Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/abfa8cec-4fb4-41fa-9101-2f83a4c46bbe.roa
File:                     abfa8cec-4fb4-41fa-9101-2f83a4c46bbe.roa (raw, json)
Hash identifier:          wcnX+NjOKreqh8XrbUu2M5RQWHIyDu8v3cpLQBhoRqo=
Subject key identifier:   9E:AA:39:F6:3C:9E:C0:53:0E:B6:AB:DF:FA:18:A9:1D:0D:C0:BB:61
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       516F9527E4D331CE001D31580E0A43B52155C27B
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/abfa8cec-4fb4-41fa-9101-2f83a4c46bbe.roa
Signing time:             Sat 16 May 2026 02:11:20 +0000
ROA not before:           Sat 16 May 2026 02:11:20 +0000
ROA not after:            Fri 14 Aug 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        40.35.0.0/16 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 14 Jun 2026 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            51:6f:95:27:e4:d3:31:ce:00:1d:31:58:0e:0a:43:b5:21:55:c2:7b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: May 16 02:11:20 2026 GMT
            Not After : Aug 14 23:59:59 2026 GMT
        Subject: serialNumber=47f06c4ee07ac42da028daf2ff77064606d09d95175648560c560d3602c62388, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:ae:47:65:72:78:70:7a:84:8c:95:d8:01:ee:
                    f0:35:a7:92:ab:ed:4b:15:7a:11:a1:1f:67:1e:27:
                    f7:c1:03:6a:3a:58:36:45:f0:17:2d:14:fc:8b:a0:
                    89:76:4f:79:28:fd:75:83:ef:cb:74:91:e1:e4:83:
                    5e:2e:a5:5a:66:3d:d5:73:02:cb:2a:bd:75:d6:5b:
                    cf:0a:74:2f:aa:1b:8e:56:1e:db:3f:d7:1e:34:46:
                    2e:13:2d:c4:84:cc:df:c7:b1:1b:35:80:a4:93:75:
                    33:b3:c8:d1:18:cb:53:00:4e:c8:9a:9b:94:ad:0b:
                    d8:1c:ca:1e:3f:74:e1:db:59:b1:d4:32:0f:4a:4f:
                    88:3e:ae:ca:75:71:4e:4c:36:e7:72:5b:d2:fe:5d:
                    14:10:c4:75:d2:90:5a:db:dd:5c:99:86:c9:5b:b0:
                    df:1b:c4:df:ab:c9:85:75:38:06:66:c4:0f:19:92:
                    35:c0:fe:38:3e:e9:f0:32:e9:93:02:df:92:d9:10:
                    ce:69:76:56:95:86:1d:93:52:4b:52:8e:53:ec:e5:
                    46:92:16:80:17:39:65:78:d2:64:3d:ef:63:a3:6b:
                    2d:71:05:e3:6f:7d:7d:44:b6:bd:e5:e9:a7:a2:7c:
                    ae:81:5d:84:6f:a2:d2:ff:ff:2f:28:ca:d2:65:b5:
                    f4:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9E:AA:39:F6:3C:9E:C0:53:0E:B6:AB:DF:FA:18:A9:1D:0D:C0:BB:61
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/abfa8cec-4fb4-41fa-9101-2f83a4c46bbe.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  40.35.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         85:88:f2:8c:2b:e1:0e:2e:01:94:58:33:bf:f9:fb:f8:81:23:
         d2:aa:af:71:20:e9:85:86:b3:35:32:50:ec:c8:2f:56:b4:e9:
         e6:5a:05:77:a9:63:8b:d2:2d:b2:f4:31:0b:59:38:c3:5c:f0:
         b4:9a:4b:87:58:00:c0:48:af:33:57:d8:43:90:b7:dd:df:ad:
         62:c3:63:91:4a:a8:c4:66:8a:b2:1a:6e:da:1b:f2:fd:64:f9:
         61:85:be:f4:83:2d:2e:0a:53:46:e4:fc:a2:82:ca:1f:44:1a:
         0d:5e:e1:0a:7b:c3:44:ab:84:ab:63:9e:eb:15:1f:8b:92:bc:
         8d:c6:e6:5e:ca:fb:78:48:fc:8d:28:48:e8:03:36:67:7d:5b:
         1d:1f:eb:85:4d:d2:48:88:11:33:97:9d:18:15:1c:b8:15:c2:
         4a:2a:2c:3e:22:2d:60:b9:7a:cb:a0:e1:8e:1f:ff:4e:04:72:
         88:9e:06:6f:a3:51:e2:34:76:e9:da:2d:dd:e2:c3:5e:a3:97:
         ac:f7:fd:e6:29:24:66:60:f8:fa:56:6e:9b:8b:b3:96:c8:bc:
         75:32:02:10:bd:cd:d3:71:8b:c8:74:78:78:90:a3:27:fa:ec:
         27:36:61:70:65:6a:ef:e0:e1:93:71:47:12:c0:f5:4b:87:b1:
         ae:70:a5:b2
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUUW+VJ+TTMc4AHTFYDgpDtSFVwnswDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjYwNTE2MDIxMTIwWhcNMjYwODE0MjM1OTU5
WjB6MUkwRwYDVQQFE0A0N2YwNmM0ZWUwN2FjNDJkYTAyOGRhZjJmZjc3MDY0NjA2
ZDA5ZDk1MTc1NjQ4NTYwYzU2MGQzNjAyYzYyMzg4MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCyrkdlcnhweoSMldgB7vA1p5Kr7UsVehGhH2ceJ/fBA2o6
WDZF8BctFPyLoIl2T3ko/XWD78t0keHkg14upVpmPdVzAssqvXXWW88KdC+qG45W
Hts/1x40Ri4TLcSEzN/HsRs1gKSTdTOzyNEYy1MATsiam5StC9gcyh4/dOHbWbHU
Mg9KT4g+rsp1cU5MNudyW9L+XRQQxHXSkFrb3VyZhslbsN8bxN+ryYV1OAZmxA8Z
kjXA/jg+6fAy6ZMC35LZEM5pdlaVhh2TUktSjlPs5UaSFoAXOWV40mQ972Ojay1x
BeNvfX1Etr3l6aeifK6BXYRvotL//y8oytJltfSPAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUnqo59jyewFMOtqvf+hipHQ3Au2EwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2FiZmE4Y2VjLTRmYjQtNDFmYS05MTAxLTJmODNhNGM0NmJiZS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwAoIzANBgkqhkiG9w0BAQsFAAOCAQEAhYjyjCvhDi4BlFgzv/n7+IEj0qqv
cSDphYazNTJQ7MgvVrTp5loFd6lji9ItsvQxC1k4w1zwtJpLh1gAwEivM1fYQ5C3
3d+tYsNjkUqoxGaKshpu2hvy/WT5YYW+9IMtLgpTRuT8ooLKH0QaDV7hCnvDRKuE
q2Oe6xUfi5K8jcbmXsr7eEj8jShI6AM2Z31bHR/rhU3SSIgRM5edGBUcuBXCSios
PiItYLl6y6Dhjh//TgRyiJ4Gb6NR4jR26dot3eLDXqOXrPf95ikkZmD4+lZum4uz
lsi8dTICEL3N03GLyHR4eJCjJ/rsJzZhcGVq7+Dhk3FHEsD1S4exrnClsg==
-----END CERTIFICATE-----
Generated at Sat Jun 13 09:29:05 2026 by rpki-client