Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/8472ecf5-5d3d-4e46-b699-e29644b42fa4.roa
File:                     8472ecf5-5d3d-4e46-b699-e29644b42fa4.roa (raw, json)
Hash identifier:          PwwDnV5inhrk9+m1kddeMNVPR9CLqyCSGdtWbsHmWKI=
Subject key identifier:   A4:4F:50:80:19:30:C3:12:1D:43:DE:52:C7:89:4D:AB:65:64:73:A7
Certificate issuer:       /CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
Certificate serial:       0CAE492FC7C312EE48233AC999CBE8B6D0EE2860
Authority key identifier: 2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/8472ecf5-5d3d-4e46-b699-e29644b42fa4.roa
Signing time:             Tue 19 May 2026 04:20:09 +0000
ROA not before:           Tue 19 May 2026 04:20:09 +0000
ROA not after:            Mon 17 Aug 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:f0f0:6::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sat 13 Jun 2026 22:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0c:ae:49:2f:c7:c3:12:ee:48:23:3a:c9:99:cb:e8:b6:d0:ee:28:60
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
        Validity
            Not Before: May 19 04:20:09 2026 GMT
            Not After : Aug 17 23:59:59 2026 GMT
        Subject: serialNumber=9db4730c48257f7c4f83fb4e201e10ec91cc6eddd9890324bf0ce20996d2832d, CN=fbb27576-cac2-4381-9a53-6c15e0dc26ff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:fe:38:aa:a9:ba:14:34:f5:2f:d8:88:cc:0e:
                    aa:fd:c8:b4:d2:4b:7f:7a:04:7a:84:a5:3c:a1:d5:
                    84:cf:95:51:51:a8:e2:d8:7a:ad:1d:aa:fa:3c:7d:
                    d6:c5:f3:c5:dc:d3:f4:01:40:a6:92:c9:24:76:99:
                    d8:72:67:9b:19:f1:d9:a2:08:5d:e0:e5:bf:53:50:
                    63:29:90:ff:5f:f5:26:80:44:21:f5:a6:7e:a9:0a:
                    c1:fd:43:eb:93:27:c4:03:07:da:c6:78:a4:f9:91:
                    0b:49:36:b2:82:28:6a:e9:9e:f9:2a:91:23:23:5a:
                    f1:d3:59:c4:9a:b4:95:13:ce:dd:a8:e5:ec:3d:55:
                    0c:d1:67:21:23:db:17:04:ef:65:1e:ad:8e:b2:42:
                    94:1c:b8:98:11:2f:8a:03:ae:03:18:8d:ef:c3:a8:
                    d9:f5:16:be:38:a7:71:b2:e9:fc:12:6e:8c:7e:4b:
                    fb:91:77:7e:2d:c6:46:20:f6:e8:db:99:d0:ab:4d:
                    4a:28:32:11:b3:64:0d:8d:10:b4:b1:b8:6b:61:61:
                    c8:e0:2f:68:79:f1:39:51:df:2a:26:53:35:2f:20:
                    31:a5:fe:39:ae:d4:a5:09:28:85:7e:21:6f:c1:fb:
                    3f:69:a4:ae:dd:97:fe:7f:59:b2:95:e5:d4:f3:b8:
                    c8:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A4:4F:50:80:19:30:C3:12:1D:43:DE:52:C7:89:4D:AB:65:64:73:A7
            X509v3 Authority Key Identifier:
                keyid:2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/8472ecf5-5d3d-4e46-b699-e29644b42fa4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:f0f0:6::/48

    Signature Algorithm: sha256WithRSAEncryption
         65:61:ba:bb:29:b8:ec:b5:52:b6:27:c9:62:dd:cf:44:c4:10:
         d5:78:ad:5e:d2:98:36:ad:4f:6f:82:ea:0a:ae:e0:bb:d7:21:
         e1:ba:67:3a:b8:20:5a:be:e4:05:8a:ed:96:c3:ac:a1:c0:52:
         bc:7f:03:1d:9d:64:1b:08:0a:bf:56:54:b8:35:77:eb:48:ef:
         c3:82:21:f8:cd:8f:9f:ae:f8:af:ff:7b:67:83:2d:6d:bd:1a:
         7c:dc:3e:b5:d1:62:cb:d2:bb:9e:91:5e:d6:8e:c7:66:73:41:
         41:51:59:c2:d8:a5:71:92:01:1a:17:d8:1f:1f:95:e1:3a:7f:
         03:56:a5:21:c2:f2:78:58:4b:bd:43:64:db:ac:cc:00:9c:cc:
         e8:bc:c9:e9:8c:55:da:f9:58:99:7b:b5:41:82:dc:f6:81:81:
         2a:8c:eb:f8:79:3f:d5:a1:39:a4:39:8d:70:82:43:e9:db:70:
         97:a2:fb:dc:32:a6:aa:08:55:f2:e6:ba:dc:df:cf:d2:2e:be:
         11:3a:93:0f:55:b0:a8:ae:06:b7:f6:b1:71:43:8a:ff:0f:af:
         95:fe:d3:04:33:07:60:bf:bd:28:8f:99:f6:25:03:04:10:97:
         b1:38:c5:bd:4f:37:a6:53:c3:af:2a:a4:e4:53:b0:9f:ac:3f:
         0b:98:ad:3c
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUDK5JL8fDEu5IIzrJmcvottDuKGAwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyYjU4NDVjMzA3ZDBiZjYxYjEzNGI4YWI3MTE1NDU4MjZi
MTcwN2ZkNWYwYWY4NGRhMDgwHhcNMjYwNTE5MDQyMDA5WhcNMjYwODE3MjM1OTU5
WjB6MUkwRwYDVQQFE0A5ZGI0NzMwYzQ4MjU3ZjdjNGY4M2ZiNGUyMDFlMTBlYzkx
Y2M2ZWRkZDk4OTAzMjRiZjBjZTIwOTk2ZDI4MzJkMS0wKwYDVQQDEyRmYmIyNzU3
Ni1jYWMyLTQzODEtOWE1My02YzE1ZTBkYzI2ZmYwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC+/jiqqboUNPUv2IjMDqr9yLTSS396BHqEpTyh1YTPlVFR
qOLYeq0dqvo8fdbF88Xc0/QBQKaSySR2mdhyZ5sZ8dmiCF3g5b9TUGMpkP9f9SaA
RCH1pn6pCsH9Q+uTJ8QDB9rGeKT5kQtJNrKCKGrpnvkqkSMjWvHTWcSatJUTzt2o
5ew9VQzRZyEj2xcE72UerY6yQpQcuJgRL4oDrgMYje/DqNn1Fr44p3Gy6fwSbox+
S/uRd34txkYg9ujbmdCrTUooMhGzZA2NELSxuGthYcjgL2h58TlR3yomUzUvIDGl
/jmu1KUJKIV+IW/B+z9ppK7dl/5/WbKV5dTzuMi7AgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUpE9QgBkwwxIdQ95Sx4lNq2Vkc6cwHwYDVR0jBBgwFoAULhjiCKGCVxsJ
fdIjpxaeQOvpiT0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy82YTk1MzdhOC1h
Njg1LTRiNDgtOWZhOC04MzYyZTRmYzQ3YWUvYjU4NDVjMzA3ZDBiZjYxYjEzNGI4
YWI3MTE1NDU4MjZiMTcwN2ZkNWYwYWY4NGRhMDguY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTE3ZjNlZDctNThiNS00Nzk2LWJlMzctMTRk
NjJlNDhmMDU2Lzg0NzJlY2Y1LTVkM2QtNGU0Ni1iNjk5LWUyOTY0NGI0MmZhNC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzUxN2YzZWQ3LTU4YjUtNDc5Ni1iZTM3
LTE0ZDYyZTQ4ZjA1Ni9DX1liRTB1S3R4RlVXQ2F4Y0hfVjhLLUUyZ2cuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmAPDwAAYwDQYJKoZIhvcNAQELBQADggEBAGVhurspuOy1UrYnyWLdz0TE
ENV4rV7SmDatT2+C6gqu4LvXIeG6Zzq4IFq+5AWK7ZbDrKHAUrx/Ax2dZBsICr9W
VLg1d+tI78OCIfjNj5+u+K//e2eDLW29GnzcPrXRYsvSu56RXtaOx2ZzQUFRWcLY
pXGSARoX2B8fleE6fwNWpSHC8nhYS71DZNuszACczOi8yemMVdr5WJl7tUGC3PaB
gSqM6/h5P9WhOaQ5jXCCQ+nbcJei+9wypqoIVfLmutzfz9IuvhE6kw9VsKiuBrf2
sXFDiv8Pr5X+0wQzB2C/vSiPmfYlAwQQl7E4xb1PN6ZTw68qpORTsJ+sPwuYrTw=
-----END CERTIFICATE-----