Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/335cf678-06ce-4caf-a498-564f8f548777.roa
File:                     335cf678-06ce-4caf-a498-564f8f548777.roa (raw, json)
Hash identifier:          Ktfh+qqKITCi3K1eKnTG28BEkhlgyuuATo8QQpZp/lI=
Subject key identifier:   97:7C:BB:38:42:E9:8B:3F:CE:09:74:BE:A6:C4:8D:55:F4:08:FC:0E
Certificate issuer:       /CN=551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce
Certificate serial:       470EB48A67714E4FD5A62617236A3C657243ECB3
Authority key identifier: E8:F3:C5:20:E2:0E:F2:5D:3A:B7:A2:16:BB:14:04:31:6A:37:38:F1
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/335cf678-06ce-4caf-a498-564f8f548777.roa
Signing time:             Mon 22 Jun 2026 00:50:08 +0000
ROA not before:           Mon 22 Jun 2026 00:50:08 +0000
ROA not after:            Sun 20 Sep 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:9000:11eb::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/XnrVTgTwQuSsDp5lxW5Vx3R40s4.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/XnrVTgTwQuSsDp5lxW5Vx3R40s4.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/99f8fed2-292b-4722-b928-fee7bf0a5910.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/99f8fed2-292b-4722-b928-fee7bf0a5910.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/f60c9f32-a87c-4339-a2f3-6299a3b02e29.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/f60c9f32-a87c-4339-a2f3-6299a3b02e29.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 05 Jul 2026 21:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            47:0e:b4:8a:67:71:4e:4f:d5:a6:26:17:23:6a:3c:65:72:43:ec:b3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce
        Validity
            Not Before: Jun 22 00:50:08 2026 GMT
            Not After : Sep 20 23:59:59 2026 GMT
        Subject: serialNumber=45eaf0db2eb41b0286744523b53a2c0a6556f8fe41bac4b556cc18f08a2214d2, CN=9f230fa9-aa2f-4020-ae2a-1a60374084b8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:80:9a:da:46:9e:05:0e:30:5f:96:25:40:39:
                    8d:be:8d:3a:35:f2:9a:4a:a4:cb:a7:91:3e:a6:23:
                    15:6e:8c:ec:6c:34:7c:bf:b1:4e:f3:43:98:7d:43:
                    5a:92:b3:ba:b9:cc:32:f7:b7:81:8f:61:d5:7e:41:
                    0d:04:a2:20:cc:2e:4c:34:16:6d:76:17:a2:9e:4a:
                    83:3e:43:68:bf:73:05:4c:ff:36:08:c7:66:fd:07:
                    50:96:80:d0:57:1d:d8:78:d2:eb:ea:1f:5b:3b:bb:
                    b7:67:63:38:50:5a:bb:ce:38:4c:23:d6:7f:10:34:
                    b6:0e:8f:fa:36:0d:31:9c:91:c1:ff:8a:3b:b3:5a:
                    27:51:48:1c:0f:ea:be:8d:83:d1:d0:02:bb:b6:08:
                    16:74:67:ed:cd:d1:60:53:35:a4:d6:e9:f9:f1:e4:
                    7b:47:b8:aa:39:74:3e:6a:b8:dd:e3:34:a2:91:6c:
                    3f:65:5f:9f:98:df:ba:65:60:f5:52:96:9c:5d:81:
                    d7:b7:93:45:63:ef:f1:19:4c:06:8c:4a:09:e3:6e:
                    7d:1b:97:6c:88:56:8d:99:e2:92:cd:b9:ad:0e:4d:
                    5b:a6:77:c8:5b:96:a9:23:60:45:90:12:95:e0:53:
                    91:18:b2:7a:aa:f6:f7:be:e2:85:db:81:7e:ba:ac:
                    32:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                97:7C:BB:38:42:E9:8B:3F:CE:09:74:BE:A6:C4:8D:55:F4:08:FC:0E
            X509v3 Authority Key Identifier:
                keyid:E8:F3:C5:20:E2:0E:F2:5D:3A:B7:A2:16:BB:14:04:31:6A:37:38:F1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/335cf678-06ce-4caf-a498-564f8f548777.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/XnrVTgTwQuSsDp5lxW5Vx3R40s4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:9000:11eb::/48

    Signature Algorithm: sha256WithRSAEncryption
         7a:e8:1c:54:69:6f:43:70:f1:1e:aa:78:8b:34:15:6c:50:3f:
         dc:2c:5f:20:c4:9e:fe:b7:da:46:69:cf:12:92:94:eb:d0:43:
         e5:a0:61:8f:31:d4:70:35:b4:82:d4:c9:7a:bd:ce:3c:c8:76:
         7c:fa:d8:c9:a2:10:17:8e:3e:e5:56:5c:bf:42:97:4b:6e:b0:
         0e:84:b4:db:58:7c:be:99:35:39:2b:68:ac:22:79:7b:54:52:
         33:ed:20:4b:0d:39:2e:fb:5b:32:9c:a1:08:0d:19:a2:76:7a:
         23:ed:93:b3:c3:68:18:e9:bf:64:44:2b:20:2d:21:5a:db:0c:
         71:16:3d:ec:f8:ea:4a:6c:ab:f4:0c:2c:c3:5b:fb:f9:d7:9d:
         e0:3a:62:34:b0:30:90:a8:15:4f:aa:c3:4a:0d:cf:0d:6f:99:
         4d:cf:99:c8:e4:9f:13:15:5f:4a:68:05:69:74:b2:e8:79:6a:
         23:94:2c:47:ef:7c:42:5c:1f:1a:4c:22:6f:3c:6a:fd:5f:bf:
         41:da:89:83:f7:60:3b:56:6e:75:91:ad:02:06:ae:f1:16:03:
         52:55:14:c4:e1:69:81:18:1f:7e:4c:eb:4a:16:6d:bd:f7:83:
         57:31:9e:c6:5f:ad:c3:60:f2:1e:d2:4e:2d:b4:ca:9c:86:11:
         41:02:90:15
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIURw60imdxTk/VpiYXI2o8ZXJD7LMwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNTUxMjA5MDI3ZjVlN2FkNTRlMDRmMDQyZTRhYzBlOWU2
NWM1NmU1NWM3NzQ3OGQyY2UwHhcNMjYwNjIyMDA1MDA4WhcNMjYwOTIwMjM1OTU5
WjB6MUkwRwYDVQQFE0A0NWVhZjBkYjJlYjQxYjAyODY3NDQ1MjNiNTNhMmMwYTY1
NTZmOGZlNDFiYWM0YjU1NmNjMThmMDhhMjIxNGQyMS0wKwYDVQQDEyQ5ZjIzMGZh
OS1hYTJmLTQwMjAtYWUyYS0xYTYwMzc0MDg0YjgwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCpgJraRp4FDjBfliVAOY2+jTo18ppKpMunkT6mIxVujOxs
NHy/sU7zQ5h9Q1qSs7q5zDL3t4GPYdV+QQ0EoiDMLkw0Fm12F6KeSoM+Q2i/cwVM
/zYIx2b9B1CWgNBXHdh40uvqH1s7u7dnYzhQWrvOOEwj1n8QNLYOj/o2DTGckcH/
ijuzWidRSBwP6r6Ng9HQAru2CBZ0Z+3N0WBTNaTW6fnx5HtHuKo5dD5quN3jNKKR
bD9lX5+Y37plYPVSlpxdgde3k0Vj7/EZTAaMSgnjbn0bl2yIVo2Z4pLNua0OTVum
d8hblqkjYEWQEpXgU5EYsnqq9ve+4oXbgX66rDKtAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUl3y7OELpiz/OCXS+psSNVfQI/A4wHwYDVR0jBBgwFoAU6PPFIOIO8l06
t6IWuxQEMWo3OPEwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
L2Y2MGM5ZjMyLWE4N2MtNDMzOS1hMmYzLTYyOTlhM2IwMmUyOS85OWY4ZmVkMi0y
OTJiLTQ3MjItYjkyOC1mZWU3YmYwYTU5MTAvNTUxMjA5MDI3ZjVlN2FkNTRlMDRm
MDQyZTRhYzBlOWU2NWM1NmU1NWM3NzQ3OGQyY2UuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZTc1MThhZjUtYTM0My00MjhkLWJmNzgtZjk4
MmI2ZTYwNTA1LzMzNWNmNjc4LTA2Y2UtNGNhZi1hNDk4LTU2NGY4ZjU0ODc3Ny5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2U3NTE4YWY1LWEzNDMtNDI4ZC1iZjc4
LWY5ODJiNmU2MDUwNS9YbnJWVGdUd1F1U3NEcDVseFc1VngzUjQwczQuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmAJAAEeswDQYJKoZIhvcNAQELBQADggEBAHroHFRpb0Nw8R6qeIs0FWxQ
P9wsXyDEnv632kZpzxKSlOvQQ+WgYY8x1HA1tILUyXq9zjzIdnz62MmiEBeOPuVW
XL9Cl0tusA6EtNtYfL6ZNTkraKwieXtUUjPtIEsNOS77WzKcoQgNGaJ2eiPtk7PD
aBjpv2REKyAtIVrbDHEWPez46kpsq/QMLMNb+/nXneA6YjSwMJCoFU+qw0oNzw1v
mU3PmcjknxMVX0poBWl0suh5aiOULEfvfEJcHxpMIm88av1fv0HaiYP3YDtWbnWR
rQIGrvEWA1JVFMThaYEYH35M60oWbb33g1cxnsZfrcNg8h7STi20ypyGEUECkBU=
-----END CERTIFICATE-----
Generated at Sat Jul 4 09:11:15 2026 by rpki-client