Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/4a0a8979-b3b0-44b3-8908-2d54f7cf4311.roa
File:                     4a0a8979-b3b0-44b3-8908-2d54f7cf4311.roa (raw, json)
Hash identifier:          zjYi0KtAq5MgNUnh10WjHP2dEXaGPpEavZvqYrfyu6s=
Subject key identifier:   8D:5F:2A:28:7F:64:B8:B9:25:FC:71:A0:0E:FB:B1:F2:18:20:78:6A
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       48A068CBAEF888601994255320A9717B9EE33821
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/4a0a8979-b3b0-44b3-8908-2d54f7cf4311.roa
Signing time:             Sat 16 May 2026 00:21:45 +0000
ROA not before:           Sat 16 May 2026 00:21:45 +0000
ROA not after:            Fri 14 Aug 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:1f15:4000::/36 maxlen: 36
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 14 Jun 2026 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            48:a0:68:cb:ae:f8:88:60:19:94:25:53:20:a9:71:7b:9e:e3:38:21
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: May 16 00:21:45 2026 GMT
            Not After : Aug 14 23:59:59 2026 GMT
        Subject: serialNumber=45d07eec1b4b54d036ad1447090f1001a7467796e98a85b6af4e3ef0c0433872, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:56:a2:0f:ed:6a:f1:d3:a5:59:df:e6:a7:0f:
                    24:f0:cd:00:2e:29:78:95:7d:66:0b:4d:49:b1:47:
                    88:76:c9:c1:c2:e0:62:18:fd:bf:10:9b:bf:1c:a1:
                    04:11:1c:e8:13:ba:8d:d7:d6:40:78:e6:dc:16:ff:
                    c4:ad:44:5b:48:c7:b3:ce:e1:7a:10:a4:6c:b6:c8:
                    2b:3a:db:1c:07:5f:a9:00:05:4b:9a:e2:d9:5d:2d:
                    00:54:bc:4e:6b:4b:db:a5:c9:80:fb:9d:f8:ee:21:
                    e3:a2:a1:4e:a9:cb:5d:a0:f2:51:31:be:e6:05:54:
                    45:c2:47:74:94:b9:d2:71:8c:ef:f9:ff:52:3c:8c:
                    17:bb:e4:6a:74:47:4c:4b:2e:44:30:98:f5:7a:1b:
                    6f:2b:ad:30:ce:2a:58:d0:ea:a0:b7:fb:55:70:7c:
                    77:b9:63:12:2f:61:f0:7e:c7:94:ea:a3:ce:72:1b:
                    ba:59:aa:cf:5b:eb:0b:a9:1c:4e:5c:21:1d:44:84:
                    9f:c9:5a:15:5b:ee:4b:92:1d:b4:11:32:35:9f:9f:
                    e3:f6:24:f5:96:6a:ad:ee:be:52:6f:ed:94:67:ca:
                    65:55:2f:c9:d1:43:6e:66:34:ad:dc:da:7d:17:5c:
                    6a:ba:e5:ac:9a:c3:b1:97:53:88:90:31:7a:e4:c2:
                    98:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8D:5F:2A:28:7F:64:B8:B9:25:FC:71:A0:0E:FB:B1:F2:18:20:78:6A
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/4a0a8979-b3b0-44b3-8908-2d54f7cf4311.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1f15:4000::/36

    Signature Algorithm: sha256WithRSAEncryption
         60:48:2f:ec:04:f4:2b:9b:ea:8c:62:d0:da:63:c9:32:21:da:
         f2:03:c2:fb:bb:1e:20:0a:71:77:82:c7:3a:f2:93:4d:91:cc:
         d6:87:78:10:e1:8f:18:2c:43:e2:20:11:45:66:63:f8:a9:c8:
         c0:ed:f2:53:cc:85:15:ae:71:9e:43:62:2f:df:ef:7b:97:1a:
         46:0b:3f:42:5e:11:08:cb:3c:f1:07:db:b4:76:b5:8c:66:46:
         5f:e1:df:be:b7:26:b8:ff:5f:d4:a0:c2:9e:44:dd:d0:47:bc:
         48:6d:fe:be:8e:bd:7d:a4:e1:1d:8e:c1:7b:3b:f5:60:ee:a7:
         37:24:37:3a:1d:a8:72:bb:2e:4e:81:00:ec:ab:d2:de:11:f2:
         23:11:e1:ae:a7:59:5d:b2:d6:c9:8b:9f:43:c1:f1:02:12:2a:
         25:84:f0:d3:95:80:7b:8d:e3:c4:c3:ae:a8:c8:f4:7d:a1:2e:
         9e:4e:6b:2d:45:95:e4:56:9b:ee:b3:ee:75:ae:b6:dc:cd:c4:
         e2:a6:e7:6b:7d:ea:64:78:cd:06:f0:76:b2:b0:3a:29:1a:11:
         94:3c:34:1e:88:b1:b8:db:fc:c9:94:4e:cb:f6:ab:6a:6b:76:
         18:06:7b:37:73:43:42:aa:28:d0:5c:a9:b3:0a:6c:6b:3f:63:
         f2:0d:08:3c
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUSKBoy674iGAZlCVTIKlxe57jOCEwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjYwNTE2MDAyMTQ1WhcNMjYwODE0MjM1OTU5
WjB6MUkwRwYDVQQFE0A0NWQwN2VlYzFiNGI1NGQwMzZhZDE0NDcwOTBmMTAwMWE3
NDY3Nzk2ZTk4YTg1YjZhZjRlM2VmMGMwNDMzODcyMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCpVqIP7Wrx06VZ3+anDyTwzQAuKXiVfWYLTUmxR4h2ycHC
4GIY/b8Qm78coQQRHOgTuo3X1kB45twW/8StRFtIx7PO4XoQpGy2yCs62xwHX6kA
BUua4tldLQBUvE5rS9ulyYD7nfjuIeOioU6py12g8lExvuYFVEXCR3SUudJxjO/5
/1I8jBe75Gp0R0xLLkQwmPV6G28rrTDOKljQ6qC3+1VwfHe5YxIvYfB+x5Tqo85y
G7pZqs9b6wupHE5cIR1EhJ/JWhVb7kuSHbQRMjWfn+P2JPWWaq3uvlJv7ZRnymVV
L8nRQ25mNK3c2n0XXGq65ayaw7GXU4iQMXrkwphJAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUjV8qKH9kuLkl/HGgDvux8hggeGowHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzRhMGE4OTc5LWIzYjAtNDRiMy04OTA4LTJkNTRmN2NmNDMxMS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgQmAB8VQDANBgkqhkiG9w0BAQsFAAOCAQEAYEgv7AT0K5vqjGLQ2mPJMiHa
8gPC+7seIApxd4LHOvKTTZHM1od4EOGPGCxD4iARRWZj+KnIwO3yU8yFFa5xnkNi
L9/ve5caRgs/Ql4RCMs88QfbtHa1jGZGX+HfvrcmuP9f1KDCnkTd0Ee8SG3+vo69
faThHY7Bezv1YO6nNyQ3Oh2ocrsuToEA7KvS3hHyIxHhrqdZXbLWyYufQ8HxAhIq
JYTw05WAe43jxMOuqMj0faEunk5rLUWV5Fab7rPuda623M3E4qbna33qZHjNBvB2
srA6KRoRlDw0HoixuNv8yZROy/aramt2GAZ7N3NDQqoo0Fypswpsaz9j8g0IPA==
-----END CERTIFICATE-----