Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/5711ca9f-54b1-42ca-be68-93036263a87f.roa
File:                     5711ca9f-54b1-42ca-be68-93036263a87f.roa (raw, json)
Hash identifier:          Y/8XV6b5lGtA2TLzpwxsMJGzRvcwNyN0cOLvIY37Hx4=
Subject key identifier:   3B:92:0E:88:F6:D3:04:08:FE:EE:15:8B:70:CC:FF:6D:40:6C:98:3D
Certificate issuer:       /CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
Certificate serial:       44F95FE8F84841FD4D8D18A434075DA022FFE9B4
Authority key identifier: 2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/5711ca9f-54b1-42ca-be68-93036263a87f.roa
Signing time:             Wed 20 May 2026 00:40:32 +0000
ROA not before:           Wed 20 May 2026 00:40:32 +0000
ROA not after:            Tue 18 Aug 2026 23:59:59 +0000
asID:                     14618
IP address blocks:        2600:f0fb:f10d::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 14 Jun 2026 13:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            44:f9:5f:e8:f8:48:41:fd:4d:8d:18:a4:34:07:5d:a0:22:ff:e9:b4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
        Validity
            Not Before: May 20 00:40:32 2026 GMT
            Not After : Aug 18 23:59:59 2026 GMT
        Subject: serialNumber=9eae6b1614f221424eacf9c94abd23c40838a3abbd690b783df87eb3aabcf825, CN=fbb27576-cac2-4381-9a53-6c15e0dc26ff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:42:c6:17:6f:68:b4:6f:34:1f:d1:68:68:03:
                    0d:d9:ff:f8:55:b9:f5:48:0a:72:25:d3:40:dd:4f:
                    ad:92:67:a9:d5:ba:45:9e:06:bb:d1:e2:3c:b1:ee:
                    2b:f8:d0:24:24:fe:07:64:56:23:13:9d:42:47:f4:
                    4a:a9:50:43:41:69:be:35:8c:a6:b2:eb:55:31:55:
                    20:be:07:52:c6:4b:5e:cc:2e:12:ff:18:35:a7:81:
                    e8:51:eb:c3:0d:95:e1:06:08:ca:c1:ef:75:aa:b2:
                    b7:a3:2a:2d:0a:c7:b2:91:42:8d:35:e6:73:b6:3d:
                    91:4c:05:e1:8e:cc:6b:85:17:1d:9f:c4:d7:7f:b0:
                    5a:9c:a8:8a:6e:c7:e0:07:da:00:ac:57:8d:df:52:
                    80:10:3d:ed:54:36:ea:f6:9b:64:3e:e3:5a:7a:45:
                    ea:60:14:c5:04:68:3f:fb:ae:ba:8f:d5:75:62:40:
                    f2:c4:f6:ee:43:68:d9:fb:36:f1:49:5c:75:1d:6a:
                    7b:57:1e:db:f2:41:0c:92:4e:7e:2b:5c:bc:5a:67:
                    ae:cf:f9:34:61:6b:c9:da:fc:fc:56:a1:dc:b8:14:
                    e4:66:2a:61:01:0c:3a:56:a6:ee:61:0c:5f:06:8f:
                    4e:47:46:39:c1:dc:b5:12:de:9f:19:83:53:2c:72:
                    cd:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3B:92:0E:88:F6:D3:04:08:FE:EE:15:8B:70:CC:FF:6D:40:6C:98:3D
            X509v3 Authority Key Identifier:
                keyid:2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/5711ca9f-54b1-42ca-be68-93036263a87f.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:f0fb:f10d::/48

    Signature Algorithm: sha256WithRSAEncryption
         89:e6:fe:79:8f:14:c2:47:0d:7f:80:3c:4c:83:ca:9e:4b:c5:
         54:06:43:f9:d6:83:92:99:cb:03:8b:97:ad:fa:22:03:3a:d0:
         e1:14:64:a4:06:b6:b2:0c:94:71:10:74:03:12:6a:33:6a:3a:
         e7:a3:3d:a9:71:5c:ca:66:4d:a2:0d:9e:b7:7b:d9:2e:13:a3:
         c5:1d:33:f1:e7:09:04:cf:0f:1b:e6:0c:58:b4:76:5f:5a:64:
         1b:df:79:6d:9e:af:45:dd:a2:74:54:bb:a6:5d:4d:6c:6d:86:
         00:c3:4b:0e:ab:a7:7b:da:b6:c5:39:df:e0:26:67:0a:25:1a:
         83:15:89:34:82:62:64:b2:1d:77:46:c4:9e:2f:61:a5:43:91:
         c5:02:37:8d:bb:de:ea:68:36:c8:30:8b:d5:a3:d7:1b:4f:cc:
         a2:4d:9a:76:14:ed:8a:79:94:e1:42:10:24:b1:51:c7:80:f1:
         da:79:8f:53:27:76:b4:8f:47:a1:35:48:f1:03:f1:d2:77:e9:
         9b:d9:5f:85:ca:91:19:57:77:f2:42:1e:43:d6:fc:f4:ed:47:
         6c:f2:a2:06:ec:a0:1e:3e:4d:10:21:74:b9:17:30:74:07:a0:
         0f:99:f5:c9:62:ab:0b:27:4b:12:7e:88:b4:10:26:46:30:08:
         41:ff:84:c5
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIURPlf6PhIQf1NjRikNAddoCL/6bQwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyYjU4NDVjMzA3ZDBiZjYxYjEzNGI4YWI3MTE1NDU4MjZi
MTcwN2ZkNWYwYWY4NGRhMDgwHhcNMjYwNTIwMDA0MDMyWhcNMjYwODE4MjM1OTU5
WjB6MUkwRwYDVQQFE0A5ZWFlNmIxNjE0ZjIyMTQyNGVhY2Y5Yzk0YWJkMjNjNDA4
MzhhM2FiYmQ2OTBiNzgzZGY4N2ViM2FhYmNmODI1MS0wKwYDVQQDEyRmYmIyNzU3
Ni1jYWMyLTQzODEtOWE1My02YzE1ZTBkYzI2ZmYwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCzQsYXb2i0bzQf0WhoAw3Z//hVufVICnIl00DdT62SZ6nV
ukWeBrvR4jyx7iv40CQk/gdkViMTnUJH9EqpUENBab41jKay61UxVSC+B1LGS17M
LhL/GDWngehR68MNleEGCMrB73WqsrejKi0Kx7KRQo015nO2PZFMBeGOzGuFFx2f
xNd/sFqcqIpux+AH2gCsV43fUoAQPe1UNur2m2Q+41p6RepgFMUEaD/7rrqP1XVi
QPLE9u5DaNn7NvFJXHUdantXHtvyQQySTn4rXLxaZ67P+TRha8na/PxWody4FORm
KmEBDDpWpu5hDF8Gj05HRjnB3LUS3p8Zg1Mscs2HAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUO5IOiPbTBAj+7hWLcMz/bUBsmD0wHwYDVR0jBBgwFoAULhjiCKGCVxsJ
fdIjpxaeQOvpiT0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy82YTk1MzdhOC1h
Njg1LTRiNDgtOWZhOC04MzYyZTRmYzQ3YWUvYjU4NDVjMzA3ZDBiZjYxYjEzNGI4
YWI3MTE1NDU4MjZiMTcwN2ZkNWYwYWY4NGRhMDguY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTE3ZjNlZDctNThiNS00Nzk2LWJlMzctMTRk
NjJlNDhmMDU2LzU3MTFjYTlmLTU0YjEtNDJjYS1iZTY4LTkzMDM2MjYzYTg3Zi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzUxN2YzZWQ3LTU4YjUtNDc5Ni1iZTM3
LTE0ZDYyZTQ4ZjA1Ni9DX1liRTB1S3R4RlVXQ2F4Y0hfVjhLLUUyZ2cuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmAPD78Q0wDQYJKoZIhvcNAQELBQADggEBAInm/nmPFMJHDX+APEyDyp5L
xVQGQ/nWg5KZywOLl636IgM60OEUZKQGtrIMlHEQdAMSajNqOuejPalxXMpmTaIN
nrd72S4To8UdM/HnCQTPDxvmDFi0dl9aZBvfeW2er0XdonRUu6ZdTWxthgDDSw6r
p3vatsU53+AmZwolGoMViTSCYmSyHXdGxJ4vYaVDkcUCN4273upoNsgwi9Wj1xtP
zKJNmnYU7Yp5lOFCECSxUceA8dp5j1MndrSPR6E1SPED8dJ36ZvZX4XKkRlXd/JC
HkPW/PTtR2zyogbsoB4+TRAhdLkXMHQHoA+Z9cliqwsnSxJ+iLQQJkYwCEH/hMU=
-----END CERTIFICATE-----