Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/f8a24442-56c6-46d4-9923-f4d5b17fd850.roa
File:                     f8a24442-56c6-46d4-9923-f4d5b17fd850.roa (raw, json)
Hash identifier:          D403/Ug2CrJM4LDHNvYkrRdKKYLra+EdiTjZno+RjoE=
Subject key identifier:   C4:8A:02:88:77:3F:7C:B8:02:E8:35:3D:F4:6D:F3:07:BE:99:9F:FA
Certificate issuer:       /CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
Certificate serial:       2206779AB1F51A75A5A8066E9BD6130038309661
Authority key identifier: 2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/f8a24442-56c6-46d4-9923-f4d5b17fd850.roa
Signing time:             Tue 19 May 2026 04:10:05 +0000
ROA not before:           Tue 19 May 2026 04:10:05 +0000
ROA not after:            Mon 17 Aug 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:f0f0:6010::/44 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sat 13 Jun 2026 22:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            22:06:77:9a:b1:f5:1a:75:a5:a8:06:6e:9b:d6:13:00:38:30:96:61
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
        Validity
            Not Before: May 19 04:10:05 2026 GMT
            Not After : Aug 17 23:59:59 2026 GMT
        Subject: serialNumber=99554cecb5b1248fbf9c9a109f2c0d26328f3bedbf0bc6b8b0dea011bfd17498, CN=fbb27576-cac2-4381-9a53-6c15e0dc26ff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:73:60:60:14:a1:02:55:00:7f:2a:09:3f:51:
                    2d:95:f2:3d:a7:e1:c5:72:5c:7d:50:e7:7d:05:1a:
                    cb:91:95:f2:54:bf:b2:67:0c:55:9f:5f:cc:7b:b8:
                    5d:bf:f2:32:f3:2c:65:59:72:94:1a:16:c2:3c:b2:
                    04:e1:f5:1c:b4:99:ad:cc:ad:6b:c9:d4:0e:35:e4:
                    de:03:c8:28:a7:a6:9c:0d:29:a7:6c:fe:28:5c:3a:
                    1e:62:4d:ff:ef:49:9c:32:9f:b3:25:49:62:f2:c1:
                    e7:87:fc:29:94:c8:1e:52:8e:7b:0d:0c:f4:21:23:
                    91:2b:7e:5c:74:d3:5f:4b:6e:0b:62:c0:67:8b:67:
                    18:48:78:78:89:c1:8b:99:b9:f6:38:65:66:15:75:
                    3b:b7:22:63:9a:0f:04:2c:41:da:a2:c8:5c:c7:ab:
                    db:9c:75:11:71:10:16:42:14:94:03:74:3d:9c:cf:
                    16:ff:12:e8:12:77:79:9f:60:17:c7:b0:05:7e:0d:
                    a3:13:dc:6b:84:93:a9:e0:c6:35:7d:bb:d7:28:4b:
                    a9:76:d7:ad:47:3e:a5:35:fe:78:4d:4a:2f:ce:3b:
                    1e:a1:db:34:5f:79:73:16:67:a6:a7:34:53:94:54:
                    e4:27:71:2c:20:44:3d:70:f6:d3:a2:79:03:03:f2:
                    de:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C4:8A:02:88:77:3F:7C:B8:02:E8:35:3D:F4:6D:F3:07:BE:99:9F:FA
            X509v3 Authority Key Identifier:
                keyid:2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/f8a24442-56c6-46d4-9923-f4d5b17fd850.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:f0f0:6010::/44

    Signature Algorithm: sha256WithRSAEncryption
         1a:5d:e2:77:6d:8d:27:2c:82:51:bc:cd:5c:90:5b:55:71:aa:
         36:02:3e:4a:86:10:c4:d5:43:cb:7a:5b:38:95:30:fe:9f:00:
         76:0b:b1:14:c2:44:67:6d:01:bb:47:d3:97:b6:8e:42:a6:de:
         b3:86:06:1d:45:2f:9f:49:3d:16:3c:ec:ed:e5:7a:ea:17:8b:
         8a:9d:9d:82:31:d2:7b:04:50:67:de:e3:ea:ee:47:59:6d:94:
         96:93:4c:ee:8d:b8:e9:14:a1:37:6a:72:70:ca:f2:af:80:98:
         1a:63:ee:eb:d6:ad:ef:1c:0f:20:e5:e1:57:54:83:36:89:46:
         7d:aa:57:f2:da:bb:63:e4:71:52:ef:b5:d1:e9:f1:9e:44:6e:
         d7:be:e9:73:51:44:ad:c4:90:ef:2a:10:e0:ba:86:cd:e8:59:
         d3:8c:57:19:4d:7b:32:b3:c8:fa:f0:24:86:02:8c:30:95:d3:
         e5:11:47:65:1f:10:d1:28:7f:47:e1:10:a4:84:66:6b:d7:54:
         82:58:72:c3:4b:1a:24:c1:2c:fa:57:f6:53:14:cb:e2:8d:9d:
         0e:33:86:32:55:6b:2a:a3:c5:af:18:35:52:7a:02:ac:5f:ca:
         3a:c6:f4:1a:3a:9d:bc:36:22:a4:2f:91:63:aa:56:6e:e2:77:
         47:97:30:71
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUIgZ3mrH1GnWlqAZum9YTADgwlmEwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyYjU4NDVjMzA3ZDBiZjYxYjEzNGI4YWI3MTE1NDU4MjZi
MTcwN2ZkNWYwYWY4NGRhMDgwHhcNMjYwNTE5MDQxMDA1WhcNMjYwODE3MjM1OTU5
WjB6MUkwRwYDVQQFE0A5OTU1NGNlY2I1YjEyNDhmYmY5YzlhMTA5ZjJjMGQyNjMy
OGYzYmVkYmYwYmM2YjhiMGRlYTAxMWJmZDE3NDk4MS0wKwYDVQQDEyRmYmIyNzU3
Ni1jYWMyLTQzODEtOWE1My02YzE1ZTBkYzI2ZmYwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC6c2BgFKECVQB/Kgk/US2V8j2n4cVyXH1Q530FGsuRlfJU
v7JnDFWfX8x7uF2/8jLzLGVZcpQaFsI8sgTh9Ry0ma3MrWvJ1A415N4DyCinppwN
Kads/ihcOh5iTf/vSZwyn7MlSWLyweeH/CmUyB5SjnsNDPQhI5Erflx0019Lbgti
wGeLZxhIeHiJwYuZufY4ZWYVdTu3ImOaDwQsQdqiyFzHq9ucdRFxEBZCFJQDdD2c
zxb/EugSd3mfYBfHsAV+DaMT3GuEk6ngxjV9u9coS6l2161HPqU1/nhNSi/OOx6h
2zRfeXMWZ6anNFOUVOQncSwgRD1w9tOieQMD8t55AgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUxIoCiHc/fLgC6DU99G3zB76Zn/owHwYDVR0jBBgwFoAULhjiCKGCVxsJ
fdIjpxaeQOvpiT0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy82YTk1MzdhOC1h
Njg1LTRiNDgtOWZhOC04MzYyZTRmYzQ3YWUvYjU4NDVjMzA3ZDBiZjYxYjEzNGI4
YWI3MTE1NDU4MjZiMTcwN2ZkNWYwYWY4NGRhMDguY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTE3ZjNlZDctNThiNS00Nzk2LWJlMzctMTRk
NjJlNDhmMDU2L2Y4YTI0NDQyLTU2YzYtNDZkNC05OTIzLWY0ZDViMTdmZDg1MC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzUxN2YzZWQ3LTU4YjUtNDc5Ni1iZTM3
LTE0ZDYyZTQ4ZjA1Ni9DX1liRTB1S3R4RlVXQ2F4Y0hfVjhLLUUyZ2cuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwQmAPDwYBAwDQYJKoZIhvcNAQELBQADggEBABpd4ndtjScsglG8zVyQW1Vx
qjYCPkqGEMTVQ8t6WziVMP6fAHYLsRTCRGdtAbtH05e2jkKm3rOGBh1FL59JPRY8
7O3leuoXi4qdnYIx0nsEUGfe4+ruR1ltlJaTTO6NuOkUoTdqcnDK8q+AmBpj7uvW
re8cDyDl4VdUgzaJRn2qV/Lau2PkcVLvtdHp8Z5Ebte+6XNRRK3EkO8qEOC6hs3o
WdOMVxlNezKzyPrwJIYCjDCV0+URR2UfENEof0fhEKSEZmvXVIJYcsNLGiTBLPpX
9lMUy+KNnQ4zhjJVayqjxa8YNVJ6AqxfyjrG9Bo6nbw2IqQvkWOqVm7id0eXMHE=
-----END CERTIFICATE-----
Generated at Fri Jun 12 05:52:55 2026 by rpki-client