Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/c4e52abf-4d7e-4707-bd4e-1ceba64e18cd.roa
File:                     c4e52abf-4d7e-4707-bd4e-1ceba64e18cd.roa (raw, json)
Hash identifier:          0FcIaRoIrwXfKf73YYTfpVK9LQA+V0hwWRMIEqC3CFE=
Subject key identifier:   A9:7B:FB:A4:D0:EA:9C:5C:7D:DF:2D:93:F2:E2:A5:4C:3B:B4:9E:80
Certificate issuer:       /CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
Certificate serial:       4A3D76CF19DDFF63DF71044C731EA6A48E0DCDCF
Authority key identifier: 2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/c4e52abf-4d7e-4707-bd4e-1ceba64e18cd.roa
Signing time:             Sat 28 Feb 2026 05:00:07 +0000
ROA not before:           Sat 28 Feb 2026 05:00:07 +0000
ROA not after:            Fri 29 May 2026 23:59:59 +0000
asID:                     14618
IP address blocks:        2600:f0fb:e600::/42 maxlen: 42
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 03 Mar 2026 22:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4a:3d:76:cf:19:dd:ff:63:df:71:04:4c:73:1e:a6:a4:8e:0d:cd:cf
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
        Validity
            Not Before: Feb 28 05:00:07 2026 GMT
            Not After : May 29 23:59:59 2026 GMT
        Subject: serialNumber=0f022a079049f75de547fbfab8d16b95be549623278926f578b3463314af73d6, CN=fbb27576-cac2-4381-9a53-6c15e0dc26ff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:9c:6d:69:90:8b:35:b7:69:ba:cd:c0:2f:46:
                    fc:0c:d1:66:c2:04:ad:b2:12:1b:8b:7d:0d:02:e3:
                    f7:57:b3:7c:30:f4:c0:28:54:86:4f:0f:98:4f:37:
                    0d:68:36:2c:b8:a4:fe:04:15:5d:71:a8:87:6f:e3:
                    13:c2:05:1b:52:70:a8:de:b0:8c:a8:84:d8:b2:3b:
                    f8:41:90:ab:35:75:c5:f4:c6:0e:1c:c9:db:26:61:
                    41:56:b0:fe:27:6c:cf:4e:3a:2d:c6:96:b9:67:1b:
                    84:12:d9:58:9b:a2:32:33:54:6d:0f:7a:b1:b8:0d:
                    14:74:68:37:e0:b0:32:05:cf:a6:9d:17:56:f7:9a:
                    c2:72:ae:38:d3:fe:51:af:fa:b5:0c:b3:76:01:01:
                    24:cc:53:2c:b1:e6:5c:fb:e6:cb:3b:29:42:49:6e:
                    9e:70:d9:e8:47:d4:f7:50:e0:c8:dd:7c:72:11:18:
                    65:11:e3:30:a4:50:b9:04:17:3d:43:3f:cd:96:22:
                    b2:1e:67:8e:a8:8d:ad:f3:b7:ed:8b:21:b2:d2:fe:
                    ed:48:83:19:ce:50:a5:09:40:b3:f4:5c:dc:fa:43:
                    5d:ce:5b:9b:c3:b6:4e:93:35:b9:65:4c:e8:86:4f:
                    db:59:49:73:ea:2f:f2:87:54:98:c0:5f:27:05:13:
                    a8:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A9:7B:FB:A4:D0:EA:9C:5C:7D:DF:2D:93:F2:E2:A5:4C:3B:B4:9E:80
            X509v3 Authority Key Identifier:
                keyid:2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/c4e52abf-4d7e-4707-bd4e-1ceba64e18cd.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:f0fb:e600::/42

    Signature Algorithm: sha256WithRSAEncryption
         62:54:7f:d1:a8:47:42:20:a5:17:77:bf:74:9f:40:a5:4d:38:
         ae:81:f2:ec:56:34:2e:c8:98:5d:d6:b7:ac:cf:47:d7:3b:33:
         8d:94:b0:42:2c:53:89:c6:15:d6:9b:51:62:6e:26:61:f4:c5:
         c9:7e:99:76:96:bb:72:77:2d:21:9d:9f:78:fb:1a:26:17:fa:
         bb:88:e6:0c:7a:1f:c7:dc:d6:58:56:a5:08:a3:ce:71:73:f8:
         e1:3c:14:5c:b3:8e:c4:94:b6:32:d2:9f:61:54:81:73:89:aa:
         a8:be:f1:f9:b4:c8:5e:c6:2a:06:e2:06:87:4e:ff:00:a5:bc:
         63:15:47:2d:88:13:d6:bd:8c:8d:24:ba:36:85:28:6c:ea:4c:
         37:2d:3b:99:ca:8d:e9:5a:f5:e7:08:f0:cc:35:cd:b4:6c:ab:
         3d:88:d5:b9:4c:b6:00:ff:69:a3:80:c8:b1:98:de:5c:ae:35:
         32:28:a9:fe:e0:1a:2c:0c:90:40:cc:83:11:55:a5:cb:89:e8:
         5b:36:01:27:36:39:e6:02:dc:04:d6:5f:9f:bc:52:cc:ea:70:
         ef:6c:85:c0:23:b2:0e:cb:ff:3d:4b:c1:b3:0e:7c:cf:e0:5a:
         c1:50:7d:60:8d:7f:27:1e:66:0e:49:ce:af:04:4d:54:39:5f:
         1b:dc:3b:f1
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUSj12zxnd/2PfcQRMcx6mpI4Nzc8wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyYjU4NDVjMzA3ZDBiZjYxYjEzNGI4YWI3MTE1NDU4MjZi
MTcwN2ZkNWYwYWY4NGRhMDgwHhcNMjYwMjI4MDUwMDA3WhcNMjYwNTI5MjM1OTU5
WjB6MUkwRwYDVQQFE0AwZjAyMmEwNzkwNDlmNzVkZTU0N2ZiZmFiOGQxNmI5NWJl
NTQ5NjIzMjc4OTI2ZjU3OGIzNDYzMzE0YWY3M2Q2MS0wKwYDVQQDEyRmYmIyNzU3
Ni1jYWMyLTQzODEtOWE1My02YzE1ZTBkYzI2ZmYwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDNnG1pkIs1t2m6zcAvRvwM0WbCBK2yEhuLfQ0C4/dXs3ww
9MAoVIZPD5hPNw1oNiy4pP4EFV1xqIdv4xPCBRtScKjesIyohNiyO/hBkKs1dcX0
xg4cydsmYUFWsP4nbM9OOi3GlrlnG4QS2VibojIzVG0PerG4DRR0aDfgsDIFz6ad
F1b3msJyrjjT/lGv+rUMs3YBASTMUyyx5lz75ss7KUJJbp5w2ehH1PdQ4MjdfHIR
GGUR4zCkULkEFz1DP82WIrIeZ46oja3zt+2LIbLS/u1IgxnOUKUJQLP0XNz6Q13O
W5vDtk6TNbllTOiGT9tZSXPqL/KHVJjAXycFE6gJAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUqXv7pNDqnFx93y2T8uKlTDu0noAwHwYDVR0jBBgwFoAULhjiCKGCVxsJ
fdIjpxaeQOvpiT0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy82YTk1MzdhOC1h
Njg1LTRiNDgtOWZhOC04MzYyZTRmYzQ3YWUvYjU4NDVjMzA3ZDBiZjYxYjEzNGI4
YWI3MTE1NDU4MjZiMTcwN2ZkNWYwYWY4NGRhMDguY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTE3ZjNlZDctNThiNS00Nzk2LWJlMzctMTRk
NjJlNDhmMDU2L2M0ZTUyYWJmLTRkN2UtNDcwNy1iZDRlLTFjZWJhNjRlMThjZC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzUxN2YzZWQ3LTU4YjUtNDc5Ni1iZTM3
LTE0ZDYyZTQ4ZjA1Ni9DX1liRTB1S3R4RlVXQ2F4Y0hfVjhLLUUyZ2cuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwYmAPD75gAwDQYJKoZIhvcNAQELBQADggEBAGJUf9GoR0IgpRd3v3SfQKVN
OK6B8uxWNC7ImF3Wt6zPR9c7M42UsEIsU4nGFdabUWJuJmH0xcl+mXaWu3J3LSGd
n3j7GiYX+ruI5gx6H8fc1lhWpQijznFz+OE8FFyzjsSUtjLSn2FUgXOJqqi+8fm0
yF7GKgbiBodO/wClvGMVRy2IE9a9jI0kujaFKGzqTDctO5nKjela9ecI8Mw1zbRs
qz2I1blMtgD/aaOAyLGY3lyuNTIoqf7gGiwMkEDMgxFVpcuJ6Fs2ASc2OeYC3ATW
X5+8UszqcO9shcAjsg7L/z1LwbMOfM/gWsFQfWCNfyceZg5Jzq8ETVQ5XxvcO/E=
-----END CERTIFICATE-----