Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/b7c0cb74-fe99-4d60-a3ad-d4c299875974.roa
File:                     b7c0cb74-fe99-4d60-a3ad-d4c299875974.roa (raw, json)
Hash identifier:          gxyadpV675dLHkZYLAqN1OogWZpjuJF9h6pNxtYSWrE=
Subject key identifier:   18:A8:E4:57:97:F0:71:9E:5B:79:6B:BC:95:BB:5E:90:F5:DA:EE:75
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       7FFE7AE9F16FDE3E54F2B60B618E471206685F88
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/b7c0cb74-fe99-4d60-a3ad-d4c299875974.roa
Signing time:             Tue 19 May 2026 00:40:06 +0000
ROA not before:           Tue 19 May 2026 00:40:06 +0000
ROA not after:            Mon 17 Aug 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        204.130.202.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Mon 01 Jun 2026 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7f:fe:7a:e9:f1:6f:de:3e:54:f2:b6:0b:61:8e:47:12:06:68:5f:88
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: May 19 00:40:06 2026 GMT
            Not After : Aug 17 23:59:59 2026 GMT
        Subject: serialNumber=9f4aa955ee7d2f7688ac70958bc39452c404e26ae2dbb2f487b6b155b37bc5fc, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:62:94:e4:7b:33:80:1c:a1:e9:ad:b7:b5:fa:
                    03:25:f8:7a:ee:11:e3:c2:2a:ae:fc:f6:19:6b:d0:
                    c5:df:91:bc:1b:bd:60:3a:34:be:93:a3:28:8b:45:
                    16:16:32:b3:df:a0:95:f8:15:7d:88:0d:a1:bc:7a:
                    a8:89:fa:01:58:00:3a:e8:79:41:e9:29:09:e7:30:
                    34:81:ef:e0:59:c7:21:54:42:53:58:64:89:8e:0d:
                    ee:13:e1:9d:48:77:a8:0e:f2:2a:78:0e:29:92:9a:
                    22:2b:06:26:0b:f5:88:09:03:51:2d:00:8b:6a:0d:
                    31:02:82:7b:99:cc:69:ed:65:6a:7a:2e:bd:bc:ee:
                    47:74:23:3c:0e:47:04:43:b4:4b:07:96:a8:43:d7:
                    81:2d:4a:60:23:2a:71:e5:29:64:4a:6f:9f:5d:0b:
                    ae:7d:b5:f7:7a:fb:d0:3d:1d:92:43:53:23:37:b9:
                    14:8e:3f:d8:f7:d1:8a:c5:d9:65:2e:1c:14:d1:da:
                    65:22:33:35:57:82:be:fb:40:11:6f:c2:75:71:fc:
                    37:07:36:26:0a:dd:c1:3a:a0:25:15:82:44:d8:0f:
                    a9:41:29:e2:4f:4f:e0:c0:35:48:a7:3b:89:0a:1e:
                    d0:e0:42:f5:23:54:1a:a9:0e:50:70:b3:cd:dd:86:
                    31:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                18:A8:E4:57:97:F0:71:9E:5B:79:6B:BC:95:BB:5E:90:F5:DA:EE:75
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/b7c0cb74-fe99-4d60-a3ad-d4c299875974.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  204.130.202.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8a:a3:1e:38:e2:a8:db:0a:56:57:11:77:89:fb:a9:5a:b9:6c:
         0c:d8:69:49:ef:01:80:72:a2:90:bf:a0:f8:e9:60:76:fe:64:
         17:cb:5b:3a:2e:e0:5c:ff:45:25:9c:7c:46:e2:74:59:44:35:
         26:57:f4:49:a9:c0:0e:21:f9:d0:25:39:80:2a:51:43:be:a8:
         da:db:94:29:13:dc:54:74:2c:b8:e9:dc:8c:07:e8:5a:65:33:
         30:ae:8e:32:12:6e:4b:b6:37:12:00:8b:23:6c:81:9a:9f:bc:
         22:05:f9:3c:b6:2e:d8:a9:75:58:5a:85:84:d7:86:b5:fc:ec:
         de:31:74:f6:4f:69:e5:ce:25:6a:0c:9f:1d:65:e9:1a:a1:37:
         62:a8:e3:75:2e:17:d1:6f:72:8f:61:20:6e:9a:49:40:af:3b:
         b2:a1:a0:0c:7e:71:20:f1:86:eb:7a:81:a0:fc:7b:37:95:8e:
         69:1e:19:50:79:4c:6b:72:5c:0f:12:e3:b8:0f:72:6f:5b:0f:
         bc:2b:06:ba:8b:20:b0:4b:ac:fe:4d:e6:3b:78:0b:a6:a9:cc:
         1a:d8:cd:0c:10:75:55:a5:e0:9d:54:6c:a4:55:f9:8d:3c:d8:
         cf:f0:55:b4:82:f9:3c:8b:03:bb:1a:a3:eb:5a:af:8a:59:a3:
         24:dc:3b:56
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUf/566fFv3j5U8rYLYY5HEgZoX4gwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjYwNTE5MDA0MDA2WhcNMjYwODE3MjM1OTU5
WjB6MUkwRwYDVQQFE0A5ZjRhYTk1NWVlN2QyZjc2ODhhYzcwOTU4YmMzOTQ1MmM0
MDRlMjZhZTJkYmIyZjQ4N2I2YjE1NWIzN2JjNWZjMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC7YpTkezOAHKHprbe1+gMl+HruEePCKq789hlr0MXfkbwb
vWA6NL6ToyiLRRYWMrPfoJX4FX2IDaG8eqiJ+gFYADroeUHpKQnnMDSB7+BZxyFU
QlNYZImODe4T4Z1Id6gO8ip4DimSmiIrBiYL9YgJA1EtAItqDTECgnuZzGntZWp6
Lr287kd0IzwORwRDtEsHlqhD14EtSmAjKnHlKWRKb59dC659tfd6+9A9HZJDUyM3
uRSOP9j30YrF2WUuHBTR2mUiMzVXgr77QBFvwnVx/DcHNiYK3cE6oCUVgkTYD6lB
KeJPT+DANUinO4kKHtDgQvUjVBqpDlBws83dhjE1AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUGKjkV5fwcZ5beWu8lbtekPXa7nUwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2I3YzBjYjc0LWZlOTktNGQ2MC1hM2FkLWQ0YzI5OTg3NTk3NC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADMgsowDQYJKoZIhvcNAQELBQADggEBAIqjHjjiqNsKVlcRd4n7qVq5bAzY
aUnvAYByopC/oPjpYHb+ZBfLWzou4Fz/RSWcfEbidFlENSZX9EmpwA4h+dAlOYAq
UUO+qNrblCkT3FR0LLjp3IwH6FplMzCujjISbku2NxIAiyNsgZqfvCIF+Ty2Ltip
dVhahYTXhrX87N4xdPZPaeXOJWoMnx1l6RqhN2Ko43UuF9Fvco9hIG6aSUCvO7Kh
oAx+cSDxhut6gaD8ezeVjmkeGVB5TGtyXA8S47gPcm9bD7wrBrqLILBLrP5N5jt4
C6apzBrYzQwQdVWl4J1UbKRV+Y082M/wVbSC+TyLA7sao+tar4pZoyTcO1Y=
-----END CERTIFICATE-----