Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/6888613c-f7ae-4b72-8ba8-e44bb1aa669c.roa
File:                     6888613c-f7ae-4b72-8ba8-e44bb1aa669c.roa (raw, json)
Hash identifier:          AgUkME/hbDL41EN7pKfMw5CYAOmkk8052pTytB08ZNI=
Subject key identifier:   FC:93:10:84:26:41:6C:2C:E3:50:55:0A:21:E3:CE:BA:3E:91:E3:E0
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       6F4E2A12B57C6514DF85342B54C0053F2EFF44B1
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/6888613c-f7ae-4b72-8ba8-e44bb1aa669c.roa
Signing time:             Fri 15 May 2026 00:50:12 +0000
ROA not before:           Fri 15 May 2026 00:50:12 +0000
ROA not after:            Thu 13 Aug 2026 23:59:59 +0000
asID:                     14618
IP address blocks:        2600:1f38:80a0::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 14 Jun 2026 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6f:4e:2a:12:b5:7c:65:14:df:85:34:2b:54:c0:05:3f:2e:ff:44:b1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: May 15 00:50:12 2026 GMT
            Not After : Aug 13 23:59:59 2026 GMT
        Subject: serialNumber=c992fceb6abfa1461100d9fe1dbf955a5f24091915a02375d3ca4b9507a99590, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:d4:5c:39:0b:2d:06:ca:5c:27:c7:0d:a6:2a:
                    a7:e9:ba:ba:df:a2:2e:17:0a:bb:72:d6:58:fd:31:
                    67:5c:f9:9b:15:c9:37:0b:7d:25:f3:22:ea:27:06:
                    90:d5:23:99:a7:15:e8:76:71:c4:4d:00:2c:8d:55:
                    0a:71:3c:7f:58:a2:e2:7b:ea:78:28:22:76:d2:f5:
                    3f:8b:a8:4d:e9:0d:07:ba:c1:f3:19:64:b2:02:bd:
                    d2:5e:04:32:2a:e8:67:83:6b:2b:ce:d9:92:0b:35:
                    d3:1b:c4:b5:d5:80:f9:f4:3d:a0:b3:df:a2:c4:f5:
                    9a:a9:c8:5d:ca:07:f6:e4:11:09:d7:29:b7:be:43:
                    e2:ee:02:6f:4f:1b:65:63:22:50:1e:5a:ce:16:ba:
                    92:54:1c:f0:5e:d1:c1:73:9b:28:90:70:6d:41:cd:
                    0f:5b:cd:4d:37:8c:c9:1a:a5:e9:43:e1:ab:14:ae:
                    a3:3e:55:b1:fc:30:5b:13:06:22:7f:35:9d:c7:18:
                    26:83:9b:b9:60:0c:ae:96:70:7b:fa:dd:32:46:11:
                    41:15:0e:10:8d:9b:1a:9f:a7:6d:3f:7f:b7:f5:14:
                    1f:69:f9:ea:a9:4a:43:29:9a:c3:e4:d8:ec:db:f2:
                    8b:c8:b2:da:b2:c5:a6:a9:5c:23:f7:41:bf:8f:2b:
                    42:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FC:93:10:84:26:41:6C:2C:E3:50:55:0A:21:E3:CE:BA:3E:91:E3:E0
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/6888613c-f7ae-4b72-8ba8-e44bb1aa669c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1f38:80a0::/48

    Signature Algorithm: sha256WithRSAEncryption
         b5:16:69:cf:19:34:af:f9:2e:cd:d3:b9:2e:57:14:9b:5e:67:
         64:e7:78:7c:cc:f7:a0:a9:fd:9f:08:68:ea:4f:28:d1:09:54:
         fd:eb:2f:fa:7b:4a:4b:5f:06:93:9d:45:d9:f2:97:fa:0d:d4:
         48:b1:a0:92:8c:a2:e7:0e:ad:b1:b6:a8:45:dd:d1:83:ad:0b:
         1b:f7:5b:f7:1b:f7:46:8f:7f:72:89:ee:b3:67:a5:40:30:1a:
         4b:a7:a0:ac:c2:7d:f8:ea:01:b5:07:f1:23:18:b5:d4:1b:e1:
         e8:7c:57:cf:dc:d1:ed:14:04:98:fe:c2:a4:e6:27:68:9f:cd:
         c9:66:ca:5f:e1:f2:89:bd:7f:b8:77:7e:5d:d1:f1:65:87:20:
         d2:31:5d:a7:a3:49:f3:0f:3b:da:5b:4f:64:96:2e:63:b1:30:
         cd:9c:cd:22:57:7d:68:e5:99:dc:0b:5c:40:28:d0:11:2e:66:
         cb:ef:fa:14:4c:36:ae:b6:15:43:4d:b4:f8:20:23:54:02:a8:
         d3:a5:f8:1b:cd:bf:8d:89:01:76:c4:a6:e7:b3:65:44:f2:7d:
         ec:8a:00:35:79:23:83:f4:12:4a:06:5f:e1:51:e1:38:29:9c:
         d6:c7:a1:82:30:fd:ff:1b:54:d6:cb:7a:ba:17:a0:ab:6f:9b:
         7b:30:29:3b
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUb04qErV8ZRTfhTQrVMAFPy7/RLEwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjYwNTE1MDA1MDEyWhcNMjYwODEzMjM1OTU5
WjB6MUkwRwYDVQQFE0BjOTkyZmNlYjZhYmZhMTQ2MTEwMGQ5ZmUxZGJmOTU1YTVm
MjQwOTE5MTVhMDIzNzVkM2NhNGI5NTA3YTk5NTkwMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCU1Fw5Cy0Gylwnxw2mKqfpurrfoi4XCrty1lj9MWdc+ZsV
yTcLfSXzIuonBpDVI5mnFeh2ccRNACyNVQpxPH9YouJ76ngoInbS9T+LqE3pDQe6
wfMZZLICvdJeBDIq6GeDayvO2ZILNdMbxLXVgPn0PaCz36LE9ZqpyF3KB/bkEQnX
Kbe+Q+LuAm9PG2VjIlAeWs4WupJUHPBe0cFzmyiQcG1BzQ9bzU03jMkapelD4asU
rqM+VbH8MFsTBiJ/NZ3HGCaDm7lgDK6WcHv63TJGEUEVDhCNmxqfp20/f7f1FB9p
+eqpSkMpmsPk2Ozb8ovIstqyxaapXCP3Qb+PK0L3AgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQU/JMQhCZBbCzjUFUKIePOuj6R4+AwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzY4ODg2MTNjLWY3YWUtNGI3Mi04YmE4LWU0NGJiMWFhNjY5Yy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmAB84gKAwDQYJKoZIhvcNAQELBQADggEBALUWac8ZNK/5Ls3TuS5XFJte
Z2TneHzM96Cp/Z8IaOpPKNEJVP3rL/p7SktfBpOdRdnyl/oN1EixoJKMoucOrbG2
qEXd0YOtCxv3W/cb90aPf3KJ7rNnpUAwGkunoKzCffjqAbUH8SMYtdQb4eh8V8/c
0e0UBJj+wqTmJ2ifzclmyl/h8om9f7h3fl3R8WWHINIxXaejSfMPO9pbT2SWLmOx
MM2czSJXfWjlmdwLXEAo0BEuZsvv+hRMNq62FUNNtPggI1QCqNOl+BvNv42JAXbE
puezZUTyfeyKADV5I4P0EkoGX+FR4TgpnNbHoYIw/f8bVNbLeroXoKtvm3swKTs=
-----END CERTIFICATE-----