Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/c0b0b880-e632-4ca7-8b61-0658e8846f8b.roa
File:                     c0b0b880-e632-4ca7-8b61-0658e8846f8b.roa (raw, json)
Hash identifier:          +Lk+mRukRKmcpWEvCCrtQatBO1QmmfTie2phmq+YuJ8=
Subject key identifier:   84:71:53:D6:7F:B3:17:83:F2:E1:A7:A5:35:3E:F4:3B:6A:24:E3:6B
Certificate issuer:       /CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
Certificate serial:       1878E5589C272D70E48BF19F8985989DF1F5AC36
Authority key identifier: 2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/c0b0b880-e632-4ca7-8b61-0658e8846f8b.roa
Signing time:             Mon 04 May 2026 15:10:36 +0000
ROA not before:           Mon 04 May 2026 15:10:36 +0000
ROA not after:            Sun 02 Aug 2026 23:59:59 +0000
asID:                     14618
IP address blocks:        2600:f0f0:6109::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 14 May 2026 22:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            18:78:e5:58:9c:27:2d:70:e4:8b:f1:9f:89:85:98:9d:f1:f5:ac:36
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
        Validity
            Not Before: May  4 15:10:36 2026 GMT
            Not After : Aug  2 23:59:59 2026 GMT
        Subject: serialNumber=d32a3c04225f3257217578e903430d8eb9e61abd960f543e9d4f4e569bc31083, CN=fbb27576-cac2-4381-9a53-6c15e0dc26ff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:53:20:ea:b8:39:37:2b:b2:35:c5:3a:05:2b:
                    78:56:99:b6:04:24:2d:4c:f0:31:6b:96:34:46:c3:
                    27:67:e9:fc:80:db:b7:d3:5f:9c:ac:e5:73:7e:2c:
                    46:a9:11:e5:79:bf:4b:dd:57:1f:d0:8b:7d:fc:5b:
                    4a:79:b3:bb:88:a1:7d:a8:19:86:78:56:04:5b:d2:
                    9d:af:1f:74:81:04:1a:56:2d:bd:14:74:7f:68:1e:
                    84:50:44:d5:9a:1c:37:a8:9e:71:7b:d2:40:40:b3:
                    5b:35:5e:88:60:da:40:72:34:81:f0:35:5e:c7:fa:
                    7a:6b:d6:9a:9e:65:03:92:15:8a:5c:f6:5e:d4:74:
                    f6:ec:24:29:3c:9b:ea:75:e6:74:1b:6d:0b:4c:b6:
                    bd:05:53:69:19:97:86:2c:07:a1:f5:40:42:b2:8f:
                    f9:6a:6d:06:9a:83:7b:a0:18:3e:33:b4:12:67:b3:
                    22:08:7a:57:fe:79:d3:57:cf:02:3b:57:2c:02:37:
                    e7:63:64:ab:ed:d1:13:00:09:66:4e:f7:80:34:d4:
                    81:1a:9e:ba:7c:e3:63:64:20:0d:58:79:08:96:6a:
                    05:38:40:66:65:94:10:55:01:a7:4d:50:bf:5c:99:
                    b9:c5:0d:7d:91:9c:f0:dd:b8:11:d2:49:41:7a:6b:
                    70:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                84:71:53:D6:7F:B3:17:83:F2:E1:A7:A5:35:3E:F4:3B:6A:24:E3:6B
            X509v3 Authority Key Identifier:
                keyid:2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/c0b0b880-e632-4ca7-8b61-0658e8846f8b.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:f0f0:6109::/48

    Signature Algorithm: sha256WithRSAEncryption
         64:f1:74:4a:c1:a2:95:71:f5:5d:1b:bb:2e:98:75:07:cf:cc:
         df:f6:f4:3c:41:4e:69:b2:85:83:b5:38:6e:02:ca:71:18:be:
         a6:22:f3:5b:ba:f0:6b:19:32:a4:97:ba:e4:fe:81:84:89:69:
         c5:b8:cd:e4:09:b0:c3:27:2e:53:08:e3:d5:04:6b:e8:ad:e0:
         3c:9a:5f:c2:3d:54:0f:9d:d9:b5:bf:bc:ad:b4:dd:11:ce:6d:
         38:03:91:5a:55:69:c5:99:7b:e8:ea:1e:f0:08:0b:05:cd:b2:
         4b:35:a7:64:45:9e:a3:02:69:c5:82:23:09:94:9d:16:09:8f:
         1f:00:30:77:d8:34:79:d3:8c:66:09:8e:4a:02:54:48:14:3c:
         6b:c2:33:f2:b2:69:69:df:22:8b:09:71:70:53:f3:dd:9e:c4:
         5b:ff:e3:d4:03:2e:46:b4:47:de:88:aa:59:59:d2:ba:f9:e9:
         ed:9f:fc:f5:02:60:4b:1f:67:44:4f:02:64:f7:28:d6:53:40:
         c5:fe:e4:58:e5:23:22:15:5f:43:59:05:32:f9:45:c0:64:b7:
         5f:fb:c9:39:f1:45:88:3e:6c:f9:e6:84:7c:91:cc:ac:07:83:
         dc:40:9c:7d:3b:fb:55:30:fa:dc:4b:cd:09:74:71:81:23:74:
         f1:11:22:11
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUGHjlWJwnLXDki/GfiYWYnfH1rDYwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyYjU4NDVjMzA3ZDBiZjYxYjEzNGI4YWI3MTE1NDU4MjZi
MTcwN2ZkNWYwYWY4NGRhMDgwHhcNMjYwNTA0MTUxMDM2WhcNMjYwODAyMjM1OTU5
WjB6MUkwRwYDVQQFE0BkMzJhM2MwNDIyNWYzMjU3MjE3NTc4ZTkwMzQzMGQ4ZWI5
ZTYxYWJkOTYwZjU0M2U5ZDRmNGU1NjliYzMxMDgzMS0wKwYDVQQDEyRmYmIyNzU3
Ni1jYWMyLTQzODEtOWE1My02YzE1ZTBkYzI2ZmYwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCsUyDquDk3K7I1xToFK3hWmbYEJC1M8DFrljRGwydn6fyA
27fTX5ys5XN+LEapEeV5v0vdVx/Qi338W0p5s7uIoX2oGYZ4VgRb0p2vH3SBBBpW
Lb0UdH9oHoRQRNWaHDeonnF70kBAs1s1Xohg2kByNIHwNV7H+npr1pqeZQOSFYpc
9l7UdPbsJCk8m+p15nQbbQtMtr0FU2kZl4YsB6H1QEKyj/lqbQaag3ugGD4ztBJn
syIIelf+edNXzwI7VywCN+djZKvt0RMACWZO94A01IEanrp842NkIA1YeQiWagU4
QGZllBBVAadNUL9cmbnFDX2RnPDduBHSSUF6a3DjAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUhHFT1n+zF4Py4aelNT70O2ok42swHwYDVR0jBBgwFoAULhjiCKGCVxsJ
fdIjpxaeQOvpiT0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy82YTk1MzdhOC1h
Njg1LTRiNDgtOWZhOC04MzYyZTRmYzQ3YWUvYjU4NDVjMzA3ZDBiZjYxYjEzNGI4
YWI3MTE1NDU4MjZiMTcwN2ZkNWYwYWY4NGRhMDguY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTE3ZjNlZDctNThiNS00Nzk2LWJlMzctMTRk
NjJlNDhmMDU2L2MwYjBiODgwLWU2MzItNGNhNy04YjYxLTA2NThlODg0NmY4Yi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzUxN2YzZWQ3LTU4YjUtNDc5Ni1iZTM3
LTE0ZDYyZTQ4ZjA1Ni9DX1liRTB1S3R4RlVXQ2F4Y0hfVjhLLUUyZ2cuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmAPDwYQkwDQYJKoZIhvcNAQELBQADggEBAGTxdErBopVx9V0buy6YdQfP
zN/29DxBTmmyhYO1OG4CynEYvqYi81u68GsZMqSXuuT+gYSJacW4zeQJsMMnLlMI
49UEa+it4DyaX8I9VA+d2bW/vK203RHObTgDkVpVacWZe+jqHvAICwXNsks1p2RF
nqMCacWCIwmUnRYJjx8AMHfYNHnTjGYJjkoCVEgUPGvCM/KyaWnfIosJcXBT892e
xFv/49QDLka0R96IqllZ0rr56e2f/PUCYEsfZ0RPAmT3KNZTQMX+5FjlIyIVX0NZ
BTL5RcBkt1/7yTnxRYg+bPnmhHyRzKwHg9xAnH07+1Uw+txLzQl0cYEjdPERIhE=
-----END CERTIFICATE-----