Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/2f059a21-d41b-4846-b7ae-7ea38c32fd4c/59031a63-ea1a-4943-86ab-19221a23ca42.roa
File:                     59031a63-ea1a-4943-86ab-19221a23ca42.roa (raw, json)
Hash identifier:          k5SdUBTJPszTJ+6V3fP+pIG+358eao+NjjE0TJxPO1M=
Subject key identifier:   91:95:8F:2E:7A:18:64:5F:7A:D6:B7:AA:2D:A7:10:35:E9:CF:7E:9F
Certificate issuer:       /CN=c167a8b3a01f06717d2af62e3809072084c3af8f48948e40e2
Certificate serial:       1510156445A57E61472B225A8E688301CBA2A456
Authority key identifier: 1E:5F:2D:62:F8:5A:D2:84:D4:D1:89:25:6B:88:69:E8:E9:11:28:38
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/0a3db4ff-9cd8-4d02-a027-6fa90494a3a1/c167a8b3a01f06717d2af62e3809072084c3af8f48948e40e2.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/2f059a21-d41b-4846-b7ae-7ea38c32fd4c/59031a63-ea1a-4943-86ab-19221a23ca42.roa
Signing time:             Fri 08 May 2026 00:00:51 +0000
ROA not before:           Fri 08 May 2026 00:00:51 +0000
ROA not after:            Thu 06 Aug 2026 23:59:59 +0000
asID:                     14618
IP address blocks:        2606:f40:8000::/39 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/2f059a21-d41b-4846-b7ae-7ea38c32fd4c/HwZxfSr2LjgJByCEw6-PSJSOQOI.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/2f059a21-d41b-4846-b7ae-7ea38c32fd4c/HwZxfSr2LjgJByCEw6-PSJSOQOI.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/0a3db4ff-9cd8-4d02-a027-6fa90494a3a1/c167a8b3a01f06717d2af62e3809072084c3af8f48948e40e2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/0a3db4ff-9cd8-4d02-a027-6fa90494a3a1/0a3db4ff-9cd8-4d02-a027-6fa90494a3a1.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/0a3db4ff-9cd8-4d02-a027-6fa90494a3a1/0a3db4ff-9cd8-4d02-a027-6fa90494a3a1.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/0a3db4ff-9cd8-4d02-a027-6fa90494a3a1.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/76fe11d4-d352-4994-8f6c-d6c91b0b8415.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/76fe11d4-d352-4994-8f6c-d6c91b0b8415.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 14 May 2026 21:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            15:10:15:64:45:a5:7e:61:47:2b:22:5a:8e:68:83:01:cb:a2:a4:56
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c167a8b3a01f06717d2af62e3809072084c3af8f48948e40e2
        Validity
            Not Before: May  8 00:00:51 2026 GMT
            Not After : Aug  6 23:59:59 2026 GMT
        Subject: serialNumber=57f717a5503acbd84f661e6b0f18dd0c71dd4ac0d09aa285a43874576c46295f, CN=8f95e4d1-f14f-4d61-ae00-67e047d2f102
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:07:a5:23:c6:cf:62:5e:bf:5a:7e:be:de:6b:
                    1e:38:df:88:bc:ad:9e:43:c0:8f:04:ec:cd:82:26:
                    97:56:c4:47:dc:af:ef:e9:6e:21:5c:d3:e5:b1:4f:
                    da:8b:81:d4:fe:c0:ab:ba:ff:b3:33:fb:ba:ad:39:
                    70:f0:4c:c8:5e:41:f6:2c:98:77:8a:ac:ec:2b:fa:
                    33:1a:0f:12:30:ab:4d:52:b7:c9:be:e8:ae:68:27:
                    1c:3f:e0:94:5b:e4:80:da:ce:09:66:03:b8:26:ba:
                    b1:74:06:cb:ea:c9:af:06:34:eb:73:41:fd:58:5c:
                    86:c4:73:51:00:d0:0f:a7:e9:2e:91:00:f5:e1:37:
                    a5:2e:7c:3b:48:2c:b0:74:be:79:dd:9b:31:a2:1a:
                    ea:62:15:c5:cc:00:2c:eb:60:6d:1f:34:74:04:a3:
                    7b:1e:08:e7:97:07:4e:c6:8f:5f:34:87:4e:a8:96:
                    20:da:ab:fb:7c:07:25:4b:37:d3:ef:15:62:5c:df:
                    58:00:95:53:ac:2b:e1:a9:8a:3a:8e:fd:e6:0d:9e:
                    6f:de:6a:f8:21:ae:25:17:81:ff:b1:fd:0f:c6:89:
                    86:d3:2d:1f:f6:c2:cd:2d:67:7d:b8:c5:0d:cf:22:
                    ca:27:a7:54:3e:c5:be:f2:08:3d:ca:44:f8:1d:6d:
                    cf:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                91:95:8F:2E:7A:18:64:5F:7A:D6:B7:AA:2D:A7:10:35:E9:CF:7E:9F
            X509v3 Authority Key Identifier:
                keyid:1E:5F:2D:62:F8:5A:D2:84:D4:D1:89:25:6B:88:69:E8:E9:11:28:38

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/0a3db4ff-9cd8-4d02-a027-6fa90494a3a1/c167a8b3a01f06717d2af62e3809072084c3af8f48948e40e2.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/2f059a21-d41b-4846-b7ae-7ea38c32fd4c/59031a63-ea1a-4943-86ab-19221a23ca42.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/2f059a21-d41b-4846-b7ae-7ea38c32fd4c/HwZxfSr2LjgJByCEw6-PSJSOQOI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2606:f40:8000::/39

    Signature Algorithm: sha256WithRSAEncryption
         0d:9a:57:ea:99:bc:3f:19:c5:5c:6f:3d:6f:78:12:4c:3f:48:
         a6:20:6e:1c:c9:ec:c2:10:46:b8:f2:84:ca:13:f6:42:c3:d8:
         c5:78:ae:28:06:c5:0f:25:0e:d0:02:9f:a4:44:be:63:d1:0f:
         7e:b4:b4:cc:d9:f3:55:d7:80:11:b2:2f:19:c4:f7:bb:0e:49:
         46:e8:56:92:10:55:a9:ea:0c:d3:41:95:59:1a:c7:d1:d4:79:
         1e:fa:f6:64:d5:ce:c4:69:1d:00:74:73:16:8b:19:f8:d7:12:
         91:22:de:ba:a9:ae:33:43:17:78:bd:fe:b6:b4:20:9b:5e:4b:
         f8:2b:50:04:4b:a7:32:77:28:79:36:b3:ce:87:77:cd:7e:2a:
         9e:f0:ce:9e:3b:89:83:c8:dd:93:0d:40:c5:2f:01:50:f0:bc:
         d7:60:41:8b:73:94:14:a5:f8:5e:65:cc:45:2f:61:0d:44:05:
         ca:61:cf:7d:19:9b:25:6f:9d:70:57:6e:58:3f:ac:5c:be:01:
         f2:e3:33:27:fe:81:66:d7:fb:20:4c:88:6a:52:07:6b:4c:58:
         86:c8:9a:49:bd:e6:9e:09:a4:61:5d:a4:f7:bd:e9:ab:12:06:
         1e:32:d5:12:83:5c:61:99:ba:fc:4b:37:4a:e4:d1:df:11:96:
         26:ee:a0:37
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUFRAVZEWlfmFHKyJajmiDAcuipFYwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyYzE2N2E4YjNhMDFmMDY3MTdkMmFmNjJlMzgwOTA3MjA4
NGMzYWY4ZjQ4OTQ4ZTQwZTIwHhcNMjYwNTA4MDAwMDUxWhcNMjYwODA2MjM1OTU5
WjB6MUkwRwYDVQQFE0A1N2Y3MTdhNTUwM2FjYmQ4NGY2NjFlNmIwZjE4ZGQwYzcx
ZGQ0YWMwZDA5YWEyODVhNDM4NzQ1NzZjNDYyOTVmMS0wKwYDVQQDEyQ4Zjk1ZTRk
MS1mMTRmLTRkNjEtYWUwMC02N2UwNDdkMmYxMDIwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC2B6Ujxs9iXr9afr7eax4434i8rZ5DwI8E7M2CJpdWxEfc
r+/pbiFc0+WxT9qLgdT+wKu6/7Mz+7qtOXDwTMheQfYsmHeKrOwr+jMaDxIwq01S
t8m+6K5oJxw/4JRb5IDazglmA7gmurF0Bsvqya8GNOtzQf1YXIbEc1EA0A+n6S6R
APXhN6UufDtILLB0vnndmzGiGupiFcXMACzrYG0fNHQEo3seCOeXB07Gj180h06o
liDaq/t8ByVLN9PvFWJc31gAlVOsK+GpijqO/eYNnm/eavghriUXgf+x/Q/GiYbT
LR/2ws0tZ324xQ3PIsonp1Q+xb7yCD3KRPgdbc95AgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUkZWPLnoYZF961reqLacQNenPfp8wHwYDVR0jBBgwFoAUHl8tYvha0oTU
0Ykla4hp6OkRKDgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
Lzc2ZmUxMWQ0LWQzNTItNDk5NC04ZjZjLWQ2YzkxYjBiODQxNS8wYTNkYjRmZi05
Y2Q4LTRkMDItYTAyNy02ZmE5MDQ5NGEzYTEvYzE2N2E4YjNhMDFmMDY3MTdkMmFm
NjJlMzgwOTA3MjA4NGMzYWY4ZjQ4OTQ4ZTQwZTIuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMmYwNTlhMjEtZDQxYi00ODQ2LWI3YWUtN2Vh
MzhjMzJmZDRjLzU5MDMxYTYzLWVhMWEtNDk0My04NmFiLTE5MjIxYTIzY2E0Mi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzJmMDU5YTIxLWQ0MWItNDg0Ni1iN2Fl
LTdlYTM4YzMyZmQ0Yy9Id1p4ZlNyMkxqZ0pCeUNFdzYtUFNKU09RT0kuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgEmBg9AgDANBgkqhkiG9w0BAQsFAAOCAQEADZpX6pm8PxnFXG89b3gSTD9I
piBuHMnswhBGuPKEyhP2QsPYxXiuKAbFDyUO0AKfpES+Y9EPfrS0zNnzVdeAEbIv
GcT3uw5JRuhWkhBVqeoM00GVWRrH0dR5Hvr2ZNXOxGkdAHRzFosZ+NcSkSLeuqmu
M0MXeL3+trQgm15L+CtQBEunMncoeTazzod3zX4qnvDOnjuJg8jdkw1AxS8BUPC8
12BBi3OUFKX4XmXMRS9hDUQFymHPfRmbJW+dcFduWD+sXL4B8uMzJ/6BZtf7IEyI
alIHa0xYhsiaSb3mngmkYV2k973pqxIGHjLVEoNcYZm6/Es3SuTR3xGWJu6gNw==
-----END CERTIFICATE-----
Generated at Tue May 12 22:23:42 2026 by rpki-client