Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/dc0e0e73-bbbe-4170-b733-4904ecc27f99.roa
File:                     dc0e0e73-bbbe-4170-b733-4904ecc27f99.roa (raw, json)
Hash identifier:          kRq5LcSWJi+wGKd2cWYdcbih/xWBHHlAPujZqvgqgQY=
Subject key identifier:   7E:34:46:53:F1:62:88:75:03:70:EB:4D:88:E1:74:78:CC:C7:99:7C
Certificate issuer:       /CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
Certificate serial:       2CF205401AAA62C9C8E5CDD1232799EBD4B77C77
Authority key identifier: 2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/dc0e0e73-bbbe-4170-b733-4904ecc27f99.roa
Signing time:             Tue 19 May 2026 04:20:54 +0000
ROA not before:           Tue 19 May 2026 04:20:54 +0000
ROA not after:            Mon 17 Aug 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:f0fb:e000::/40 maxlen: 40
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 18 Jun 2026 13:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2c:f2:05:40:1a:aa:62:c9:c8:e5:cd:d1:23:27:99:eb:d4:b7:7c:77
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
        Validity
            Not Before: May 19 04:20:54 2026 GMT
            Not After : Aug 17 23:59:59 2026 GMT
        Subject: serialNumber=431ee415cea10f8e1a503b938d7715e647d07f7c0ced49c4ca8d2a6858e4abd0, CN=fbb27576-cac2-4381-9a53-6c15e0dc26ff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:8d:35:9b:13:77:84:54:f0:4a:3c:86:d3:f3:
                    92:8f:b8:2a:3b:10:94:e3:1c:62:01:07:5c:d3:71:
                    6c:b9:fa:ec:ff:20:81:07:32:74:c9:b0:12:46:17:
                    2d:8d:9d:58:d8:25:28:40:e8:3d:7c:28:55:e8:90:
                    a0:e9:8c:4e:65:c1:20:08:65:c2:d1:0d:c1:f6:b8:
                    c8:b5:b7:1e:32:0d:90:60:5b:00:8a:46:93:ec:d1:
                    70:00:8c:59:f7:61:ef:7a:9e:cf:b7:72:49:c7:df:
                    d0:59:66:60:3e:40:f5:7d:43:33:ab:cd:94:2e:e8:
                    3c:b4:d0:01:96:9b:9a:81:17:d4:17:51:27:33:99:
                    bd:77:9d:9b:4f:bc:44:e0:cf:fa:f4:29:0e:93:48:
                    80:90:d6:81:7d:55:75:69:ec:e6:4e:bc:8a:00:a3:
                    8e:3e:a0:8b:f3:10:ef:f8:2f:39:c5:cc:48:ce:3c:
                    d3:f5:df:63:fa:da:ff:37:96:0c:69:6c:c0:14:4f:
                    5d:ac:bc:09:a3:41:b8:36:c8:b0:49:bd:53:bc:a3:
                    66:12:e9:bf:72:d0:b7:ce:c2:d0:46:d7:be:26:a7:
                    fd:67:07:e6:66:62:21:93:47:7a:19:f1:d5:cd:c0:
                    5f:d4:b8:53:ca:03:4a:b2:92:b1:4c:3a:c3:74:e6:
                    87:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7E:34:46:53:F1:62:88:75:03:70:EB:4D:88:E1:74:78:CC:C7:99:7C
            X509v3 Authority Key Identifier:
                keyid:2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/dc0e0e73-bbbe-4170-b733-4904ecc27f99.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:f0fb:e000::/40

    Signature Algorithm: sha256WithRSAEncryption
         56:67:a5:83:2c:d5:fa:da:80:72:4c:67:43:da:82:45:38:72:
         05:67:36:e8:22:da:d6:60:49:68:41:cc:bb:de:04:25:e7:79:
         2d:0c:da:7b:9b:69:c8:6d:f8:d5:2b:3c:f3:0a:57:a3:66:a6:
         df:80:57:a0:79:86:ff:4d:c8:8e:b7:a8:36:dd:45:d4:45:c4:
         18:6f:e9:5e:bd:56:bd:b3:4b:d5:85:12:58:b0:52:85:dc:b8:
         22:4e:cb:82:04:7e:39:5d:cd:53:f1:bf:d9:a5:29:85:09:ee:
         82:5c:0b:a8:b4:b4:a6:39:fb:e0:93:a5:01:66:8d:aa:dc:98:
         93:82:ab:bb:80:90:51:7d:b1:4a:3b:90:21:ee:7d:5e:53:19:
         a6:f4:f4:9f:35:69:a6:57:b5:3c:0e:eb:6d:53:7c:0b:44:c1:
         d7:cb:8d:31:83:8f:0d:4c:00:d0:b7:35:0b:a6:49:b3:45:ac:
         7a:6f:87:92:99:3c:58:7e:2b:9a:8a:3b:09:45:af:6a:9f:f8:
         bf:65:97:69:70:60:a2:ab:a7:e2:2c:d0:bd:d2:8f:39:0f:d0:
         68:80:af:b8:dc:3d:33:28:30:b0:63:87:4a:9d:5a:be:49:c6:
         db:ca:16:4e:57:d5:ae:0e:73:a5:97:3b:21:1f:b6:8f:08:f3:
         cd:6a:ce:fd
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIULPIFQBqqYsnI5c3RIyeZ69S3fHcwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyYjU4NDVjMzA3ZDBiZjYxYjEzNGI4YWI3MTE1NDU4MjZi
MTcwN2ZkNWYwYWY4NGRhMDgwHhcNMjYwNTE5MDQyMDU0WhcNMjYwODE3MjM1OTU5
WjB6MUkwRwYDVQQFE0A0MzFlZTQxNWNlYTEwZjhlMWE1MDNiOTM4ZDc3MTVlNjQ3
ZDA3ZjdjMGNlZDQ5YzRjYThkMmE2ODU4ZTRhYmQwMS0wKwYDVQQDEyRmYmIyNzU3
Ni1jYWMyLTQzODEtOWE1My02YzE1ZTBkYzI2ZmYwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCnjTWbE3eEVPBKPIbT85KPuCo7EJTjHGIBB1zTcWy5+uz/
IIEHMnTJsBJGFy2NnVjYJShA6D18KFXokKDpjE5lwSAIZcLRDcH2uMi1tx4yDZBg
WwCKRpPs0XAAjFn3Ye96ns+3cknH39BZZmA+QPV9QzOrzZQu6Dy00AGWm5qBF9QX
USczmb13nZtPvETgz/r0KQ6TSICQ1oF9VXVp7OZOvIoAo44+oIvzEO/4LznFzEjO
PNP132P62v83lgxpbMAUT12svAmjQbg2yLBJvVO8o2YS6b9y0LfOwtBG174mp/1n
B+ZmYiGTR3oZ8dXNwF/UuFPKA0qykrFMOsN05oeFAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUfjRGU/FiiHUDcOtNiOF0eMzHmXwwHwYDVR0jBBgwFoAULhjiCKGCVxsJ
fdIjpxaeQOvpiT0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy82YTk1MzdhOC1h
Njg1LTRiNDgtOWZhOC04MzYyZTRmYzQ3YWUvYjU4NDVjMzA3ZDBiZjYxYjEzNGI4
YWI3MTE1NDU4MjZiMTcwN2ZkNWYwYWY4NGRhMDguY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTE3ZjNlZDctNThiNS00Nzk2LWJlMzctMTRk
NjJlNDhmMDU2L2RjMGUwZTczLWJiYmUtNDE3MC1iNzMzLTQ5MDRlY2MyN2Y5OS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzUxN2YzZWQ3LTU4YjUtNDc5Ni1iZTM3
LTE0ZDYyZTQ4ZjA1Ni9DX1liRTB1S3R4RlVXQ2F4Y0hfVjhLLUUyZ2cuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgAmAPD74DANBgkqhkiG9w0BAQsFAAOCAQEAVmelgyzV+tqAckxnQ9qCRThy
BWc26CLa1mBJaEHMu94EJed5LQzae5tpyG341Ss88wpXo2am34BXoHmG/03Ijreo
Nt1F1EXEGG/pXr1WvbNL1YUSWLBShdy4Ik7LggR+OV3NU/G/2aUphQnuglwLqLS0
pjn74JOlAWaNqtyYk4Kru4CQUX2xSjuQIe59XlMZpvT0nzVpple1PA7rbVN8C0TB
18uNMYOPDUwA0Lc1C6ZJs0Wsem+Hkpk8WH4rmoo7CUWvap/4v2WXaXBgoqun4izQ
vdKPOQ/QaICvuNw9MygwsGOHSp1avknG28oWTlfVrg5zpZc7IR+2jwjzzWrO/Q==
-----END CERTIFICATE-----