Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/f37e75c0-e669-4410-b627-fae811cab6fc.roa
File:                     f37e75c0-e669-4410-b627-fae811cab6fc.roa (raw, json)
Hash identifier:          fez6rvhyrK7ZKoikUR4LitEY0nxfhzykBhiSb625E6c=
Subject key identifier:   DA:B6:4B:AF:A9:DB:E7:B0:F0:22:FB:A1:41:BF:10:BE:DA:F9:2C:A7
Certificate issuer:       /CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
Certificate serial:       3E43EAA6A2891FC47163B047A78EB9FFBD3B10CA
Authority key identifier: 2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/f37e75c0-e669-4410-b627-fae811cab6fc.roa
Signing time:             Sun 31 May 2026 00:20:04 +0000
ROA not before:           Sun 31 May 2026 00:20:04 +0000
ROA not after:            Sat 29 Aug 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:f0f1:8a10::/44 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 16 Jun 2026 13:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3e:43:ea:a6:a2:89:1f:c4:71:63:b0:47:a7:8e:b9:ff:bd:3b:10:ca
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
        Validity
            Not Before: May 31 00:20:04 2026 GMT
            Not After : Aug 29 23:59:59 2026 GMT
        Subject: serialNumber=355110627d6bec92ee81fff96f06c7163cb629211cbdd7f4b99b9a5c99512ad0, CN=fbb27576-cac2-4381-9a53-6c15e0dc26ff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:89:98:77:0f:a9:6c:8e:85:6b:37:37:ec:a9:9d:
                    22:b0:27:5c:ba:8b:1b:40:96:e6:93:b6:43:56:1d:
                    81:f5:03:10:78:e8:3a:9d:8e:2f:bd:43:58:f3:19:
                    96:ad:0c:33:2d:61:21:eb:5c:e3:ca:62:5d:94:ea:
                    0a:4b:fb:d5:b3:65:d8:01:63:d6:c3:6d:5c:2d:3c:
                    a3:b0:58:64:8b:05:38:bf:c7:df:60:7a:ba:7a:73:
                    0c:3f:e5:3c:51:1c:82:4c:97:1b:e0:7e:de:e7:01:
                    26:61:6d:2e:20:4e:63:cd:d3:23:bc:3f:b6:9c:ce:
                    2b:a7:55:72:e4:f3:63:ff:ff:9d:60:75:02:87:61:
                    9d:f6:7d:96:70:45:84:34:5c:69:78:c7:75:80:7f:
                    23:6e:08:51:38:31:d9:37:89:a8:49:10:b4:77:9e:
                    ec:14:33:3a:76:d9:c3:ee:02:47:81:b9:20:7f:a5:
                    99:cd:1e:18:10:09:75:2d:11:8d:9c:e0:9d:57:7a:
                    99:ca:64:d9:a8:eb:1a:d2:a8:ce:9a:17:59:43:e2:
                    53:64:50:06:97:3c:0d:5d:95:02:21:dd:4f:92:19:
                    11:26:79:2f:85:a3:b3:5f:d1:ce:55:81:a5:42:2e:
                    cc:d5:ab:54:ee:e9:88:4a:37:b9:95:9d:2c:93:3b:
                    0e:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DA:B6:4B:AF:A9:DB:E7:B0:F0:22:FB:A1:41:BF:10:BE:DA:F9:2C:A7
            X509v3 Authority Key Identifier:
                keyid:2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/f37e75c0-e669-4410-b627-fae811cab6fc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:f0f1:8a10::/44

    Signature Algorithm: sha256WithRSAEncryption
         4a:ae:4a:41:a3:53:60:36:c1:da:8f:7c:12:5b:18:83:a0:4b:
         aa:8b:4e:60:72:71:e7:d8:78:7c:f4:d9:14:86:e4:96:48:fd:
         00:fd:de:b6:84:63:47:32:4f:54:ee:a7:9b:28:f2:94:17:7d:
         d7:52:cd:35:71:33:6c:dd:a7:55:ab:8c:bd:b0:a6:f6:a0:03:
         97:38:84:f8:7d:2f:d6:71:04:73:86:31:1a:84:7f:35:f5:11:
         52:e4:88:c2:00:1b:19:e9:2d:b1:1b:7f:05:3c:c5:8e:b4:db:
         6b:c3:2b:42:9c:ba:c3:ec:1f:56:88:3a:7b:d1:63:4e:84:eb:
         8c:72:4c:c0:ec:33:58:cb:25:9e:72:95:b3:61:73:6d:c9:2b:
         b8:55:d3:e0:d0:9d:ea:6f:69:3b:05:83:26:77:c9:8b:16:f2:
         b2:d4:0b:2b:f4:a0:6a:2a:74:24:ed:7c:27:f7:56:37:b5:37:
         90:45:c6:fe:b3:02:ff:d4:85:43:d5:74:8c:bc:57:c3:4f:13:
         89:72:73:36:ce:b2:f7:7c:b5:4c:93:5e:e2:fa:f9:42:58:a1:
         08:6f:4d:9d:78:17:3a:77:09:4c:ce:8e:54:42:7b:e0:5d:43:
         14:46:a5:ac:98:42:e9:64:c5:c5:a2:81:ea:c7:22:85:d6:93:
         ad:cd:25:cc
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUPkPqpqKJH8RxY7BHp465/707EMowDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyYjU4NDVjMzA3ZDBiZjYxYjEzNGI4YWI3MTE1NDU4MjZi
MTcwN2ZkNWYwYWY4NGRhMDgwHhcNMjYwNTMxMDAyMDA0WhcNMjYwODI5MjM1OTU5
WjB6MUkwRwYDVQQFE0AzNTUxMTA2MjdkNmJlYzkyZWU4MWZmZjk2ZjA2YzcxNjNj
YjYyOTIxMWNiZGQ3ZjRiOTliOWE1Yzk5NTEyYWQwMS0wKwYDVQQDEyRmYmIyNzU3
Ni1jYWMyLTQzODEtOWE1My02YzE1ZTBkYzI2ZmYwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCJmHcPqWyOhWs3N+ypnSKwJ1y6ixtAluaTtkNWHYH1AxB4
6Dqdji+9Q1jzGZatDDMtYSHrXOPKYl2U6gpL+9WzZdgBY9bDbVwtPKOwWGSLBTi/
x99gerp6cww/5TxRHIJMlxvgft7nASZhbS4gTmPN0yO8P7acziunVXLk82P//51g
dQKHYZ32fZZwRYQ0XGl4x3WAfyNuCFE4Mdk3iahJELR3nuwUMzp22cPuAkeBuSB/
pZnNHhgQCXUtEY2c4J1XepnKZNmo6xrSqM6aF1lD4lNkUAaXPA1dlQIh3U+SGREm
eS+Fo7Nf0c5VgaVCLszVq1Tu6YhKN7mVnSyTOw47AgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQU2rZLr6nb57DwIvuhQb8Qvtr5LKcwHwYDVR0jBBgwFoAULhjiCKGCVxsJ
fdIjpxaeQOvpiT0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy82YTk1MzdhOC1h
Njg1LTRiNDgtOWZhOC04MzYyZTRmYzQ3YWUvYjU4NDVjMzA3ZDBiZjYxYjEzNGI4
YWI3MTE1NDU4MjZiMTcwN2ZkNWYwYWY4NGRhMDguY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTE3ZjNlZDctNThiNS00Nzk2LWJlMzctMTRk
NjJlNDhmMDU2L2YzN2U3NWMwLWU2NjktNDQxMC1iNjI3LWZhZTgxMWNhYjZmYy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzUxN2YzZWQ3LTU4YjUtNDc5Ni1iZTM3
LTE0ZDYyZTQ4ZjA1Ni9DX1liRTB1S3R4RlVXQ2F4Y0hfVjhLLUUyZ2cuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwQmAPDxihAwDQYJKoZIhvcNAQELBQADggEBAEquSkGjU2A2wdqPfBJbGIOg
S6qLTmBycefYeHz02RSG5JZI/QD93raEY0cyT1Tup5so8pQXfddSzTVxM2zdp1Wr
jL2wpvagA5c4hPh9L9ZxBHOGMRqEfzX1EVLkiMIAGxnpLbEbfwU8xY6022vDK0Kc
usPsH1aIOnvRY06E64xyTMDsM1jLJZ5ylbNhc23JK7hV0+DQnepvaTsFgyZ3yYsW
8rLUCyv0oGoqdCTtfCf3Vje1N5BFxv6zAv/UhUPVdIy8V8NPE4lyczbOsvd8tUyT
XuL6+UJYoQhvTZ14Fzp3CUzOjlRCe+BdQxRGpayYQulkxcWigerHIoXWk63NJcw=
-----END CERTIFICATE-----