Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/782623ec-d256-4ded-93c7-2ba1b2f03b63.roa
File:                     782623ec-d256-4ded-93c7-2ba1b2f03b63.roa (raw, json)
Hash identifier:          Hj/dU58uy8itIzw7XubZfIjDkyzk0az9QCSS1RzCoXM=
Subject key identifier:   E0:68:4D:D8:37:8B:3E:AA:56:05:50:BD:A2:FD:19:C1:2C:8C:27:73
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       0A7BEDE41F534C2396288DB737DEC1752757C124
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/782623ec-d256-4ded-93c7-2ba1b2f03b63.roa
Signing time:             Wed 25 Feb 2026 00:10:05 +0000
ROA not before:           Wed 25 Feb 2026 00:10:05 +0000
ROA not after:            Tue 26 May 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:1f1e:800::/38 maxlen: 38
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 03 Mar 2026 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0a:7b:ed:e4:1f:53:4c:23:96:28:8d:b7:37:de:c1:75:27:57:c1:24
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Feb 25 00:10:05 2026 GMT
            Not After : May 26 23:59:59 2026 GMT
        Subject: serialNumber=3591cb469fc55b1902dec9fcff574660426e08ecc3d17e8a93b9a15a7c32d460, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d9:e1:4d:fe:4d:4d:8d:08:c8:08:77:0a:e5:b8:
                    6f:e0:1e:ab:ec:13:33:38:e7:cf:68:e1:c8:84:c2:
                    b0:b1:90:e2:c1:c7:67:9c:ec:ee:b7:d6:be:0b:74:
                    fd:f9:f4:b5:6d:96:ad:21:0e:c4:16:e4:23:35:43:
                    47:74:e4:54:3a:81:34:28:a6:16:0f:bb:d3:e1:fc:
                    97:92:ce:14:d2:b2:78:c7:e5:83:7f:78:2d:c7:6e:
                    86:80:8f:ec:66:86:4a:cc:72:a7:90:8b:5b:fb:a2:
                    95:c2:26:62:3d:92:e3:94:8a:97:df:fa:68:13:b3:
                    31:21:58:3c:47:d6:63:13:35:aa:31:da:8d:99:34:
                    21:fd:03:a0:88:52:30:b9:4f:bc:c3:65:56:91:ca:
                    ba:0e:00:77:df:33:47:1c:d4:86:21:7a:ec:8d:78:
                    e2:41:c4:80:c5:5e:42:aa:73:2a:a6:36:71:f4:27:
                    50:b1:71:7d:86:8e:0c:6d:31:fa:79:49:25:a1:78:
                    bd:29:ae:cc:22:ae:99:fd:3d:17:ce:96:ac:ed:16:
                    d5:c8:79:95:2a:6e:49:25:73:8a:45:d7:bb:ad:88:
                    e8:5f:ab:72:67:05:74:fd:a2:aa:43:09:46:18:52:
                    47:4f:95:bd:60:8f:b4:48:00:fe:13:40:47:e2:84:
                    54:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E0:68:4D:D8:37:8B:3E:AA:56:05:50:BD:A2:FD:19:C1:2C:8C:27:73
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/782623ec-d256-4ded-93c7-2ba1b2f03b63.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1f1e:800::/38

    Signature Algorithm: sha256WithRSAEncryption
         ab:89:dc:2e:63:ee:c2:f2:15:af:f1:e8:bd:45:b5:1a:51:9f:
         5d:1f:07:e3:5e:cc:dc:04:f7:0f:46:22:2e:cb:97:8b:c7:77:
         12:0e:f1:fb:c0:d4:4b:00:b8:9c:8d:e5:d0:0a:60:3e:ea:7f:
         a0:77:da:ee:16:cc:97:6d:56:59:dd:cd:68:27:e6:5f:9b:55:
         c0:35:2c:fc:dd:f9:4a:84:a3:23:08:c1:15:73:e5:56:7a:b7:
         36:92:7f:cf:2a:92:ef:9a:15:16:66:b5:7c:73:47:22:e5:88:
         25:94:2b:c6:0f:b2:42:4a:25:fa:4c:2b:3e:a0:40:10:74:10:
         ba:69:19:09:81:e8:45:ef:82:2c:db:da:37:33:05:db:20:52:
         50:3b:5d:58:3d:6f:92:6d:44:ea:7b:ad:3a:cd:9b:ef:30:72:
         8e:7f:65:f6:10:30:d8:a6:87:13:50:30:f7:5d:9e:8b:3e:33:
         80:f9:02:40:1c:49:8b:9f:aa:53:3b:b5:34:13:85:1e:fa:85:
         c2:59:be:fe:59:e0:70:77:e4:92:c7:26:10:48:ca:eb:1f:af:
         4d:6a:c9:11:ae:ad:9e:bb:69:62:9e:76:77:f3:b3:77:6e:1e:
         12:a5:a6:f6:f5:ac:2c:7f:af:29:f3:f1:29:75:22:a1:32:bf:
         1a:28:0a:ce
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUCnvt5B9TTCOWKI23N97BdSdXwSQwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjYwMjI1MDAxMDA1WhcNMjYwNTI2MjM1OTU5
WjB6MUkwRwYDVQQFE0AzNTkxY2I0NjlmYzU1YjE5MDJkZWM5ZmNmZjU3NDY2MDQy
NmUwOGVjYzNkMTdlOGE5M2I5YTE1YTdjMzJkNDYwMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDZ4U3+TU2NCMgIdwrluG/gHqvsEzM4589o4ciEwrCxkOLB
x2ec7O631r4LdP359LVtlq0hDsQW5CM1Q0d05FQ6gTQophYPu9Ph/JeSzhTSsnjH
5YN/eC3HboaAj+xmhkrMcqeQi1v7opXCJmI9kuOUipff+mgTszEhWDxH1mMTNaox
2o2ZNCH9A6CIUjC5T7zDZVaRyroOAHffM0cc1IYheuyNeOJBxIDFXkKqcyqmNnH0
J1CxcX2GjgxtMfp5SSWheL0prswirpn9PRfOlqztFtXIeZUqbkklc4pF17utiOhf
q3JnBXT9oqpDCUYYUkdPlb1gj7RIAP4TQEfihFRXAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQU4GhN2DeLPqpWBVC9ov0ZwSyMJ3MwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzc4MjYyM2VjLWQyNTYtNGRlZC05M2M3LTJiYTFiMmYwM2I2My5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgImAB8eCDANBgkqhkiG9w0BAQsFAAOCAQEAq4ncLmPuwvIVr/HovUW1GlGf
XR8H417M3AT3D0YiLsuXi8d3Eg7x+8DUSwC4nI3l0ApgPup/oHfa7hbMl21WWd3N
aCfmX5tVwDUs/N35SoSjIwjBFXPlVnq3NpJ/zyqS75oVFma1fHNHIuWIJZQrxg+y
Qkol+kwrPqBAEHQQumkZCYHoRe+CLNvaNzMF2yBSUDtdWD1vkm1E6nutOs2b7zBy
jn9l9hAw2KaHE1Aw912eiz4zgPkCQBxJi5+qUzu1NBOFHvqFwlm+/lngcHfkkscm
EEjK6x+vTWrJEa6tnrtpYp52d/Ozd24eEqWm9vWsLH+vKfPxKXUioTK/GigKzg==
-----END CERTIFICATE-----
Generated at Sun Mar 1 22:20:34 2026 by rpki-client