Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/b3f6b688-cff4-402f-97d5-02f6f1886b7e/a8ff9337-21d8-4d5e-b988-d1a983d73aea.roa
File:                     a8ff9337-21d8-4d5e-b988-d1a983d73aea.roa (raw, json)
Hash identifier:          lGQpcEhDIEhFjIk2i8v7KasFEWckt3oZL1je6gcWykU=
Subject key identifier:   A9:F5:92:AA:76:11:5E:43:9B:82:25:76:97:83:62:68:E9:64:CD:45
Certificate issuer:       /CN=6f9b985b0fe5def09b994f8cf60bad8c9029c00657750b2267
Certificate serial:       1F456F762CAA661A716E7F7D5BBF26A125795812
Authority key identifier: 6D:CA:65:D0:71:4D:7E:F2:56:90:BC:09:13:D3:54:DB:AC:89:2A:5E
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/7276b2fa-548d-4970-8314-8d73945c34d8/6f9b985b0fe5def09b994f8cf60bad8c9029c00657750b2267.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b3f6b688-cff4-402f-97d5-02f6f1886b7e/a8ff9337-21d8-4d5e-b988-d1a983d73aea.roa
Signing time:             Sat 28 Feb 2026 00:20:07 +0000
ROA not before:           Sat 28 Feb 2026 00:20:07 +0000
ROA not after:            Fri 29 May 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        2605:c940::/32 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b3f6b688-cff4-402f-97d5-02f6f1886b7e/5d7wm5lPjPYLrYyQKcAGV3ULImc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b3f6b688-cff4-402f-97d5-02f6f1886b7e/5d7wm5lPjPYLrYyQKcAGV3ULImc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/7276b2fa-548d-4970-8314-8d73945c34d8/6f9b985b0fe5def09b994f8cf60bad8c9029c00657750b2267.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/7276b2fa-548d-4970-8314-8d73945c34d8/7276b2fa-548d-4970-8314-8d73945c34d8.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/7276b2fa-548d-4970-8314-8d73945c34d8/7276b2fa-548d-4970-8314-8d73945c34d8.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/7276b2fa-548d-4970-8314-8d73945c34d8.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/746e0111-fafb-430f-b778-d204cfcd99a8.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/746e0111-fafb-430f-b778-d204cfcd99a8.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Wed 04 Mar 2026 06:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1f:45:6f:76:2c:aa:66:1a:71:6e:7f:7d:5b:bf:26:a1:25:79:58:12
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6f9b985b0fe5def09b994f8cf60bad8c9029c00657750b2267
        Validity
            Not Before: Feb 28 00:20:07 2026 GMT
            Not After : May 29 23:59:59 2026 GMT
        Subject: serialNumber=e2e644df2b0ce97535a033715e08524761010482da75f8faef528d4860c0e7fa, CN=15f1683a-c0c2-4266-9a96-ecf9eba3239c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:51:7f:78:b2:f2:07:a7:44:a1:d3:05:d2:63:
                    7b:df:5a:d8:64:39:a7:b0:8b:9a:47:2b:9c:4c:5b:
                    c2:12:9d:66:6b:41:98:7e:a9:e7:35:94:fe:42:69:
                    aa:dd:69:26:9c:26:c7:9c:9a:af:ea:22:ce:e9:10:
                    1d:bc:10:50:29:03:c6:62:ed:d0:c0:e9:d2:8f:80:
                    31:40:53:47:06:01:f9:50:ed:0e:2c:f6:c5:79:0a:
                    78:cb:a0:4a:b8:ad:72:14:77:9a:ad:a3:df:6f:50:
                    87:87:a5:51:29:dd:ad:c0:6c:eb:ef:9e:d5:4b:e4:
                    3a:81:3b:7f:8b:bd:97:00:18:e6:cf:68:16:ad:92:
                    fe:a3:24:cd:94:dc:3d:6e:0e:57:cf:fe:2c:61:b3:
                    a8:0a:ab:43:9c:df:9d:73:08:22:99:23:0c:d9:a5:
                    de:06:2e:21:01:ce:f0:5f:a3:a3:3a:dc:82:48:e6:
                    dd:0f:10:07:5b:5c:6e:60:cd:72:27:b6:2a:46:6c:
                    9f:e6:24:b2:1b:88:77:af:a3:a9:ea:67:b4:87:2d:
                    a0:c9:cc:22:64:b2:a6:73:5f:90:8d:c9:e0:d9:a1:
                    53:3e:83:ce:c4:ed:8b:39:99:2e:e8:98:a1:2b:0b:
                    b6:32:7c:ed:77:8a:98:a7:bc:ce:c3:7b:6e:89:37:
                    5d:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A9:F5:92:AA:76:11:5E:43:9B:82:25:76:97:83:62:68:E9:64:CD:45
            X509v3 Authority Key Identifier:
                keyid:6D:CA:65:D0:71:4D:7E:F2:56:90:BC:09:13:D3:54:DB:AC:89:2A:5E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/7276b2fa-548d-4970-8314-8d73945c34d8/6f9b985b0fe5def09b994f8cf60bad8c9029c00657750b2267.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b3f6b688-cff4-402f-97d5-02f6f1886b7e/a8ff9337-21d8-4d5e-b988-d1a983d73aea.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b3f6b688-cff4-402f-97d5-02f6f1886b7e/5d7wm5lPjPYLrYyQKcAGV3ULImc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2605:c940::/32

    Signature Algorithm: sha256WithRSAEncryption
         b5:30:8d:8b:36:63:ec:8d:59:ab:29:89:1d:01:ed:1e:2a:e9:
         fe:04:54:6c:0f:48:f1:0a:95:74:de:5c:8b:4e:cb:32:fd:10:
         4d:74:35:ab:14:84:47:2c:64:9b:8f:ad:d7:1a:ad:a5:26:53:
         de:28:e4:0d:51:a5:52:27:fa:77:72:e7:4a:ba:62:0f:66:ad:
         46:9f:cb:d4:fb:4f:a2:4d:ed:c6:c7:96:d1:52:70:6c:4b:39:
         e8:c7:c3:97:59:18:21:ce:f5:0d:c6:cf:17:91:0d:a8:fe:c9:
         63:f5:02:c5:b9:08:3d:c4:b1:4d:a8:f8:a3:8e:de:18:58:86:
         83:ee:ee:a6:a8:bb:36:1b:e1:19:22:8f:b5:de:6d:57:c7:7f:
         8d:63:b4:7d:c9:fa:da:c6:12:a4:fb:79:d1:4d:ed:63:ed:6c:
         fd:22:c9:da:bf:2b:2e:a9:c1:e4:50:7d:40:8f:cd:84:bd:02:
         19:de:8f:c9:30:b9:a4:b8:09:d9:a5:cf:81:06:1f:8c:a2:6a:
         65:68:e9:9b:f3:5b:3a:99:76:b0:27:79:0c:01:c4:6f:1a:17:
         e4:97:1a:34:21:21:af:ed:68:d1:e8:b6:90:4e:7a:97:58:f5:
         68:cb:d5:bc:cb:fc:71:7b:5c:51:09:3b:e5:9f:21:62:47:bd:
         61:47:a0:93
-----BEGIN CERTIFICATE-----
MIIF+TCCBOGgAwIBAgIUH0VvdiyqZhpxbn99W78moSV5WBIwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmY5Yjk4NWIwZmU1ZGVmMDliOTk0ZjhjZjYwYmFkOGM5
MDI5YzAwNjU3NzUwYjIyNjcwHhcNMjYwMjI4MDAyMDA3WhcNMjYwNTI5MjM1OTU5
WjB6MUkwRwYDVQQFE0BlMmU2NDRkZjJiMGNlOTc1MzVhMDMzNzE1ZTA4NTI0NzYx
MDEwNDgyZGE3NWY4ZmFlZjUyOGQ0ODYwYzBlN2ZhMS0wKwYDVQQDEyQxNWYxNjgz
YS1jMGMyLTQyNjYtOWE5Ni1lY2Y5ZWJhMzIzOWMwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCzUX94svIHp0Sh0wXSY3vfWthkOaewi5pHK5xMW8ISnWZr
QZh+qec1lP5CaardaSacJsecmq/qIs7pEB28EFApA8Zi7dDA6dKPgDFAU0cGAflQ
7Q4s9sV5CnjLoEq4rXIUd5qto99vUIeHpVEp3a3AbOvvntVL5DqBO3+LvZcAGObP
aBatkv6jJM2U3D1uDlfP/ixhs6gKq0Oc351zCCKZIwzZpd4GLiEBzvBfo6M63IJI
5t0PEAdbXG5gzXIntipGbJ/mJLIbiHevo6nqZ7SHLaDJzCJksqZzX5CNyeDZoVM+
g87E7Ys5mS7omKErC7YyfO13ipinvM7De26JN12hAgMBAAGjggKyMIICrjAdBgNV
HQ4EFgQUqfWSqnYRXkObgiV2l4NiaOlkzUUwHwYDVR0jBBgwFoAUbcpl0HFNfvJW
kLwJE9NU26yJKl4wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
Lzc0NmUwMTExLWZhZmItNDMwZi1iNzc4LWQyMDRjZmNkOTlhOC83Mjc2YjJmYS01
NDhkLTQ5NzAtODMxNC04ZDczOTQ1YzM0ZDgvNmY5Yjk4NWIwZmU1ZGVmMDliOTk0
ZjhjZjYwYmFkOGM5MDI5YzAwNjU3NzUwYjIyNjcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvYjNmNmI2ODgtY2ZmNC00MDJmLTk3ZDUtMDJm
NmYxODg2YjdlL2E4ZmY5MzM3LTIxZDgtNGQ1ZS1iOTg4LWQxYTk4M2Q3M2FlYS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2IzZjZiNjg4LWNmZjQtNDAyZi05N2Q1
LTAyZjZmMTg4NmI3ZS81ZDd3bTVsUGpQWUxyWXlRS2NBR1YzVUxJbWMuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgAC
MAcDBQAmBclAMA0GCSqGSIb3DQEBCwUAA4IBAQC1MI2LNmPsjVmrKYkdAe0eKun+
BFRsD0jxCpV03lyLTssy/RBNdDWrFIRHLGSbj63XGq2lJlPeKOQNUaVSJ/p3cudK
umIPZq1Gn8vU+0+iTe3Gx5bRUnBsSznox8OXWRghzvUNxs8XkQ2o/slj9QLFuQg9
xLFNqPijjt4YWIaD7u6mqLs2G+EZIo+13m1Xx3+NY7R9yfraxhKk+3nRTe1j7Wz9
IsnavysuqcHkUH1Aj82EvQIZ3o/JMLmkuAnZpc+BBh+MomplaOmb81s6mXawJ3kM
AcRvGhfklxo0ISGv7WjR6LaQTnqXWPVoy9W8y/xxe1xRCTvlnyFiR71hR6CT
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:54:29 2026 by rpki-client