Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/27b37178-c8b2-446a-9459-9b54ee75e23e.roa
File:                     27b37178-c8b2-446a-9459-9b54ee75e23e.roa (raw, json)
Hash identifier:          ANxHjvwiL/GcsYJWUVJlcEgGIUpQsIjt3N+7LKfpLMc=
Subject key identifier:   0B:44:5D:1C:9E:00:79:CA:A2:FF:FC:B3:18:F7:0E:BE:18:55:39:33
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       3F3786191C95EAF88F53A40596B9DF44717DA57C
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/27b37178-c8b2-446a-9459-9b54ee75e23e.roa
Signing time:             Sat 16 May 2026 01:50:41 +0000
ROA not before:           Sat 16 May 2026 01:50:41 +0000
ROA not after:            Fri 14 Aug 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:1fff:a440::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 14 Jun 2026 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3f:37:86:19:1c:95:ea:f8:8f:53:a4:05:96:b9:df:44:71:7d:a5:7c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: May 16 01:50:41 2026 GMT
            Not After : Aug 14 23:59:59 2026 GMT
        Subject: serialNumber=90de7d4a51d90d324106adfc49782507a80ceee2d78a850c2f8e10b301935f46, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:73:9d:0d:41:23:f8:fa:7c:72:71:94:48:01:
                    73:ec:0b:d5:51:26:7f:b1:ac:54:a1:e4:e8:c4:a6:
                    1d:de:fb:7e:41:49:34:05:06:7e:94:32:26:a7:97:
                    57:9d:c4:e4:d1:a3:29:bf:29:41:4a:84:c0:0a:d1:
                    d1:61:5a:43:4b:6a:4e:9d:ed:05:9e:6b:56:25:4e:
                    3b:56:f4:db:a3:18:8f:e9:f9:e5:0d:be:46:a6:28:
                    61:db:fa:b3:dd:6a:31:15:9e:a3:8f:15:e5:0c:af:
                    b5:47:a7:8a:f0:be:ca:ee:49:94:e1:8f:d2:af:70:
                    06:39:df:62:7b:eb:ae:d6:03:98:62:6c:99:b4:bc:
                    62:cf:98:8a:5f:16:34:86:f0:85:ec:24:7d:75:92:
                    33:2d:17:cb:99:66:1b:68:20:fe:77:65:13:ab:ee:
                    db:79:b2:7d:1f:77:b8:ff:a5:69:2e:8e:1e:53:67:
                    a5:28:c1:41:c9:86:7c:f5:2b:dd:68:20:99:a0:e7:
                    1f:2e:f2:86:7c:2d:47:67:bd:30:8c:cc:1e:62:96:
                    4c:46:d1:ae:b6:c5:07:cc:52:5f:47:09:82:ad:6b:
                    5e:a9:ad:7b:84:9f:c0:f0:b4:38:b9:95:1a:26:07:
                    c7:c8:6f:50:1a:eb:79:bf:86:39:fd:77:bd:52:9e:
                    3c:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0B:44:5D:1C:9E:00:79:CA:A2:FF:FC:B3:18:F7:0E:BE:18:55:39:33
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/27b37178-c8b2-446a-9459-9b54ee75e23e.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1fff:a440::/48

    Signature Algorithm: sha256WithRSAEncryption
         7f:d9:8e:77:ab:a6:cc:aa:93:1b:ed:0c:5c:27:7d:ed:8d:74:
         f2:5a:da:46:7c:5d:de:aa:df:80:f1:4d:82:5a:24:eb:e5:66:
         7c:3a:88:76:95:0d:eb:dd:b5:dc:2d:e1:9f:6b:19:27:0b:4f:
         08:6b:44:5e:67:0a:90:e2:ee:30:38:07:78:e6:ef:0e:c9:42:
         79:46:cf:6b:e8:79:89:30:33:c4:b1:a6:10:4f:d8:9c:a0:48:
         bf:58:ba:60:a1:44:8a:c9:ed:40:57:ce:18:9f:0b:87:ef:ef:
         9d:3f:01:f0:ec:a3:ac:eb:a7:24:64:af:9a:4f:85:89:3f:a8:
         b7:a3:be:1b:e1:ae:e5:b5:eb:13:72:32:49:4b:53:bb:6f:45:
         94:bd:84:d3:52:9b:96:4f:d7:9f:22:6c:41:d3:05:c1:37:bc:
         16:7c:db:06:4d:b5:6a:0b:62:32:e4:d6:1e:34:2e:cb:eb:9f:
         99:d0:6c:7e:00:ff:d4:37:f3:e7:6f:54:44:9b:e9:a1:e2:e2:
         9a:bb:d5:fa:3d:0a:57:5c:41:24:03:89:be:e0:7e:25:63:8b:
         7a:f5:27:10:43:05:a6:20:8d:4c:10:f7:19:ae:84:54:c0:3e:
         47:79:81:ff:9b:fa:68:06:f5:de:08:b4:f9:54:59:e2:57:13:
         94:26:6f:b1
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUPzeGGRyV6viPU6QFlrnfRHF9pXwwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjYwNTE2MDE1MDQxWhcNMjYwODE0MjM1OTU5
WjB6MUkwRwYDVQQFE0A5MGRlN2Q0YTUxZDkwZDMyNDEwNmFkZmM0OTc4MjUwN2E4
MGNlZWUyZDc4YTg1MGMyZjhlMTBiMzAxOTM1ZjQ2MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCfc50NQSP4+nxycZRIAXPsC9VRJn+xrFSh5OjEph3e+35B
STQFBn6UMianl1edxOTRoym/KUFKhMAK0dFhWkNLak6d7QWea1YlTjtW9NujGI/p
+eUNvkamKGHb+rPdajEVnqOPFeUMr7VHp4rwvsruSZThj9KvcAY532J7667WA5hi
bJm0vGLPmIpfFjSG8IXsJH11kjMtF8uZZhtoIP53ZROr7tt5sn0fd7j/pWkujh5T
Z6UowUHJhnz1K91oIJmg5x8u8oZ8LUdnvTCMzB5ilkxG0a62xQfMUl9HCYKta16p
rXuEn8DwtDi5lRomB8fIb1Aa63m/hjn9d71SnjwRAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUC0RdHJ4Aecqi//yzGPcOvhhVOTMwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzI3YjM3MTc4LWM4YjItNDQ2YS05NDU5LTliNTRlZTc1ZTIzZS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmAB//pEAwDQYJKoZIhvcNAQELBQADggEBAH/ZjnerpsyqkxvtDFwnfe2N
dPJa2kZ8Xd6q34DxTYJaJOvlZnw6iHaVDevdtdwt4Z9rGScLTwhrRF5nCpDi7jA4
B3jm7w7JQnlGz2voeYkwM8SxphBP2JygSL9YumChRIrJ7UBXzhifC4fv750/AfDs
o6zrpyRkr5pPhYk/qLejvhvhruW16xNyMklLU7tvRZS9hNNSm5ZP158ibEHTBcE3
vBZ82wZNtWoLYjLk1h40Lsvrn5nQbH4A/9Q38+dvVESb6aHi4pq71fo9CldcQSQD
ib7gfiVji3r1JxBDBaYgjUwQ9xmuhFTAPkd5gf+b+mgG9d4ItPlUWeJXE5Qmb7E=
-----END CERTIFICATE-----