Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/545079d9-737f-490e-8eef-49b62a9fe3fa.roa
File:                     545079d9-737f-490e-8eef-49b62a9fe3fa.roa (raw, json)
Hash identifier:          qOnGQQEHler24212uJAVVxST8qALcnWdTaapZWscPyI=
Subject key identifier:   5E:2D:56:52:59:F6:3A:92:74:40:82:3D:29:2D:89:A1:57:12:68:1E
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       44C34648BBE6F615090087EEB2199E025DE8828F
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/545079d9-737f-490e-8eef-49b62a9fe3fa.roa
Signing time:             Sun 31 May 2026 00:50:49 +0000
ROA not before:           Sun 31 May 2026 00:50:49 +0000
ROA not after:            Sat 29 Aug 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:1fe9:7400::/40 maxlen: 40
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 14 Jun 2026 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            44:c3:46:48:bb:e6:f6:15:09:00:87:ee:b2:19:9e:02:5d:e8:82:8f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: May 31 00:50:49 2026 GMT
            Not After : Aug 29 23:59:59 2026 GMT
        Subject: serialNumber=7161136e742679187fd5c4614ded518543d92eeefbbcb7b47c48d2b198398a8b, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:59:48:e2:b4:af:08:b8:0a:e6:b4:a4:f9:17:
                    09:84:c1:98:a6:e6:12:46:51:dc:bf:1b:22:ba:0c:
                    bd:84:0d:53:b0:73:47:07:2c:84:99:c6:60:71:57:
                    ca:c1:71:49:68:d0:1c:37:cc:a3:6d:20:7d:87:5d:
                    6a:a0:9f:26:ae:23:bd:0d:7f:86:f5:fe:18:84:89:
                    6c:86:dd:f8:06:24:e0:24:e1:69:df:1d:3a:77:d0:
                    78:22:f9:0b:3b:65:43:a8:95:07:ea:5d:75:2a:e0:
                    3a:c2:d1:a6:87:22:f0:6f:b7:e5:4b:df:26:84:1c:
                    e5:01:b7:2b:01:a5:31:ba:b2:c9:71:b1:cc:b1:8a:
                    e3:bc:bb:b7:9f:70:59:5a:d6:64:1c:a1:c0:64:b3:
                    25:a4:4d:cb:93:05:b7:79:9d:f6:3c:6c:76:07:9e:
                    6a:11:bc:fb:3b:e9:63:de:3f:4b:d5:9c:a5:d6:38:
                    74:d7:6c:15:0f:13:74:c2:04:70:c5:39:74:ac:ed:
                    36:9f:0d:a3:69:d6:0b:a2:3c:d7:b2:fb:bc:85:a2:
                    a4:b2:aa:87:4e:06:2c:22:fd:52:e4:c5:b4:94:0c:
                    5e:e6:d1:ac:22:b0:b4:9b:5d:7c:95:d9:39:77:e4:
                    ae:21:0e:7d:01:dd:bc:39:16:e8:5b:73:10:51:a5:
                    07:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5E:2D:56:52:59:F6:3A:92:74:40:82:3D:29:2D:89:A1:57:12:68:1E
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/545079d9-737f-490e-8eef-49b62a9fe3fa.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1fe9:7400::/40

    Signature Algorithm: sha256WithRSAEncryption
         16:4b:7b:78:55:fc:92:fd:0d:d8:c5:e1:ad:b1:26:0d:05:16:
         40:2b:49:86:d8:af:0f:27:e9:6c:71:7c:fb:e7:c9:ba:86:0e:
         45:85:0a:21:88:07:21:02:5c:0b:ba:c4:97:ba:d7:90:a6:a2:
         0b:4e:75:ec:ed:6c:d0:b4:d3:43:1a:7e:99:dc:af:0f:ed:fb:
         ab:15:17:62:df:df:33:4d:86:74:48:c7:4c:2c:a9:de:48:1d:
         78:41:65:c4:91:b6:97:1c:23:6b:0c:8b:55:14:c7:10:3a:f3:
         78:55:2f:c6:b8:a6:63:a1:2c:f0:dd:40:16:75:58:89:1b:a4:
         05:11:ef:d3:60:a5:73:2b:8a:e5:49:bb:b3:66:6f:8e:d7:d8:
         cf:77:36:67:8e:38:c6:f3:07:f2:a7:31:1a:d8:d7:75:13:db:
         02:95:73:e7:50:87:8d:16:de:34:7a:61:17:a3:6e:c3:13:52:
         df:0f:c3:d0:c1:ec:9d:b5:2c:e9:66:e9:7b:59:4b:63:f4:6c:
         83:b2:e5:45:27:99:ca:4e:df:26:3e:db:2d:c6:48:86:9a:6c:
         3c:21:32:c7:24:ee:76:24:b5:82:7c:e5:3d:3e:f2:b4:0d:cc:
         e8:f5:5a:49:87:91:6f:e7:20:fa:71:18:d1:5d:d1:2d:43:06:
         49:c4:d4:69
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIURMNGSLvm9hUJAIfushmeAl3ogo8wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjYwNTMxMDA1MDQ5WhcNMjYwODI5MjM1OTU5
WjB6MUkwRwYDVQQFE0A3MTYxMTM2ZTc0MjY3OTE4N2ZkNWM0NjE0ZGVkNTE4NTQz
ZDkyZWVlZmJiY2I3YjQ3YzQ4ZDJiMTk4Mzk4YThiMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCoWUjitK8IuArmtKT5FwmEwZim5hJGUdy/GyK6DL2EDVOw
c0cHLISZxmBxV8rBcUlo0Bw3zKNtIH2HXWqgnyauI70Nf4b1/hiEiWyG3fgGJOAk
4WnfHTp30Hgi+Qs7ZUOolQfqXXUq4DrC0aaHIvBvt+VL3yaEHOUBtysBpTG6sslx
scyxiuO8u7efcFla1mQcocBksyWkTcuTBbd5nfY8bHYHnmoRvPs76WPeP0vVnKXW
OHTXbBUPE3TCBHDFOXSs7TafDaNp1guiPNey+7yFoqSyqodOBiwi/VLkxbSUDF7m
0awisLSbXXyV2Tl35K4hDn0B3bw5FuhbcxBRpQfXAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUXi1WUln2OpJ0QII9KS2JoVcSaB4wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzU0NTA3OWQ5LTczN2YtNDkwZS04ZWVmLTQ5YjYyYTlmZTNmYS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgAmAB/pdDANBgkqhkiG9w0BAQsFAAOCAQEAFkt7eFX8kv0N2MXhrbEmDQUW
QCtJhtivDyfpbHF8++fJuoYORYUKIYgHIQJcC7rEl7rXkKaiC0517O1s0LTTQxp+
mdyvD+37qxUXYt/fM02GdEjHTCyp3kgdeEFlxJG2lxwjawyLVRTHEDrzeFUvxrim
Y6Es8N1AFnVYiRukBRHv02ClcyuK5Um7s2ZvjtfYz3c2Z444xvMH8qcxGtjXdRPb
ApVz51CHjRbeNHphF6NuwxNS3w/D0MHsnbUs6Wbpe1lLY/Rsg7LlRSeZyk7fJj7b
LcZIhppsPCEyxyTudiS1gnzlPT7ytA3M6PVaSYeRb+cg+nEY0V3RLUMGScTUaQ==
-----END CERTIFICATE-----