Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/126de986-01c8-490c-bf22-c5770a1efd7c.roa
File:                     126de986-01c8-490c-bf22-c5770a1efd7c.roa (raw, json)
Hash identifier:          3HgWEi0R2cIQP8txEzdd5dy/uw1TelRK3XvuhpWPSl4=
Subject key identifier:   E2:6E:1A:18:20:B9:52:4A:C6:4D:60:97:01:9F:9A:E3:F3:37:B9:FE
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       5EB5B82FF738AD32FDA899C35B704F3DB67C4FE5
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/126de986-01c8-490c-bf22-c5770a1efd7c.roa
Signing time:             Mon 23 Feb 2026 00:51:24 +0000
ROA not before:           Mon 23 Feb 2026 00:51:24 +0000
ROA not after:            Sun 24 May 2026 23:59:59 +0000
asID:                     14618
IP address blocks:        54.196.0.0/15 maxlen: 15
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sat 28 Feb 2026 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5e:b5:b8:2f:f7:38:ad:32:fd:a8:99:c3:5b:70:4f:3d:b6:7c:4f:e5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Feb 23 00:51:24 2026 GMT
            Not After : May 24 23:59:59 2026 GMT
        Subject: serialNumber=85ef3295c025deb5af63fc5a99a19550b1af1680119438bdc6961d4b3335dc77, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:cb:21:9e:78:d7:c6:8f:32:32:a6:55:b9:a7:
                    25:5e:76:1f:c5:a0:be:b6:f9:cb:15:d0:4c:9e:af:
                    09:96:c8:c1:e3:d1:9d:18:70:ff:85:7d:80:66:b5:
                    d8:b7:c6:2e:c4:4c:21:f3:f0:85:5d:13:57:2e:dc:
                    08:76:25:b3:a4:d2:da:85:2a:80:79:ed:56:43:08:
                    e4:b9:89:1c:18:d0:cd:0f:d6:f9:3e:9c:ff:67:b1:
                    2f:bc:0a:54:36:e0:50:c9:ce:96:11:94:64:71:8b:
                    e5:cb:e7:af:0a:47:29:10:d4:ad:2c:ef:fb:72:6f:
                    59:be:92:30:d1:8d:cc:99:e0:da:f9:9c:28:78:d7:
                    26:58:cd:e6:5f:73:3f:5c:bc:81:e6:d1:dc:c9:4f:
                    85:b2:ac:a4:ed:8f:03:cb:5a:8f:bc:86:4d:00:84:
                    f2:47:f2:69:77:b2:18:65:ff:c3:1b:4a:20:4a:ee:
                    17:1d:25:21:bb:62:50:4b:f7:dc:f2:ee:f6:7b:3c:
                    30:59:78:b8:f9:22:8c:a0:f3:ce:13:b6:b8:1b:a9:
                    c0:cc:1a:50:20:d0:54:90:d6:dd:ea:e8:04:8d:90:
                    60:40:2c:f9:92:4f:1e:1c:04:77:5b:40:0a:4e:93:
                    2a:70:82:d0:a8:f4:83:27:ec:88:00:d8:c8:50:32:
                    3c:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E2:6E:1A:18:20:B9:52:4A:C6:4D:60:97:01:9F:9A:E3:F3:37:B9:FE
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/126de986-01c8-490c-bf22-c5770a1efd7c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  54.196.0.0/15

    Signature Algorithm: sha256WithRSAEncryption
         0a:39:56:15:3a:0d:63:40:b4:79:65:d0:3b:4b:f2:bd:00:3b:
         86:43:b3:5f:4a:e2:b7:fd:d6:86:3b:db:65:18:00:2b:8f:53:
         5c:75:b3:4b:bc:0c:b4:f4:10:81:fa:05:04:6f:e9:a3:59:17:
         f0:28:fc:7d:85:7d:c0:01:26:c7:89:ee:33:6f:a7:12:67:d3:
         99:a8:b7:32:5b:b5:1b:c1:a6:a9:f5:9d:f4:da:b1:78:33:20:
         c6:1f:c8:9f:99:08:94:f1:51:5d:15:40:80:79:7c:30:15:ef:
         3e:bb:ff:de:0e:c6:c7:8f:aa:77:87:ce:c7:0f:45:f3:24:3f:
         12:15:58:11:31:0a:94:19:f8:21:75:20:42:1a:67:eb:3c:e5:
         08:ee:cb:c2:24:39:4c:b9:7b:3b:37:36:bc:d4:cc:6b:03:8f:
         2d:5f:c1:4a:ac:a9:b2:be:48:eb:5a:63:8e:9e:b5:29:ed:c7:
         bd:23:91:96:9b:5c:cf:03:de:15:7c:31:77:72:9d:85:09:e1:
         5f:f7:88:6e:23:a8:a8:a3:3f:0b:4f:55:02:66:58:57:e9:fe:
         10:5c:b7:37:26:df:5a:68:33:3f:9e:63:68:06:a8:80:3d:93:
         97:d4:ff:81:16:80:a7:76:1f:70:05:72:ab:61:68:6a:6d:4a:
         59:1e:e3:2b
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUXrW4L/c4rTL9qJnDW3BPPbZ8T+UwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjYwMjIzMDA1MTI0WhcNMjYwNTI0MjM1OTU5
WjB6MUkwRwYDVQQFE0A4NWVmMzI5NWMwMjVkZWI1YWY2M2ZjNWE5OWExOTU1MGIx
YWYxNjgwMTE5NDM4YmRjNjk2MWQ0YjMzMzVkYzc3MS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDRyyGeeNfGjzIyplW5pyVedh/FoL62+csV0EyerwmWyMHj
0Z0YcP+FfYBmtdi3xi7ETCHz8IVdE1cu3Ah2JbOk0tqFKoB57VZDCOS5iRwY0M0P
1vk+nP9nsS+8ClQ24FDJzpYRlGRxi+XL568KRykQ1K0s7/tyb1m+kjDRjcyZ4Nr5
nCh41yZYzeZfcz9cvIHm0dzJT4WyrKTtjwPLWo+8hk0AhPJH8ml3shhl/8MbSiBK
7hcdJSG7YlBL99zy7vZ7PDBZeLj5Ioyg884TtrgbqcDMGlAg0FSQ1t3q6ASNkGBA
LPmSTx4cBHdbQApOkypwgtCo9IMn7IgA2MhQMjx3AgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQU4m4aGCC5UkrGTWCXAZ+a4/M3uf4wHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzEyNmRlOTg2LTAxYzgtNDkwYy1iZjIyLWM1NzcwYTFlZmQ3Yy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwE2xDANBgkqhkiG9w0BAQsFAAOCAQEACjlWFToNY0C0eWXQO0vyvQA7hkOz
X0rit/3WhjvbZRgAK49TXHWzS7wMtPQQgfoFBG/po1kX8Cj8fYV9wAEmx4nuM2+n
EmfTmai3Mlu1G8GmqfWd9NqxeDMgxh/In5kIlPFRXRVAgHl8MBXvPrv/3g7Gx4+q
d4fOxw9F8yQ/EhVYETEKlBn4IXUgQhpn6zzlCO7LwiQ5TLl7Ozc2vNTMawOPLV/B
Sqypsr5I61pjjp61Ke3HvSORlptczwPeFXwxd3KdhQnhX/eIbiOoqKM/C09VAmZY
V+n+EFy3NybfWmgzP55jaAaogD2Tl9T/gRaAp3YfcAVyq2Foam1KWR7jKw==
-----END CERTIFICATE-----