Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/4525a757-54ce-4516-b442-a1d6cc532781.roa
File:                     4525a757-54ce-4516-b442-a1d6cc532781.roa (raw, json)
Hash identifier:          3tW7CWweUmUn3xWgSn6HtfRSodsG55qWKfEOcvir9J8=
Subject key identifier:   7C:EC:A4:C6:21:DC:66:B1:BE:97:6D:49:2E:15:5E:CE:64:10:5B:F3
Certificate issuer:       /CN=551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce
Certificate serial:       0534BAF4B3E4F6A4272F8DB979467D18050AE3A3
Authority key identifier: E8:F3:C5:20:E2:0E:F2:5D:3A:B7:A2:16:BB:14:04:31:6A:37:38:F1
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/4525a757-54ce-4516-b442-a1d6cc532781.roa
Signing time:             Mon 22 Jun 2026 01:10:07 +0000
ROA not before:           Mon 22 Jun 2026 01:10:07 +0000
ROA not after:            Sun 20 Sep 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:9000:1206::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/XnrVTgTwQuSsDp5lxW5Vx3R40s4.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/XnrVTgTwQuSsDp5lxW5Vx3R40s4.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/99f8fed2-292b-4722-b928-fee7bf0a5910.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/99f8fed2-292b-4722-b928-fee7bf0a5910.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/f60c9f32-a87c-4339-a2f3-6299a3b02e29.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/f60c9f32-a87c-4339-a2f3-6299a3b02e29.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 05 Jul 2026 21:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            05:34:ba:f4:b3:e4:f6:a4:27:2f:8d:b9:79:46:7d:18:05:0a:e3:a3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce
        Validity
            Not Before: Jun 22 01:10:07 2026 GMT
            Not After : Sep 20 23:59:59 2026 GMT
        Subject: serialNumber=e74866a7ea0d5a0b383bf1b99c47df4534234633134dca5cc985aceb61a8c01e, CN=9f230fa9-aa2f-4020-ae2a-1a60374084b8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8a:89:f3:9b:87:3d:59:8c:82:0a:2f:4b:38:96:
                    61:4e:92:b4:00:4c:73:7c:40:84:c3:a3:15:59:6f:
                    f3:aa:da:38:0e:51:a5:25:92:e3:c4:56:6c:3e:12:
                    35:d8:42:ed:0e:34:8f:75:ea:f5:f3:cd:6f:04:4e:
                    90:7a:1d:b0:62:15:ad:2a:c0:72:2c:d3:be:9c:b0:
                    12:2e:13:ca:37:ea:42:db:c7:e7:2d:b3:53:10:34:
                    05:29:bf:d6:2a:ab:03:53:01:7c:8c:97:4a:d8:54:
                    c6:33:37:9e:6c:f1:9f:a9:f4:34:4e:c2:0f:04:48:
                    f6:e9:53:54:31:b5:f8:99:cb:a6:b7:af:0e:96:c8:
                    ac:f5:f0:1f:97:8c:f7:5e:29:fc:63:12:9f:74:cb:
                    c9:8e:78:c7:9d:51:ee:d1:00:27:88:d6:0f:44:8b:
                    28:fa:af:1e:50:7a:55:ba:73:64:07:ce:ab:b4:89:
                    46:39:cf:07:b8:5e:ad:d0:ee:27:bc:fa:f6:ee:3d:
                    ec:59:33:d9:51:45:64:b3:26:66:88:b8:78:0e:ae:
                    09:bd:6f:7e:11:c0:c2:b2:1b:85:8d:62:da:23:e1:
                    db:c6:0f:30:32:6e:72:39:6c:1e:51:26:a1:47:88:
                    6c:0f:07:d5:46:46:87:80:c9:25:d9:c8:e4:d9:fc:
                    79:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7C:EC:A4:C6:21:DC:66:B1:BE:97:6D:49:2E:15:5E:CE:64:10:5B:F3
            X509v3 Authority Key Identifier:
                keyid:E8:F3:C5:20:E2:0E:F2:5D:3A:B7:A2:16:BB:14:04:31:6A:37:38:F1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/4525a757-54ce-4516-b442-a1d6cc532781.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/XnrVTgTwQuSsDp5lxW5Vx3R40s4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:9000:1206::/48

    Signature Algorithm: sha256WithRSAEncryption
         26:66:df:53:db:8c:94:60:3e:11:2b:a2:b9:17:bc:93:f9:f9:
         a3:78:b2:c9:b5:4a:13:47:e0:dc:a0:48:70:31:4c:88:22:98:
         eb:1e:87:b7:53:eb:15:df:67:a7:dd:48:82:c4:a1:32:7a:04:
         63:2d:69:86:6c:70:30:91:82:8b:1f:31:37:39:bf:49:7a:84:
         2d:5a:cb:bc:99:fb:a5:da:ce:e8:ca:eb:fe:4c:ff:00:01:c7:
         72:ae:dd:74:52:db:0b:46:26:a6:48:2b:14:6e:96:4b:13:28:
         e5:3c:83:28:1c:0c:84:4e:f9:27:15:b0:11:51:ef:bd:c7:25:
         a4:b8:cd:5e:47:2f:4c:c3:68:60:ce:54:92:a0:19:ac:3b:b8:
         33:32:e5:c7:39:88:6f:2b:87:69:88:d1:c9:81:f0:9b:8e:49:
         29:28:9a:3a:64:0f:8f:04:65:85:6a:bb:3a:03:73:cb:7d:ae:
         ec:46:72:02:07:df:bf:d4:f8:f6:2e:bc:4e:a0:94:7b:bd:f4:
         31:e7:81:8b:48:af:47:4b:bc:f9:e2:cf:30:9c:22:98:58:cb:
         80:c2:a8:fd:d6:ff:d2:1b:5b:51:00:30:a9:df:c4:d2:c5:59:
         c9:7b:63:34:68:8a:12:02:c0:e4:d7:33:bd:5a:e7:8c:0c:f3:
         63:52:29:de
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUBTS69LPk9qQnL425eUZ9GAUK46MwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNTUxMjA5MDI3ZjVlN2FkNTRlMDRmMDQyZTRhYzBlOWU2
NWM1NmU1NWM3NzQ3OGQyY2UwHhcNMjYwNjIyMDExMDA3WhcNMjYwOTIwMjM1OTU5
WjB6MUkwRwYDVQQFE0BlNzQ4NjZhN2VhMGQ1YTBiMzgzYmYxYjk5YzQ3ZGY0NTM0
MjM0NjMzMTM0ZGNhNWNjOTg1YWNlYjYxYThjMDFlMS0wKwYDVQQDEyQ5ZjIzMGZh
OS1hYTJmLTQwMjAtYWUyYS0xYTYwMzc0MDg0YjgwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCKifObhz1ZjIIKL0s4lmFOkrQATHN8QITDoxVZb/Oq2jgO
UaUlkuPEVmw+EjXYQu0ONI916vXzzW8ETpB6HbBiFa0qwHIs076csBIuE8o36kLb
x+cts1MQNAUpv9YqqwNTAXyMl0rYVMYzN55s8Z+p9DROwg8ESPbpU1QxtfiZy6a3
rw6WyKz18B+XjPdeKfxjEp90y8mOeMedUe7RACeI1g9Eiyj6rx5QelW6c2QHzqu0
iUY5zwe4Xq3Q7ie8+vbuPexZM9lRRWSzJmaIuHgOrgm9b34RwMKyG4WNYtoj4dvG
DzAybnI5bB5RJqFHiGwPB9VGRoeAySXZyOTZ/HkFAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUfOykxiHcZrG+l21JLhVezmQQW/MwHwYDVR0jBBgwFoAU6PPFIOIO8l06
t6IWuxQEMWo3OPEwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
L2Y2MGM5ZjMyLWE4N2MtNDMzOS1hMmYzLTYyOTlhM2IwMmUyOS85OWY4ZmVkMi0y
OTJiLTQ3MjItYjkyOC1mZWU3YmYwYTU5MTAvNTUxMjA5MDI3ZjVlN2FkNTRlMDRm
MDQyZTRhYzBlOWU2NWM1NmU1NWM3NzQ3OGQyY2UuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZTc1MThhZjUtYTM0My00MjhkLWJmNzgtZjk4
MmI2ZTYwNTA1LzQ1MjVhNzU3LTU0Y2UtNDUxNi1iNDQyLWExZDZjYzUzMjc4MS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2U3NTE4YWY1LWEzNDMtNDI4ZC1iZjc4
LWY5ODJiNmU2MDUwNS9YbnJWVGdUd1F1U3NEcDVseFc1VngzUjQwczQuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmAJAAEgYwDQYJKoZIhvcNAQELBQADggEBACZm31PbjJRgPhErorkXvJP5
+aN4ssm1ShNH4NygSHAxTIgimOseh7dT6xXfZ6fdSILEoTJ6BGMtaYZscDCRgosf
MTc5v0l6hC1ay7yZ+6XazujK6/5M/wABx3Ku3XRS2wtGJqZIKxRulksTKOU8gygc
DIRO+ScVsBFR773HJaS4zV5HL0zDaGDOVJKgGaw7uDMy5cc5iG8rh2mI0cmB8JuO
SSkomjpkD48EZYVquzoDc8t9ruxGcgIH37/U+PYuvE6glHu99DHngYtIr0dLvPni
zzCcIphYy4DCqP3W/9IbW1EAMKnfxNLFWcl7YzRoihICwOTXM71a54wM82NSKd4=
-----END CERTIFICATE-----
Generated at Sat Jul 4 08:05:38 2026 by rpki-client