Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/50c8b954-ffa6-4746-9859-9ac0de781ad5.roa
File:                     50c8b954-ffa6-4746-9859-9ac0de781ad5.roa (raw, json)
Hash identifier:          t4R6r+vVYp5oXJi3lh/pcmj8YxN7KH1mTT//UsOjUf4=
Subject key identifier:   8A:3A:C6:0C:67:76:CF:4A:06:DE:12:6D:D8:FE:06:76:C4:68:91:E5
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       1F3F44665B359097AE9183DB6A052CC3F744892E
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/50c8b954-ffa6-4746-9859-9ac0de781ad5.roa
Signing time:             Sat 16 May 2026 00:30:15 +0000
ROA not before:           Sat 16 May 2026 00:30:15 +0000
ROA not after:            Fri 14 Aug 2026 23:59:59 +0000
asID:                     14618
IP address blocks:        2600:1f25:8000::/36 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 14 Jun 2026 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1f:3f:44:66:5b:35:90:97:ae:91:83:db:6a:05:2c:c3:f7:44:89:2e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: May 16 00:30:15 2026 GMT
            Not After : Aug 14 23:59:59 2026 GMT
        Subject: serialNumber=cff208aad3b3e75171fe565a68da87267d8c78f7bf3ad6c08c49db3b2a751eff, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8e:96:49:03:c2:e9:2c:04:e3:af:d7:94:a4:91:
                    e7:04:ab:89:92:83:91:17:8c:a1:44:6d:61:5c:e1:
                    81:3a:34:5d:85:08:8e:4b:a5:99:22:f5:dd:dc:a8:
                    e9:3d:30:4a:9e:a5:04:ee:6b:ea:56:2e:60:4f:3e:
                    b1:b2:1c:9c:f3:ad:32:20:12:ee:25:ad:f2:d8:8a:
                    78:75:0c:ea:18:24:df:52:b7:18:85:f9:96:b3:e4:
                    b3:75:36:49:49:1a:08:d8:43:07:6e:be:e9:96:d2:
                    da:70:e7:18:26:f4:ed:68:79:0d:c7:4c:5f:f2:07:
                    50:57:95:c7:b3:d1:f2:e0:f4:63:ba:a9:e8:f9:e9:
                    59:01:f4:fa:a9:53:53:92:24:22:f1:09:87:f8:b0:
                    5f:ca:97:8c:a3:c7:11:fb:ad:9b:2e:66:fd:d8:4e:
                    7f:4f:21:65:be:6a:9a:08:cf:6d:3b:f6:fd:6b:d5:
                    9b:de:e7:bc:86:48:cf:db:4e:89:9f:e8:94:06:65:
                    67:ff:03:2e:fd:dc:11:a5:1f:63:ab:18:a0:63:30:
                    1a:97:18:1b:d6:4d:71:06:39:eb:85:7f:c2:c3:b4:
                    73:f8:0b:b1:79:53:60:e4:06:d2:c9:f0:fd:28:f9:
                    f6:bd:14:bf:87:fd:c3:13:d2:82:85:ea:1c:94:bf:
                    5e:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8A:3A:C6:0C:67:76:CF:4A:06:DE:12:6D:D8:FE:06:76:C4:68:91:E5
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/50c8b954-ffa6-4746-9859-9ac0de781ad5.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1f25:8000::/36

    Signature Algorithm: sha256WithRSAEncryption
         5a:cf:1b:7e:11:f3:6a:56:cb:84:51:e5:a5:9f:9d:a0:d3:6d:
         9a:52:a6:f0:81:61:ef:da:c0:de:68:de:c4:8b:19:41:c2:6f:
         ed:10:2b:4a:44:e0:61:fe:c1:25:56:84:55:31:b7:5f:7c:43:
         6b:18:f0:c4:17:15:b4:34:10:f7:fd:46:ea:41:35:9d:6f:3b:
         27:6f:d8:86:c7:6d:d6:d0:03:38:d7:0b:b7:79:02:54:83:a8:
         1f:55:8b:b0:17:14:33:c8:6d:ca:ce:d2:e1:58:6d:36:a3:2f:
         b1:fe:ac:5c:c7:77:cb:f0:43:d2:3e:96:a3:e8:1a:22:81:6f:
         bd:39:1b:5f:29:ca:0a:c3:a0:17:72:91:70:af:2b:8d:99:42:
         a6:29:a7:d8:47:b3:e8:17:c0:99:bf:3d:af:4f:fe:ea:17:e1:
         38:cc:61:19:bc:da:72:80:62:ea:84:8a:db:85:d2:f3:bc:49:
         12:05:65:b4:00:a7:66:26:28:fb:b4:36:c4:67:35:23:57:64:
         79:29:38:d3:0c:ba:e5:10:62:89:17:f3:32:92:37:ec:2f:c6:
         a4:56:2b:81:dd:6e:d9:61:de:0b:6b:d6:4a:74:7f:eb:bc:da:
         35:d9:a0:c3:48:ac:9e:81:53:9e:21:7a:0a:31:aa:c4:b0:12:
         8a:26:be:80
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUHz9EZls1kJeukYPbagUsw/dEiS4wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjYwNTE2MDAzMDE1WhcNMjYwODE0MjM1OTU5
WjB6MUkwRwYDVQQFE0BjZmYyMDhhYWQzYjNlNzUxNzFmZTU2NWE2OGRhODcyNjdk
OGM3OGY3YmYzYWQ2YzA4YzQ5ZGIzYjJhNzUxZWZmMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCOlkkDwuksBOOv15SkkecEq4mSg5EXjKFEbWFc4YE6NF2F
CI5LpZki9d3cqOk9MEqepQTua+pWLmBPPrGyHJzzrTIgEu4lrfLYinh1DOoYJN9S
txiF+Zaz5LN1NklJGgjYQwduvumW0tpw5xgm9O1oeQ3HTF/yB1BXlcez0fLg9GO6
qej56VkB9PqpU1OSJCLxCYf4sF/Kl4yjxxH7rZsuZv3YTn9PIWW+apoIz2079v1r
1Zve57yGSM/bTomf6JQGZWf/Ay793BGlH2OrGKBjMBqXGBvWTXEGOeuFf8LDtHP4
C7F5U2DkBtLJ8P0o+fa9FL+H/cMT0oKF6hyUv14NAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUijrGDGd2z0oG3hJt2P4GdsRokeUwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzUwYzhiOTU0LWZmYTYtNDc0Ni05ODU5LTlhYzBkZTc4MWFkNS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgQmAB8lgDANBgkqhkiG9w0BAQsFAAOCAQEAWs8bfhHzalbLhFHlpZ+doNNt
mlKm8IFh79rA3mjexIsZQcJv7RArSkTgYf7BJVaEVTG3X3xDaxjwxBcVtDQQ9/1G
6kE1nW87J2/Yhsdt1tADONcLt3kCVIOoH1WLsBcUM8htys7S4VhtNqMvsf6sXMd3
y/BD0j6Wo+gaIoFvvTkbXynKCsOgF3KRcK8rjZlCpimn2Eez6BfAmb89r0/+6hfh
OMxhGbzacoBi6oSK24XS87xJEgVltACnZiYo+7Q2xGc1I1dkeSk40wy65RBiiRfz
MpI37C/GpFYrgd1u2WHeC2vWSnR/67zaNdmgw0isnoFTniF6CjGqxLASiia+gA==
-----END CERTIFICATE-----