:f0:a0:b7:09:45:f7:f9:79:2c:19:8c:92:01:91:80:
         6f:2c:5f:a7:a9:e7:57:63:aa:ae:f8:9f:40:21:f1:0f:7b:75:
         83:86:37:d2
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUYVcCYq3uEUijjpmSS5KjlQkNE7gwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyYjU4NDVjMzA3ZDBiZjYxYjEzNGI4YWI3MTE1NDU4MjZi
MTcwN2ZkNWYwYWY4NGRhMDgwHhcNMjYwNjE4MDAwMDA4WhcNMjYwOTE2MjM1OTU5
WjB6MUkwRwYDVQQFE0AxYjBmZDg3ODY2NjE4ZTZlMThkYmFiZDI5Y2M5ZGExNzIy
OTc3M2IyNmFjOGFmZGI5MDlkNzkwZDZiNmVmOGVmMS0wKwYDVQQDEyRmYmIyNzU3
Ni1jYWMyLTQzODEtOWE1My02YzE1ZTBkYzI2ZmYwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCWBhcRbAJb9h0B0tAZE2yUVlX99uPkB3r6bx4C9p2vN68N
CcapxptXLqUXFk948M6qFnb8awGiIEOqkieaojmfhEkcUCDL92Xp6tieQsA1ROPT
YY2WfB9vEgINTR6+GG197SPpKTbe1NDO0QtfiOXJPGe9giLgMMkvquBAw+WA4fHl
viOjYO7XPzdnxiXlGyxEBtLYOUYu6T2iD7GjjE7MWQ67PSO7hgOic1w735xjZhLK
R5yEupXlDHqGoDkY6ewKrrPj16qVbe32Pt93HIZmS0DUIsO2Rm34FyoGU1S6K7sp
I7r1nCz4I68vzy3CY9Z7fUugXUtbZiMfWowW2FblAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUi/n2H1106Vipw15LD/+GUdgns28wHwYDVR0jBBgwFoAULhjiCKGCVxsJ
fdIjpxaeQOvpiT0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy82YTk1MzdhOC1h
Njg1LTRiNDgtOWZhOC04MzYyZTRmYzQ3YWUvYjU4NDVjMzA3ZDBiZjYxYjEzNGI4
YWI3MTE1NDU4MjZiMTcwN2ZkNWYwYWY4NGRhMDguY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTE3ZjNlZDctNThiNS00Nzk2LWJlMzctMTRk
NjJlNDhmMDU2LzZhNjRhMzM1LTE5NjItNDMwNi05ZGQ2LWJlYjI1NjVhZDI4My5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzUxN2YzZWQ3LTU4YjUtNDc5Ni1iZTM3
LTE0ZDYyZTQ4ZjA1Ni9DX1liRTB1S3R4RlVXQ2F4Y0hfVjhLLUUyZ2cuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgAmAPDwDDANBgkqhkiG9w0BAQsFAAOCAQEAUapRbN17uJx5W49djHSWhGYZ
b1g/ps93BaiUUn9sG5g8cu+DWwVMU99Eo0rPzhIhuO11VutCSRDNmuf8nOTHdh85
MJD2/gWLuXVKlr6noepLVZXFaDg45tL01wIqSo9lWP5kuWS2Jr1aSvp065WHhQs2
WS5UD1jKnQ4KsUu61uV4hETJQ+EQu/uDzA7uPdLtzPkqlhD+ywRlxw1qBjAnolUb
279Btd4N06aT1pqW6zrrkuOlvdZRfsX8WJQJerRgEkTOX1gRaDi51Po5sHl6kJ+Y
37o4n6qmm6gi8KC3CUX3+XksGYySAZGAbyxfp6nnV2OqrvifQCHxD3t1g4Y30g==
-----END CERTIFICATE-----
Generated at Fri Jul 3 14:54:28 2026 by rpki-client