Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/2f059a21-d41b-4846-b7ae-7ea38c32fd4c/6ba0c1f3-2b2e-4d8a-bef1-52e07a4a5a4e.roa
File:                     6ba0c1f3-2b2e-4d8a-bef1-52e07a4a5a4e.roa (raw, json)
Hash identifier:          9HZkV8cHiBFcaTd5LqZ26j9ZPtCwhRvo2WiYLfKmPzI=
Subject key identifier:   D2:46:83:66:CB:EF:46:0C:A0:AD:C4:1B:49:11:AB:31:2D:94:70:F5
Certificate issuer:       /CN=c167a8b3a01f06717d2af62e3809072084c3af8f48948e40e2
Certificate serial:       7C918AA0DE1904A62A51732F7B12A4D05F8ABB65
Authority key identifier: 1E:5F:2D:62:F8:5A:D2:84:D4:D1:89:25:6B:88:69:E8:E9:11:28:38
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/0a3db4ff-9cd8-4d02-a027-6fa90494a3a1/c167a8b3a01f06717d2af62e3809072084c3af8f48948e40e2.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/2f059a21-d41b-4846-b7ae-7ea38c32fd4c/6ba0c1f3-2b2e-4d8a-bef1-52e07a4a5a4e.roa
Signing time:             Mon 04 May 2026 00:30:09 +0000
ROA not before:           Mon 04 May 2026 00:30:09 +0000
ROA not after:            Sun 02 Aug 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        2606:f40:fffe::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/2f059a21-d41b-4846-b7ae-7ea38c32fd4c/HwZxfSr2LjgJByCEw6-PSJSOQOI.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/2f059a21-d41b-4846-b7ae-7ea38c32fd4c/HwZxfSr2LjgJByCEw6-PSJSOQOI.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/0a3db4ff-9cd8-4d02-a027-6fa90494a3a1/c167a8b3a01f06717d2af62e3809072084c3af8f48948e40e2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/0a3db4ff-9cd8-4d02-a027-6fa90494a3a1/0a3db4ff-9cd8-4d02-a027-6fa90494a3a1.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/0a3db4ff-9cd8-4d02-a027-6fa90494a3a1/0a3db4ff-9cd8-4d02-a027-6fa90494a3a1.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/0a3db4ff-9cd8-4d02-a027-6fa90494a3a1.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/76fe11d4-d352-4994-8f6c-d6c91b0b8415.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/76fe11d4-d352-4994-8f6c-d6c91b0b8415.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 14 May 2026 21:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7c:91:8a:a0:de:19:04:a6:2a:51:73:2f:7b:12:a4:d0:5f:8a:bb:65
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c167a8b3a01f06717d2af62e3809072084c3af8f48948e40e2
        Validity
            Not Before: May  4 00:30:09 2026 GMT
            Not After : Aug  2 23:59:59 2026 GMT
        Subject: serialNumber=46491aa4c020d23f0280d69d18d54062b614fb5e95daec8714e0f413d402edf3, CN=8f95e4d1-f14f-4d61-ae00-67e047d2f102
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:fd:9c:54:fe:86:85:b6:51:06:68:22:ca:f8:
                    14:82:2e:6e:fb:92:f2:f3:95:2c:10:2d:13:80:17:
                    ea:26:f9:62:40:10:59:35:5e:7f:56:29:c0:8e:73:
                    26:9e:52:a1:4c:ce:86:76:a4:ab:00:a0:3a:21:ee:
                    73:7d:df:64:7b:7e:49:2d:45:bd:aa:ec:cf:a7:34:
                    33:f6:9a:c8:53:5b:99:53:29:ce:4b:2f:2f:cd:b6:
                    41:80:a6:af:f2:a1:5d:69:05:7f:5a:54:90:a9:4c:
                    b2:9b:0e:cc:d5:d5:06:0d:78:30:58:67:ee:ba:b8:
                    f2:6f:a4:21:26:6a:08:f8:84:cf:6e:8b:de:cf:d6:
                    f9:4e:24:98:d7:51:1d:5f:f2:4b:40:65:8f:4c:50:
                    fb:e6:b9:a5:56:c8:ce:c2:2b:b9:5e:40:e7:cb:b5:
                    fe:db:a5:28:b6:86:51:8b:c1:08:cb:2d:e7:49:2b:
                    60:2c:fd:ce:7c:27:28:28:ee:7c:9e:f3:fe:56:82:
                    fe:ce:ef:d5:c3:64:6e:31:99:af:97:b5:6b:e8:df:
                    8c:71:97:c6:1e:74:7c:2c:d0:ca:13:f6:0b:20:b8:
                    f5:c6:4f:65:1f:4b:d2:b8:3f:45:96:57:4d:75:80:
                    55:05:6e:48:04:8e:53:23:b8:f2:d2:81:1a:f5:4a:
                    88:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D2:46:83:66:CB:EF:46:0C:A0:AD:C4:1B:49:11:AB:31:2D:94:70:F5
            X509v3 Authority Key Identifier:
                keyid:1E:5F:2D:62:F8:5A:D2:84:D4:D1:89:25:6B:88:69:E8:E9:11:28:38

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/0a3db4ff-9cd8-4d02-a027-6fa90494a3a1/c167a8b3a01f06717d2af62e3809072084c3af8f48948e40e2.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/2f059a21-d41b-4846-b7ae-7ea38c32fd4c/6ba0c1f3-2b2e-4d8a-bef1-52e07a4a5a4e.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/2f059a21-d41b-4846-b7ae-7ea38c32fd4c/HwZxfSr2LjgJByCEw6-PSJSOQOI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2606:f40:fffe::/48

    Signature Algorithm: sha256WithRSAEncryption
         ad:40:04:d2:c3:7d:e8:99:fa:96:f7:9c:94:80:7a:ea:da:f1:
         63:bb:b7:da:12:10:8a:d4:99:94:62:cb:09:46:6f:c2:76:3d:
         e6:94:97:f2:6b:6e:f5:bc:5d:f2:8e:bd:0a:47:57:2b:9e:32:
         26:db:ec:ab:4c:13:36:de:02:66:2f:a8:28:3c:9c:25:6c:75:
         76:6f:84:cd:8e:de:e6:b9:a9:a4:84:79:46:24:4b:91:04:b0:
         ee:2c:2e:c3:e5:53:94:55:96:8a:09:81:f9:3a:3b:9c:bd:e6:
         a0:12:91:71:4d:ab:0e:42:87:83:51:41:4d:26:b1:3d:2f:ef:
         00:ff:6f:6b:41:2b:64:87:73:22:0b:43:36:d3:62:18:da:67:
         b2:03:9c:a7:6e:bf:2c:c3:ef:77:3a:3f:ef:ce:ce:94:8e:0a:
         02:ee:19:a3:b9:75:63:7c:5b:1b:00:b0:49:a4:d5:b1:c4:fd:
         03:45:9d:63:30:ab:f3:98:69:84:13:51:e5:b5:1b:2c:16:47:
         06:1c:27:24:50:3f:c2:81:69:e8:63:d3:53:21:ba:57:9a:e1:
         97:64:de:b7:41:96:ed:01:34:4a:c3:03:a1:dd:3a:c7:37:97:
         54:bc:de:2f:dc:de:50:e4:21:d1:ae:ea:cb:5d:66:ca:ba:15:
         fa:2f:dd:b5
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUfJGKoN4ZBKYqUXMvexKk0F+Ku2UwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyYzE2N2E4YjNhMDFmMDY3MTdkMmFmNjJlMzgwOTA3MjA4
NGMzYWY4ZjQ4OTQ4ZTQwZTIwHhcNMjYwNTA0MDAzMDA5WhcNMjYwODAyMjM1OTU5
WjB6MUkwRwYDVQQFE0A0NjQ5MWFhNGMwMjBkMjNmMDI4MGQ2OWQxOGQ1NDA2MmI2
MTRmYjVlOTVkYWVjODcxNGUwZjQxM2Q0MDJlZGYzMS0wKwYDVQQDEyQ4Zjk1ZTRk
MS1mMTRmLTRkNjEtYWUwMC02N2UwNDdkMmYxMDIwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC7/ZxU/oaFtlEGaCLK+BSCLm77kvLzlSwQLROAF+om+WJA
EFk1Xn9WKcCOcyaeUqFMzoZ2pKsAoDoh7nN932R7fkktRb2q7M+nNDP2mshTW5lT
Kc5LLy/NtkGApq/yoV1pBX9aVJCpTLKbDszV1QYNeDBYZ+66uPJvpCEmagj4hM9u
i97P1vlOJJjXUR1f8ktAZY9MUPvmuaVWyM7CK7leQOfLtf7bpSi2hlGLwQjLLedJ
K2As/c58Jygo7nye8/5Wgv7O79XDZG4xma+XtWvo34xxl8YedHws0MoT9gsguPXG
T2UfS9K4P0WWV011gFUFbkgEjlMjuPLSgRr1SoiTAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQU0kaDZsvvRgygrcQbSRGrMS2UcPUwHwYDVR0jBBgwFoAUHl8tYvha0oTU
0Ykla4hp6OkRKDgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
Lzc2ZmUxMWQ0LWQzNTItNDk5NC04ZjZjLWQ2YzkxYjBiODQxNS8wYTNkYjRmZi05
Y2Q4LTRkMDItYTAyNy02ZmE5MDQ5NGEzYTEvYzE2N2E4YjNhMDFmMDY3MTdkMmFm
NjJlMzgwOTA3MjA4NGMzYWY4ZjQ4OTQ4ZTQwZTIuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMmYwNTlhMjEtZDQxYi00ODQ2LWI3YWUtN2Vh
MzhjMzJmZDRjLzZiYTBjMWYzLTJiMmUtNGQ4YS1iZWYxLTUyZTA3YTRhNWE0ZS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzJmMDU5YTIxLWQ0MWItNDg0Ni1iN2Fl
LTdlYTM4YzMyZmQ0Yy9Id1p4ZlNyMkxqZ0pCeUNFdzYtUFNKU09RT0kuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmBg9A//4wDQYJKoZIhvcNAQELBQADggEBAK1ABNLDfeiZ+pb3nJSAeura
8WO7t9oSEIrUmZRiywlGb8J2PeaUl/JrbvW8XfKOvQpHVyueMibb7KtMEzbeAmYv
qCg8nCVsdXZvhM2O3ua5qaSEeUYkS5EEsO4sLsPlU5RVlooJgfk6O5y95qASkXFN
qw5Ch4NRQU0msT0v7wD/b2tBK2SHcyILQzbTYhjaZ7IDnKduvyzD73c6P+/OzpSO
CgLuGaO5dWN8WxsAsEmk1bHE/QNFnWMwq/OYaYQTUeW1GywWRwYcJyRQP8KBaehj
01Mhulea4Zdk3rdBlu0BNErDA6HdOsc3l1S83i/c3lDkIdGu6stdZsq6Ffov3bU=
-----END CERTIFICATE-----