Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/51da4dbc-78d8-46ad-8bd3-69eddb3a96eb.roa
File:                     51da4dbc-78d8-46ad-8bd3-69eddb3a96eb.roa (raw, json)
Hash identifier:          HyOBpPMnvGu5jjbrJF+bBtGTT47tFr394Fg75oaxujw=
Subject key identifier:   D0:3F:E8:D9:D2:29:A7:F0:B5:EF:23:C7:DF:6F:07:5F:7D:C2:25:17
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       2218DB90B9CFA69BC78E38495E0175ACFD64E70E
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/51da4dbc-78d8-46ad-8bd3-69eddb3a96eb.roa
Signing time:             Wed 29 Apr 2026 00:21:10 +0000
ROA not before:           Wed 29 Apr 2026 00:21:10 +0000
ROA not after:            Tue 28 Jul 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        99.77.248.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Mon 04 May 2026 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            22:18:db:90:b9:cf:a6:9b:c7:8e:38:49:5e:01:75:ac:fd:64:e7:0e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Apr 29 00:21:10 2026 GMT
            Not After : Jul 28 23:59:59 2026 GMT
        Subject: serialNumber=12c6ed6abb604f98a292087cf9364219d045157f471d35143c56656c80fb0d2f, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:ed:9c:ce:fb:5f:c2:6a:63:61:fc:10:98:66:
                    e7:22:cb:ac:cf:bd:73:24:14:c2:31:21:99:0d:4a:
                    db:85:da:6a:35:78:6c:f3:29:30:1b:b2:c4:d1:1d:
                    c2:8a:87:cf:71:17:90:1a:49:b2:f4:bf:a9:d7:83:
                    49:b7:32:48:6f:2b:ac:54:0f:1a:61:57:3e:dd:f3:
                    7a:3e:1c:56:ab:b4:64:38:2f:92:4e:6d:05:d5:e5:
                    be:04:62:5b:d9:de:f1:92:ee:ed:34:9e:fc:29:77:
                    a8:6c:0b:bd:e9:71:08:67:01:c4:cc:8c:eb:50:4c:
                    4f:36:05:01:f5:4e:c0:2f:2b:7c:83:94:05:7d:93:
                    34:55:de:f8:07:50:bb:3a:e4:76:71:6c:42:1d:05:
                    62:2f:20:94:6b:d0:75:7d:72:23:11:34:23:7f:5f:
                    61:4d:fd:14:b5:ab:c7:ff:fe:59:9a:5b:a0:0e:fd:
                    f6:7d:ac:da:59:fd:7f:b8:0a:1d:c1:d7:17:45:fe:
                    82:58:ba:14:b2:f3:79:72:62:aa:be:86:a4:12:e2:
                    b8:10:cb:86:a9:8d:74:4d:76:cf:bb:84:34:80:48:
                    2c:6d:78:33:31:5f:3c:d8:b4:aa:c1:c9:e6:47:9b:
                    d2:22:5f:c3:50:a5:37:2c:a0:f2:60:1d:aa:6a:39:
                    47:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D0:3F:E8:D9:D2:29:A7:F0:B5:EF:23:C7:DF:6F:07:5F:7D:C2:25:17
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/51da4dbc-78d8-46ad-8bd3-69eddb3a96eb.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  99.77.248.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4c:59:39:03:1e:24:04:15:13:c3:51:0a:57:cb:84:b6:9c:cb:
         42:be:50:98:7d:c8:2f:0d:84:d6:7d:13:ac:e4:95:e8:08:bb:
         4d:f6:3c:cb:b1:13:b2:ff:70:df:45:b3:21:9e:92:75:9a:de:
         de:ff:ee:33:48:a1:50:aa:02:98:60:24:5d:1b:97:81:cc:18:
         6f:df:23:da:ad:0c:54:99:03:30:86:ae:88:22:38:e2:55:e5:
         56:db:28:b9:ce:b8:10:6e:aa:0e:db:72:91:d8:d1:60:9e:15:
         94:73:d0:5b:05:ee:ae:8e:58:50:32:5f:43:be:40:7d:ed:70:
         26:72:be:36:88:af:a3:a7:0a:36:e9:bf:8b:66:bc:42:22:fa:
         72:37:67:c1:3c:6e:d7:54:2d:40:42:00:6f:56:73:fa:b4:53:
         8d:7c:4e:2f:6e:62:87:7a:82:65:b3:71:fd:bf:5e:52:2a:41:
         bd:f1:03:be:7e:7b:1a:ee:ff:44:2f:af:e6:e4:5d:8a:98:fd:
         2e:39:7b:52:ae:29:85:8a:ae:eb:3d:97:3a:27:16:af:8a:be:
         23:e4:2b:48:3b:c7:73:2a:83:60:da:f6:79:84:7c:dd:14:6e:
         e9:18:17:32:a0:3d:ef:c1:50:b9:e3:d4:d0:3e:c8:c8:44:f4:
         73:c0:e5:88
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUIhjbkLnPppvHjjhJXgF1rP1k5w4wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjYwNDI5MDAyMTEwWhcNMjYwNzI4MjM1OTU5
WjB6MUkwRwYDVQQFE0AxMmM2ZWQ2YWJiNjA0Zjk4YTI5MjA4N2NmOTM2NDIxOWQw
NDUxNTdmNDcxZDM1MTQzYzU2NjU2YzgwZmIwZDJmMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCe7ZzO+1/CamNh/BCYZuciy6zPvXMkFMIxIZkNStuF2mo1
eGzzKTAbssTRHcKKh89xF5AaSbL0v6nXg0m3MkhvK6xUDxphVz7d83o+HFartGQ4
L5JObQXV5b4EYlvZ3vGS7u00nvwpd6hsC73pcQhnAcTMjOtQTE82BQH1TsAvK3yD
lAV9kzRV3vgHULs65HZxbEIdBWIvIJRr0HV9ciMRNCN/X2FN/RS1q8f//lmaW6AO
/fZ9rNpZ/X+4Ch3B1xdF/oJYuhSy83lyYqq+hqQS4rgQy4apjXRNds+7hDSASCxt
eDMxXzzYtKrByeZHm9IiX8NQpTcsoPJgHapqOUfjAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU0D/o2dIpp/C17yPH328HX33CJRcwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzUxZGE0ZGJjLTc4ZDgtNDZhZC04YmQzLTY5ZWRkYjNhOTZlYi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBABjTfgwDQYJKoZIhvcNAQELBQADggEBAExZOQMeJAQVE8NRClfLhLacy0K+
UJh9yC8NhNZ9E6zklegIu032PMuxE7L/cN9FsyGeknWa3t7/7jNIoVCqAphgJF0b
l4HMGG/fI9qtDFSZAzCGrogiOOJV5VbbKLnOuBBuqg7bcpHY0WCeFZRz0FsF7q6O
WFAyX0O+QH3tcCZyvjaIr6OnCjbpv4tmvEIi+nI3Z8E8btdULUBCAG9Wc/q0U418
Ti9uYod6gmWzcf2/XlIqQb3xA75+exru/0Qvr+bkXYqY/S45e1KuKYWKrus9lzon
Fq+KviPkK0g7x3Mqg2Da9nmEfN0UbukYFzKgPe/BULnj1NA+yMhE9HPA5Yg=
-----END CERTIFICATE-----