Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/51f4cb75-bc47-405a-9a28-48a89ca2a0c4.roa
File:                     51f4cb75-bc47-405a-9a28-48a89ca2a0c4.roa (raw, json)
Hash identifier:          us9dpewu/TZqr0iW4T30grDUhyWfuVacTIy4WLu+BBE=
Subject key identifier:   5C:31:EC:16:8D:28:22:CD:DC:CD:A0:BA:CA:D5:81:35:E4:B5:05:C1
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       711832C9DB846115B9F03C066C0BE76254565506
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/51f4cb75-bc47-405a-9a28-48a89ca2a0c4.roa
Signing time:             Tue 10 Feb 2026 01:00:49 +0000
ROA not before:           Tue 10 Feb 2026 01:00:49 +0000
ROA not after:            Mon 11 May 2026 23:59:59 +0000
asID:                     14618
IP address blocks:        56.49.0.0/16 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 03 Mar 2026 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            71:18:32:c9:db:84:61:15:b9:f0:3c:06:6c:0b:e7:62:54:56:55:06
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Feb 10 01:00:49 2026 GMT
            Not After : May 11 23:59:59 2026 GMT
        Subject: serialNumber=d8f265ad78e687e1f38dc121c584557d0d09b53e79406972ba10087ba61d1379, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:b2:01:0d:3a:b9:78:da:6d:81:f6:87:79:c1:
                    c7:ef:1e:d5:c2:19:76:54:0c:22:b8:1e:7a:5d:2e:
                    fa:b7:5a:bc:26:94:b8:ab:2c:c5:d2:ba:05:db:28:
                    5b:22:4c:7a:db:5d:b6:ed:e7:9b:1e:af:58:b3:47:
                    2c:ec:fc:79:a9:3f:f2:cc:31:56:59:9f:71:61:a2:
                    2f:9f:2f:9f:37:c0:d2:61:9c:c6:5a:83:b6:43:dc:
                    6c:f2:69:23:51:1b:21:85:f7:2b:3f:90:ca:89:46:
                    da:c3:da:b2:f3:c3:8c:28:7c:71:1d:fb:24:87:a8:
                    4b:33:e4:90:cb:fd:45:4f:90:ea:69:b4:92:95:33:
                    4c:5f:53:6e:69:9a:dc:be:86:fc:53:d4:fa:de:22:
                    39:c3:f8:80:e1:2f:fa:c2:8f:e6:d4:55:7f:b9:cd:
                    6e:47:a3:44:0e:17:07:1c:b1:e4:27:39:c3:89:11:
                    98:bb:56:f4:cd:75:e2:50:da:b1:b0:e7:b7:7d:58:
                    2c:c7:25:59:c6:13:82:a6:b2:82:4f:f3:3b:87:bf:
                    bf:90:3e:ba:14:4b:3a:98:66:94:be:ae:fd:3c:ed:
                    b4:a3:57:84:6a:a2:4f:d3:13:ad:af:cd:5f:99:4d:
                    1b:fe:54:cb:58:06:af:4b:58:f3:bd:c2:bd:ae:8a:
                    40:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5C:31:EC:16:8D:28:22:CD:DC:CD:A0:BA:CA:D5:81:35:E4:B5:05:C1
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/51f4cb75-bc47-405a-9a28-48a89ca2a0c4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  56.49.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         ab:b0:12:96:6a:c8:fd:ed:88:d0:b8:a0:e3:30:45:c2:67:b8:
         94:27:cd:f1:4c:70:1a:63:99:70:0a:22:39:c5:3c:be:c2:5e:
         29:cc:d6:39:e1:f2:d4:ba:0c:b7:26:08:b4:4b:00:90:22:57:
         a3:be:b3:fd:4f:be:53:39:e6:be:4c:0d:ed:56:1a:19:1b:9a:
         16:2c:77:6e:e4:3f:bf:4e:25:88:44:34:d7:d0:17:94:e1:a8:
         f0:91:0a:30:f3:2d:3c:6d:78:ef:84:71:62:e2:7b:25:6c:2c:
         4a:26:e3:75:dc:51:83:a6:e1:d2:b7:79:bb:52:dd:c4:8e:e6:
         06:0b:bd:1f:22:42:d8:59:2c:a0:59:35:4b:87:a4:68:9b:af:
         00:a3:3b:9a:11:ac:58:d8:6f:1b:0a:86:24:e1:50:a5:1c:f7:
         4c:bf:c5:8b:de:0b:14:f3:95:a9:49:4a:c4:42:66:c5:96:57:
         b3:26:bc:96:d0:3a:0d:af:54:29:fe:50:0e:f1:f0:45:e7:cf:
         f3:d3:80:95:9f:6c:18:eb:33:61:dc:7c:2b:fa:5b:b9:15:f8:
         c4:87:b3:e7:fc:ab:a0:05:ce:98:40:3f:59:8c:63:01:85:67:
         c4:c4:2c:1c:52:f1:6f:fe:20:fb:1f:4b:6a:3b:51:d7:22:10:
         2e:b7:e8:7f
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUcRgyyduEYRW58DwGbAvnYlRWVQYwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjYwMjEwMDEwMDQ5WhcNMjYwNTExMjM1OTU5
WjB6MUkwRwYDVQQFE0BkOGYyNjVhZDc4ZTY4N2UxZjM4ZGMxMjFjNTg0NTU3ZDBk
MDliNTNlNzk0MDY5NzJiYTEwMDg3YmE2MWQxMzc5MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC5sgENOrl42m2B9od5wcfvHtXCGXZUDCK4HnpdLvq3Wrwm
lLirLMXSugXbKFsiTHrbXbbt55ser1izRyzs/HmpP/LMMVZZn3Fhoi+fL583wNJh
nMZag7ZD3GzyaSNRGyGF9ys/kMqJRtrD2rLzw4wofHEd+ySHqEsz5JDL/UVPkOpp
tJKVM0xfU25pmty+hvxT1PreIjnD+IDhL/rCj+bUVX+5zW5Ho0QOFwccseQnOcOJ
EZi7VvTNdeJQ2rGw57d9WCzHJVnGE4KmsoJP8zuHv7+QProUSzqYZpS+rv087bSj
V4Rqok/TE62vzV+ZTRv+VMtYBq9LWPO9wr2uikD1AgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUXDHsFo0oIs3czaC6ytWBNeS1BcEwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzUxZjRjYjc1LWJjNDctNDA1YS05YTI4LTQ4YTg5Y2EyYTBjNC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwA4MTANBgkqhkiG9w0BAQsFAAOCAQEAq7ASlmrI/e2I0Lig4zBFwme4lCfN
8UxwGmOZcAoiOcU8vsJeKczWOeHy1LoMtyYItEsAkCJXo76z/U++UznmvkwN7VYa
GRuaFix3buQ/v04liEQ019AXlOGo8JEKMPMtPG1474RxYuJ7JWwsSibjddxRg6bh
0rd5u1LdxI7mBgu9HyJC2FksoFk1S4ekaJuvAKM7mhGsWNhvGwqGJOFQpRz3TL/F
i94LFPOVqUlKxEJmxZZXsya8ltA6Da9UKf5QDvHwRefP89OAlZ9sGOszYdx8K/pb
uRX4xIez5/yroAXOmEA/WYxjAYVnxMQsHFLxb/4g+x9LajtR1yIQLrfofw==
-----END CERTIFICATE-----
Generated at Mon Mar 2 01:56:11 2026 by rpki-client