Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/49cb767a-aa41-47fb-9d8f-2b7b02b47981.roa
File:                     49cb767a-aa41-47fb-9d8f-2b7b02b47981.roa (raw, json)
Hash identifier:          wFevrfzs1QQ5h5mMGhha7WthHg91igFgRs1a0EyT9HM=
Subject key identifier:   52:B8:B6:10:A3:98:0E:E7:53:C9:54:93:C1:72:2F:D2:8C:CD:09:86
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       19D9A91C576464781FBA3CF80A2CB7FB290A6CE1
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/49cb767a-aa41-47fb-9d8f-2b7b02b47981.roa
Signing time:             Sat 16 May 2026 01:40:52 +0000
ROA not before:           Sat 16 May 2026 01:40:52 +0000
ROA not after:            Fri 14 Aug 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:1ff5:8000::/40 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 14 Jun 2026 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            19:d9:a9:1c:57:64:64:78:1f:ba:3c:f8:0a:2c:b7:fb:29:0a:6c:e1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: May 16 01:40:52 2026 GMT
            Not After : Aug 14 23:59:59 2026 GMT
        Subject: serialNumber=95927f97175c315b56e83568bef2c9b04f5380e4153f34e599c3201b441f63e7, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:d9:e4:9d:62:cb:71:0d:fc:72:49:20:f3:74:
                    45:ec:1b:df:f6:f0:d1:03:7f:a7:80:eb:a7:73:fc:
                    71:1a:24:01:25:d9:a6:f1:be:70:57:30:c1:57:5c:
                    f9:f5:17:e9:08:48:97:3b:fe:38:cd:50:e6:7d:34:
                    ff:c9:96:79:b7:c8:d4:da:6e:f8:04:a1:72:0f:b3:
                    9f:5d:57:12:b5:6a:f0:c6:6e:2b:99:76:55:c7:fa:
                    3c:23:f4:4c:6d:d5:9a:23:dc:1a:90:f8:63:83:be:
                    9a:00:c1:a6:65:ff:ac:5a:c4:da:a4:95:89:db:b7:
                    f1:55:28:e5:0f:8e:c8:de:f8:1a:66:e7:8f:70:47:
                    bc:5a:55:24:19:fe:19:ce:15:3f:e2:56:a1:ab:5d:
                    cc:3a:0e:6a:c4:fc:c4:04:a7:b6:14:f2:15:49:d0:
                    e9:0c:8a:6e:7d:cd:e2:97:8c:2f:5b:1e:d4:a9:06:
                    18:97:38:19:8b:26:be:76:71:09:c5:b7:24:ea:f8:
                    a4:70:fa:47:97:7f:89:c6:80:27:e8:4c:ea:62:f9:
                    d1:e2:0c:b5:9a:dd:5f:c3:a5:bb:b3:27:4e:89:92:
                    29:1c:9e:6c:3c:59:2b:d6:01:bd:a1:d1:6f:bd:f0:
                    67:c0:d6:6f:47:a3:af:6b:ed:46:5c:19:43:02:d8:
                    aa:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                52:B8:B6:10:A3:98:0E:E7:53:C9:54:93:C1:72:2F:D2:8C:CD:09:86
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/49cb767a-aa41-47fb-9d8f-2b7b02b47981.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1ff5:8000::/40

    Signature Algorithm: sha256WithRSAEncryption
         d5:bd:a3:33:eb:ba:4a:9b:68:49:34:cd:e6:40:5c:86:d1:00:
         2d:cb:19:87:16:da:fc:ff:ad:36:33:cc:35:02:ef:2a:c2:7a:
         57:8c:9c:b5:d9:b2:e7:0b:5d:2b:6d:45:9e:74:96:c3:95:bf:
         d1:e9:2f:e0:d1:80:1f:9f:a7:5c:98:9c:b7:3c:3f:01:a2:49:
         fe:f7:d5:1e:e3:50:d7:b1:84:72:46:b7:98:61:b1:60:2f:00:
         a6:30:f5:9b:30:17:7b:02:d9:bd:fa:c6:55:cd:44:ef:93:5d:
         d3:97:24:c6:b4:e7:42:89:8e:45:d9:2a:f3:8b:a0:6a:22:b9:
         1d:9c:62:69:49:f3:8b:1d:8f:8f:0a:a2:55:3c:c8:3a:d1:bd:
         12:1c:8a:c8:37:c1:f9:fb:34:17:7f:d0:bc:bd:7c:6f:b9:5f:
         a7:ad:7d:7d:3f:f2:c4:34:bd:f7:c9:61:6c:b0:b4:2c:97:79:
         68:82:29:30:e8:71:19:db:22:99:9c:0b:70:46:99:1b:ea:0e:
         18:2c:c5:f9:99:68:b2:9f:f3:e3:26:3e:03:a4:19:ec:e7:3e:
         43:b8:fc:cc:10:a8:45:7a:f9:ce:9c:99:12:5d:16:30:04:4d:
         84:5e:17:4c:ed:d8:f2:c8:9e:79:30:ef:6a:bf:67:2d:30:c1:
         56:72:c0:18
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUGdmpHFdkZHgfujz4Ciy3+ykKbOEwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjYwNTE2MDE0MDUyWhcNMjYwODE0MjM1OTU5
WjB6MUkwRwYDVQQFE0A5NTkyN2Y5NzE3NWMzMTViNTZlODM1NjhiZWYyYzliMDRm
NTM4MGU0MTUzZjM0ZTU5OWMzMjAxYjQ0MWY2M2U3MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC92eSdYstxDfxySSDzdEXsG9/28NEDf6eA66dz/HEaJAEl
2abxvnBXMMFXXPn1F+kISJc7/jjNUOZ9NP/Jlnm3yNTabvgEoXIPs59dVxK1avDG
biuZdlXH+jwj9Ext1Zoj3BqQ+GODvpoAwaZl/6xaxNqklYnbt/FVKOUPjsje+Bpm
549wR7xaVSQZ/hnOFT/iVqGrXcw6DmrE/MQEp7YU8hVJ0OkMim59zeKXjC9bHtSp
BhiXOBmLJr52cQnFtyTq+KRw+keXf4nGgCfoTOpi+dHiDLWa3V/DpbuzJ06Jkikc
nmw8WSvWAb2h0W+98GfA1m9Ho69r7UZcGUMC2KohAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUUri2EKOYDudTyVSTwXIv0ozNCYYwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzQ5Y2I3NjdhLWFhNDEtNDdmYi05ZDhmLTJiN2IwMmI0Nzk4MS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgAmAB/1gDANBgkqhkiG9w0BAQsFAAOCAQEA1b2jM+u6SptoSTTN5kBchtEA
LcsZhxba/P+tNjPMNQLvKsJ6V4yctdmy5wtdK21FnnSWw5W/0ekv4NGAH5+nXJic
tzw/AaJJ/vfVHuNQ17GEcka3mGGxYC8ApjD1mzAXewLZvfrGVc1E75Nd05ckxrTn
QomORdkq84ugaiK5HZxiaUnzix2PjwqiVTzIOtG9EhyKyDfB+fs0F3/QvL18b7lf
p619fT/yxDS998lhbLC0LJd5aIIpMOhxGdsimZwLcEaZG+oOGCzF+Zlosp/z4yY+
A6QZ7Oc+Q7j8zBCoRXr5zpyZEl0WMARNhF4XTO3Y8sieeTDvar9nLTDBVnLAGA==
-----END CERTIFICATE-----