Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/c4e52abf-4d7e-4707-bd4e-1ceba64e18cd.roa
File:                     c4e52abf-4d7e-4707-bd4e-1ceba64e18cd.roa (raw, json)
Hash identifier:          T+v5MWJtmo0ZN3gUeZ4my2OLQ+4jG0Tp4pcUcC94fsM=
Subject key identifier:   22:B0:DB:C6:8B:41:AE:8B:F0:F5:59:45:65:23:61:3C:CA:33:36:36
Certificate issuer:       /CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
Certificate serial:       117D8162E96E1A4ACB940CADF83705F5C974D96E
Authority key identifier: 2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/c4e52abf-4d7e-4707-bd4e-1ceba64e18cd.roa
Signing time:             Tue 19 May 2026 04:20:37 +0000
ROA not before:           Tue 19 May 2026 04:20:37 +0000
ROA not after:            Mon 17 Aug 2026 23:59:59 +0000
asID:                     14618
IP address blocks:        2600:f0fb:e600::/42 maxlen: 42
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 28 May 2026 22:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            11:7d:81:62:e9:6e:1a:4a:cb:94:0c:ad:f8:37:05:f5:c9:74:d9:6e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
        Validity
            Not Before: May 19 04:20:37 2026 GMT
            Not After : Aug 17 23:59:59 2026 GMT
        Subject: serialNumber=c617b4e9a68ce73936704fa1989343f31e533716b700927812aa9052b686b624, CN=fbb27576-cac2-4381-9a53-6c15e0dc26ff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:f3:b5:7a:ce:7a:39:38:ac:d0:98:49:30:92:
                    e8:6b:c4:7a:a4:5a:4c:c6:fd:8f:0d:2f:b4:aa:91:
                    e4:a7:81:2d:f2:62:03:29:27:1b:06:0e:3f:76:5b:
                    38:37:94:17:01:49:09:75:de:a5:c6:a5:d4:3d:1e:
                    68:1c:b2:c1:2d:dc:79:2b:35:82:00:95:8a:b8:ca:
                    3e:81:a8:0a:d4:ac:8e:a6:1b:fc:8e:02:8c:cb:39:
                    07:3b:e6:14:91:8b:9c:db:7d:fe:ba:91:8e:d1:93:
                    03:31:38:52:d8:5b:70:4d:db:ce:8f:5a:99:fd:a9:
                    b3:e3:f8:fe:a6:81:e7:1e:28:c5:2c:39:0a:ee:8b:
                    fd:d7:87:6c:33:71:9f:a6:70:08:f1:38:ae:58:27:
                    29:aa:33:1e:24:3d:48:52:0c:0c:f9:bb:82:fc:fa:
                    a9:2c:21:e3:ad:65:d9:40:48:05:32:a1:e3:58:d9:
                    5a:44:4e:6e:70:b5:b9:61:5b:9a:a3:39:f2:83:1c:
                    36:d8:11:49:e2:7e:94:df:89:09:c8:51:46:85:06:
                    db:49:0a:03:36:2e:64:42:73:0f:7b:c2:de:6f:52:
                    15:94:38:34:99:e0:c2:cf:a7:26:27:a0:ff:fc:af:
                    0d:fd:ce:c8:a8:22:a4:2b:83:7e:24:07:18:4e:d8:
                    02:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                22:B0:DB:C6:8B:41:AE:8B:F0:F5:59:45:65:23:61:3C:CA:33:36:36
            X509v3 Authority Key Identifier:
                keyid:2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/c4e52abf-4d7e-4707-bd4e-1ceba64e18cd.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:f0fb:e600::/42

    Signature Algorithm: sha256WithRSAEncryption
         32:94:78:29:14:49:c3:8b:4a:03:f3:2e:06:d1:ec:70:a0:bc:
         20:08:d9:ff:7a:8c:c1:02:4a:bd:52:88:00:e4:b7:a3:47:f9:
         45:50:13:69:9f:95:a3:3d:ba:c4:cc:31:29:1e:92:7b:49:d2:
         36:b8:6d:9e:4c:71:b7:b2:5f:95:22:75:4a:ad:87:d4:9d:37:
         ed:57:3d:85:f2:87:87:48:fa:89:41:5b:38:6f:cb:97:18:ff:
         87:92:2b:4d:32:99:db:b2:f8:60:7a:27:f5:ab:85:3b:f7:f7:
         53:bf:15:48:bb:cc:89:9b:5f:9b:6f:a8:c9:35:0d:48:27:e4:
         6e:c9:89:78:2b:a0:af:77:82:b8:98:31:d2:57:e6:de:b5:a2:
         f3:a0:ee:df:8a:62:5b:b3:9b:b0:71:8a:9a:46:f3:19:3e:38:
         57:91:ef:73:db:e2:f3:55:2f:6e:98:fe:aa:7b:0e:41:2f:b9:
         b3:b7:bb:8f:c7:34:ef:12:66:4f:67:e9:e9:9e:49:52:b0:02:
         2f:39:33:ee:90:b9:ae:d4:64:d2:f0:31:9a:67:ba:1d:04:9f:
         49:76:ed:e3:d4:6f:79:90:3a:ad:c3:01:8a:e6:35:23:71:d3:
         ff:b5:ba:4b:ba:be:7a:e8:c8:5f:bd:79:85:e7:6a:f5:aa:b1:
         c4:4c:84:1b
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUEX2BYuluGkrLlAyt+DcF9cl02W4wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyYjU4NDVjMzA3ZDBiZjYxYjEzNGI4YWI3MTE1NDU4MjZi
MTcwN2ZkNWYwYWY4NGRhMDgwHhcNMjYwNTE5MDQyMDM3WhcNMjYwODE3MjM1OTU5
WjB6MUkwRwYDVQQFE0BjNjE3YjRlOWE2OGNlNzM5MzY3MDRmYTE5ODkzNDNmMzFl
NTMzNzE2YjcwMDkyNzgxMmFhOTA1MmI2ODZiNjI0MS0wKwYDVQQDEyRmYmIyNzU3
Ni1jYWMyLTQzODEtOWE1My02YzE1ZTBkYzI2ZmYwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC787V6zno5OKzQmEkwkuhrxHqkWkzG/Y8NL7SqkeSngS3y
YgMpJxsGDj92Wzg3lBcBSQl13qXGpdQ9HmgcssEt3HkrNYIAlYq4yj6BqArUrI6m
G/yOAozLOQc75hSRi5zbff66kY7RkwMxOFLYW3BN286PWpn9qbPj+P6mgeceKMUs
OQrui/3Xh2wzcZ+mcAjxOK5YJymqMx4kPUhSDAz5u4L8+qksIeOtZdlASAUyoeNY
2VpETm5wtblhW5qjOfKDHDbYEUnifpTfiQnIUUaFBttJCgM2LmRCcw97wt5vUhWU
ODSZ4MLPpyYnoP/8rw39zsioIqQrg34kBxhO2AI1AgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUIrDbxotBrovw9VlFZSNhPMozNjYwHwYDVR0jBBgwFoAULhjiCKGCVxsJ
fdIjpxaeQOvpiT0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy82YTk1MzdhOC1h
Njg1LTRiNDgtOWZhOC04MzYyZTRmYzQ3YWUvYjU4NDVjMzA3ZDBiZjYxYjEzNGI4
YWI3MTE1NDU4MjZiMTcwN2ZkNWYwYWY4NGRhMDguY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTE3ZjNlZDctNThiNS00Nzk2LWJlMzctMTRk
NjJlNDhmMDU2L2M0ZTUyYWJmLTRkN2UtNDcwNy1iZDRlLTFjZWJhNjRlMThjZC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzUxN2YzZWQ3LTU4YjUtNDc5Ni1iZTM3
LTE0ZDYyZTQ4ZjA1Ni9DX1liRTB1S3R4RlVXQ2F4Y0hfVjhLLUUyZ2cuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwYmAPD75gAwDQYJKoZIhvcNAQELBQADggEBADKUeCkUScOLSgPzLgbR7HCg
vCAI2f96jMECSr1SiADkt6NH+UVQE2mflaM9usTMMSkekntJ0ja4bZ5McbeyX5Ui
dUqth9SdN+1XPYXyh4dI+olBWzhvy5cY/4eSK00ymduy+GB6J/WrhTv391O/FUi7
zImbX5tvqMk1DUgn5G7JiXgroK93griYMdJX5t61ovOg7t+KYluzm7BxippG8xk+
OFeR73Pb4vNVL26Y/qp7DkEvubO3u4/HNO8SZk9n6emeSVKwAi85M+6Qua7UZNLw
MZpnuh0En0l27ePUb3mQOq3DAYrmNSNx0/+1uku6vnroyF+9eYXnavWqscRMhBs=
-----END CERTIFICATE-----