Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/a65dc579-55d0-4640-8ee5-6bd70e3dd724.roa
File:                     a65dc579-55d0-4640-8ee5-6bd70e3dd724.roa (raw, json)
Hash identifier:          GEoNlyaMtk+MhPfOjxGEd3P7ITsQ+KjCTzqTECrV4gk=
Subject key identifier:   9C:73:FE:6F:75:0A:9B:46:2C:5F:E1:E2:19:9E:13:0F:EE:DF:C8:F1
Certificate issuer:       /CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
Certificate serial:       7E60F9378E2C241A874964B8B93F383EAB290359
Authority key identifier: 2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/a65dc579-55d0-4640-8ee5-6bd70e3dd724.roa
Signing time:             Tue 19 May 2026 04:10:07 +0000
ROA not before:           Tue 19 May 2026 04:10:07 +0000
ROA not after:            Mon 17 Aug 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:f0f0:551c::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 18 Jun 2026 13:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7e:60:f9:37:8e:2c:24:1a:87:49:64:b8:b9:3f:38:3e:ab:29:03:59
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
        Validity
            Not Before: May 19 04:10:07 2026 GMT
            Not After : Aug 17 23:59:59 2026 GMT
        Subject: serialNumber=c26e118803c7d54ad0e8fe16052c4506bb979a5a04d11b76c7cee1559598b15a, CN=fbb27576-cac2-4381-9a53-6c15e0dc26ff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:e2:e4:eb:ca:74:db:ae:b2:0d:24:72:ba:66:
                    b5:28:6a:86:d9:85:4d:81:f4:bd:70:b2:05:d4:21:
                    da:1e:d1:a5:0d:01:fa:a3:96:d8:e6:63:e1:93:4d:
                    40:00:06:7f:a6:72:af:2b:52:03:91:ee:9b:ce:aa:
                    d7:b8:da:9a:4b:78:2d:aa:76:7d:59:53:ae:12:e5:
                    e7:38:69:19:90:08:ab:d3:56:d2:8a:bc:6e:24:45:
                    d8:dd:db:ac:06:c0:7f:6a:be:3c:11:dc:79:31:98:
                    e8:5e:c0:6f:93:80:c8:fe:e2:d9:a6:11:08:0f:13:
                    eb:09:b6:f1:75:bd:cc:80:ad:77:de:e7:67:b4:4f:
                    f2:95:71:ab:8f:d4:00:f8:1f:cc:a6:23:1d:44:9d:
                    a1:41:a5:c6:e8:7c:e2:e5:a9:c5:ef:8c:3c:20:ba:
                    5f:66:fa:6d:36:41:a3:33:7a:88:9d:97:cb:97:f7:
                    28:19:98:ee:88:8b:af:4d:f9:35:62:c1:4f:86:c5:
                    58:b2:9b:02:a5:f9:e7:91:32:5b:3b:cc:f7:1b:ab:
                    e5:6b:b6:f7:e9:5d:a1:61:62:e3:73:4e:45:74:1c:
                    73:2e:24:65:32:92:df:9a:71:57:34:f7:26:d5:88:
                    db:2c:6a:0b:e6:a3:d0:2d:99:d4:fc:e2:f4:0d:4c:
                    b4:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9C:73:FE:6F:75:0A:9B:46:2C:5F:E1:E2:19:9E:13:0F:EE:DF:C8:F1
            X509v3 Authority Key Identifier:
                keyid:2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/a65dc579-55d0-4640-8ee5-6bd70e3dd724.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:f0f0:551c::/48

    Signature Algorithm: sha256WithRSAEncryption
         96:ca:c0:af:bc:ea:fa:c7:35:15:4c:9f:1b:bd:6d:f4:72:c0:
         5b:5a:8e:37:b3:be:70:9b:1b:21:18:60:db:80:c3:56:a9:4b:
         45:1f:47:81:25:07:52:85:59:85:9a:a8:19:6a:e4:74:b0:6b:
         bf:05:24:7f:4d:66:71:4b:79:8d:da:0c:9d:0e:ae:40:e3:a8:
         79:57:aa:0c:86:bf:76:7b:46:41:44:61:7a:6b:21:53:dc:80:
         39:7a:68:6b:57:e0:be:a9:1a:d5:b5:4a:95:16:82:08:22:7a:
         b1:a8:3f:03:b7:50:8f:ca:1e:09:1d:d2:99:fd:07:91:8a:9c:
         b1:c0:20:ab:09:40:cc:25:92:7e:cd:c1:2a:b3:3f:3d:3e:9c:
         b6:5d:2d:f1:ef:e9:3e:6a:24:9d:fc:58:6f:47:3a:33:70:8f:
         4e:cf:0a:bb:b1:5e:36:2d:44:89:1e:6f:35:7a:cb:6d:46:66:
         c9:eb:2b:0b:ad:20:34:d1:2c:7d:fa:13:4c:42:2a:86:37:2d:
         e0:a8:ff:1d:66:6a:d9:94:07:12:e8:f0:dc:a1:11:8c:22:bf:
         73:f2:09:c6:d2:76:c5:a5:db:80:ea:b4:2f:3a:f9:af:6f:fc:
         60:a9:68:0f:0d:53:0f:54:79:f9:b5:19:37:aa:df:ed:86:c6:
         7e:cf:f4:8f
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUfmD5N44sJBqHSWS4uT84PqspA1kwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyYjU4NDVjMzA3ZDBiZjYxYjEzNGI4YWI3MTE1NDU4MjZi
MTcwN2ZkNWYwYWY4NGRhMDgwHhcNMjYwNTE5MDQxMDA3WhcNMjYwODE3MjM1OTU5
WjB6MUkwRwYDVQQFE0BjMjZlMTE4ODAzYzdkNTRhZDBlOGZlMTYwNTJjNDUwNmJi
OTc5YTVhMDRkMTFiNzZjN2NlZTE1NTk1OThiMTVhMS0wKwYDVQQDEyRmYmIyNzU3
Ni1jYWMyLTQzODEtOWE1My02YzE1ZTBkYzI2ZmYwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCy4uTrynTbrrINJHK6ZrUoaobZhU2B9L1wsgXUIdoe0aUN
AfqjltjmY+GTTUAABn+mcq8rUgOR7pvOqte42ppLeC2qdn1ZU64S5ec4aRmQCKvT
VtKKvG4kRdjd26wGwH9qvjwR3HkxmOhewG+TgMj+4tmmEQgPE+sJtvF1vcyArXfe
52e0T/KVcauP1AD4H8ymIx1EnaFBpcbofOLlqcXvjDwgul9m+m02QaMzeoidl8uX
9ygZmO6Ii69N+TViwU+GxViymwKl+eeRMls7zPcbq+VrtvfpXaFhYuNzTkV0HHMu
JGUykt+acVc09ybViNssagvmo9AtmdT84vQNTLTVAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUnHP+b3UKm0YsX+HiGZ4TD+7fyPEwHwYDVR0jBBgwFoAULhjiCKGCVxsJ
fdIjpxaeQOvpiT0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy82YTk1MzdhOC1h
Njg1LTRiNDgtOWZhOC04MzYyZTRmYzQ3YWUvYjU4NDVjMzA3ZDBiZjYxYjEzNGI4
YWI3MTE1NDU4MjZiMTcwN2ZkNWYwYWY4NGRhMDguY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTE3ZjNlZDctNThiNS00Nzk2LWJlMzctMTRk
NjJlNDhmMDU2L2E2NWRjNTc5LTU1ZDAtNDY0MC04ZWU1LTZiZDcwZTNkZDcyNC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzUxN2YzZWQ3LTU4YjUtNDc5Ni1iZTM3
LTE0ZDYyZTQ4ZjA1Ni9DX1liRTB1S3R4RlVXQ2F4Y0hfVjhLLUUyZ2cuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmAPDwVRwwDQYJKoZIhvcNAQELBQADggEBAJbKwK+86vrHNRVMnxu9bfRy
wFtajjezvnCbGyEYYNuAw1apS0UfR4ElB1KFWYWaqBlq5HSwa78FJH9NZnFLeY3a
DJ0OrkDjqHlXqgyGv3Z7RkFEYXprIVPcgDl6aGtX4L6pGtW1SpUWgggierGoPwO3
UI/KHgkd0pn9B5GKnLHAIKsJQMwlkn7NwSqzPz0+nLZdLfHv6T5qJJ38WG9HOjNw
j07PCruxXjYtRIkebzV6y21GZsnrKwutIDTRLH36E0xCKoY3LeCo/x1matmUBxLo
8NyhEYwiv3PyCcbSdsWl24DqtC86+a9v/GCpaA8NUw9Uefm1GTeq3+2Gxn7P9I8=
-----END CERTIFICATE-----