Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/2977b60b-b2d9-4d0f-a727-0112619219c9.roa
File:                     2977b60b-b2d9-4d0f-a727-0112619219c9.roa (raw, json)
Hash identifier:          cKmSfgtwlW+Jlm+C5OXwUjoO6xnOHllqQGBMU5eXcD0=
Subject key identifier:   2F:35:C0:6C:7C:B8:0B:E0:74:8E:26:3D:86:C5:4F:84:8D:89:AC:28
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       0DCDD639527F2F87AC5B6D8962B30E74AFCC6D2A
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/2977b60b-b2d9-4d0f-a727-0112619219c9.roa
Signing time:             Tue 24 Feb 2026 04:01:01 +0000
ROA not before:           Tue 24 Feb 2026 04:01:01 +0000
ROA not after:            Mon 25 May 2026 23:59:59 +0000
asID:                     14618
IP address blocks:        54.224.0.0/16 maxlen: 16
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 26 Feb 2026 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0d:cd:d6:39:52:7f:2f:87:ac:5b:6d:89:62:b3:0e:74:af:cc:6d:2a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Feb 24 04:01:01 2026 GMT
            Not After : May 25 23:59:59 2026 GMT
        Subject: serialNumber=8a188fa6b81d58a6aa92e217c18d3d0d489573a1932d2817513e0ca1078f9db5, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:3a:69:d4:ca:01:68:81:50:37:8a:5b:2f:f7:
                    e9:83:ed:59:d3:03:af:3e:e4:2d:e3:eb:a5:00:05:
                    b1:5b:07:32:4b:c0:c4:ee:0d:3b:43:2e:64:23:30:
                    e3:4a:f8:9e:44:99:36:23:23:eb:bd:7c:62:5d:6d:
                    de:35:1c:fc:2c:71:4c:84:e1:eb:e2:a0:95:45:ab:
                    7c:67:d1:b6:e9:c7:72:71:4d:7f:b5:04:9a:0e:ad:
                    15:28:af:83:31:6d:de:12:19:75:0a:72:d3:90:ec:
                    6a:73:cb:46:8a:a5:f8:49:f7:93:23:82:03:8c:d3:
                    6e:91:05:76:84:9a:bb:12:68:9b:91:16:a9:0e:6a:
                    88:34:08:59:40:8e:89:79:2d:14:36:62:2c:ab:5b:
                    87:4b:28:b1:30:97:5f:7b:aa:19:ca:be:6f:43:25:
                    92:cb:a4:d5:bd:89:fe:5b:85:1b:02:b7:3e:31:61:
                    da:52:14:31:d3:a4:ec:b6:43:46:76:10:b2:9a:9b:
                    7f:e5:fb:96:a2:bd:d5:4a:ec:78:07:be:2a:a4:a0:
                    79:7f:33:d0:e3:51:f0:38:3e:10:ba:53:44:7e:41:
                    7e:c4:85:af:42:b4:44:c8:74:1a:78:47:03:91:d1:
                    0c:1a:ea:d5:6e:f5:c4:3a:58:42:c5:6f:fa:c5:a4:
                    1b:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2F:35:C0:6C:7C:B8:0B:E0:74:8E:26:3D:86:C5:4F:84:8D:89:AC:28
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/2977b60b-b2d9-4d0f-a727-0112619219c9.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  54.224.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         aa:53:2a:45:10:92:2f:c7:d4:39:f2:bb:d2:b7:59:3e:c6:e3:
         c2:5e:c6:5f:ad:7e:4c:09:dd:ef:59:9b:6e:ef:b8:a6:49:fc:
         3b:4a:ce:8a:f0:6a:79:f7:08:56:4f:6d:68:1d:c8:e6:56:9a:
         37:64:6e:03:05:b7:45:40:bb:c3:9c:b9:b0:98:8c:c0:e0:de:
         85:fd:31:2b:47:d0:a0:7e:fd:08:5a:ae:03:eb:a9:3e:74:9a:
         19:a3:fd:18:db:13:57:3d:80:5e:3a:45:2b:61:63:7d:1a:39:
         c9:8c:c6:59:34:22:f3:4d:2d:30:7f:80:d2:ed:14:dd:c4:9d:
         27:32:03:58:c2:5d:14:47:25:b3:00:e9:a9:94:65:c6:bb:79:
         0d:00:53:1b:af:74:37:b4:74:9d:d8:b7:3b:9a:c9:1b:84:7a:
         4e:c0:8f:6c:2b:22:cf:a7:b6:54:d3:dc:c6:b9:ae:06:5b:5c:
         fa:65:66:af:83:41:30:32:56:43:39:d4:0b:08:b9:fb:40:16:
         ec:ab:37:60:c5:ca:df:ac:b0:b5:04:aa:9b:59:20:b5:e3:fc:
         66:0b:00:49:bf:c5:ad:de:cd:6d:b2:88:b3:7e:43:7d:88:60:
         dd:3d:1b:7c:b3:16:80:35:36:61:34:6d:ec:33:0d:c9:91:7e:
         f5:9b:e5:fb
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUDc3WOVJ/L4esW22JYrMOdK/MbSowDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjYwMjI0MDQwMTAxWhcNMjYwNTI1MjM1OTU5
WjB6MUkwRwYDVQQFE0A4YTE4OGZhNmI4MWQ1OGE2YWE5MmUyMTdjMThkM2QwZDQ4
OTU3M2ExOTMyZDI4MTc1MTNlMGNhMTA3OGY5ZGI1MS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDFOmnUygFogVA3ilsv9+mD7VnTA68+5C3j66UABbFbBzJL
wMTuDTtDLmQjMONK+J5EmTYjI+u9fGJdbd41HPwscUyE4evioJVFq3xn0bbpx3Jx
TX+1BJoOrRUor4Mxbd4SGXUKctOQ7Gpzy0aKpfhJ95MjggOM026RBXaEmrsSaJuR
FqkOaog0CFlAjol5LRQ2YiyrW4dLKLEwl197qhnKvm9DJZLLpNW9if5bhRsCtz4x
YdpSFDHTpOy2Q0Z2ELKam3/l+5aivdVK7HgHviqkoHl/M9DjUfA4PhC6U0R+QX7E
ha9CtETIdBp4RwOR0Qwa6tVu9cQ6WELFb/rFpBvHAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQULzXAbHy4C+B0jiY9hsVPhI2JrCgwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzI5NzdiNjBiLWIyZDktNGQwZi1hNzI3LTAxMTI2MTkyMTljOS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwA24DANBgkqhkiG9w0BAQsFAAOCAQEAqlMqRRCSL8fUOfK70rdZPsbjwl7G
X61+TAnd71mbbu+4pkn8O0rOivBqefcIVk9taB3I5laaN2RuAwW3RUC7w5y5sJiM
wODehf0xK0fQoH79CFquA+upPnSaGaP9GNsTVz2AXjpFK2FjfRo5yYzGWTQi800t
MH+A0u0U3cSdJzIDWMJdFEclswDpqZRlxrt5DQBTG690N7R0ndi3O5rJG4R6TsCP
bCsiz6e2VNPcxrmuBltc+mVmr4NBMDJWQznUCwi5+0AW7Ks3YMXK36ywtQSqm1kg
teP8ZgsASb/Frd7NbbKIs35DfYhg3T0bfLMWgDU2YTRt7DMNyZF+9Zvl+w==
-----END CERTIFICATE-----