Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/2f059a21-d41b-4846-b7ae-7ea38c32fd4c/91a27594-a038-483a-a558-a5377f4d266f.roa
File:                     91a27594-a038-483a-a558-a5377f4d266f.roa (raw, json)
Hash identifier:          N+ELzzBnm7noUTogCP3bTv/1XC8ChPmAHB+6qpw9+kg=
Subject key identifier:   5B:1F:CC:79:48:9C:53:C9:80:99:41:D9:33:D3:C5:4D:95:9C:79:4D
Certificate issuer:       /CN=c167a8b3a01f06717d2af62e3809072084c3af8f48948e40e2
Certificate serial:       20D70E09346B17351696C82000514650649B41BD
Authority key identifier: 1E:5F:2D:62:F8:5A:D2:84:D4:D1:89:25:6B:88:69:E8:E9:11:28:38
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/0a3db4ff-9cd8-4d02-a027-6fa90494a3a1/c167a8b3a01f06717d2af62e3809072084c3af8f48948e40e2.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/2f059a21-d41b-4846-b7ae-7ea38c32fd4c/91a27594-a038-483a-a558-a5377f4d266f.roa
Signing time:             Mon 04 May 2026 00:30:10 +0000
ROA not before:           Mon 04 May 2026 00:30:10 +0000
ROA not after:            Sun 02 Aug 2026 23:59:59 +0000
asID:                     14618
IP address blocks:        2606:f40:fffc::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/2f059a21-d41b-4846-b7ae-7ea38c32fd4c/HwZxfSr2LjgJByCEw6-PSJSOQOI.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/2f059a21-d41b-4846-b7ae-7ea38c32fd4c/HwZxfSr2LjgJByCEw6-PSJSOQOI.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/0a3db4ff-9cd8-4d02-a027-6fa90494a3a1/c167a8b3a01f06717d2af62e3809072084c3af8f48948e40e2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/0a3db4ff-9cd8-4d02-a027-6fa90494a3a1/0a3db4ff-9cd8-4d02-a027-6fa90494a3a1.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/0a3db4ff-9cd8-4d02-a027-6fa90494a3a1/0a3db4ff-9cd8-4d02-a027-6fa90494a3a1.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/0a3db4ff-9cd8-4d02-a027-6fa90494a3a1.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/76fe11d4-d352-4994-8f6c-d6c91b0b8415.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/76fe11d4-d352-4994-8f6c-d6c91b0b8415.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 14 May 2026 21:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            20:d7:0e:09:34:6b:17:35:16:96:c8:20:00:51:46:50:64:9b:41:bd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c167a8b3a01f06717d2af62e3809072084c3af8f48948e40e2
        Validity
            Not Before: May  4 00:30:10 2026 GMT
            Not After : Aug  2 23:59:59 2026 GMT
        Subject: serialNumber=a01e3fd5f9f8ed08e39e1b236b01286f985ddb3f4bc9415a63923f0071cbe4e4, CN=8f95e4d1-f14f-4d61-ae00-67e047d2f102
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ea:59:4b:44:9e:bc:b9:76:57:48:9e:22:ee:2a:
                    a5:7b:02:df:30:1a:68:cd:09:71:fb:60:32:a7:0d:
                    41:41:68:b3:63:a2:2b:3c:2e:04:3f:11:b3:94:ee:
                    ae:eb:65:f7:7e:86:25:eb:4c:65:27:60:e5:71:20:
                    5b:79:45:1d:14:99:5f:bc:22:a2:bd:02:20:49:d0:
                    dc:87:cf:c3:00:c3:6e:70:ce:e3:2e:26:2b:9f:0b:
                    ef:5a:6f:cc:28:63:fe:0d:ca:d3:c5:f6:40:28:79:
                    07:c7:fe:ec:ef:00:88:38:8b:fc:55:d6:08:0c:6a:
                    d4:b8:da:db:37:33:83:6b:55:dc:ac:9e:d4:61:1d:
                    88:2e:32:44:39:26:44:3f:3e:6e:61:2a:12:9a:58:
                    f6:7b:ec:cc:09:75:e9:b9:e6:33:5d:8e:01:f0:dc:
                    1b:fa:36:31:e8:7b:5f:1e:15:d6:8d:88:c2:24:68:
                    bf:7f:75:da:2c:5b:26:36:d2:70:99:00:87:55:be:
                    cb:9f:ed:a0:11:3c:12:ff:90:86:71:24:9a:47:d7:
                    09:48:33:c5:2f:ec:d6:ac:df:ae:e8:1b:2a:e0:97:
                    cd:aa:2f:2d:4c:2c:8b:69:a1:e3:d0:ae:82:3d:d8:
                    5e:0c:37:a7:e7:74:f6:f2:90:81:00:83:c7:b7:20:
                    00:8d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5B:1F:CC:79:48:9C:53:C9:80:99:41:D9:33:D3:C5:4D:95:9C:79:4D
            X509v3 Authority Key Identifier:
                keyid:1E:5F:2D:62:F8:5A:D2:84:D4:D1:89:25:6B:88:69:E8:E9:11:28:38

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/0a3db4ff-9cd8-4d02-a027-6fa90494a3a1/c167a8b3a01f06717d2af62e3809072084c3af8f48948e40e2.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/2f059a21-d41b-4846-b7ae-7ea38c32fd4c/91a27594-a038-483a-a558-a5377f4d266f.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/2f059a21-d41b-4846-b7ae-7ea38c32fd4c/HwZxfSr2LjgJByCEw6-PSJSOQOI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2606:f40:fffc::/48

    Signature Algorithm: sha256WithRSAEncryption
         b5:75:08:d0:a0:97:61:c7:18:ed:73:04:7c:c5:3a:b7:fa:aa:
         59:61:59:48:e1:99:cb:35:ec:3d:7e:db:42:ff:56:eb:f5:7e:
         32:7a:dd:1d:7f:2a:49:ea:b9:20:02:d0:62:bc:b8:61:f4:6e:
         93:e4:35:ff:fe:55:3c:77:3b:b1:97:c2:6f:e5:36:bf:85:2c:
         43:a8:a4:23:21:43:17:b8:28:54:fa:47:79:5b:46:19:ae:61:
         2d:d8:27:09:b2:9d:10:3e:d4:d3:94:5e:a1:58:bc:67:74:63:
         b2:79:e2:d9:a7:8e:34:48:21:59:43:25:9d:6a:1f:e3:fd:4c:
         5d:e6:b3:1f:72:de:8f:7e:27:d5:e7:cb:c7:f9:c4:19:38:bb:
         48:f7:cb:17:32:7a:ff:47:f6:36:fc:d1:d4:d5:d4:49:89:81:
         13:20:00:0a:10:b8:30:ad:7e:72:26:6e:e7:23:63:17:db:88:
         db:83:4d:e9:81:d9:ac:8e:e4:10:1d:20:69:d9:4f:6f:2c:eb:
         32:8a:41:45:8e:c3:0f:70:68:4a:7d:de:c8:53:fa:d1:66:60:
         d7:73:0c:76:db:d7:1c:55:45:bf:72:28:c6:2e:5e:da:13:99:
         d7:f3:00:c2:57:f6:4b:ea:15:a2:2b:fb:6a:7d:11:e8:fa:c5:
         c6:f2:2c:f6
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUINcOCTRrFzUWlsggAFFGUGSbQb0wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyYzE2N2E4YjNhMDFmMDY3MTdkMmFmNjJlMzgwOTA3MjA4
NGMzYWY4ZjQ4OTQ4ZTQwZTIwHhcNMjYwNTA0MDAzMDEwWhcNMjYwODAyMjM1OTU5
WjB6MUkwRwYDVQQFE0BhMDFlM2ZkNWY5ZjhlZDA4ZTM5ZTFiMjM2YjAxMjg2Zjk4
NWRkYjNmNGJjOTQxNWE2MzkyM2YwMDcxY2JlNGU0MS0wKwYDVQQDEyQ4Zjk1ZTRk
MS1mMTRmLTRkNjEtYWUwMC02N2UwNDdkMmYxMDIwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDqWUtEnry5dldIniLuKqV7At8wGmjNCXH7YDKnDUFBaLNj
ois8LgQ/EbOU7q7rZfd+hiXrTGUnYOVxIFt5RR0UmV+8IqK9AiBJ0NyHz8MAw25w
zuMuJiufC+9ab8woY/4NytPF9kAoeQfH/uzvAIg4i/xV1ggMatS42ts3M4NrVdys
ntRhHYguMkQ5JkQ/Pm5hKhKaWPZ77MwJdem55jNdjgHw3Bv6NjHoe18eFdaNiMIk
aL9/ddosWyY20nCZAIdVvsuf7aARPBL/kIZxJJpH1wlIM8Uv7Nas367oGyrgl82q
Ly1MLItpoePQroI92F4MN6fndPbykIEAg8e3IACNAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUWx/MeUicU8mAmUHZM9PFTZWceU0wHwYDVR0jBBgwFoAUHl8tYvha0oTU
0Ykla4hp6OkRKDgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
Lzc2ZmUxMWQ0LWQzNTItNDk5NC04ZjZjLWQ2YzkxYjBiODQxNS8wYTNkYjRmZi05
Y2Q4LTRkMDItYTAyNy02ZmE5MDQ5NGEzYTEvYzE2N2E4YjNhMDFmMDY3MTdkMmFm
NjJlMzgwOTA3MjA4NGMzYWY4ZjQ4OTQ4ZTQwZTIuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMmYwNTlhMjEtZDQxYi00ODQ2LWI3YWUtN2Vh
MzhjMzJmZDRjLzkxYTI3NTk0LWEwMzgtNDgzYS1hNTU4LWE1Mzc3ZjRkMjY2Zi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzJmMDU5YTIxLWQ0MWItNDg0Ni1iN2Fl
LTdlYTM4YzMyZmQ0Yy9Id1p4ZlNyMkxqZ0pCeUNFdzYtUFNKU09RT0kuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmBg9A//wwDQYJKoZIhvcNAQELBQADggEBALV1CNCgl2HHGO1zBHzFOrf6
qllhWUjhmcs17D1+20L/Vuv1fjJ63R1/KknquSAC0GK8uGH0bpPkNf/+VTx3O7GX
wm/lNr+FLEOopCMhQxe4KFT6R3lbRhmuYS3YJwmynRA+1NOUXqFYvGd0Y7J54tmn
jjRIIVlDJZ1qH+P9TF3msx9y3o9+J9Xny8f5xBk4u0j3yxcyev9H9jb80dTV1EmJ
gRMgAAoQuDCtfnImbucjYxfbiNuDTemB2ayO5BAdIGnZT28s6zKKQUWOww9waEp9
3shT+tFmYNdzDHbb1xxVRb9yKMYuXtoTmdfzAMJX9kvqFaIr+2p9Eej6xcbyLPY=
-----END CERTIFICATE-----