Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/765dfa6c-35d1-42cf-ba89-eaf88577e4f6.roa
File:                     765dfa6c-35d1-42cf-ba89-eaf88577e4f6.roa (raw, json)
Hash identifier:          LZ1d5wTCd9e3931qeRU6PreoJATp58wCnDPBE0OXhlE=
Subject key identifier:   4E:F7:DE:50:5E:BE:17:FE:96:09:75:A8:C3:20:85:1D:24:3E:12:FE
Certificate issuer:       /CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
Certificate serial:       1BCD30579506704BDFDCBBA0A4CE5BB83429C9B3
Authority key identifier: 2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/765dfa6c-35d1-42cf-ba89-eaf88577e4f6.roa
Signing time:             Sat 28 Feb 2026 05:10:38 +0000
ROA not before:           Sat 28 Feb 2026 05:10:38 +0000
ROA not after:            Fri 29 May 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:f0f0:8::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 03 Mar 2026 22:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1b:cd:30:57:95:06:70:4b:df:dc:bb:a0:a4:ce:5b:b8:34:29:c9:b3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
        Validity
            Not Before: Feb 28 05:10:38 2026 GMT
            Not After : May 29 23:59:59 2026 GMT
        Subject: serialNumber=27241907af133392d486a2fe51d9b3f14ec7ebcf10b6287adb1eb29ee16e71ae, CN=fbb27576-cac2-4381-9a53-6c15e0dc26ff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:08:8e:27:79:71:dc:0f:19:93:60:7e:bc:ef:
                    c3:f7:17:2f:7d:85:ba:c1:b1:77:f3:77:61:53:74:
                    95:75:b5:c3:44:f7:b4:3e:b9:6f:c7:df:08:2f:a1:
                    91:1f:81:ba:bd:48:07:df:e5:0c:31:b5:82:fd:41:
                    12:03:48:a8:d8:73:88:d7:48:d4:03:16:9c:44:47:
                    6f:ac:0e:c7:3f:5d:59:0e:43:29:db:33:67:3e:f2:
                    78:b2:70:19:7b:1f:89:d3:ca:00:47:15:f3:70:83:
                    0f:bf:af:d6:5a:b2:17:c5:46:b2:c2:12:de:8f:04:
                    47:d1:6f:a1:0b:26:a3:f4:c7:af:86:36:a5:51:d3:
                    e6:42:63:87:98:a9:8c:a8:92:7e:59:c4:41:76:88:
                    cb:4f:90:9d:1c:00:87:8b:0f:db:1b:30:e1:98:06:
                    5b:c6:f3:58:58:62:bd:87:f7:05:bf:75:ec:a1:f0:
                    0d:e7:34:59:f0:c5:1c:5f:d0:71:05:3b:1e:e1:62:
                    59:5a:b0:65:e8:c6:fa:fa:26:62:21:c6:d6:1a:37:
                    52:86:5f:0f:a5:e7:70:1c:a9:59:b1:18:7f:75:82:
                    0e:72:5b:97:4e:f3:a4:86:95:a0:16:1e:08:bf:ff:
                    36:8c:af:f0:d5:49:92:46:09:3f:e7:ce:06:7e:c4:
                    cf:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4E:F7:DE:50:5E:BE:17:FE:96:09:75:A8:C3:20:85:1D:24:3E:12:FE
            X509v3 Authority Key Identifier:
                keyid:2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/765dfa6c-35d1-42cf-ba89-eaf88577e4f6.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:f0f0:8::/48

    Signature Algorithm: sha256WithRSAEncryption
         5e:60:f6:a8:0e:bc:0a:df:03:62:ed:27:15:90:40:0f:22:aa:
         b0:25:a7:88:98:3a:70:a0:c3:c1:88:05:4d:3a:c6:7a:f2:b2:
         2d:ca:14:ca:3b:5e:90:e8:3c:f6:58:b7:21:d8:99:b7:e7:11:
         30:d3:3d:84:13:4f:f5:ec:58:f1:48:04:54:7e:bd:12:81:23:
         88:0d:53:f7:4f:30:3d:f5:e3:27:8d:b5:a9:11:86:03:dc:f0:
         88:74:d5:6c:5f:d0:bf:d6:a4:e4:fb:8f:ac:3a:b6:a8:25:2c:
         0a:8a:15:d1:c2:07:14:7e:b5:ac:3a:81:23:c6:1b:80:55:82:
         47:a9:40:24:f7:4c:a5:be:88:36:0e:ad:35:73:6a:b6:3e:2c:
         24:91:68:ab:18:99:f7:20:ed:82:a2:47:70:41:37:b1:e0:a5:
         90:92:3c:fb:84:ed:ee:4f:ac:05:6a:90:ec:2e:8b:31:a8:78:
         60:1d:cb:21:8d:df:37:95:1e:e8:d1:93:10:1a:7c:74:a9:c6:
         01:db:b4:9d:15:81:21:00:e5:f5:d8:8d:89:d5:35:19:ae:c8:
         f1:54:10:6a:d7:77:a0:2e:d7:85:47:f2:6c:db:29:85:2e:0a:
         be:e5:4b:da:93:c8:a6:1b:23:f9:80:a6:e5:2d:95:15:07:24:
         fa:fb:18:22
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUG80wV5UGcEvf3LugpM5buDQpybMwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyYjU4NDVjMzA3ZDBiZjYxYjEzNGI4YWI3MTE1NDU4MjZi
MTcwN2ZkNWYwYWY4NGRhMDgwHhcNMjYwMjI4MDUxMDM4WhcNMjYwNTI5MjM1OTU5
WjB6MUkwRwYDVQQFE0AyNzI0MTkwN2FmMTMzMzkyZDQ4NmEyZmU1MWQ5YjNmMTRl
YzdlYmNmMTBiNjI4N2FkYjFlYjI5ZWUxNmU3MWFlMS0wKwYDVQQDEyRmYmIyNzU3
Ni1jYWMyLTQzODEtOWE1My02YzE1ZTBkYzI2ZmYwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDJCI4neXHcDxmTYH6878P3Fy99hbrBsXfzd2FTdJV1tcNE
97Q+uW/H3wgvoZEfgbq9SAff5QwxtYL9QRIDSKjYc4jXSNQDFpxER2+sDsc/XVkO
QynbM2c+8niycBl7H4nTygBHFfNwgw+/r9ZashfFRrLCEt6PBEfRb6ELJqP0x6+G
NqVR0+ZCY4eYqYyokn5ZxEF2iMtPkJ0cAIeLD9sbMOGYBlvG81hYYr2H9wW/deyh
8A3nNFnwxRxf0HEFOx7hYllasGXoxvr6JmIhxtYaN1KGXw+l53AcqVmxGH91gg5y
W5dO86SGlaAWHgi//zaMr/DVSZJGCT/nzgZ+xM9JAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUTvfeUF6+F/6WCXWowyCFHSQ+Ev4wHwYDVR0jBBgwFoAULhjiCKGCVxsJ
fdIjpxaeQOvpiT0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy82YTk1MzdhOC1h
Njg1LTRiNDgtOWZhOC04MzYyZTRmYzQ3YWUvYjU4NDVjMzA3ZDBiZjYxYjEzNGI4
YWI3MTE1NDU4MjZiMTcwN2ZkNWYwYWY4NGRhMDguY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTE3ZjNlZDctNThiNS00Nzk2LWJlMzctMTRk
NjJlNDhmMDU2Lzc2NWRmYTZjLTM1ZDEtNDJjZi1iYTg5LWVhZjg4NTc3ZTRmNi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzUxN2YzZWQ3LTU4YjUtNDc5Ni1iZTM3
LTE0ZDYyZTQ4ZjA1Ni9DX1liRTB1S3R4RlVXQ2F4Y0hfVjhLLUUyZ2cuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmAPDwAAgwDQYJKoZIhvcNAQELBQADggEBAF5g9qgOvArfA2LtJxWQQA8i
qrAlp4iYOnCgw8GIBU06xnrysi3KFMo7XpDoPPZYtyHYmbfnETDTPYQTT/XsWPFI
BFR+vRKBI4gNU/dPMD314yeNtakRhgPc8Ih01Wxf0L/WpOT7j6w6tqglLAqKFdHC
BxR+taw6gSPGG4BVgkepQCT3TKW+iDYOrTVzarY+LCSRaKsYmfcg7YKiR3BBN7Hg
pZCSPPuE7e5PrAVqkOwuizGoeGAdyyGN3zeVHujRkxAafHSpxgHbtJ0VgSEA5fXY
jYnVNRmuyPFUEGrXd6Au14VH8mzbKYUuCr7lS9qTyKYbI/mApuUtlRUHJPr7GCI=
-----END CERTIFICATE-----