Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/7c0c4811-7db0-4cc0-8fa1-6dbda4055b97.roa
File:                     7c0c4811-7db0-4cc0-8fa1-6dbda4055b97.roa (raw, json)
Hash identifier:          tRuxbjFPaMXxVZAY/n6C4r9QMQ7PjsyW/Ulcz/ou86c=
Subject key identifier:   EC:D7:09:37:77:34:BE:67:99:4C:F0:E4:47:1A:AD:7C:F8:25:6B:BB
Certificate issuer:       /CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
Certificate serial:       5DAB93CBF5CE7370BFC608957A9C147167F06E4E
Authority key identifier: 2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/7c0c4811-7db0-4cc0-8fa1-6dbda4055b97.roa
Signing time:             Sat 28 Feb 2026 05:00:31 +0000
ROA not before:           Sat 28 Feb 2026 05:00:31 +0000
ROA not after:            Fri 29 May 2026 23:59:59 +0000
asID:                     14618
IP address blocks:        2600:f0fb:eb00::/40 maxlen: 40
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 03 Mar 2026 22:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5d:ab:93:cb:f5:ce:73:70:bf:c6:08:95:7a:9c:14:71:67:f0:6e:4e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
        Validity
            Not Before: Feb 28 05:00:31 2026 GMT
            Not After : May 29 23:59:59 2026 GMT
        Subject: serialNumber=4bd00d7611568e1342f4e68eafa0e313a47c042a7d1f5e56d68f84029e648e4f, CN=fbb27576-cac2-4381-9a53-6c15e0dc26ff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:7c:4a:3b:08:6c:5d:69:05:c6:19:98:b9:41:
                    e4:18:06:68:47:8b:71:dd:43:a7:e4:1f:c9:bc:71:
                    be:1f:01:80:ea:2e:c2:2e:b3:ad:ef:a2:e9:b7:bf:
                    54:eb:20:d9:d5:a4:22:d2:1c:9c:5b:65:d0:11:48:
                    77:0c:19:eb:c6:3c:1f:0a:4b:c9:56:c1:a2:ba:88:
                    83:a7:96:a7:16:30:c3:5a:e9:84:f4:74:ee:8d:79:
                    cf:02:8c:85:72:12:e9:f3:45:bc:7d:95:db:9b:cf:
                    3b:9e:b1:2e:ca:9b:fb:bc:fb:8b:a5:14:b6:40:49:
                    55:a6:1a:8f:73:f6:c2:24:66:bb:7a:b9:bc:33:3f:
                    4a:03:80:de:90:b6:24:59:c0:58:6c:65:a5:32:27:
                    48:dd:3b:84:53:68:fa:47:0f:f7:3a:aa:00:9e:73:
                    03:a6:71:94:ae:c4:06:a1:b7:83:6e:e5:3c:c5:c7:
                    b9:ac:6f:b5:71:ae:b8:97:3d:ef:da:fa:07:1d:f2:
                    24:2e:d1:90:06:9e:78:bc:57:85:b3:2c:35:dc:87:
                    91:61:2f:1e:51:b9:6c:9b:99:a3:53:7c:d9:ac:da:
                    f6:e6:40:e2:ef:c6:5a:ca:a2:bf:35:05:4f:9c:76:
                    e7:c8:ed:6f:d1:c4:79:42:d1:0a:ad:be:37:18:0f:
                    24:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EC:D7:09:37:77:34:BE:67:99:4C:F0:E4:47:1A:AD:7C:F8:25:6B:BB
            X509v3 Authority Key Identifier:
                keyid:2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/7c0c4811-7db0-4cc0-8fa1-6dbda4055b97.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:f0fb:eb00::/40

    Signature Algorithm: sha256WithRSAEncryption
         70:15:d5:5f:31:bb:7c:7b:00:52:af:f9:6e:21:fb:42:b2:15:
         d1:76:00:8d:96:c6:af:de:53:39:39:4b:b9:99:8a:7d:e2:e5:
         96:b6:5c:2f:15:ab:e2:f4:20:36:9f:61:d8:a6:55:b3:6d:01:
         9c:b5:c2:d9:1c:75:df:f4:39:90:fe:57:37:7a:b8:f5:4b:93:
         0a:6d:47:c0:5d:fa:88:f7:b2:f7:59:65:34:0a:75:b6:a3:02:
         28:b4:a5:cf:60:db:19:f6:2b:26:5b:16:f5:42:9f:b9:a1:85:
         27:59:6c:4f:fc:12:3a:cb:b3:2d:4f:9f:42:70:d2:28:ef:88:
         65:8a:fd:b6:74:23:ec:8c:44:61:06:b1:06:73:88:0c:eb:75:
         c2:17:5b:cc:72:cc:a4:62:c2:e9:a2:4b:f1:7f:9b:42:9e:69:
         0f:52:cb:9c:be:6a:b4:f3:e8:11:91:a2:53:ff:c7:1b:1f:15:
         5a:ce:e0:85:f5:4a:7f:d9:99:1c:51:62:39:10:84:ac:a9:42:
         1e:ad:b4:cf:d4:c3:e5:99:34:21:6c:38:d6:8e:7e:dd:c7:11:
         da:6c:d5:4e:b5:f9:70:1f:01:e8:b2:1a:a8:52:b4:44:6e:ce:
         a7:8f:4b:03:26:c5:12:22:a0:32:ce:9f:85:00:5f:32:28:e9:
         99:1c:4e:a2
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUXauTy/XOc3C/xgiVepwUcWfwbk4wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyYjU4NDVjMzA3ZDBiZjYxYjEzNGI4YWI3MTE1NDU4MjZi
MTcwN2ZkNWYwYWY4NGRhMDgwHhcNMjYwMjI4MDUwMDMxWhcNMjYwNTI5MjM1OTU5
WjB6MUkwRwYDVQQFE0A0YmQwMGQ3NjExNTY4ZTEzNDJmNGU2OGVhZmEwZTMxM2E0
N2MwNDJhN2QxZjVlNTZkNjhmODQwMjllNjQ4ZTRmMS0wKwYDVQQDEyRmYmIyNzU3
Ni1jYWMyLTQzODEtOWE1My02YzE1ZTBkYzI2ZmYwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC8fEo7CGxdaQXGGZi5QeQYBmhHi3HdQ6fkH8m8cb4fAYDq
LsIus63voum3v1TrINnVpCLSHJxbZdARSHcMGevGPB8KS8lWwaK6iIOnlqcWMMNa
6YT0dO6Nec8CjIVyEunzRbx9ldubzzuesS7Km/u8+4ulFLZASVWmGo9z9sIkZrt6
ubwzP0oDgN6QtiRZwFhsZaUyJ0jdO4RTaPpHD/c6qgCecwOmcZSuxAaht4Nu5TzF
x7msb7VxrriXPe/a+gcd8iQu0ZAGnni8V4WzLDXch5FhLx5RuWybmaNTfNms2vbm
QOLvxlrKor81BU+cdufI7W/RxHlC0QqtvjcYDyRJAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQU7NcJN3c0vmeZTPDkRxqtfPgla7swHwYDVR0jBBgwFoAULhjiCKGCVxsJ
fdIjpxaeQOvpiT0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy82YTk1MzdhOC1h
Njg1LTRiNDgtOWZhOC04MzYyZTRmYzQ3YWUvYjU4NDVjMzA3ZDBiZjYxYjEzNGI4
YWI3MTE1NDU4MjZiMTcwN2ZkNWYwYWY4NGRhMDguY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTE3ZjNlZDctNThiNS00Nzk2LWJlMzctMTRk
NjJlNDhmMDU2LzdjMGM0ODExLTdkYjAtNGNjMC04ZmExLTZkYmRhNDA1NWI5Ny5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzUxN2YzZWQ3LTU4YjUtNDc5Ni1iZTM3
LTE0ZDYyZTQ4ZjA1Ni9DX1liRTB1S3R4RlVXQ2F4Y0hfVjhLLUUyZ2cuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgAmAPD76zANBgkqhkiG9w0BAQsFAAOCAQEAcBXVXzG7fHsAUq/5biH7QrIV
0XYAjZbGr95TOTlLuZmKfeLllrZcLxWr4vQgNp9h2KZVs20BnLXC2Rx13/Q5kP5X
N3q49UuTCm1HwF36iPey91llNAp1tqMCKLSlz2DbGfYrJlsW9UKfuaGFJ1lsT/wS
OsuzLU+fQnDSKO+IZYr9tnQj7IxEYQaxBnOIDOt1whdbzHLMpGLC6aJL8X+bQp5p
D1LLnL5qtPPoEZGiU//HGx8VWs7ghfVKf9mZHFFiORCErKlCHq20z9TD5Zk0IWw4
1o5+3ccR2mzVTrX5cB8B6LIaqFK0RG7Op49LAybFEiKgMs6fhQBfMijpmRxOog==
-----END CERTIFICATE-----