Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/ae00b9c6-280e-4f3b-aa76-fa17a628f5ec.roa
File:                     ae00b9c6-280e-4f3b-aa76-fa17a628f5ec.roa (raw, json)
Hash identifier:          ZOJEBtEaKns2g64pQz+mjvocLDGHf2MKRHsZfjHw7jQ=
Subject key identifier:   C8:CB:60:3F:1E:75:8C:04:69:66:AC:96:4D:67:73:0A:04:F6:41:A9
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       7AC8A3138B7638ACE5E93203CE096F23E3ECB31F
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/ae00b9c6-280e-4f3b-aa76-fa17a628f5ec.roa
Signing time:             Fri 15 May 2026 01:00:41 +0000
ROA not before:           Fri 15 May 2026 01:00:41 +0000
ROA not after:            Thu 13 Aug 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:1ff2:8020::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 14 Jun 2026 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7a:c8:a3:13:8b:76:38:ac:e5:e9:32:03:ce:09:6f:23:e3:ec:b3:1f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: May 15 01:00:41 2026 GMT
            Not After : Aug 13 23:59:59 2026 GMT
        Subject: serialNumber=293fba219abe98945fe70995c6386d2d3d779026c8445316ad3701a74ff336d5, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:db:cb:e3:fa:e8:d6:b8:50:d4:c1:bd:33:0d:12:
                    80:6e:56:e6:eb:84:2d:93:e5:fc:34:fb:03:27:8e:
                    70:3e:20:d2:51:81:cf:84:6d:d8:4e:5e:ca:d5:33:
                    82:71:57:82:ad:2f:d2:ab:1f:86:21:83:55:6d:43:
                    cf:2d:e7:75:98:95:b7:51:7b:c3:18:d7:53:0d:a9:
                    64:50:bf:01:1a:69:e6:10:53:ad:85:d5:cd:1d:ee:
                    4e:17:e2:9c:62:5b:e1:64:ec:66:40:93:51:fc:ba:
                    ea:02:61:94:21:44:a1:c9:75:42:61:85:d6:b2:f6:
                    ec:b3:ba:33:97:53:a7:2f:c9:8d:4c:7d:b7:4a:8b:
                    20:70:4f:a5:09:bf:85:57:41:96:cb:40:96:08:7e:
                    73:32:74:9d:3b:76:eb:94:a4:02:5e:35:0f:04:6d:
                    1d:9f:03:3a:c5:35:68:eb:a7:13:5c:9e:47:70:4b:
                    21:46:96:65:8f:8b:00:b1:d7:0a:78:73:37:e8:33:
                    a2:dc:85:1b:2c:0f:4e:c6:d9:9a:6d:46:ea:e6:af:
                    ed:ef:4b:61:6a:ee:3b:16:3b:45:4c:2d:96:40:c4:
                    26:b6:61:ac:dd:65:4c:6e:38:b2:77:b0:5b:2f:43:
                    2d:44:17:23:ee:da:25:a3:1a:e4:0a:b1:c9:ba:4b:
                    2b:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C8:CB:60:3F:1E:75:8C:04:69:66:AC:96:4D:67:73:0A:04:F6:41:A9
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/ae00b9c6-280e-4f3b-aa76-fa17a628f5ec.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1ff2:8020::/48

    Signature Algorithm: sha256WithRSAEncryption
         87:b0:84:15:f1:80:78:69:3d:2b:1a:73:ad:80:f2:85:c4:96:
         41:af:13:9c:15:8e:59:5e:11:8d:93:04:39:2e:2e:20:22:50:
         ef:22:37:55:fe:53:71:35:eb:22:84:8d:8e:eb:30:5e:45:cc:
         f8:2c:0f:91:46:44:29:77:27:47:16:fe:ac:6e:fe:75:7d:32:
         eb:ae:4f:3d:30:e1:7e:42:35:16:53:49:0b:8f:d8:7b:e2:b9:
         7d:fa:29:e4:dd:32:e5:b4:d7:e1:a8:9c:3b:7d:81:8c:18:80:
         d9:e5:11:62:b4:98:c6:fc:4c:a9:88:6c:e9:2c:a3:a0:be:78:
         65:58:49:99:e8:70:dd:9e:c7:f4:7b:64:47:22:8f:63:ba:16:
         0b:73:a5:08:58:ca:96:df:81:39:1c:e0:79:ef:11:42:57:74:
         f9:6b:dd:6e:8b:9d:52:e2:9a:d7:fc:98:5c:a6:da:dd:8d:c1:
         c9:bd:a0:f8:4f:22:32:31:03:b2:41:a1:34:a9:d1:be:c9:eb:
         4a:04:fc:45:ce:0e:66:cc:0f:d7:fa:cd:75:e2:7a:90:a2:9c:
         1c:9c:31:37:1a:d5:c9:a5:27:3b:5e:10:41:45:e6:b6:0a:fb:
         b9:b7:86:19:9c:c1:40:9c:7c:30:fa:50:43:7c:8f:e9:4c:5f:
         f4:11:88:ce
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUesijE4t2OKzl6TIDzglvI+Pssx8wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjYwNTE1MDEwMDQxWhcNMjYwODEzMjM1OTU5
WjB6MUkwRwYDVQQFE0AyOTNmYmEyMTlhYmU5ODk0NWZlNzA5OTVjNjM4NmQyZDNk
Nzc5MDI2Yzg0NDUzMTZhZDM3MDFhNzRmZjMzNmQ1MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDby+P66Na4UNTBvTMNEoBuVubrhC2T5fw0+wMnjnA+INJR
gc+EbdhOXsrVM4JxV4KtL9KrH4Yhg1VtQ88t53WYlbdRe8MY11MNqWRQvwEaaeYQ
U62F1c0d7k4X4pxiW+Fk7GZAk1H8uuoCYZQhRKHJdUJhhday9uyzujOXU6cvyY1M
fbdKiyBwT6UJv4VXQZbLQJYIfnMydJ07duuUpAJeNQ8EbR2fAzrFNWjrpxNcnkdw
SyFGlmWPiwCx1wp4czfoM6LchRssD07G2ZptRurmr+3vS2Fq7jsWO0VMLZZAxCa2
YazdZUxuOLJ3sFsvQy1EFyPu2iWjGuQKscm6SyulAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUyMtgPx51jARpZqyWTWdzCgT2QakwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2FlMDBiOWM2LTI4MGUtNGYzYi1hYTc2LWZhMTdhNjI4ZjVlYy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmAB/ygCAwDQYJKoZIhvcNAQELBQADggEBAIewhBXxgHhpPSsac62A8oXE
lkGvE5wVjlleEY2TBDkuLiAiUO8iN1X+U3E16yKEjY7rMF5FzPgsD5FGRCl3J0cW
/qxu/nV9MuuuTz0w4X5CNRZTSQuP2HviuX36KeTdMuW01+GonDt9gYwYgNnlEWK0
mMb8TKmIbOkso6C+eGVYSZnocN2ex/R7ZEcij2O6FgtzpQhYypbfgTkc4HnvEUJX
dPlr3W6LnVLimtf8mFym2t2Nwcm9oPhPIjIxA7JBoTSp0b7J60oE/EXODmbMD9f6
zXXiepCinBycMTca1cmlJzteEEFF5rYK+7m3hhmcwUCcfDD6UEN8j+lMX/QRiM4=
-----END CERTIFICATE-----