Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c7176065-06ff-4cc3-8f45-037bf533d7c4.roa
File:                     c7176065-06ff-4cc3-8f45-037bf533d7c4.roa (raw, json)
Hash identifier:          0un2zzIvqMwIypKyvay+QXy/nSk0JjbYEYeaKbFsSCs=
Subject key identifier:   B6:E6:5C:34:FC:49:D8:54:77:B6:59:02:38:4D:87:06:58:6A:65:B4
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       59973904B5120E03511CF8C53D7C854ABD2FBF03
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c7176065-06ff-4cc3-8f45-037bf533d7c4.roa
Signing time:             Sat 16 May 2026 00:21:14 +0000
ROA not before:           Sat 16 May 2026 00:21:14 +0000
ROA not after:            Fri 14 Aug 2026 23:59:59 +0000
asID:                     14618
IP address blocks:        35.56.0.0/15 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 14 Jun 2026 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            59:97:39:04:b5:12:0e:03:51:1c:f8:c5:3d:7c:85:4a:bd:2f:bf:03
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: May 16 00:21:14 2026 GMT
            Not After : Aug 14 23:59:59 2026 GMT
        Subject: serialNumber=556b65e9f40b2251f97806265d513f425a0cac82f9c74f25ec458ff02081fba2, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:ce:4d:70:78:10:b9:93:7e:2a:2e:27:62:c0:
                    e3:b2:11:e9:4d:15:64:41:ff:8a:41:82:94:0c:b1:
                    28:ab:44:94:c4:37:c1:10:d5:e0:38:a9:28:43:fe:
                    60:9b:3e:be:61:e1:fd:23:c3:5f:35:98:a4:0e:30:
                    8b:c1:8e:f3:1a:b2:5b:ba:cf:e4:c1:ba:bc:c3:66:
                    54:2f:96:e9:f5:66:63:1a:55:87:08:c2:bf:1c:c8:
                    d4:fb:74:1b:15:53:b7:1c:19:9c:cb:e2:46:5e:c9:
                    fe:29:1d:a8:ed:a4:e1:ba:c1:02:a4:30:26:78:d4:
                    45:73:cd:08:81:25:b8:73:e4:81:48:6f:3c:ec:41:
                    3c:a7:e9:98:23:b0:e9:53:9c:95:e9:b0:67:c1:f9:
                    50:b0:54:30:62:14:39:50:76:bb:cc:96:98:40:eb:
                    26:39:48:f2:ff:90:85:20:31:c7:ba:5c:0a:15:54:
                    a9:8e:60:f5:c8:5b:be:cc:47:21:90:b4:c7:dd:57:
                    1a:9b:c8:6c:e7:57:07:af:36:14:57:15:4e:5e:95:
                    c1:5d:75:b1:34:60:89:82:3d:e0:59:18:8a:c7:81:
                    c8:f4:a0:ba:d1:4f:20:c1:d7:20:bf:cb:b5:a8:6e:
                    f9:fb:2d:4e:73:6e:fe:1b:03:75:e7:34:d7:d1:c9:
                    28:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B6:E6:5C:34:FC:49:D8:54:77:B6:59:02:38:4D:87:06:58:6A:65:B4
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c7176065-06ff-4cc3-8f45-037bf533d7c4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  35.56.0.0/15

    Signature Algorithm: sha256WithRSAEncryption
         d7:44:7a:6a:28:71:9c:63:7b:74:78:3f:e9:5d:58:8e:02:38:
         c1:27:d1:6d:f5:2c:6b:55:0b:83:98:b3:ac:86:00:b7:97:9f:
         5f:51:a2:65:22:fc:fd:51:0f:b6:83:3a:da:d8:eb:42:c7:f3:
         e3:15:cf:fa:34:66:aa:a6:22:9f:5c:3c:8d:9c:4f:4d:39:5c:
         bd:f8:ca:9b:eb:b3:6a:33:28:8d:66:2c:bf:a3:64:3c:ca:ac:
         0a:bc:0e:9a:df:43:eb:31:4a:b9:77:1d:27:78:8e:54:d0:ab:
         2c:0c:98:a9:a6:ab:1c:3d:db:d6:b8:8d:d2:d4:96:f1:34:69:
         bb:b7:af:b1:60:b5:85:a7:1b:04:8f:ce:f6:93:e8:05:52:82:
         19:29:ae:89:8d:fe:7e:6c:97:5a:dc:e1:07:4a:82:29:ad:45:
         02:05:7b:72:4d:87:51:83:af:ef:b8:82:15:25:6c:4d:d9:a0:
         b8:72:70:0d:5f:15:29:bb:cb:26:55:ff:42:59:6a:29:6b:84:
         d7:9d:be:65:52:e2:1f:4f:fa:6c:8c:8c:29:d3:70:ad:59:95:
         7e:5f:dc:e9:2a:e1:35:73:ae:94:9c:81:55:05:a1:f1:3d:e1:
         cd:7a:4d:66:89:66:60:50:f2:80:9b:1a:7e:f2:bb:8b:ba:83:
         f9:f5:28:43
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUWZc5BLUSDgNRHPjFPXyFSr0vvwMwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjYwNTE2MDAyMTE0WhcNMjYwODE0MjM1OTU5
WjB6MUkwRwYDVQQFE0A1NTZiNjVlOWY0MGIyMjUxZjk3ODA2MjY1ZDUxM2Y0MjVh
MGNhYzgyZjljNzRmMjVlYzQ1OGZmMDIwODFmYmEyMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC7zk1weBC5k34qLidiwOOyEelNFWRB/4pBgpQMsSirRJTE
N8EQ1eA4qShD/mCbPr5h4f0jw181mKQOMIvBjvMaslu6z+TBurzDZlQvlun1ZmMa
VYcIwr8cyNT7dBsVU7ccGZzL4kZeyf4pHajtpOG6wQKkMCZ41EVzzQiBJbhz5IFI
bzzsQTyn6ZgjsOlTnJXpsGfB+VCwVDBiFDlQdrvMlphA6yY5SPL/kIUgMce6XAoV
VKmOYPXIW77MRyGQtMfdVxqbyGznVwevNhRXFU5elcFddbE0YImCPeBZGIrHgcj0
oLrRTyDB1yC/y7Wobvn7LU5zbv4bA3XnNNfRySidAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUtuZcNPxJ2FR3tlkCOE2HBlhqZbQwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2M3MTc2MDY1LTA2ZmYtNGNjMy04ZjQ1LTAzN2JmNTMzZDdjNC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwEjODANBgkqhkiG9w0BAQsFAAOCAQEA10R6aihxnGN7dHg/6V1YjgI4wSfR
bfUsa1ULg5izrIYAt5efX1GiZSL8/VEPtoM62tjrQsfz4xXP+jRmqqYin1w8jZxP
TTlcvfjKm+uzajMojWYsv6NkPMqsCrwOmt9D6zFKuXcdJ3iOVNCrLAyYqaarHD3b
1riN0tSW8TRpu7evsWC1hacbBI/O9pPoBVKCGSmuiY3+fmyXWtzhB0qCKa1FAgV7
ck2HUYOv77iCFSVsTdmguHJwDV8VKbvLJlX/QllqKWuE152+ZVLiH0/6bIyMKdNw
rVmVfl/c6SrhNXOulJyBVQWh8T3hzXpNZolmYFDygJsafvK7i7qD+fUoQw==
-----END CERTIFICATE-----