Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/85deb819-eeec-4ff7-94c0-51079618b009.roa
File:                     85deb819-eeec-4ff7-94c0-51079618b009.roa (raw, json)
Hash identifier:          bz95zQrwSltQbwMVbwT16pjSTyMEXrf5AFRu1sphzzs=
Subject key identifier:   1C:85:D3:2E:F5:55:DB:3F:B7:22:3C:A6:69:9E:F9:AB:83:03:F6:B9
Certificate issuer:       /CN=551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce
Certificate serial:       65F3C2888F4504A5ED1FEB7094F5EC990DA6A0B1
Authority key identifier: E8:F3:C5:20:E2:0E:F2:5D:3A:B7:A2:16:BB:14:04:31:6A:37:38:F1
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/85deb819-eeec-4ff7-94c0-51079618b009.roa
Signing time:             Mon 22 Jun 2026 01:30:58 +0000
ROA not before:           Mon 22 Jun 2026 01:30:58 +0000
ROA not after:            Sun 20 Sep 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:9000:10a7::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/XnrVTgTwQuSsDp5lxW5Vx3R40s4.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/XnrVTgTwQuSsDp5lxW5Vx3R40s4.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/99f8fed2-292b-4722-b928-fee7bf0a5910.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/99f8fed2-292b-4722-b928-fee7bf0a5910.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/f60c9f32-a87c-4339-a2f3-6299a3b02e29.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/f60c9f32-a87c-4339-a2f3-6299a3b02e29.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 05 Jul 2026 21:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            65:f3:c2:88:8f:45:04:a5:ed:1f:eb:70:94:f5:ec:99:0d:a6:a0:b1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce
        Validity
            Not Before: Jun 22 01:30:58 2026 GMT
            Not After : Sep 20 23:59:59 2026 GMT
        Subject: serialNumber=2acbf74d29795d81d1652357e530c4ad326ae248268d266521e1408f6c4f6529, CN=9f230fa9-aa2f-4020-ae2a-1a60374084b8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:b6:df:02:73:08:4f:38:be:6a:ed:06:a5:91:
                    ee:55:f4:b3:f2:92:b1:da:1f:b9:48:e5:9a:53:e4:
                    3f:41:d9:f9:e3:f7:97:d7:26:4c:c0:29:30:2c:65:
                    4a:ea:eb:a2:06:2a:08:42:56:d9:a7:c2:0b:3c:77:
                    9b:29:62:07:8c:51:85:63:74:79:c3:e9:3c:f6:35:
                    85:da:46:22:fc:e5:8f:c4:4a:b9:91:6b:5d:e1:dc:
                    57:3f:eb:e3:c0:1e:22:8f:22:6f:c7:0d:26:c6:68:
                    da:84:31:fe:d7:3d:20:c6:47:8e:f6:55:c5:bc:0e:
                    59:6b:dd:53:84:7d:39:c4:9e:e7:7c:eb:64:a7:99:
                    e5:6d:0d:70:61:63:84:24:cd:93:52:21:fc:be:fb:
                    74:92:67:c7:a0:93:74:ad:15:1b:cd:40:35:ec:23:
                    0d:27:23:19:0d:c8:e7:20:f3:d3:06:54:f0:9a:d5:
                    72:1c:b2:85:c7:72:f9:a1:eb:87:a5:48:5b:d5:29:
                    ea:03:25:d2:77:00:6b:a0:59:9c:c9:3d:5a:a6:dd:
                    bb:fb:4d:4e:6c:86:0a:40:f1:e6:a6:53:b2:39:8b:
                    30:fb:72:69:ca:1a:ca:6a:49:14:bd:2c:3f:5e:36:
                    0c:f1:a8:93:13:1a:f1:a3:73:8a:24:1c:ee:9e:7f:
                    33:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1C:85:D3:2E:F5:55:DB:3F:B7:22:3C:A6:69:9E:F9:AB:83:03:F6:B9
            X509v3 Authority Key Identifier:
                keyid:E8:F3:C5:20:E2:0E:F2:5D:3A:B7:A2:16:BB:14:04:31:6A:37:38:F1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/85deb819-eeec-4ff7-94c0-51079618b009.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/XnrVTgTwQuSsDp5lxW5Vx3R40s4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:9000:10a7::/48

    Signature Algorithm: sha256WithRSAEncryption
         6f:f6:22:bf:d8:0d:d1:e2:1a:09:fe:4e:fe:4b:67:8b:14:c3:
         e2:35:98:82:28:e6:01:50:b1:d7:07:03:a2:e9:61:32:4d:25:
         e2:55:50:29:15:88:41:ba:1d:4f:4a:e1:9b:74:89:4d:ca:c5:
         eb:8e:a7:a1:2d:3c:81:86:24:4d:4a:25:1c:2e:77:fd:06:bf:
         4a:bf:c1:16:d7:13:df:e8:a1:dd:e3:4e:bd:8a:9c:11:ce:eb:
         a7:2a:e2:f5:76:1d:67:41:3f:82:5e:9a:fa:8d:86:dc:eb:89:
         56:1b:6a:09:f2:ca:d9:79:2a:c3:cd:7c:8a:e0:6d:9d:c8:3e:
         9b:07:0a:ec:0e:5f:b1:cd:8b:d2:c7:21:62:af:0f:96:0c:4c:
         fc:2e:14:37:58:7e:88:4c:0a:84:0e:58:ac:60:e2:9c:33:7f:
         22:2a:69:12:97:61:bf:70:7b:ed:5a:e1:c3:49:c1:e1:c4:e0:
         c4:8d:ae:3a:27:e6:ad:08:9c:2a:bc:7d:02:08:7f:f8:a7:9b:
         be:c2:30:02:3f:49:7a:63:d9:c5:19:f8:d9:90:45:dc:49:1a:
         72:9c:d7:78:f2:18:e2:e5:c2:3c:f7:1c:35:92:20:f0:22:98:
         2a:4a:6c:8d:fd:99:e3:e9:ef:7c:d8:de:d0:7d:e1:34:a0:af:
         38:02:ef:b9
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUZfPCiI9FBKXtH+twlPXsmQ2moLEwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNTUxMjA5MDI3ZjVlN2FkNTRlMDRmMDQyZTRhYzBlOWU2
NWM1NmU1NWM3NzQ3OGQyY2UwHhcNMjYwNjIyMDEzMDU4WhcNMjYwOTIwMjM1OTU5
WjB6MUkwRwYDVQQFE0AyYWNiZjc0ZDI5Nzk1ZDgxZDE2NTIzNTdlNTMwYzRhZDMy
NmFlMjQ4MjY4ZDI2NjUyMWUxNDA4ZjZjNGY2NTI5MS0wKwYDVQQDEyQ5ZjIzMGZh
OS1hYTJmLTQwMjAtYWUyYS0xYTYwMzc0MDg0YjgwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCqtt8CcwhPOL5q7Qalke5V9LPykrHaH7lI5ZpT5D9B2fnj
95fXJkzAKTAsZUrq66IGKghCVtmnwgs8d5spYgeMUYVjdHnD6Tz2NYXaRiL85Y/E
SrmRa13h3Fc/6+PAHiKPIm/HDSbGaNqEMf7XPSDGR472VcW8Dllr3VOEfTnEnud8
62SnmeVtDXBhY4QkzZNSIfy++3SSZ8egk3StFRvNQDXsIw0nIxkNyOcg89MGVPCa
1XIcsoXHcvmh64elSFvVKeoDJdJ3AGugWZzJPVqm3bv7TU5shgpA8eamU7I5izD7
cmnKGspqSRS9LD9eNgzxqJMTGvGjc4okHO6efzPJAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUHIXTLvVV2z+3IjymaZ75q4MD9rkwHwYDVR0jBBgwFoAU6PPFIOIO8l06
t6IWuxQEMWo3OPEwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
L2Y2MGM5ZjMyLWE4N2MtNDMzOS1hMmYzLTYyOTlhM2IwMmUyOS85OWY4ZmVkMi0y
OTJiLTQ3MjItYjkyOC1mZWU3YmYwYTU5MTAvNTUxMjA5MDI3ZjVlN2FkNTRlMDRm
MDQyZTRhYzBlOWU2NWM1NmU1NWM3NzQ3OGQyY2UuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZTc1MThhZjUtYTM0My00MjhkLWJmNzgtZjk4
MmI2ZTYwNTA1Lzg1ZGViODE5LWVlZWMtNGZmNy05NGMwLTUxMDc5NjE4YjAwOS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2U3NTE4YWY1LWEzNDMtNDI4ZC1iZjc4
LWY5ODJiNmU2MDUwNS9YbnJWVGdUd1F1U3NEcDVseFc1VngzUjQwczQuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmAJAAEKcwDQYJKoZIhvcNAQELBQADggEBAG/2Ir/YDdHiGgn+Tv5LZ4sU
w+I1mIIo5gFQsdcHA6LpYTJNJeJVUCkViEG6HU9K4Zt0iU3KxeuOp6EtPIGGJE1K
JRwud/0Gv0q/wRbXE9/ood3jTr2KnBHO66cq4vV2HWdBP4JemvqNhtzriVYbagny
ytl5KsPNfIrgbZ3IPpsHCuwOX7HNi9LHIWKvD5YMTPwuFDdYfohMCoQOWKxg4pwz
fyIqaRKXYb9we+1a4cNJweHE4MSNrjon5q0InCq8fQIIf/inm77CMAI/SXpj2cUZ
+NmQRdxJGnKc13jyGOLlwjz3HDWSIPAimCpKbI39mePp73zY3tB94TSgrzgC77k=
-----END CERTIFICATE-----
Generated at Sat Jul 4 08:02:43 2026 by rpki-client