Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/34596f5f-17dd-4745-b0d3-0cdec552b218.roa
File:                     34596f5f-17dd-4745-b0d3-0cdec552b218.roa (raw, json)
Hash identifier:          T20BjdIsQBJ++smIFkATPJ+mTd33Squ8oRw3mFNrsZk=
Subject key identifier:   64:55:5E:C9:EB:CB:93:7F:39:DA:4F:C6:9D:5A:65:64:28:69:85:7C
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       462CD4EAE25DF21EB8B43282EDA613FAEC5A0B76
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/34596f5f-17dd-4745-b0d3-0cdec552b218.roa
Signing time:             Wed 25 Feb 2026 02:00:07 +0000
ROA not before:           Wed 25 Feb 2026 02:00:07 +0000
ROA not after:            Tue 26 May 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:1f14:c000::/37 maxlen: 37
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 03 Mar 2026 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            46:2c:d4:ea:e2:5d:f2:1e:b8:b4:32:82:ed:a6:13:fa:ec:5a:0b:76
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Feb 25 02:00:07 2026 GMT
            Not After : May 26 23:59:59 2026 GMT
        Subject: serialNumber=a6dfd24a160821a3367fa684306d756ab49d48b0cd0f3ba8d3c41e8042e16f96, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:ee:bd:d2:9f:1c:47:ce:1b:e2:39:e6:76:90:
                    ed:b0:54:eb:1d:07:77:61:c3:e3:b8:fc:94:0a:ad:
                    11:c8:12:32:84:b8:51:67:d9:ac:6f:de:67:ac:8d:
                    2c:da:ba:f2:c9:d7:79:e3:7d:66:d3:33:bb:8f:b3:
                    4d:f0:3f:0b:44:c4:05:9d:6d:30:60:a1:5f:4e:ae:
                    78:ad:0d:d7:ca:1d:c6:44:fc:3f:c1:bb:f0:f4:de:
                    65:61:00:ed:45:ff:f9:c6:b2:50:e3:6c:f3:33:74:
                    d4:62:21:85:61:06:b8:d1:24:1f:15:f8:75:80:43:
                    86:25:84:cd:98:11:e9:b9:c3:13:74:17:1b:72:dd:
                    bf:53:1a:8c:3f:97:a8:63:5b:53:83:26:9b:01:19:
                    59:2f:4d:ff:ad:e8:7e:62:5f:72:bf:ae:2d:0c:56:
                    96:3c:86:62:db:e5:0d:68:02:e1:33:2c:90:62:4c:
                    64:00:85:92:f8:1f:d7:9d:02:3b:46:97:7f:e6:0b:
                    13:7c:6b:12:57:63:9b:7f:a7:03:3d:14:87:e0:9a:
                    4c:e1:2b:24:b9:8f:56:8e:f5:9c:55:eb:63:28:7a:
                    f9:50:9b:1c:c1:43:0d:ed:64:e6:d4:a1:d4:b7:70:
                    a7:90:ec:d5:28:14:ff:fc:38:c1:24:2f:24:b9:34:
                    68:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                64:55:5E:C9:EB:CB:93:7F:39:DA:4F:C6:9D:5A:65:64:28:69:85:7C
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/34596f5f-17dd-4745-b0d3-0cdec552b218.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1f14:c000::/37

    Signature Algorithm: sha256WithRSAEncryption
         7c:5a:61:17:11:93:33:6e:4c:74:62:2e:02:09:96:84:86:f2:
         d5:f4:5b:1b:8e:ef:42:67:bc:fe:33:34:0a:fe:6c:e3:2a:63:
         b6:ac:2e:cb:f5:a5:8c:22:41:7c:b6:a0:f8:3c:6d:b6:b9:e8:
         6d:61:eb:07:fa:87:7d:24:25:cc:44:80:93:6b:fc:28:13:46:
         62:09:c0:39:52:51:b0:6c:ef:8b:f3:78:55:00:42:76:fa:5f:
         d7:6f:44:1c:10:c1:8f:4c:7b:9e:8a:ed:01:dd:c4:1a:53:3b:
         b0:04:d6:93:a6:00:2c:5b:95:3b:0c:05:79:c3:e1:14:63:0d:
         10:b6:dd:8c:d4:d9:d8:36:78:f1:04:79:87:92:6f:d6:b9:cc:
         ee:28:e6:03:fb:c5:24:b1:84:59:c6:08:f9:a8:7a:e9:f9:83:
         28:db:f7:3c:62:f3:0c:6a:a7:d8:b1:4f:72:bf:a7:4e:64:37:
         de:7e:06:60:3c:26:3c:ff:c5:b3:40:bf:0c:dd:50:27:ea:79:
         70:80:ec:de:4c:d6:f3:81:fe:5a:30:7b:33:9f:9b:28:dd:b6:
         d5:7e:ea:50:56:62:3a:f1:75:91:48:9c:d4:6d:4e:5f:56:0a:
         0d:57:44:c0:6d:a5:b2:6f:fc:24:c2:61:e9:d2:59:80:a6:8d:
         14:81:7f:ad
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIURizU6uJd8h64tDKC7aYT+uxaC3YwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjYwMjI1MDIwMDA3WhcNMjYwNTI2MjM1OTU5
WjB6MUkwRwYDVQQFE0BhNmRmZDI0YTE2MDgyMWEzMzY3ZmE2ODQzMDZkNzU2YWI0
OWQ0OGIwY2QwZjNiYThkM2M0MWU4MDQyZTE2Zjk2MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDN7r3SnxxHzhviOeZ2kO2wVOsdB3dhw+O4/JQKrRHIEjKE
uFFn2axv3mesjSzauvLJ13njfWbTM7uPs03wPwtExAWdbTBgoV9OrnitDdfKHcZE
/D/Bu/D03mVhAO1F//nGslDjbPMzdNRiIYVhBrjRJB8V+HWAQ4YlhM2YEem5wxN0
Fxty3b9TGow/l6hjW1ODJpsBGVkvTf+t6H5iX3K/ri0MVpY8hmLb5Q1oAuEzLJBi
TGQAhZL4H9edAjtGl3/mCxN8axJXY5t/pwM9FIfgmkzhKyS5j1aO9ZxV62MoevlQ
mxzBQw3tZObUodS3cKeQ7NUoFP/8OMEkLyS5NGjRAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUZFVeyevLk3852k/GnVplZChphXwwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzM0NTk2ZjVmLTE3ZGQtNDc0NS1iMGQzLTBjZGVjNTUyYjIxOC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgMmAB8UwDANBgkqhkiG9w0BAQsFAAOCAQEAfFphFxGTM25MdGIuAgmWhIby
1fRbG47vQme8/jM0Cv5s4ypjtqwuy/WljCJBfLag+DxttrnobWHrB/qHfSQlzESA
k2v8KBNGYgnAOVJRsGzvi/N4VQBCdvpf129EHBDBj0x7nortAd3EGlM7sATWk6YA
LFuVOwwFecPhFGMNELbdjNTZ2DZ48QR5h5Jv1rnM7ijmA/vFJLGEWcYI+ah66fmD
KNv3PGLzDGqn2LFPcr+nTmQ33n4GYDwmPP/Fs0C/DN1QJ+p5cIDs3kzW84H+WjB7
M5+bKN221X7qUFZiOvF1kUic1G1OX1YKDVdEwG2lsm/8JMJh6dJZgKaNFIF/rQ==
-----END CERTIFICATE-----