Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/04ee03b7-12a6-41a9-a0ce-ab7e197d0ac3.roa
File:                     04ee03b7-12a6-41a9-a0ce-ab7e197d0ac3.roa (raw, json)
Hash identifier:          sy4OaaVxfMNJLEfDAM392sOljnMmL7ETW0U6QzqLhgw=
Subject key identifier:   DC:9C:C7:E3:38:73:49:63:B8:BF:D1:73:70:FF:50:12:19:31:49:DE
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       5630906ACC992CC8152F822EA92AFDFA2D3F017D
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/04ee03b7-12a6-41a9-a0ce-ab7e197d0ac3.roa
Signing time:             Wed 29 Apr 2026 00:30:12 +0000
ROA not before:           Wed 29 Apr 2026 00:30:12 +0000
ROA not after:            Tue 28 Jul 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        209.54.160.0/19 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 12 May 2026 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            56:30:90:6a:cc:99:2c:c8:15:2f:82:2e:a9:2a:fd:fa:2d:3f:01:7d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Apr 29 00:30:12 2026 GMT
            Not After : Jul 28 23:59:59 2026 GMT
        Subject: serialNumber=891d6957a9d52b622ff737444aec875448fde91d5c925b5415df30f21890ebda, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:ce:54:59:ae:32:f9:70:11:40:d5:86:74:6b:
                    16:0a:61:c1:6b:b3:10:52:f2:7c:b2:91:60:11:8e:
                    fd:28:0d:cf:e7:83:37:a2:be:8f:3d:1b:ba:32:d7:
                    65:47:a7:52:1f:74:6c:68:00:c7:56:b9:eb:07:fc:
                    1a:34:18:c8:18:40:3c:a8:cb:78:53:21:31:e2:3d:
                    20:51:c5:5b:00:64:5c:f7:7c:5a:38:d5:1f:33:bc:
                    41:ff:4c:b2:22:5c:e9:44:d2:99:9d:b6:bd:bc:fb:
                    b5:85:f8:3e:56:47:80:ce:f3:ca:8f:6b:82:49:52:
                    f8:14:84:13:52:9b:62:53:fd:48:a1:94:10:3f:ce:
                    91:77:7e:af:4c:e5:18:e7:8b:20:24:37:2f:6e:a6:
                    53:03:03:d1:37:83:6f:c7:03:c4:6b:06:f4:27:13:
                    12:4b:64:32:75:78:7f:30:ea:19:d2:18:dd:2f:e3:
                    1d:76:25:86:72:a6:d9:74:dc:40:8f:0f:09:f5:ac:
                    d8:d0:1c:e9:08:21:6c:ac:2f:e2:7b:61:47:b0:29:
                    4b:d2:a6:19:64:8f:01:28:69:e1:19:f9:f0:12:d0:
                    43:c8:74:1a:61:1a:3e:62:c6:56:2c:d2:14:44:fc:
                    f6:6a:24:54:0c:6c:c7:cf:0d:a5:ce:80:d1:41:79:
                    77:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DC:9C:C7:E3:38:73:49:63:B8:BF:D1:73:70:FF:50:12:19:31:49:DE
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/04ee03b7-12a6-41a9-a0ce-ab7e197d0ac3.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  209.54.160.0/19

    Signature Algorithm: sha256WithRSAEncryption
         2e:bc:61:83:56:ac:79:7c:0f:99:e2:42:60:bd:e7:c5:39:1d:
         29:39:1d:41:d1:94:9e:c9:5e:f3:dd:3d:b2:d0:fb:39:0e:fc:
         c3:54:49:9f:34:f8:e2:10:9e:68:0b:2b:9c:5b:60:de:53:7e:
         f2:b9:56:87:c1:b8:66:4c:08:9b:ba:d6:44:1d:d8:98:af:aa:
         42:f3:32:bd:c0:65:7e:0b:b1:e5:e4:7a:5e:21:59:df:b1:3e:
         15:c5:41:b0:6d:ba:38:22:66:db:e9:77:df:f5:a0:83:36:54:
         cf:a4:2c:92:0f:61:65:cc:02:b3:be:78:ff:88:8c:a7:19:30:
         78:ae:f5:f0:77:ca:f3:68:a7:58:fd:cf:9e:4c:bf:f4:5b:6f:
         07:35:ef:ba:c1:0a:56:c6:e5:e7:75:11:87:97:d0:78:c4:d6:
         4f:93:22:45:ce:4d:10:ae:13:f5:17:38:36:c0:69:b1:9d:0a:
         31:51:1c:38:9b:ff:f9:b6:51:31:62:84:66:aa:93:90:47:51:
         f2:d0:4e:53:c3:7f:07:2a:8e:9f:3d:59:31:8b:80:35:7e:99:
         7c:15:87:ba:c5:72:a0:ba:97:bf:39:34:4f:07:4b:a3:c1:3c:
         4f:9d:97:2b:4b:d7:ff:30:95:18:71:84:99:e1:18:34:2d:dd:
         c5:91:5d:48
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUVjCQasyZLMgVL4IuqSr9+i0/AX0wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjYwNDI5MDAzMDEyWhcNMjYwNzI4MjM1OTU5
WjB6MUkwRwYDVQQFE0A4OTFkNjk1N2E5ZDUyYjYyMmZmNzM3NDQ0YWVjODc1NDQ4
ZmRlOTFkNWM5MjViNTQxNWRmMzBmMjE4OTBlYmRhMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC0zlRZrjL5cBFA1YZ0axYKYcFrsxBS8nyykWARjv0oDc/n
gzeivo89G7oy12VHp1IfdGxoAMdWuesH/Bo0GMgYQDyoy3hTITHiPSBRxVsAZFz3
fFo41R8zvEH/TLIiXOlE0pmdtr28+7WF+D5WR4DO88qPa4JJUvgUhBNSm2JT/Uih
lBA/zpF3fq9M5RjniyAkNy9uplMDA9E3g2/HA8RrBvQnExJLZDJ1eH8w6hnSGN0v
4x12JYZyptl03ECPDwn1rNjQHOkIIWysL+J7YUewKUvSphlkjwEoaeEZ+fAS0EPI
dBphGj5ixlYs0hRE/PZqJFQMbMfPDaXOgNFBeXdrAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU3JzH4zhzSWO4v9FzcP9QEhkxSd4wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzA0ZWUwM2I3LTEyYTYtNDFhOS1hMGNlLWFiN2UxOTdkMGFjMy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAXRNqAwDQYJKoZIhvcNAQELBQADggEBAC68YYNWrHl8D5niQmC958U5HSk5
HUHRlJ7JXvPdPbLQ+zkO/MNUSZ80+OIQnmgLK5xbYN5TfvK5VofBuGZMCJu61kQd
2JivqkLzMr3AZX4LseXkel4hWd+xPhXFQbBtujgiZtvpd9/1oIM2VM+kLJIPYWXM
ArO+eP+IjKcZMHiu9fB3yvNop1j9z55Mv/Rbbwc177rBClbG5ed1EYeX0HjE1k+T
IkXOTRCuE/UXODbAabGdCjFRHDib//m2UTFihGaqk5BHUfLQTlPDfwcqjp89WTGL
gDV+mXwVh7rFcqC6l785NE8HS6PBPE+dlytL1/8wlRhxhJnhGDQt3cWRXUg=
-----END CERTIFICATE-----
Generated at Mon May 11 13:22:24 2026 by rpki-client