Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/560883a6-53fa-4a06-82dc-ce45e8426782.roa
File:                     560883a6-53fa-4a06-82dc-ce45e8426782.roa (raw, json)
Hash identifier:          Kom+mkfx/vaUkoKIu7FnCWwDIErW8UTQ0dgjojDW0dA=
Subject key identifier:   81:09:1C:81:C8:8E:56:48:0F:36:F1:36:F8:BC:7C:D3:F7:6C:13:71
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       669A2230DC919D2209F0F71A778E8B0009E4FB69
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/560883a6-53fa-4a06-82dc-ce45e8426782.roa
Signing time:             Tue 02 Jun 2026 16:02:22 +0000
ROA not before:           Tue 02 Jun 2026 16:02:22 +0000
ROA not after:            Mon 31 Aug 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        16.61.162.0/23 maxlen: 23
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 14 Jun 2026 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            66:9a:22:30:dc:91:9d:22:09:f0:f7:1a:77:8e:8b:00:09:e4:fb:69
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jun  2 16:02:22 2026 GMT
            Not After : Aug 31 23:59:59 2026 GMT
        Subject: serialNumber=805b89c4aa82e1bd8a4f4fff6493cbfe3f93a43e7aaf8348f81ae67a078676a3, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:83:12:f6:c9:e1:82:48:92:2b:3f:11:80:8a:
                    d1:2c:f8:ed:a8:54:4c:ae:61:3d:0f:9e:1f:c4:7f:
                    e5:7a:e6:a8:d9:35:76:81:c6:e3:08:47:8d:e0:b6:
                    a0:7d:24:e3:cc:ed:84:d6:78:eb:55:48:b5:ca:a3:
                    35:91:b9:22:9b:44:50:82:18:a1:62:45:47:55:79:
                    42:e8:31:2f:cd:c6:15:ed:05:20:c2:6b:8d:3b:8a:
                    ac:2a:0d:5a:0e:f2:34:d3:83:c2:20:cd:99:7f:fa:
                    ed:2a:87:85:97:dc:3f:6b:da:d2:33:11:6e:72:04:
                    0a:34:21:7d:73:10:f8:bf:ed:9a:6b:ff:3f:54:45:
                    76:e8:52:cc:e0:77:74:d8:3a:63:45:b2:b9:04:7f:
                    3a:c7:d7:04:d0:fe:19:34:18:ea:bf:9b:e1:29:8b:
                    a2:42:dc:4a:e2:3c:8b:90:6b:10:42:6d:7e:2d:50:
                    a1:d5:cf:7f:ba:7d:e7:29:6a:43:77:97:80:dc:48:
                    3d:7b:a3:95:da:8a:8f:98:3d:95:18:1f:b3:04:ac:
                    54:96:9c:76:c0:0d:48:1a:91:46:60:2a:b3:bc:ff:
                    09:3b:f9:60:ef:6e:e9:2d:b7:90:69:32:99:55:af:
                    a7:e4:c1:e5:b3:5a:d1:af:7b:6e:15:c6:78:91:f0:
                    66:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                81:09:1C:81:C8:8E:56:48:0F:36:F1:36:F8:BC:7C:D3:F7:6C:13:71
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/560883a6-53fa-4a06-82dc-ce45e8426782.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  16.61.162.0/23

    Signature Algorithm: sha256WithRSAEncryption
         c9:f1:48:b7:55:57:82:a6:63:12:68:03:62:d7:59:60:6b:d5:
         da:36:3d:97:8e:4e:9b:87:32:a2:69:33:8e:71:d9:d9:bc:4e:
         70:ec:9b:13:95:21:bc:15:c8:ab:d3:90:75:e5:16:4e:c7:1d:
         c4:73:bf:02:b0:b1:0d:27:57:a1:1c:ab:0b:46:42:25:59:a7:
         34:8d:28:a4:70:a4:ba:0c:b1:41:07:fb:1a:c4:af:cb:52:97:
         8a:7e:39:53:69:27:85:55:46:da:c4:5a:be:25:72:9d:26:34:
         b5:0f:3c:d5:6f:ea:44:9e:90:d4:7d:23:85:f8:bc:a5:3a:ed:
         00:00:ed:f6:0b:03:e3:02:8d:c1:08:cf:72:86:13:38:3c:89:
         41:01:75:da:e5:5c:a7:90:0b:5c:3c:4e:c6:1e:6f:be:f3:27:
         10:45:08:4f:14:70:fb:34:89:b9:ad:a6:26:96:25:ae:02:b0:
         d6:1e:dc:73:30:a8:85:57:47:70:fd:71:24:e8:3e:bf:c3:63:
         15:b3:0e:36:29:9b:3f:9a:2f:26:08:0f:8d:c4:c1:4a:a7:a7:
         85:86:fa:22:f3:0d:9b:2c:9b:f3:dd:e7:62:e3:7d:02:f4:4f:
         a6:9c:02:d0:e7:13:75:af:87:81:89:2a:48:40:b4:40:1f:5b:
         4b:b8:25:25
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUZpoiMNyRnSIJ8Pcad46LAAnk+2kwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjYwNjAyMTYwMjIyWhcNMjYwODMxMjM1OTU5
WjB6MUkwRwYDVQQFE0A4MDViODljNGFhODJlMWJkOGE0ZjRmZmY2NDkzY2JmZTNm
OTNhNDNlN2FhZjgzNDhmODFhZTY3YTA3ODY3NmEzMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDQgxL2yeGCSJIrPxGAitEs+O2oVEyuYT0Pnh/Ef+V65qjZ
NXaBxuMIR43gtqB9JOPM7YTWeOtVSLXKozWRuSKbRFCCGKFiRUdVeULoMS/NxhXt
BSDCa407iqwqDVoO8jTTg8IgzZl/+u0qh4WX3D9r2tIzEW5yBAo0IX1zEPi/7Zpr
/z9URXboUszgd3TYOmNFsrkEfzrH1wTQ/hk0GOq/m+Epi6JC3EriPIuQaxBCbX4t
UKHVz3+6fecpakN3l4DcSD17o5Xaio+YPZUYH7MErFSWnHbADUgakUZgKrO8/wk7
+WDvbuktt5BpMplVr6fkweWzWtGve24VxniR8GYjAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUgQkcgciOVkgPNvE2+Lx80/dsE3EwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzU2MDg4M2E2LTUzZmEtNGEwNi04MmRjLWNlNDVlODQyNjc4Mi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAEQPaIwDQYJKoZIhvcNAQELBQADggEBAMnxSLdVV4KmYxJoA2LXWWBr1do2
PZeOTpuHMqJpM45x2dm8TnDsmxOVIbwVyKvTkHXlFk7HHcRzvwKwsQ0nV6EcqwtG
QiVZpzSNKKRwpLoMsUEH+xrEr8tSl4p+OVNpJ4VVRtrEWr4lcp0mNLUPPNVv6kSe
kNR9I4X4vKU67QAA7fYLA+MCjcEIz3KGEzg8iUEBddrlXKeQC1w8TsYeb77zJxBF
CE8UcPs0ibmtpiaWJa4CsNYe3HMwqIVXR3D9cSToPr/DYxWzDjYpmz+aLyYID43E
wUqnp4WG+iLzDZssm/Pd52LjfQL0T6acAtDnE3Wvh4GJKkhAtEAfW0u4JSU=
-----END CERTIFICATE-----
Generated at Sat Jun 13 07:54:20 2026 by rpki-client