Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/08ebce69-c02b-4567-bb6e-afa6d1019fd0.roa
File:                     08ebce69-c02b-4567-bb6e-afa6d1019fd0.roa (raw, json)
Hash identifier:          8H9et7d37RqXpdvtn/LVQ9LNZLp8r10x47KIm4VxQ4U=
Subject key identifier:   25:C1:B3:E5:00:44:F5:7E:D3:24:BC:34:34:5C:58:FB:E9:85:3D:3C
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       09233FA37E8FA1D1FA5085801107E1415DB954EF
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/08ebce69-c02b-4567-bb6e-afa6d1019fd0.roa
Signing time:             Tue 19 May 2026 02:31:45 +0000
ROA not before:           Tue 19 May 2026 02:31:45 +0000
ROA not after:            Mon 17 Aug 2026 23:59:59 +0000
asID:                     14618
IP address blocks:        54.240.216.0/22 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 14 Jun 2026 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            09:23:3f:a3:7e:8f:a1:d1:fa:50:85:80:11:07:e1:41:5d:b9:54:ef
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: May 19 02:31:45 2026 GMT
            Not After : Aug 17 23:59:59 2026 GMT
        Subject: serialNumber=84f5e1105a1854f8b96250d2e6e16b76bb5fd82daebeb5f109125f85d357a4ce, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:a9:3f:ae:e4:ac:f0:0a:11:4c:02:59:52:58:
                    29:f6:b0:0d:01:0f:d6:9e:17:ef:6e:5c:bf:6e:6d:
                    78:98:09:f8:c3:af:40:63:b3:a4:16:87:f4:65:75:
                    81:cb:2a:a0:7c:99:36:3c:ac:1d:7a:00:eb:ce:12:
                    e2:c1:94:29:1b:0f:09:29:26:82:1a:46:1b:d7:81:
                    6c:bf:71:8e:79:82:f8:49:b9:9a:eb:15:f1:29:1b:
                    2a:43:d9:a3:3b:5f:37:36:fc:63:08:86:30:5e:40:
                    87:d2:60:8b:3b:d0:7a:f9:5a:a1:d1:2b:db:e5:c1:
                    ab:c7:1b:3f:51:c9:30:e0:79:b5:bc:5d:a0:62:1e:
                    b9:72:02:87:ee:c8:77:d4:d6:33:7d:42:1a:50:59:
                    0d:c5:50:39:70:c2:46:94:a6:e8:7e:0a:2d:43:1a:
                    98:aa:66:a1:ad:01:c0:3f:c8:ff:6b:bf:08:7c:85:
                    1a:31:24:78:6c:03:e5:90:b6:13:7a:e7:97:17:e3:
                    fc:0d:11:0a:32:ed:32:a3:4f:46:5c:bf:3f:bf:c9:
                    df:4d:49:f1:e7:12:1a:04:f8:13:43:52:24:40:dc:
                    ac:0a:20:b7:66:a9:e9:09:c5:00:44:0d:80:a1:22:
                    a9:c7:0d:c5:f9:ec:5a:db:48:ad:63:cc:70:ff:1c:
                    d4:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                25:C1:B3:E5:00:44:F5:7E:D3:24:BC:34:34:5C:58:FB:E9:85:3D:3C
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/08ebce69-c02b-4567-bb6e-afa6d1019fd0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  54.240.216.0/22

    Signature Algorithm: sha256WithRSAEncryption
         88:fb:c4:e1:fd:0b:d9:56:e2:a1:06:d2:23:31:9a:9c:33:83:
         71:d5:fc:b1:10:be:10:91:a7:a9:44:f7:2f:4a:e6:f8:ed:11:
         b4:75:0e:33:6e:5c:2d:d3:f1:9c:0b:19:0a:8b:e7:f1:62:29:
         15:ad:0f:21:61:82:c0:f9:fb:2f:e3:c8:ce:87:2b:72:83:a0:
         69:95:e3:dd:18:57:53:02:53:52:a9:dd:bf:e9:a5:a6:9d:a6:
         ad:f2:3e:68:8e:4e:b0:c0:3c:89:ae:75:23:bd:8a:66:4b:d5:
         b6:c0:e5:a1:ca:1a:d9:c9:22:df:3f:a8:18:c3:f2:cc:80:d5:
         a3:4d:88:d9:33:4f:a9:d3:1b:16:e5:77:37:4c:cc:c1:4a:fb:
         b4:c7:8f:3a:6c:7d:da:8b:c0:3d:44:9f:9f:a6:ea:b3:19:ff:
         b2:7e:47:dc:86:04:19:4d:08:ac:0d:59:ce:cd:b2:ac:4e:ff:
         7f:31:65:af:d7:ea:ea:14:c7:7e:51:72:53:96:37:8f:e2:19:
         5c:9d:e6:be:88:fb:39:90:4c:f5:2a:07:f1:50:ae:80:36:c7:
         f9:4a:6d:b1:3f:03:6f:21:d9:a2:32:07:f2:e9:3f:68:3b:54:
         c4:68:0d:7c:46:7b:f0:87:00:e6:2f:8f:b5:e4:94:79:df:f5:
         71:22:f7:ee
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUCSM/o36PodH6UIWAEQfhQV25VO8wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjYwNTE5MDIzMTQ1WhcNMjYwODE3MjM1OTU5
WjB6MUkwRwYDVQQFE0A4NGY1ZTExMDVhMTg1NGY4Yjk2MjUwZDJlNmUxNmI3NmJi
NWZkODJkYWViZWI1ZjEwOTEyNWY4NWQzNTdhNGNlMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC4qT+u5KzwChFMAllSWCn2sA0BD9aeF+9uXL9ubXiYCfjD
r0Bjs6QWh/RldYHLKqB8mTY8rB16AOvOEuLBlCkbDwkpJoIaRhvXgWy/cY55gvhJ
uZrrFfEpGypD2aM7Xzc2/GMIhjBeQIfSYIs70Hr5WqHRK9vlwavHGz9RyTDgebW8
XaBiHrlyAofuyHfU1jN9QhpQWQ3FUDlwwkaUpuh+Ci1DGpiqZqGtAcA/yP9rvwh8
hRoxJHhsA+WQthN655cX4/wNEQoy7TKjT0Zcvz+/yd9NSfHnEhoE+BNDUiRA3KwK
ILdmqekJxQBEDYChIqnHDcX57FrbSK1jzHD/HNShAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUJcGz5QBE9X7TJLw0NFxY++mFPTwwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzA4ZWJjZTY5LWMwMmItNDU2Ny1iYjZlLWFmYTZkMTAxOWZkMC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAI28NgwDQYJKoZIhvcNAQELBQADggEBAIj7xOH9C9lW4qEG0iMxmpwzg3HV
/LEQvhCRp6lE9y9K5vjtEbR1DjNuXC3T8ZwLGQqL5/FiKRWtDyFhgsD5+y/jyM6H
K3KDoGmV490YV1MCU1Kp3b/ppaadpq3yPmiOTrDAPImudSO9imZL1bbA5aHKGtnJ
It8/qBjD8syA1aNNiNkzT6nTGxbldzdMzMFK+7THjzpsfdqLwD1En5+m6rMZ/7J+
R9yGBBlNCKwNWc7NsqxO/38xZa/X6uoUx35RclOWN4/iGVyd5r6I+zmQTPUqB/FQ
roA2x/lKbbE/A28h2aIyB/LpP2g7VMRoDXxGe/CHAOYvj7XklHnf9XEi9+4=
-----END CERTIFICATE-----