Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/4cd2cc9b-78f0-4971-a170-a90ca08b933f.roa
File:                     4cd2cc9b-78f0-4971-a170-a90ca08b933f.roa (raw, json)
Hash identifier:          PvrE1/iugnHiR2YGWc6BFbyFmi+jYoSG/Tfuk0Ffh+4=
Subject key identifier:   9F:C0:03:96:AD:AB:90:A1:18:A4:A1:44:3F:CA:3C:65:C0:D9:94:E4
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       0A5EB47C71B0CDAB3C3869AB2D09091C08F9C193
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/4cd2cc9b-78f0-4971-a170-a90ca08b933f.roa
Signing time:             Sat 16 May 2026 01:11:12 +0000
ROA not before:           Sat 16 May 2026 01:11:12 +0000
ROA not after:            Fri 14 Aug 2026 23:59:59 +0000
asID:                     14618
IP address blocks:        2600:1f10:4000::/36 maxlen: 36
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 14 Jun 2026 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0a:5e:b4:7c:71:b0:cd:ab:3c:38:69:ab:2d:09:09:1c:08:f9:c1:93
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: May 16 01:11:12 2026 GMT
            Not After : Aug 14 23:59:59 2026 GMT
        Subject: serialNumber=d8044615999dec7ab061aa97b9526ef0f43252ce5bb7824356c8540f9f273ffd, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e6:25:f5:3a:e4:58:c0:3c:42:17:35:87:c0:37:
                    e9:7b:79:34:47:97:eb:54:ab:84:1c:d3:81:91:98:
                    47:de:75:82:33:06:ef:da:a2:21:1e:86:df:48:b6:
                    b9:d6:72:1c:12:54:db:e2:2d:f3:95:91:d3:34:4d:
                    ea:6c:1b:6f:7a:ad:bf:47:76:bb:f8:f0:53:ed:9b:
                    c9:a4:f7:ee:5c:05:2a:6c:fd:f7:96:58:8b:df:67:
                    ac:c6:ae:de:61:d6:5b:d3:14:73:a3:b4:d7:51:fa:
                    d2:ef:b1:3c:97:b7:91:b8:db:92:7c:ec:88:2a:34:
                    db:70:ac:03:21:81:a7:68:e7:42:a6:cb:a1:63:fe:
                    f0:0f:c9:c7:82:d1:75:b2:cb:8e:7b:00:37:b3:14:
                    fa:3c:24:ff:31:e9:5b:cd:d1:b0:9b:3c:e0:44:03:
                    92:75:dc:4f:f2:00:38:6e:c1:31:23:d9:75:ca:4f:
                    2f:07:cf:69:9a:6c:3e:44:62:84:3f:3c:49:e5:87:
                    8c:2b:84:9b:fb:89:9d:2d:6d:3a:36:c7:0c:14:65:
                    58:19:de:15:23:0b:b0:f7:80:f1:df:61:e9:23:41:
                    6f:d0:4c:83:b4:40:5b:3c:aa:ee:82:70:87:35:18:
                    9f:d4:aa:96:cb:51:52:a6:d0:3a:3e:94:8f:0f:9c:
                    0b:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9F:C0:03:96:AD:AB:90:A1:18:A4:A1:44:3F:CA:3C:65:C0:D9:94:E4
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/4cd2cc9b-78f0-4971-a170-a90ca08b933f.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1f10:4000::/36

    Signature Algorithm: sha256WithRSAEncryption
         06:88:ce:98:17:39:41:af:9b:cf:6d:6f:72:96:4f:b9:c0:31:
         a2:96:04:c5:f5:f0:da:9a:df:bc:3d:21:7a:9c:ab:6b:ce:5c:
         13:99:f1:63:40:a7:1d:6d:ed:cf:0c:9f:23:cf:74:6c:c2:ff:
         a6:5c:32:8e:82:cd:65:ae:27:d5:b2:71:6b:e1:cf:bd:96:80:
         db:9f:99:36:b3:77:01:66:7e:44:e6:88:e9:38:d0:75:b9:37:
         5f:96:67:94:a8:04:26:4f:29:8f:de:4c:cc:75:19:4e:2f:e1:
         7e:37:3a:07:66:82:0a:31:f4:c5:fe:a1:6d:81:24:82:4e:a5:
         e8:d2:ad:f2:e0:d5:81:96:e0:3a:07:e3:8f:c3:28:5b:e4:95:
         0c:b5:bc:9e:84:f3:a3:c4:68:0f:d9:9f:71:45:db:37:92:d5:
         b2:24:1f:50:c1:9c:70:44:43:7b:bf:11:59:d4:12:7a:c3:a0:
         03:9d:ed:9c:06:58:bb:51:1a:7d:5a:0b:05:e9:e7:2e:b2:b5:
         eb:33:0d:38:07:fb:dd:f3:47:d2:10:8e:e8:7b:aa:5c:f6:14:
         83:6b:b4:79:b8:66:46:aa:66:52:5d:2d:39:4c:49:2a:26:c5:
         a1:bd:a1:22:40:de:cb:f4:81:25:87:81:14:7c:6a:92:ff:aa:
         47:19:f1:44
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUCl60fHGwzas8OGmrLQkJHAj5wZMwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjYwNTE2MDExMTEyWhcNMjYwODE0MjM1OTU5
WjB6MUkwRwYDVQQFE0BkODA0NDYxNTk5OWRlYzdhYjA2MWFhOTdiOTUyNmVmMGY0
MzI1MmNlNWJiNzgyNDM1NmM4NTQwZjlmMjczZmZkMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDmJfU65FjAPEIXNYfAN+l7eTRHl+tUq4Qc04GRmEfedYIz
Bu/aoiEeht9ItrnWchwSVNviLfOVkdM0TepsG296rb9Hdrv48FPtm8mk9+5cBSps
/feWWIvfZ6zGrt5h1lvTFHOjtNdR+tLvsTyXt5G425J87IgqNNtwrAMhgado50Km
y6Fj/vAPyceC0XWyy457ADezFPo8JP8x6VvN0bCbPOBEA5J13E/yADhuwTEj2XXK
Ty8Hz2mabD5EYoQ/PEnlh4wrhJv7iZ0tbTo2xwwUZVgZ3hUjC7D3gPHfYekjQW/Q
TIO0QFs8qu6CcIc1GJ/UqpbLUVKm0Do+lI8PnAtnAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUn8ADlq2rkKEYpKFEP8o8ZcDZlOQwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzRjZDJjYzliLTc4ZjAtNDk3MS1hMTcwLWE5MGNhMDhiOTMzZi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgQmAB8QQDANBgkqhkiG9w0BAQsFAAOCAQEABojOmBc5Qa+bz21vcpZPucAx
opYExfXw2prfvD0hepyra85cE5nxY0CnHW3tzwyfI890bML/plwyjoLNZa4n1bJx
a+HPvZaA25+ZNrN3AWZ+ROaI6TjQdbk3X5ZnlKgEJk8pj95MzHUZTi/hfjc6B2aC
CjH0xf6hbYEkgk6l6NKt8uDVgZbgOgfjj8MoW+SVDLW8noTzo8RoD9mfcUXbN5LV
siQfUMGccERDe78RWdQSesOgA53tnAZYu1EafVoLBennLrK16zMNOAf73fNH0hCO
6HuqXPYUg2u0ebhmRqpmUl0tOUxJKibFob2hIkDey/SBJYeBFHxqkv+qRxnxRA==
-----END CERTIFICATE-----