Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/1525da14-de72-44c3-8e48-4687b2175250.roa
File:                     1525da14-de72-44c3-8e48-4687b2175250.roa (raw, json)
Hash identifier:          ro1qYzjaOQkXsy/PEKviD86iH8gnOPUFrprEbBqXc98=
Subject key identifier:   1C:1A:06:D1:DA:65:19:C2:81:8B:0F:0C:D4:3B:37:A3:DA:5C:B5:29
Certificate issuer:       /CN=551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce
Certificate serial:       24988AC2DDD91F5D3258D46E715883F5A24AB72C
Authority key identifier: E8:F3:C5:20:E2:0E:F2:5D:3A:B7:A2:16:BB:14:04:31:6A:37:38:F1
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/1525da14-de72-44c3-8e48-4687b2175250.roa
Signing time:             Mon 22 Jun 2026 01:31:51 +0000
ROA not before:           Mon 22 Jun 2026 01:31:51 +0000
ROA not after:            Sun 20 Sep 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:9000:1e74::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/XnrVTgTwQuSsDp5lxW5Vx3R40s4.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/XnrVTgTwQuSsDp5lxW5Vx3R40s4.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/99f8fed2-292b-4722-b928-fee7bf0a5910.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/99f8fed2-292b-4722-b928-fee7bf0a5910.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/f60c9f32-a87c-4339-a2f3-6299a3b02e29.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/f60c9f32-a87c-4339-a2f3-6299a3b02e29.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 05 Jul 2026 21:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            24:98:8a:c2:dd:d9:1f:5d:32:58:d4:6e:71:58:83:f5:a2:4a:b7:2c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce
        Validity
            Not Before: Jun 22 01:31:51 2026 GMT
            Not After : Sep 20 23:59:59 2026 GMT
        Subject: serialNumber=f117f74e8825582e3aeee7d76c3c73b218de046665ead5336cd9a598a6993781, CN=9f230fa9-aa2f-4020-ae2a-1a60374084b8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:1d:20:e1:4f:e2:2c:10:7c:73:af:68:4d:50:
                    c1:c6:df:b1:34:30:7e:97:6a:4a:30:9e:8f:37:bf:
                    0c:d1:f1:02:e3:19:43:12:01:8c:82:71:42:1b:1b:
                    f4:fd:1a:54:b8:06:7f:f7:7d:39:52:7e:f5:1f:75:
                    15:8d:e3:a4:8e:b9:44:26:1a:f9:d2:ad:59:59:e1:
                    d5:25:14:b1:a8:eb:f9:52:e1:48:7c:d5:75:69:6e:
                    10:ad:8f:58:19:0c:2d:bb:c1:25:3d:8c:fe:58:20:
                    06:39:21:c1:6e:24:fb:de:8a:1d:6a:63:e4:97:5b:
                    53:0f:1b:e0:75:34:fc:13:4c:d1:d3:4d:28:11:14:
                    4a:ef:ce:29:2a:98:8b:da:25:46:f9:66:31:9c:46:
                    85:2f:4b:6f:ba:f8:e3:e5:a3:61:bc:83:4c:00:af:
                    d8:08:1a:a3:46:c8:32:f2:12:b4:64:d5:46:71:92:
                    df:67:20:b2:ce:2f:05:18:8e:2c:a5:5c:9f:ba:25:
                    1c:be:29:f3:50:8e:e7:4d:9d:d4:53:45:81:6e:12:
                    7a:96:73:4f:55:42:f5:cf:90:99:56:28:9e:9c:15:
                    8d:65:5d:47:18:66:78:d0:9e:60:35:69:90:a3:86:
                    84:88:77:23:cd:04:94:4e:c3:8c:68:d0:2c:bb:77:
                    26:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1C:1A:06:D1:DA:65:19:C2:81:8B:0F:0C:D4:3B:37:A3:DA:5C:B5:29
            X509v3 Authority Key Identifier:
                keyid:E8:F3:C5:20:E2:0E:F2:5D:3A:B7:A2:16:BB:14:04:31:6A:37:38:F1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/1525da14-de72-44c3-8e48-4687b2175250.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/XnrVTgTwQuSsDp5lxW5Vx3R40s4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:9000:1e74::/48

    Signature Algorithm: sha256WithRSAEncryption
         05:9c:e0:89:b8:fd:b4:85:48:c0:40:9c:04:91:d0:9d:07:5f:
         e7:85:7a:fb:91:d4:94:87:9e:77:6f:23:57:bd:fa:86:ee:77:
         4a:d4:26:df:b7:85:c0:fe:c2:f6:6a:c1:57:db:17:4b:22:14:
         d7:a7:70:ab:88:95:87:c4:94:0e:87:71:a2:ee:93:47:77:dd:
         1c:d0:78:30:cf:16:58:78:19:e1:a8:35:20:9e:98:0a:f2:47:
         c4:fd:b8:bc:27:cf:95:f6:88:26:ec:8f:29:a7:e3:8b:de:91:
         47:b8:99:a7:f8:ce:dd:41:f1:1d:2b:94:2c:57:12:52:2b:af:
         38:f9:4c:50:9e:36:3f:e3:b2:64:b9:ac:c4:d5:49:dc:78:ad:
         d2:81:9d:f3:d7:86:47:ee:78:46:cc:84:60:08:f0:e5:b5:62:
         fc:8a:e9:d5:63:6e:28:dc:06:92:2a:0f:21:63:68:2b:74:46:
         fc:7a:95:43:02:16:19:e7:88:17:d7:52:35:d2:f1:ca:cc:f5:
         0f:a5:b6:34:f2:bd:41:c8:7b:44:2f:11:be:a6:61:f1:97:ce:
         c9:80:3a:27:c4:be:0b:c9:5e:fa:24:12:a3:fc:13:f4:35:22:
         7b:a9:67:fd:7d:71:fd:b1:bf:de:14:8b:3f:43:97:f1:c5:cd:
         7e:e0:bf:45
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUJJiKwt3ZH10yWNRucViD9aJKtywwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNTUxMjA5MDI3ZjVlN2FkNTRlMDRmMDQyZTRhYzBlOWU2
NWM1NmU1NWM3NzQ3OGQyY2UwHhcNMjYwNjIyMDEzMTUxWhcNMjYwOTIwMjM1OTU5
WjB6MUkwRwYDVQQFE0BmMTE3Zjc0ZTg4MjU1ODJlM2FlZWU3ZDc2YzNjNzNiMjE4
ZGUwNDY2NjVlYWQ1MzM2Y2Q5YTU5OGE2OTkzNzgxMS0wKwYDVQQDEyQ5ZjIzMGZh
OS1hYTJmLTQwMjAtYWUyYS0xYTYwMzc0MDg0YjgwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDPHSDhT+IsEHxzr2hNUMHG37E0MH6Xakowno83vwzR8QLj
GUMSAYyCcUIbG/T9GlS4Bn/3fTlSfvUfdRWN46SOuUQmGvnSrVlZ4dUlFLGo6/lS
4Uh81XVpbhCtj1gZDC27wSU9jP5YIAY5IcFuJPveih1qY+SXW1MPG+B1NPwTTNHT
TSgRFErvzikqmIvaJUb5ZjGcRoUvS2+6+OPlo2G8g0wAr9gIGqNGyDLyErRk1UZx
kt9nILLOLwUYjiylXJ+6JRy+KfNQjudNndRTRYFuEnqWc09VQvXPkJlWKJ6cFY1l
XUcYZnjQnmA1aZCjhoSIdyPNBJROw4xo0Cy7dyb5AgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUHBoG0dplGcKBiw8M1Ds3o9pctSkwHwYDVR0jBBgwFoAU6PPFIOIO8l06
t6IWuxQEMWo3OPEwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
L2Y2MGM5ZjMyLWE4N2MtNDMzOS1hMmYzLTYyOTlhM2IwMmUyOS85OWY4ZmVkMi0y
OTJiLTQ3MjItYjkyOC1mZWU3YmYwYTU5MTAvNTUxMjA5MDI3ZjVlN2FkNTRlMDRm
MDQyZTRhYzBlOWU2NWM1NmU1NWM3NzQ3OGQyY2UuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZTc1MThhZjUtYTM0My00MjhkLWJmNzgtZjk4
MmI2ZTYwNTA1LzE1MjVkYTE0LWRlNzItNDRjMy04ZTQ4LTQ2ODdiMjE3NTI1MC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2U3NTE4YWY1LWEzNDMtNDI4ZC1iZjc4
LWY5ODJiNmU2MDUwNS9YbnJWVGdUd1F1U3NEcDVseFc1VngzUjQwczQuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmAJAAHnQwDQYJKoZIhvcNAQELBQADggEBAAWc4Im4/bSFSMBAnASR0J0H
X+eFevuR1JSHnndvI1e9+obud0rUJt+3hcD+wvZqwVfbF0siFNencKuIlYfElA6H
caLuk0d33RzQeDDPFlh4GeGoNSCemAryR8T9uLwnz5X2iCbsjymn44vekUe4maf4
zt1B8R0rlCxXElIrrzj5TFCeNj/jsmS5rMTVSdx4rdKBnfPXhkfueEbMhGAI8OW1
YvyK6dVjbijcBpIqDyFjaCt0Rvx6lUMCFhnniBfXUjXS8crM9Q+ltjTyvUHIe0Qv
Eb6mYfGXzsmAOifEvgvJXvokEqP8E/Q1InupZ/19cf2xv94Uiz9Dl/HFzX7gv0U=
-----END CERTIFICATE-----
Generated at Sat Jul 4 09:11:37 2026 by rpki-client