Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/940d4db1-8435-4b14-9f65-40384956f3cf.roa
File:                     940d4db1-8435-4b14-9f65-40384956f3cf.roa (raw, json)
Hash identifier:          EdTiYp9skkMMQjuWljEFtaAjxEgtSl7bdhShB3TEUEU=
Subject key identifier:   20:93:F2:08:AA:0E:91:E6:AA:17:99:E3:1B:78:35:0B:A5:08:A5:F4
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       0337804243E832016FB0F6085DAF2106E228623A
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/940d4db1-8435-4b14-9f65-40384956f3cf.roa
Signing time:             Wed 20 May 2026 00:11:06 +0000
ROA not before:           Wed 20 May 2026 00:11:06 +0000
ROA not after:            Tue 18 Aug 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        35.51.0.0/16 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 14 Jun 2026 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            03:37:80:42:43:e8:32:01:6f:b0:f6:08:5d:af:21:06:e2:28:62:3a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: May 20 00:11:06 2026 GMT
            Not After : Aug 18 23:59:59 2026 GMT
        Subject: serialNumber=524e1591a5cc3d18256b11f05d956cf032f0ddac19a06637e89f5d68186c34f0, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:6e:e6:cd:ce:a5:83:31:fc:8c:fe:ba:71:28:
                    a2:b8:52:c9:3b:5c:16:4d:0b:28:84:3e:2b:1f:d2:
                    d4:9b:c2:ea:6b:33:11:29:d1:aa:e6:f9:c9:ee:79:
                    84:46:20:ca:63:0c:81:79:4f:42:54:84:36:e6:5c:
                    d6:16:e7:3e:82:db:d9:18:2c:b1:7f:ff:0b:cf:d3:
                    4c:e7:58:fc:a2:4f:52:66:5a:89:4c:85:42:4f:8f:
                    20:1f:3b:6d:25:f9:00:97:f4:6f:6b:28:c7:04:7b:
                    b8:08:f8:bb:0a:58:fa:ad:85:1b:6e:18:80:44:41:
                    09:8b:0c:f9:1c:44:bb:d4:82:b0:ed:c1:72:60:82:
                    23:eb:ea:c9:31:0c:1f:2d:bf:a8:86:ac:c5:01:69:
                    b1:14:05:43:2c:dc:aa:b5:33:74:6a:64:38:03:3c:
                    e6:82:f7:49:7a:cc:ec:ae:2c:ab:8b:d2:24:9c:94:
                    59:0c:66:68:26:d3:42:0f:ac:74:b0:68:a4:60:cf:
                    ac:4b:de:cc:f6:d7:3a:2c:8e:d9:ef:a8:d1:2a:d9:
                    a4:f4:cf:5f:6d:54:2b:23:d6:86:84:5b:8f:d4:dd:
                    a9:87:89:f5:30:aa:3d:55:5c:e5:03:16:48:c3:ed:
                    ae:3d:c9:49:4f:b2:43:cb:b7:49:91:db:64:61:65:
                    5f:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                20:93:F2:08:AA:0E:91:E6:AA:17:99:E3:1B:78:35:0B:A5:08:A5:F4
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/940d4db1-8435-4b14-9f65-40384956f3cf.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  35.51.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         99:0b:67:e0:12:34:50:2d:83:bc:48:40:c4:1e:d1:06:42:66:
         39:86:15:9a:af:10:d4:ce:ce:1c:50:16:c7:c3:16:66:fb:c6:
         4d:2d:2a:64:c9:c5:b9:f0:47:4e:9f:e9:fb:78:4b:c8:d7:e1:
         a6:c8:a6:bb:30:b9:aa:e1:10:27:4e:e7:31:a3:a8:ea:87:7a:
         88:3f:7c:83:5f:b5:a1:bb:d8:d4:69:52:12:a0:e8:99:39:ba:
         a9:8c:c4:a0:99:ec:33:ab:cb:5e:06:b6:71:aa:0e:9c:60:20:
         27:8d:7c:6b:3d:4a:47:e9:6b:70:c5:f9:0a:80:a9:1f:23:c5:
         06:14:62:11:97:45:18:80:aa:8a:43:80:bf:81:2c:e7:72:97:
         cd:20:9c:ec:4a:df:94:3f:e8:ca:00:16:27:ba:4b:2d:65:91:
         c2:ee:0c:9c:f4:70:77:e0:e9:72:43:a3:f6:79:af:f5:e9:a2:
         eb:d7:2b:a5:5b:6b:16:90:09:c6:7a:9a:98:a8:11:5d:f4:25:
         c4:98:ae:7b:9e:98:9f:69:3d:78:a8:e9:f6:8a:49:84:38:39:
         f9:be:0a:c5:c3:67:70:fb:d8:f3:51:03:dd:25:f1:15:65:97:
         c6:d4:9f:bb:86:16:2d:2b:1e:a9:55:29:18:ae:66:8c:a9:e3:
         0c:1c:4e:b6
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUAzeAQkPoMgFvsPYIXa8hBuIoYjowDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjYwNTIwMDAxMTA2WhcNMjYwODE4MjM1OTU5
WjB6MUkwRwYDVQQFE0A1MjRlMTU5MWE1Y2MzZDE4MjU2YjExZjA1ZDk1NmNmMDMy
ZjBkZGFjMTlhMDY2MzdlODlmNWQ2ODE4NmMzNGYwMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCabubNzqWDMfyM/rpxKKK4Usk7XBZNCyiEPisf0tSbwupr
MxEp0arm+cnueYRGIMpjDIF5T0JUhDbmXNYW5z6C29kYLLF//wvP00znWPyiT1Jm
WolMhUJPjyAfO20l+QCX9G9rKMcEe7gI+LsKWPqthRtuGIBEQQmLDPkcRLvUgrDt
wXJggiPr6skxDB8tv6iGrMUBabEUBUMs3Kq1M3RqZDgDPOaC90l6zOyuLKuL0iSc
lFkMZmgm00IPrHSwaKRgz6xL3sz21zosjtnvqNEq2aT0z19tVCsj1oaEW4/U3amH
ifUwqj1VXOUDFkjD7a49yUlPskPLt0mR22RhZV9tAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUIJPyCKoOkeaqF5njG3g1C6UIpfQwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzk0MGQ0ZGIxLTg0MzUtNGIxNC05ZjY1LTQwMzg0OTU2ZjNjZi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwAjMzANBgkqhkiG9w0BAQsFAAOCAQEAmQtn4BI0UC2DvEhAxB7RBkJmOYYV
mq8Q1M7OHFAWx8MWZvvGTS0qZMnFufBHTp/p+3hLyNfhpsimuzC5quEQJ07nMaOo
6od6iD98g1+1obvY1GlSEqDomTm6qYzEoJnsM6vLXga2caoOnGAgJ418az1KR+lr
cMX5CoCpHyPFBhRiEZdFGICqikOAv4Es53KXzSCc7ErflD/oygAWJ7pLLWWRwu4M
nPRwd+DpckOj9nmv9emi69crpVtrFpAJxnqamKgRXfQlxJiue56Yn2k9eKjp9opJ
hDg5+b4KxcNncPvY81ED3SXxFWWXxtSfu4YWLSseqVUpGK5mjKnjDBxOtg==
-----END CERTIFICATE-----
Generated at Sat Jun 13 05:50:36 2026 by rpki-client