Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/da202649-b5ac-45d7-ab2c-22fec234c600.roa
File:                     da202649-b5ac-45d7-ab2c-22fec234c600.roa (raw, json)
Hash identifier:          BFba67Up2pkdt6Z0mmBwY00LqEF19u6eM7zBnr5Mceo=
Subject key identifier:   C5:A4:EE:6E:F2:A5:6A:71:D6:84:9B:8F:99:03:87:85:7B:FF:39:44
Certificate issuer:       /CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
Certificate serial:       2D0DF0A9B0B53BBB75D41B14C90E3A69B9F0DFC8
Authority key identifier: 2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/da202649-b5ac-45d7-ab2c-22fec234c600.roa
Signing time:             Wed 20 May 2026 00:40:31 +0000
ROA not before:           Wed 20 May 2026 00:40:31 +0000
ROA not after:            Tue 18 Aug 2026 23:59:59 +0000
asID:                     14618
IP address blocks:        2600:f0fb:f106::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 14 Jun 2026 13:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2d:0d:f0:a9:b0:b5:3b:bb:75:d4:1b:14:c9:0e:3a:69:b9:f0:df:c8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
        Validity
            Not Before: May 20 00:40:31 2026 GMT
            Not After : Aug 18 23:59:59 2026 GMT
        Subject: serialNumber=fac964b56465036db63b19ffb914876ee06529c51a8cd0ce8c0f0a8178da0e0c, CN=fbb27576-cac2-4381-9a53-6c15e0dc26ff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:3c:cc:1d:e6:bb:08:ac:d7:b6:18:cc:87:f7:
                    1e:ed:9a:7a:47:09:68:05:4b:ec:60:02:58:ed:c8:
                    83:d5:f7:20:fd:eb:0f:68:05:2c:c2:c2:0d:c0:ea:
                    0c:70:4e:60:b6:8d:a1:b1:2b:f9:9e:e4:67:0d:99:
                    18:a9:07:62:1b:40:4e:af:62:0e:24:a6:78:f3:88:
                    ae:30:cb:5e:40:41:ba:ef:01:5f:a3:5c:9d:44:f7:
                    ad:1b:a5:6d:00:d1:82:4a:12:47:7c:8d:02:07:83:
                    83:ee:fd:84:af:27:04:0f:25:60:4a:cc:44:51:c7:
                    29:c6:ad:95:c2:72:5e:fd:80:5d:07:bb:ee:42:48:
                    16:9b:5f:88:d9:6e:16:38:38:44:db:f0:bd:c9:f5:
                    f5:63:88:b7:eb:91:a6:cd:2f:d9:73:fd:ab:69:12:
                    53:99:6c:02:12:51:5e:39:8c:73:03:10:2a:b3:15:
                    13:64:ab:64:d9:96:e0:51:45:61:73:61:62:c3:d9:
                    10:2f:d8:ab:d3:b3:19:63:16:90:82:a2:45:3f:72:
                    13:fe:0c:27:82:9a:c5:6f:96:59:ba:ee:3c:59:47:
                    f2:1f:98:6e:e3:09:57:05:ff:38:09:39:44:31:29:
                    80:97:2b:f8:07:6e:f3:57:90:39:c2:bd:99:96:00:
                    a6:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C5:A4:EE:6E:F2:A5:6A:71:D6:84:9B:8F:99:03:87:85:7B:FF:39:44
            X509v3 Authority Key Identifier:
                keyid:2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/da202649-b5ac-45d7-ab2c-22fec234c600.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:f0fb:f106::/48

    Signature Algorithm: sha256WithRSAEncryption
         55:cb:25:ab:d3:4b:7d:ad:b0:b0:2d:eb:a3:cb:63:ec:78:ab:
         72:cd:be:a0:c1:f0:c0:6b:02:9c:6e:2c:3f:0e:99:e5:ff:b2:
         bf:de:1c:ee:35:79:71:e6:96:e6:40:56:61:24:45:ae:6e:ef:
         45:6e:65:81:a0:0e:23:8e:a2:d1:17:4c:71:60:c0:48:26:c3:
         63:d7:ab:92:ca:ba:89:90:1f:22:98:8c:8b:64:44:3f:e7:60:
         23:b5:4c:86:e5:29:cc:90:dd:ec:63:fd:ba:d8:1f:cc:9d:45:
         3f:33:4d:6a:b0:58:67:4c:e1:25:8b:ec:e5:b5:23:12:d3:37:
         61:ad:78:d6:c5:5d:e5:7f:cd:7c:b6:c7:03:65:6a:46:1a:a9:
         ba:34:14:b2:93:b2:86:2f:d2:80:35:cb:02:81:6f:56:a5:f7:
         c3:4b:a9:ee:0c:26:97:0d:20:99:3c:de:95:0f:46:3c:30:79:
         b8:cd:3d:2e:75:b4:c9:c0:60:ef:83:8c:9a:0b:63:1e:aa:70:
         e5:5a:7d:0c:1d:95:28:ab:31:51:4b:15:ef:7f:65:05:d2:47:
         9d:31:59:57:a8:fc:03:c6:a4:00:e4:f7:e4:39:69:19:f1:75:
         07:85:69:b3:27:d8:60:e2:97:10:5c:5b:81:e7:dd:30:52:08:
         13:30:9a:03
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIULQ3wqbC1O7t11BsUyQ46abnw38gwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyYjU4NDVjMzA3ZDBiZjYxYjEzNGI4YWI3MTE1NDU4MjZi
MTcwN2ZkNWYwYWY4NGRhMDgwHhcNMjYwNTIwMDA0MDMxWhcNMjYwODE4MjM1OTU5
WjB6MUkwRwYDVQQFE0BmYWM5NjRiNTY0NjUwMzZkYjYzYjE5ZmZiOTE0ODc2ZWUw
NjUyOWM1MWE4Y2QwY2U4YzBmMGE4MTc4ZGEwZTBjMS0wKwYDVQQDEyRmYmIyNzU3
Ni1jYWMyLTQzODEtOWE1My02YzE1ZTBkYzI2ZmYwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCxPMwd5rsIrNe2GMyH9x7tmnpHCWgFS+xgAljtyIPV9yD9
6w9oBSzCwg3A6gxwTmC2jaGxK/me5GcNmRipB2IbQE6vYg4kpnjziK4wy15AQbrv
AV+jXJ1E960bpW0A0YJKEkd8jQIHg4Pu/YSvJwQPJWBKzERRxynGrZXCcl79gF0H
u+5CSBabX4jZbhY4OETb8L3J9fVjiLfrkabNL9lz/atpElOZbAISUV45jHMDECqz
FRNkq2TZluBRRWFzYWLD2RAv2KvTsxljFpCCokU/chP+DCeCmsVvllm67jxZR/If
mG7jCVcF/zgJOUQxKYCXK/gHbvNXkDnCvZmWAKaPAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUxaTubvKlanHWhJuPmQOHhXv/OUQwHwYDVR0jBBgwFoAULhjiCKGCVxsJ
fdIjpxaeQOvpiT0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy82YTk1MzdhOC1h
Njg1LTRiNDgtOWZhOC04MzYyZTRmYzQ3YWUvYjU4NDVjMzA3ZDBiZjYxYjEzNGI4
YWI3MTE1NDU4MjZiMTcwN2ZkNWYwYWY4NGRhMDguY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTE3ZjNlZDctNThiNS00Nzk2LWJlMzctMTRk
NjJlNDhmMDU2L2RhMjAyNjQ5LWI1YWMtNDVkNy1hYjJjLTIyZmVjMjM0YzYwMC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzUxN2YzZWQ3LTU4YjUtNDc5Ni1iZTM3
LTE0ZDYyZTQ4ZjA1Ni9DX1liRTB1S3R4RlVXQ2F4Y0hfVjhLLUUyZ2cuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmAPD78QYwDQYJKoZIhvcNAQELBQADggEBAFXLJavTS32tsLAt66PLY+x4
q3LNvqDB8MBrApxuLD8OmeX/sr/eHO41eXHmluZAVmEkRa5u70VuZYGgDiOOotEX
THFgwEgmw2PXq5LKuomQHyKYjItkRD/nYCO1TIblKcyQ3exj/brYH8ydRT8zTWqw
WGdM4SWL7OW1IxLTN2GteNbFXeV/zXy2xwNlakYaqbo0FLKTsoYv0oA1ywKBb1al
98NLqe4MJpcNIJk83pUPRjwwebjNPS51tMnAYO+DjJoLYx6qcOVafQwdlSirMVFL
Fe9/ZQXSR50xWVeo/APGpADk9+Q5aRnxdQeFabMn2GDilxBcW4Hn3TBSCBMwmgM=
-----END CERTIFICATE-----