Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/23ef0758-1090-4510-af75-cb75140d882f.roa
File:                     23ef0758-1090-4510-af75-cb75140d882f.roa (raw, json)
Hash identifier:          4Sl3ZZRJ1uiYB8UI3tBnje+kNp21GhM3Kegh91p7vXw=
Subject key identifier:   08:66:BF:73:C8:8D:01:D6:FD:89:12:C0:63:94:1F:A1:0B:D3:77:79
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       550EFE122F89AD0B99AD391ACA01E9C28180EDE0
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/23ef0758-1090-4510-af75-cb75140d882f.roa
Signing time:             Wed 29 Apr 2026 00:20:30 +0000
ROA not before:           Wed 29 Apr 2026 00:20:30 +0000
ROA not after:            Tue 28 Jul 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        56.176.0.0/16 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Mon 04 May 2026 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            55:0e:fe:12:2f:89:ad:0b:99:ad:39:1a:ca:01:e9:c2:81:80:ed:e0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Apr 29 00:20:30 2026 GMT
            Not After : Jul 28 23:59:59 2026 GMT
        Subject: serialNumber=983d24431053e4c76eecdbb63982b2c3970ceaa90c6ca4c08906fdf94eff3101, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:51:10:fa:8d:d7:dc:5e:10:51:97:f5:a1:96:
                    11:b6:e5:d6:2e:86:4c:a1:f8:9d:fc:c5:d3:0d:dd:
                    1a:ef:46:4c:2d:03:d4:0b:23:ac:94:e3:c7:03:14:
                    1a:35:18:fd:19:6c:74:c7:d5:54:b8:af:7f:45:8a:
                    43:5b:37:9e:e0:96:7a:f4:67:ba:3d:61:0a:00:12:
                    ad:b8:93:cf:70:38:26:c2:59:60:3f:92:7d:18:6e:
                    4f:79:cf:11:f2:6a:b8:43:09:92:ef:db:a4:8e:b8:
                    f1:a9:d4:62:9a:44:59:c2:25:38:6d:8f:2a:86:3a:
                    93:a1:00:8e:67:25:c9:fa:df:88:30:50:bc:60:d2:
                    46:aa:b6:1c:b0:51:fe:bc:0e:de:ba:f7:a4:3d:01:
                    88:44:32:1e:3a:46:32:5c:f5:3f:4d:c6:2b:11:fd:
                    e3:12:93:5c:35:92:88:5c:1c:98:97:aa:ae:24:f6:
                    ee:a1:01:2c:50:2b:aa:69:c6:c8:5d:d8:5e:f8:7b:
                    ef:f4:b3:48:f9:8a:4f:9a:c7:4a:67:7d:8a:5f:dd:
                    cd:9f:49:e3:43:d6:95:36:0a:ed:55:29:a5:84:4a:
                    52:ce:6f:fe:70:2d:6d:a0:fd:44:72:82:9f:cb:06:
                    73:84:03:99:ad:3a:69:c3:33:6f:60:28:2b:c0:14:
                    64:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                08:66:BF:73:C8:8D:01:D6:FD:89:12:C0:63:94:1F:A1:0B:D3:77:79
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/23ef0758-1090-4510-af75-cb75140d882f.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  56.176.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         6e:0d:4e:c5:44:e6:77:18:46:19:50:e6:6b:9d:30:91:a3:df:
         56:4f:3e:78:bb:1a:94:d3:51:d1:2d:42:56:d0:29:87:f2:db:
         7d:8e:e4:58:e5:bb:90:be:ee:d0:38:e9:5a:4b:cd:e2:84:51:
         df:09:04:06:0a:ad:12:10:09:b1:ee:b7:58:f4:af:75:d7:fe:
         9a:c5:79:23:9f:de:40:70:fd:4f:4b:87:81:63:9e:d0:7a:10:
         3c:f1:92:9d:eb:e0:7b:df:28:cc:87:3b:ae:69:8e:89:ce:cd:
         1f:d0:c3:a5:72:f7:b9:ba:d0:0f:9f:d4:85:2e:a1:dc:54:4e:
         f2:72:c6:1e:a9:6d:20:3a:d0:aa:b4:97:68:36:6f:6b:7b:87:
         e4:68:fd:bd:8f:2e:f9:0b:0b:6b:21:3c:55:80:6c:48:01:96:
         c5:40:6b:d6:0f:e8:37:36:2d:73:97:19:bc:03:4a:0b:68:d4:
         dd:6a:72:ab:36:c0:8e:a5:7e:ff:47:46:8d:80:97:03:9b:93:
         1d:ea:ed:72:b8:ee:a0:fa:c3:49:5e:9b:d4:43:58:17:d6:46:
         b9:5c:12:26:74:16:e2:54:cd:c1:e6:91:13:e1:d6:0c:fb:a5:
         9f:30:2c:0d:14:b8:30:95:49:cb:3c:d2:02:ce:54:12:56:1e:
         b5:ea:a4:81
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUVQ7+Ei+JrQuZrTkaygHpwoGA7eAwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjYwNDI5MDAyMDMwWhcNMjYwNzI4MjM1OTU5
WjB6MUkwRwYDVQQFE0A5ODNkMjQ0MzEwNTNlNGM3NmVlY2RiYjYzOTgyYjJjMzk3
MGNlYWE5MGM2Y2E0YzA4OTA2ZmRmOTRlZmYzMTAxMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDIURD6jdfcXhBRl/WhlhG25dYuhkyh+J38xdMN3RrvRkwt
A9QLI6yU48cDFBo1GP0ZbHTH1VS4r39FikNbN57glnr0Z7o9YQoAEq24k89wOCbC
WWA/kn0Ybk95zxHyarhDCZLv26SOuPGp1GKaRFnCJThtjyqGOpOhAI5nJcn634gw
ULxg0kaqthywUf68Dt6696Q9AYhEMh46RjJc9T9NxisR/eMSk1w1kohcHJiXqq4k
9u6hASxQK6ppxshd2F74e+/0s0j5ik+ax0pnfYpf3c2fSeND1pU2Cu1VKaWESlLO
b/5wLW2g/URygp/LBnOEA5mtOmnDM29gKCvAFGQVAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUCGa/c8iNAdb9iRLAY5QfoQvTd3kwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzIzZWYwNzU4LTEwOTAtNDUxMC1hZjc1LWNiNzUxNDBkODgyZi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwA4sDANBgkqhkiG9w0BAQsFAAOCAQEAbg1OxUTmdxhGGVDma50wkaPfVk8+
eLsalNNR0S1CVtAph/LbfY7kWOW7kL7u0DjpWkvN4oRR3wkEBgqtEhAJse63WPSv
ddf+msV5I5/eQHD9T0uHgWOe0HoQPPGSnevge98ozIc7rmmOic7NH9DDpXL3ubrQ
D5/UhS6h3FRO8nLGHqltIDrQqrSXaDZva3uH5Gj9vY8u+QsLayE8VYBsSAGWxUBr
1g/oNzYtc5cZvANKC2jU3WpyqzbAjqV+/0dGjYCXA5uTHertcrjuoPrDSV6b1ENY
F9ZGuVwSJnQW4lTNweaRE+HWDPulnzAsDRS4MJVJyzzSAs5UElYeteqkgQ==
-----END CERTIFICATE-----