Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/5442b243-0a71-417b-bd8d-797be5f37612.roa
File:                     5442b243-0a71-417b-bd8d-797be5f37612.roa (raw, json)
Hash identifier:          K4QbCIgWqfF+9GMw7XPIh2GF+xsIJRyKYQch1l+QUL8=
Subject key identifier:   BF:DC:36:8D:33:84:0E:F1:84:A4:CB:81:0B:A6:64:A5:E8:E1:39:BA
Certificate issuer:       /CN=551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce
Certificate serial:       653A846ED205BBA0AD1718E20E785CA8B107FBC6
Authority key identifier: E8:F3:C5:20:E2:0E:F2:5D:3A:B7:A2:16:BB:14:04:31:6A:37:38:F1
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/5442b243-0a71-417b-bd8d-797be5f37612.roa
Signing time:             Mon 22 Jun 2026 02:10:09 +0000
ROA not before:           Mon 22 Jun 2026 02:10:09 +0000
ROA not after:            Sun 20 Sep 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:9000:10b0::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/XnrVTgTwQuSsDp5lxW5Vx3R40s4.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/XnrVTgTwQuSsDp5lxW5Vx3R40s4.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/99f8fed2-292b-4722-b928-fee7bf0a5910.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/99f8fed2-292b-4722-b928-fee7bf0a5910.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/f60c9f32-a87c-4339-a2f3-6299a3b02e29.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/f60c9f32-a87c-4339-a2f3-6299a3b02e29.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 05 Jul 2026 21:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            65:3a:84:6e:d2:05:bb:a0:ad:17:18:e2:0e:78:5c:a8:b1:07:fb:c6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce
        Validity
            Not Before: Jun 22 02:10:09 2026 GMT
            Not After : Sep 20 23:59:59 2026 GMT
        Subject: serialNumber=a769128e76686c18f153255f2c62d066f29b2f226655f35eaa05ce990c2e0eae, CN=9f230fa9-aa2f-4020-ae2a-1a60374084b8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:83:e1:8c:cb:aa:94:47:f6:5a:d0:ce:c2:06:
                    5a:1c:83:87:98:a1:87:dd:ed:ff:fc:75:bc:8f:e8:
                    b1:c6:b2:72:6f:1c:24:51:14:8b:34:7a:67:52:11:
                    bc:71:5b:a7:2a:a3:65:8f:93:5e:6f:2c:65:9d:f2:
                    e8:81:ab:4d:25:34:74:99:5f:10:9e:65:83:ba:60:
                    fe:e2:09:67:9f:93:5f:6f:43:ad:8b:20:c1:d4:d3:
                    58:6f:3a:f4:5a:b8:c5:6c:2c:2b:f6:ba:61:e9:6f:
                    37:12:99:4f:0c:fc:b4:d3:5c:fc:09:83:84:8e:96:
                    90:57:ea:f9:88:1b:e8:01:6c:a3:ca:45:15:7b:eb:
                    14:37:0b:07:69:ad:44:53:92:51:1b:e1:95:51:fe:
                    e1:db:d0:99:b0:96:88:f7:1a:1d:94:6c:e8:9b:92:
                    be:89:2e:d4:65:f0:c2:d8:92:96:0a:1a:17:2c:26:
                    9e:c8:a0:45:06:d0:97:ae:db:0d:43:90:6a:0b:7f:
                    72:a9:9d:78:c3:24:4b:9d:d8:d2:a5:ee:33:4a:a8:
                    5e:cb:30:61:3f:b9:05:5a:7b:c9:16:80:32:7b:dc:
                    8d:7d:a5:0b:d4:47:42:e4:a8:a6:38:6f:b7:c0:2c:
                    a9:2b:34:3a:90:51:9b:f0:ea:d7:e6:a3:52:c4:52:
                    15:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BF:DC:36:8D:33:84:0E:F1:84:A4:CB:81:0B:A6:64:A5:E8:E1:39:BA
            X509v3 Authority Key Identifier:
                keyid:E8:F3:C5:20:E2:0E:F2:5D:3A:B7:A2:16:BB:14:04:31:6A:37:38:F1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/5442b243-0a71-417b-bd8d-797be5f37612.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/XnrVTgTwQuSsDp5lxW5Vx3R40s4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:9000:10b0::/48

    Signature Algorithm: sha256WithRSAEncryption
         b9:83:0b:d2:6d:78:61:71:3b:d4:2b:d1:a6:f2:2d:c7:5b:d2:
         f8:35:0f:19:f2:5c:53:95:e6:72:07:31:45:c0:fb:a6:a3:26:
         af:00:74:42:f5:76:08:02:8a:26:9c:1c:e2:bd:65:cd:68:49:
         14:c2:97:71:e7:6b:b3:87:6d:4a:7c:1d:d8:0a:2b:ee:b3:3b:
         72:aa:9a:b5:ef:e8:1e:42:3b:69:6b:35:63:a2:da:a7:ab:7b:
         d3:62:ff:7a:5d:58:55:54:37:34:95:74:92:36:7a:e2:72:9f:
         dc:13:c7:4f:bf:31:a0:ac:15:c4:64:fb:dc:c3:a6:3b:4a:85:
         d1:1d:41:f2:75:e2:3e:72:25:78:c3:67:98:0f:1d:c3:97:7c:
         1b:24:0f:97:7e:0e:10:ef:f7:f8:c0:8f:44:c2:e0:ea:b5:9f:
         48:63:94:13:47:7a:de:3f:79:40:39:ad:98:77:7d:a3:13:50:
         27:30:cc:5d:9f:38:2d:8b:71:ed:14:a6:f9:f7:08:02:8d:cb:
         64:aa:e7:7c:2c:22:54:39:60:3e:50:a9:0a:23:32:11:07:0d:
         4b:ce:72:d2:d1:50:77:e9:7b:01:04:11:1d:f3:96:3e:0a:53:
         c2:ca:90:84:fa:78:bb:43:77:28:29:60:f2:77:17:c1:c1:bf:
         a2:63:36:89
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUZTqEbtIFu6CtFxjiDnhcqLEH+8YwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNTUxMjA5MDI3ZjVlN2FkNTRlMDRmMDQyZTRhYzBlOWU2
NWM1NmU1NWM3NzQ3OGQyY2UwHhcNMjYwNjIyMDIxMDA5WhcNMjYwOTIwMjM1OTU5
WjB6MUkwRwYDVQQFE0BhNzY5MTI4ZTc2Njg2YzE4ZjE1MzI1NWYyYzYyZDA2NmYy
OWIyZjIyNjY1NWYzNWVhYTA1Y2U5OTBjMmUwZWFlMS0wKwYDVQQDEyQ5ZjIzMGZh
OS1hYTJmLTQwMjAtYWUyYS0xYTYwMzc0MDg0YjgwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC8g+GMy6qUR/Za0M7CBlocg4eYoYfd7f/8dbyP6LHGsnJv
HCRRFIs0emdSEbxxW6cqo2WPk15vLGWd8uiBq00lNHSZXxCeZYO6YP7iCWefk19v
Q62LIMHU01hvOvRauMVsLCv2umHpbzcSmU8M/LTTXPwJg4SOlpBX6vmIG+gBbKPK
RRV76xQ3CwdprURTklEb4ZVR/uHb0Jmwloj3Gh2UbOibkr6JLtRl8MLYkpYKGhcs
Jp7IoEUG0Jeu2w1DkGoLf3KpnXjDJEud2NKl7jNKqF7LMGE/uQVae8kWgDJ73I19
pQvUR0LkqKY4b7fALKkrNDqQUZvw6tfmo1LEUhVXAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUv9w2jTOEDvGEpMuBC6ZkpejhObowHwYDVR0jBBgwFoAU6PPFIOIO8l06
t6IWuxQEMWo3OPEwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
L2Y2MGM5ZjMyLWE4N2MtNDMzOS1hMmYzLTYyOTlhM2IwMmUyOS85OWY4ZmVkMi0y
OTJiLTQ3MjItYjkyOC1mZWU3YmYwYTU5MTAvNTUxMjA5MDI3ZjVlN2FkNTRlMDRm
MDQyZTRhYzBlOWU2NWM1NmU1NWM3NzQ3OGQyY2UuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZTc1MThhZjUtYTM0My00MjhkLWJmNzgtZjk4
MmI2ZTYwNTA1LzU0NDJiMjQzLTBhNzEtNDE3Yi1iZDhkLTc5N2JlNWYzNzYxMi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2U3NTE4YWY1LWEzNDMtNDI4ZC1iZjc4
LWY5ODJiNmU2MDUwNS9YbnJWVGdUd1F1U3NEcDVseFc1VngzUjQwczQuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmAJAAELAwDQYJKoZIhvcNAQELBQADggEBALmDC9JteGFxO9Qr0abyLcdb
0vg1DxnyXFOV5nIHMUXA+6ajJq8AdEL1dggCiiacHOK9Zc1oSRTCl3Hna7OHbUp8
HdgKK+6zO3KqmrXv6B5CO2lrNWOi2qere9Ni/3pdWFVUNzSVdJI2euJyn9wTx0+/
MaCsFcRk+9zDpjtKhdEdQfJ14j5yJXjDZ5gPHcOXfBskD5d+DhDv9/jAj0TC4Oq1
n0hjlBNHet4/eUA5rZh3faMTUCcwzF2fOC2Lce0Upvn3CAKNy2Sq53wsIlQ5YD5Q
qQojMhEHDUvOctLRUHfpewEEER3zlj4KU8LKkIT6eLtDdygpYPJ3F8HBv6JjNok=
-----END CERTIFICATE-----
Generated at Sat Jul 4 09:10:35 2026 by rpki-client