Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/2f059a21-d41b-4846-b7ae-7ea38c32fd4c/943694fe-e278-4d76-b786-7df26f151dd9.roa
File:                     943694fe-e278-4d76-b786-7df26f151dd9.roa (raw, json)
Hash identifier:          TyFGt/CrEUuOX5Ua+gkKD/emyHXE7BINsRiXyQroHxA=
Subject key identifier:   DE:E7:CB:91:3E:24:57:1D:D6:E0:05:07:50:39:3B:A2:EC:D6:CF:53
Certificate issuer:       /CN=c167a8b3a01f06717d2af62e3809072084c3af8f48948e40e2
Certificate serial:       5D866497CDEC81BA1FA987CC719374C1FB29EC43
Authority key identifier: 1E:5F:2D:62:F8:5A:D2:84:D4:D1:89:25:6B:88:69:E8:E9:11:28:38
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/0a3db4ff-9cd8-4d02-a027-6fa90494a3a1/c167a8b3a01f06717d2af62e3809072084c3af8f48948e40e2.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/2f059a21-d41b-4846-b7ae-7ea38c32fd4c/943694fe-e278-4d76-b786-7df26f151dd9.roa
Signing time:             Mon 04 May 2026 00:30:09 +0000
ROA not before:           Mon 04 May 2026 00:30:09 +0000
ROA not after:            Sun 02 Aug 2026 23:59:59 +0000
asID:                     14618
IP address blocks:        2606:f40:fffe::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/2f059a21-d41b-4846-b7ae-7ea38c32fd4c/HwZxfSr2LjgJByCEw6-PSJSOQOI.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/2f059a21-d41b-4846-b7ae-7ea38c32fd4c/HwZxfSr2LjgJByCEw6-PSJSOQOI.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/0a3db4ff-9cd8-4d02-a027-6fa90494a3a1/c167a8b3a01f06717d2af62e3809072084c3af8f48948e40e2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/0a3db4ff-9cd8-4d02-a027-6fa90494a3a1/0a3db4ff-9cd8-4d02-a027-6fa90494a3a1.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/0a3db4ff-9cd8-4d02-a027-6fa90494a3a1/0a3db4ff-9cd8-4d02-a027-6fa90494a3a1.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/0a3db4ff-9cd8-4d02-a027-6fa90494a3a1.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/76fe11d4-d352-4994-8f6c-d6c91b0b8415.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/76fe11d4-d352-4994-8f6c-d6c91b0b8415.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 14 May 2026 21:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5d:86:64:97:cd:ec:81:ba:1f:a9:87:cc:71:93:74:c1:fb:29:ec:43
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c167a8b3a01f06717d2af62e3809072084c3af8f48948e40e2
        Validity
            Not Before: May  4 00:30:09 2026 GMT
            Not After : Aug  2 23:59:59 2026 GMT
        Subject: serialNumber=ab809dfbf1b910466a90270d079d224893ad88995771acfb928a2a759b6a2688, CN=8f95e4d1-f14f-4d61-ae00-67e047d2f102
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:89:6f:27:d1:bb:7a:30:75:79:7f:d3:63:bf:bc:
                    b4:9c:c3:ff:22:49:6f:9e:fc:23:5e:32:4e:d8:27:
                    4e:7f:57:19:1d:d8:41:98:c5:32:9a:c4:65:50:30:
                    2c:29:67:80:43:fd:b2:56:cb:32:18:6a:7c:45:f8:
                    cd:8e:88:c1:28:1a:80:27:a2:3d:2c:96:87:c9:60:
                    38:b4:a7:13:14:39:76:0b:1b:95:ad:84:8e:fa:90:
                    ff:5c:a4:1a:15:cf:02:ca:ad:de:24:a4:39:d5:97:
                    70:4d:70:d2:ed:81:2f:e0:81:87:6d:fa:d2:5e:bf:
                    bc:3e:6c:84:33:22:5e:44:bd:4a:bd:d6:e2:f9:a6:
                    49:9a:5d:71:da:59:98:05:e5:a1:98:8e:21:43:dc:
                    8c:45:e0:b0:78:0f:36:97:3b:c8:92:ad:7f:6e:46:
                    eb:40:c5:89:9a:89:fa:fb:72:49:c2:ee:95:34:79:
                    6d:0b:d2:ec:b5:4f:dc:f5:fc:07:92:8d:d4:67:c5:
                    f1:6e:1a:f3:b3:a7:89:90:f2:42:59:df:2c:0d:c2:
                    92:16:a7:46:03:b4:d6:50:9f:8e:4a:01:2b:95:de:
                    c4:3f:d9:63:13:29:b0:e7:38:3e:3b:b1:52:0a:3d:
                    b5:0a:49:05:62:a2:3a:e8:bc:21:09:38:0b:50:d2:
                    75:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DE:E7:CB:91:3E:24:57:1D:D6:E0:05:07:50:39:3B:A2:EC:D6:CF:53
            X509v3 Authority Key Identifier:
                keyid:1E:5F:2D:62:F8:5A:D2:84:D4:D1:89:25:6B:88:69:E8:E9:11:28:38

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/0a3db4ff-9cd8-4d02-a027-6fa90494a3a1/c167a8b3a01f06717d2af62e3809072084c3af8f48948e40e2.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/2f059a21-d41b-4846-b7ae-7ea38c32fd4c/943694fe-e278-4d76-b786-7df26f151dd9.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/2f059a21-d41b-4846-b7ae-7ea38c32fd4c/HwZxfSr2LjgJByCEw6-PSJSOQOI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2606:f40:fffe::/48

    Signature Algorithm: sha256WithRSAEncryption
         cb:e6:cb:a3:a8:4e:c0:7c:0d:fd:4b:91:09:85:f5:a1:16:63:
         43:24:d1:a1:f6:2d:ff:0e:60:95:a5:fa:bb:26:b3:32:10:1b:
         32:35:fa:67:66:97:69:e5:a3:7a:16:8c:90:81:ea:42:9f:ab:
         81:1c:13:73:ac:c7:a2:d9:65:c5:50:49:f8:c0:13:4d:cb:61:
         cf:e7:08:06:07:f3:5b:94:51:a2:98:9d:9b:5b:a8:4a:70:19:
         8c:19:0a:3d:ca:92:52:45:8c:62:7e:eb:cf:32:8d:e1:b2:cf:
         48:32:5c:94:6e:40:28:55:de:cb:b9:aa:3f:81:d8:49:e9:60:
         10:87:94:ad:9b:dd:e8:62:66:cf:f1:f0:10:77:4a:18:77:7c:
         fd:cd:75:11:ed:79:8d:3e:f5:bc:0c:62:a0:cc:52:40:20:9b:
         da:e8:e0:ae:53:b9:92:96:c0:9e:b1:16:dd:56:85:ee:34:27:
         49:eb:39:9d:02:41:3e:1b:df:c2:3b:51:7a:90:01:82:3f:bc:
         5e:0d:0f:ff:66:ac:31:e8:f4:c1:50:0b:00:8f:05:b9:3d:73:
         e7:8b:bd:c2:6f:8f:75:04:22:f4:6d:09:6b:68:f6:13:fa:6a:
         6a:0e:70:e5:db:19:12:c3:f5:3c:f3:6e:67:a3:11:c1:f1:4a:
         1c:b0:8a:b5
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUXYZkl83sgbofqYfMcZN0wfsp7EMwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyYzE2N2E4YjNhMDFmMDY3MTdkMmFmNjJlMzgwOTA3MjA4
NGMzYWY4ZjQ4OTQ4ZTQwZTIwHhcNMjYwNTA0MDAzMDA5WhcNMjYwODAyMjM1OTU5
WjB6MUkwRwYDVQQFE0BhYjgwOWRmYmYxYjkxMDQ2NmE5MDI3MGQwNzlkMjI0ODkz
YWQ4ODk5NTc3MWFjZmI5MjhhMmE3NTliNmEyNjg4MS0wKwYDVQQDEyQ4Zjk1ZTRk
MS1mMTRmLTRkNjEtYWUwMC02N2UwNDdkMmYxMDIwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCJbyfRu3owdXl/02O/vLScw/8iSW+e/CNeMk7YJ05/Vxkd
2EGYxTKaxGVQMCwpZ4BD/bJWyzIYanxF+M2OiMEoGoAnoj0slofJYDi0pxMUOXYL
G5WthI76kP9cpBoVzwLKrd4kpDnVl3BNcNLtgS/ggYdt+tJev7w+bIQzIl5EvUq9
1uL5pkmaXXHaWZgF5aGYjiFD3IxF4LB4DzaXO8iSrX9uRutAxYmaifr7cknC7pU0
eW0L0uy1T9z1/AeSjdRnxfFuGvOzp4mQ8kJZ3ywNwpIWp0YDtNZQn45KASuV3sQ/
2WMTKbDnOD47sVIKPbUKSQViojrovCEJOAtQ0nU7AgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQU3ufLkT4kVx3W4AUHUDk7ouzWz1MwHwYDVR0jBBgwFoAUHl8tYvha0oTU
0Ykla4hp6OkRKDgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
Lzc2ZmUxMWQ0LWQzNTItNDk5NC04ZjZjLWQ2YzkxYjBiODQxNS8wYTNkYjRmZi05
Y2Q4LTRkMDItYTAyNy02ZmE5MDQ5NGEzYTEvYzE2N2E4YjNhMDFmMDY3MTdkMmFm
NjJlMzgwOTA3MjA4NGMzYWY4ZjQ4OTQ4ZTQwZTIuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMmYwNTlhMjEtZDQxYi00ODQ2LWI3YWUtN2Vh
MzhjMzJmZDRjLzk0MzY5NGZlLWUyNzgtNGQ3Ni1iNzg2LTdkZjI2ZjE1MWRkOS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzJmMDU5YTIxLWQ0MWItNDg0Ni1iN2Fl
LTdlYTM4YzMyZmQ0Yy9Id1p4ZlNyMkxqZ0pCeUNFdzYtUFNKU09RT0kuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmBg9A//4wDQYJKoZIhvcNAQELBQADggEBAMvmy6OoTsB8Df1LkQmF9aEW
Y0Mk0aH2Lf8OYJWl+rsmszIQGzI1+mdml2nlo3oWjJCB6kKfq4EcE3Osx6LZZcVQ
SfjAE03LYc/nCAYH81uUUaKYnZtbqEpwGYwZCj3KklJFjGJ+688yjeGyz0gyXJRu
QChV3su5qj+B2EnpYBCHlK2b3ehiZs/x8BB3Shh3fP3NdRHteY0+9bwMYqDMUkAg
m9ro4K5TuZKWwJ6xFt1Whe40J0nrOZ0CQT4b38I7UXqQAYI/vF4ND/9mrDHo9MFQ
CwCPBbk9c+eLvcJvj3UEIvRtCWto9hP6amoOcOXbGRLD9TzzbmejEcHxShywirU=
-----END CERTIFICATE-----