Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/d0853223-d8a6-44c9-890f-c69fed185aac.roa
File:                     d0853223-d8a6-44c9-890f-c69fed185aac.roa (raw, json)
Hash identifier:          C3U1KusyvGqTUZwWMvHhMhTrEbzBPYOHW5TJ2ASUecM=
Subject key identifier:   49:F3:D9:C5:B4:3E:2B:29:AF:DD:B2:00:62:F5:1B:62:E4:C7:89:46
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       049224C32C77CAA588CD134A9BA85C2FDEE35369
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/d0853223-d8a6-44c9-890f-c69fed185aac.roa
Signing time:             Sat 16 May 2026 01:10:06 +0000
ROA not before:           Sat 16 May 2026 01:10:06 +0000
ROA not after:            Fri 14 Aug 2026 23:59:59 +0000
asID:                     14618
IP address blocks:        2600:1f27:8000::/36 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 14 Jun 2026 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            04:92:24:c3:2c:77:ca:a5:88:cd:13:4a:9b:a8:5c:2f:de:e3:53:69
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: May 16 01:10:06 2026 GMT
            Not After : Aug 14 23:59:59 2026 GMT
        Subject: serialNumber=1f2633e1fccd69f30270e32f8fd8267ac6b389c20bedd5c10622c51a6987d523, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:54:70:ea:1e:b6:00:eb:20:87:87:86:0d:04:
                    21:96:e0:ce:c6:3f:9d:1b:98:41:df:1f:42:49:91:
                    75:4b:10:aa:ae:aa:75:45:ba:93:fc:c1:93:4e:69:
                    a6:b8:9c:3e:00:3f:df:91:bb:10:7d:03:10:74:e8:
                    92:59:63:16:ca:aa:39:ed:c9:57:6e:a2:da:b8:6b:
                    77:2c:24:4b:e0:24:31:cf:25:82:28:27:d1:88:5d:
                    0d:b4:65:1b:12:db:10:2e:09:c5:52:7e:61:d1:33:
                    9a:9f:02:19:bc:4e:ad:2b:17:b2:f5:46:a5:14:e9:
                    17:d0:d3:91:63:51:bd:46:0a:5d:42:07:af:69:cd:
                    6d:6c:8f:ca:78:99:41:5e:bc:3e:9b:f3:de:59:59:
                    52:cc:f7:4a:cb:d3:4d:e5:c0:45:2c:3e:8f:aa:87:
                    f5:24:76:66:23:5c:f7:b6:e0:42:52:ee:66:57:5e:
                    9f:1a:e0:30:1f:96:23:d4:4c:93:a2:d6:0c:db:ca:
                    88:a5:d0:39:2b:25:48:df:1c:2e:d7:a3:b4:ea:0e:
                    03:b0:b3:81:35:96:cb:84:4c:bd:e0:eb:bd:09:ae:
                    03:8d:8a:14:47:1c:24:d8:a6:87:f6:33:b0:de:80:
                    1b:2d:1c:2f:cd:5a:92:ca:1c:93:c7:1f:5b:5b:67:
                    e0:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                49:F3:D9:C5:B4:3E:2B:29:AF:DD:B2:00:62:F5:1B:62:E4:C7:89:46
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/d0853223-d8a6-44c9-890f-c69fed185aac.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1f27:8000::/36

    Signature Algorithm: sha256WithRSAEncryption
         8c:14:6c:9c:cd:99:72:c6:b5:20:36:0f:ea:b1:ec:cf:f7:f1:
         f1:88:b3:f1:07:3e:7d:0e:79:2a:48:ba:10:8c:d7:8e:5c:85:
         12:72:e6:29:67:5f:5f:28:43:4c:9e:e7:7c:14:ad:fe:79:b4:
         4b:e5:49:7c:83:38:9b:f2:ee:ca:e5:85:d6:37:da:04:38:56:
         91:3a:5c:95:13:d6:60:39:0b:5b:67:d9:30:27:7a:6a:bd:e7:
         37:39:d2:39:ce:fc:ec:3a:7e:ff:1d:33:4b:34:e1:da:44:a9:
         ca:3f:77:86:42:ad:1d:58:e7:bf:63:8a:aa:fd:95:05:41:ae:
         ef:2d:e9:0a:b1:7e:8b:a8:1d:8f:2b:11:e1:da:00:6e:89:7d:
         d2:64:c9:76:e4:83:7d:80:86:12:db:49:d9:71:ae:1f:09:ee:
         f7:8d:df:90:d7:6a:66:18:55:1d:fa:98:9f:ad:d0:e7:76:ad:
         74:03:30:04:55:1c:49:b2:ca:31:4d:bc:59:a5:cf:5e:ab:6d:
         bc:16:f7:7a:03:20:39:4d:fe:e1:93:d7:f5:a4:7d:41:f0:73:
         11:e5:af:77:ac:dd:42:8d:92:f7:d2:93:5a:53:1f:0d:b8:bc:
         33:f8:49:2c:9d:2a:47:a2:e5:0f:31:a0:22:43:a1:c9:ad:8a:
         d7:a8:89:7c
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUBJIkwyx3yqWIzRNKm6hcL97jU2kwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjYwNTE2MDExMDA2WhcNMjYwODE0MjM1OTU5
WjB6MUkwRwYDVQQFE0AxZjI2MzNlMWZjY2Q2OWYzMDI3MGUzMmY4ZmQ4MjY3YWM2
YjM4OWMyMGJlZGQ1YzEwNjIyYzUxYTY5ODdkNTIzMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCdVHDqHrYA6yCHh4YNBCGW4M7GP50bmEHfH0JJkXVLEKqu
qnVFupP8wZNOaaa4nD4AP9+RuxB9AxB06JJZYxbKqjntyVduotq4a3csJEvgJDHP
JYIoJ9GIXQ20ZRsS2xAuCcVSfmHRM5qfAhm8Tq0rF7L1RqUU6RfQ05FjUb1GCl1C
B69pzW1sj8p4mUFevD6b895ZWVLM90rL003lwEUsPo+qh/UkdmYjXPe24EJS7mZX
Xp8a4DAfliPUTJOi1gzbyoil0DkrJUjfHC7Xo7TqDgOws4E1lsuETL3g670JrgON
ihRHHCTYpof2M7DegBstHC/NWpLKHJPHH1tbZ+BvAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUSfPZxbQ+Kymv3bIAYvUbYuTHiUYwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2QwODUzMjIzLWQ4YTYtNDRjOS04OTBmLWM2OWZlZDE4NWFhYy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgQmAB8ngDANBgkqhkiG9w0BAQsFAAOCAQEAjBRsnM2Zcsa1IDYP6rHsz/fx
8Yiz8Qc+fQ55Kki6EIzXjlyFEnLmKWdfXyhDTJ7nfBSt/nm0S+VJfIM4m/LuyuWF
1jfaBDhWkTpclRPWYDkLW2fZMCd6ar3nNznSOc787Dp+/x0zSzTh2kSpyj93hkKt
HVjnv2OKqv2VBUGu7y3pCrF+i6gdjysR4doAbol90mTJduSDfYCGEttJ2XGuHwnu
943fkNdqZhhVHfqYn63Q53atdAMwBFUcSbLKMU28WaXPXqttvBb3egMgOU3+4ZPX
9aR9QfBzEeWvd6zdQo2S99KTWlMfDbi8M/hJLJ0qR6LlDzGgIkOhya2K16iJfA==
-----END CERTIFICATE-----