Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/994fb98a-96b5-4ed9-92c4-39a51e4339ba.roa
File:                     994fb98a-96b5-4ed9-92c4-39a51e4339ba.roa (raw, json)
Hash identifier:          3X9/DSfY1K+eTofc19eUnpPiLHA+hHpqRl18MFtWXZk=
Subject key identifier:   76:8E:AD:70:8C:83:F7:97:81:55:E8:D4:B7:16:A0:98:F6:51:FD:43
Certificate issuer:       /CN=551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce
Certificate serial:       72C0E79B6256B388AB7C8C77BD8978ADAB9B8FCC
Authority key identifier: E8:F3:C5:20:E2:0E:F2:5D:3A:B7:A2:16:BB:14:04:31:6A:37:38:F1
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/994fb98a-96b5-4ed9-92c4-39a51e4339ba.roa
Signing time:             Mon 22 Jun 2026 02:00:58 +0000
ROA not before:           Mon 22 Jun 2026 02:00:58 +0000
ROA not after:            Sun 20 Sep 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:9000:10ab::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/XnrVTgTwQuSsDp5lxW5Vx3R40s4.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/XnrVTgTwQuSsDp5lxW5Vx3R40s4.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/99f8fed2-292b-4722-b928-fee7bf0a5910.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/99f8fed2-292b-4722-b928-fee7bf0a5910.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/f60c9f32-a87c-4339-a2f3-6299a3b02e29.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/f60c9f32-a87c-4339-a2f3-6299a3b02e29.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 05 Jul 2026 21:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            72:c0:e7:9b:62:56:b3:88:ab:7c:8c:77:bd:89:78:ad:ab:9b:8f:cc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce
        Validity
            Not Before: Jun 22 02:00:58 2026 GMT
            Not After : Sep 20 23:59:59 2026 GMT
        Subject: serialNumber=f0a698360efa387fab62151b80ff9085560ad706e488cd08d7945fd531585d48, CN=9f230fa9-aa2f-4020-ae2a-1a60374084b8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:74:e9:d1:9c:db:6b:c6:65:b8:42:45:e1:33:
                    55:3a:77:18:6b:8d:c8:5b:79:4a:46:c5:47:69:c0:
                    66:b1:53:ae:f0:24:b2:54:ee:50:0f:c0:7b:fb:29:
                    fb:06:c8:66:76:e8:7d:e6:9d:48:18:c6:61:06:c6:
                    93:c6:fc:9c:d4:e2:0c:e8:57:81:a6:9a:f0:36:a5:
                    7b:8b:c0:62:97:00:a1:3c:5b:9b:a8:e3:7a:ec:24:
                    50:e5:f3:bc:f3:be:75:6f:bf:b8:61:1f:ac:a1:83:
                    d3:f6:a0:c0:c2:12:b1:06:f9:f1:30:b0:04:ac:f6:
                    c7:69:57:72:bb:67:19:ca:57:35:09:dd:ce:fa:23:
                    92:d2:a8:7c:b3:fc:cb:b2:f0:74:58:ff:d6:db:eb:
                    64:a0:16:9f:f6:7f:28:4b:8e:32:eb:55:cd:ff:7e:
                    9d:9a:06:29:b4:20:22:4c:51:3a:da:18:6d:7e:3a:
                    52:cc:8d:d7:42:b3:66:24:95:da:18:b2:aa:5d:97:
                    53:dc:45:e6:c2:a4:65:19:50:be:4a:01:71:9c:72:
                    4e:51:41:12:74:47:0c:34:6b:fd:84:7f:40:bb:9e:
                    50:01:fc:4e:70:e7:e7:27:ec:7d:c8:1b:c2:47:b5:
                    c6:e2:6d:07:bf:08:fa:c7:32:80:bf:66:0d:e8:57:
                    6f:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                76:8E:AD:70:8C:83:F7:97:81:55:E8:D4:B7:16:A0:98:F6:51:FD:43
            X509v3 Authority Key Identifier:
                keyid:E8:F3:C5:20:E2:0E:F2:5D:3A:B7:A2:16:BB:14:04:31:6A:37:38:F1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/994fb98a-96b5-4ed9-92c4-39a51e4339ba.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/XnrVTgTwQuSsDp5lxW5Vx3R40s4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:9000:10ab::/48

    Signature Algorithm: sha256WithRSAEncryption
         c3:8e:08:c7:37:de:dc:62:fc:a2:f3:7d:98:43:64:7f:e7:a4:
         95:95:fc:1c:47:94:3b:1b:45:e8:87:17:c4:0c:f6:32:07:3c:
         bb:f9:b1:df:34:21:c2:b2:1e:6d:97:40:c8:62:0d:4c:f2:5c:
         a1:66:78:03:16:54:32:71:42:39:89:a6:55:5d:b8:ac:e9:a6:
         71:bc:c9:a6:9f:c6:08:65:d8:f7:ae:90:e8:7b:4f:e9:e8:d5:
         c2:ad:f8:6d:c3:44:30:5f:6e:25:96:b4:11:a0:72:00:dc:44:
         5f:5c:a7:fe:be:9f:6f:9d:b1:4e:7c:78:1a:5d:1e:3e:63:43:
         a6:4f:5c:42:f1:ba:85:15:43:c5:43:70:0d:dc:94:aa:eb:60:
         7e:08:d2:18:c6:2d:9a:aa:34:c9:dd:99:87:0d:88:cb:47:95:
         09:86:ce:3f:e4:d4:34:5d:0f:6e:46:ca:83:0f:bc:a0:90:ae:
         1c:39:4b:b5:5d:89:7b:4e:76:df:d1:ad:f6:41:81:85:5b:21:
         c2:90:c0:9a:3e:d4:78:bd:86:66:a1:79:52:34:f1:85:f8:72:
         d5:6d:32:5a:c6:69:a6:06:51:13:cf:3d:1d:e1:87:12:65:f5:
         eb:0b:c5:3b:c7:8f:55:94:b9:af:0b:82:08:41:f2:d9:c8:73:
         12:38:05:e7
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUcsDnm2JWs4irfIx3vYl4raubj8wwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNTUxMjA5MDI3ZjVlN2FkNTRlMDRmMDQyZTRhYzBlOWU2
NWM1NmU1NWM3NzQ3OGQyY2UwHhcNMjYwNjIyMDIwMDU4WhcNMjYwOTIwMjM1OTU5
WjB6MUkwRwYDVQQFE0BmMGE2OTgzNjBlZmEzODdmYWI2MjE1MWI4MGZmOTA4NTU2
MGFkNzA2ZTQ4OGNkMDhkNzk0NWZkNTMxNTg1ZDQ4MS0wKwYDVQQDEyQ5ZjIzMGZh
OS1hYTJmLTQwMjAtYWUyYS0xYTYwMzc0MDg0YjgwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDDdOnRnNtrxmW4QkXhM1U6dxhrjchbeUpGxUdpwGaxU67w
JLJU7lAPwHv7KfsGyGZ26H3mnUgYxmEGxpPG/JzU4gzoV4GmmvA2pXuLwGKXAKE8
W5uo43rsJFDl87zzvnVvv7hhH6yhg9P2oMDCErEG+fEwsASs9sdpV3K7ZxnKVzUJ
3c76I5LSqHyz/Muy8HRY/9bb62SgFp/2fyhLjjLrVc3/fp2aBim0ICJMUTraGG1+
OlLMjddCs2YkldoYsqpdl1PcRebCpGUZUL5KAXGcck5RQRJ0Rww0a/2Ef0C7nlAB
/E5w5+cn7H3IG8JHtcbibQe/CPrHMoC/Zg3oV29ZAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUdo6tcIyD95eBVejUtxagmPZR/UMwHwYDVR0jBBgwFoAU6PPFIOIO8l06
t6IWuxQEMWo3OPEwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
L2Y2MGM5ZjMyLWE4N2MtNDMzOS1hMmYzLTYyOTlhM2IwMmUyOS85OWY4ZmVkMi0y
OTJiLTQ3MjItYjkyOC1mZWU3YmYwYTU5MTAvNTUxMjA5MDI3ZjVlN2FkNTRlMDRm
MDQyZTRhYzBlOWU2NWM1NmU1NWM3NzQ3OGQyY2UuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZTc1MThhZjUtYTM0My00MjhkLWJmNzgtZjk4
MmI2ZTYwNTA1Lzk5NGZiOThhLTk2YjUtNGVkOS05MmM0LTM5YTUxZTQzMzliYS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2U3NTE4YWY1LWEzNDMtNDI4ZC1iZjc4
LWY5ODJiNmU2MDUwNS9YbnJWVGdUd1F1U3NEcDVseFc1VngzUjQwczQuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmAJAAEKswDQYJKoZIhvcNAQELBQADggEBAMOOCMc33txi/KLzfZhDZH/n
pJWV/BxHlDsbReiHF8QM9jIHPLv5sd80IcKyHm2XQMhiDUzyXKFmeAMWVDJxQjmJ
plVduKzppnG8yaafxghl2PeukOh7T+no1cKt+G3DRDBfbiWWtBGgcgDcRF9cp/6+
n2+dsU58eBpdHj5jQ6ZPXELxuoUVQ8VDcA3clKrrYH4I0hjGLZqqNMndmYcNiMtH
lQmGzj/k1DRdD25GyoMPvKCQrhw5S7VdiXtOdt/RrfZBgYVbIcKQwJo+1Hi9hmah
eVI08YX4ctVtMlrGaaYGURPPPR3hhxJl9esLxTvHj1WUua8LgghB8tnIcxI4Bec=
-----END CERTIFICATE-----
Generated at Sat Jul 4 08:04:32 2026 by rpki-client