Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/38326fa1-49e7-4ea9-9996-2cd0a6abd83f.roa
File:                     38326fa1-49e7-4ea9-9996-2cd0a6abd83f.roa (raw, json)
Hash identifier:          6o+b/TV++ReK19HipeRzK8WbCeivfbsVI5aqaRc6t1g=
Subject key identifier:   87:6A:53:9C:5E:A8:C8:81:E9:8C:CE:0D:BF:32:33:AB:AA:CD:DB:C5
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       3EE49FB57A2C5FFF03AE3D37DA2E62F6526AD08C
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/38326fa1-49e7-4ea9-9996-2cd0a6abd83f.roa
Signing time:             Sun 17 May 2026 01:20:33 +0000
ROA not before:           Sun 17 May 2026 01:20:33 +0000
ROA not after:            Sat 15 Aug 2026 23:59:59 +0000
asID:                     8987
IP address blocks:        52.46.176.0/22 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 04 Jun 2026 20:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3e:e4:9f:b5:7a:2c:5f:ff:03:ae:3d:37:da:2e:62:f6:52:6a:d0:8c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: May 17 01:20:33 2026 GMT
            Not After : Aug 15 23:59:59 2026 GMT
        Subject: serialNumber=357254e44881fe192d986b6fb3e4217041720f01680cbd5c40ddd0c7f49ec5d1, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:61:ae:d0:42:d2:77:b7:8b:d9:dd:06:cc:47:
                    b1:35:d3:eb:f2:0b:6f:b8:be:4a:c6:75:28:82:61:
                    06:70:60:96:e6:e0:84:f9:41:1e:0e:6d:f8:58:93:
                    7f:02:f0:99:d4:b0:e5:ca:f7:15:09:be:5f:43:ee:
                    3b:e7:ab:5d:71:f1:c6:ce:5c:b1:0c:76:9a:92:38:
                    23:7c:3c:bb:35:e4:7f:ae:ee:53:7a:ef:cd:56:b7:
                    77:7e:99:34:ce:ef:d5:e0:a8:45:e6:a2:ba:88:07:
                    44:c0:34:8c:8d:01:42:81:78:94:4e:da:10:eb:91:
                    79:dc:17:5b:51:25:5c:62:20:37:0c:72:dd:e7:e3:
                    4f:12:89:53:36:be:09:ec:b6:db:a1:b9:17:28:b1:
                    e5:41:13:03:d3:6f:b4:8f:43:6e:b1:b2:0c:18:ba:
                    28:e3:95:62:bf:8f:ed:b3:57:e3:fb:17:30:c8:d2:
                    e3:39:c7:66:e8:7b:ab:02:69:3e:9d:b2:3d:72:e1:
                    d3:97:64:42:e8:82:e6:70:9b:78:cf:e7:86:d5:0c:
                    92:66:2e:5f:7a:d9:e8:0a:a4:03:25:8b:65:c9:27:
                    2d:5d:46:7c:c8:13:72:60:b8:e9:f8:2b:ff:29:bd:
                    64:4c:04:7d:19:b4:66:47:c5:e6:d7:03:40:4c:f2:
                    be:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                87:6A:53:9C:5E:A8:C8:81:E9:8C:CE:0D:BF:32:33:AB:AA:CD:DB:C5
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/38326fa1-49e7-4ea9-9996-2cd0a6abd83f.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  52.46.176.0/22

    Signature Algorithm: sha256WithRSAEncryption
         12:c9:3e:ef:59:b6:13:7a:04:6c:96:46:60:54:05:d7:df:c7:
         86:a9:ff:07:02:5d:10:4b:31:ca:50:fb:7a:bc:12:d5:a0:42:
         2b:bc:c2:df:dd:c4:60:0f:7b:29:c0:f1:ad:e2:15:38:cd:a7:
         a9:ad:0e:16:41:5e:3b:aa:eb:d3:7e:af:1d:ee:dd:76:ab:ff:
         2b:88:cd:29:69:ed:08:8f:16:75:8b:54:c1:9a:53:55:a7:50:
         f5:7e:3c:99:56:1a:cc:f0:94:75:28:12:6c:1c:45:5f:d8:fa:
         51:81:a5:94:51:2c:df:52:cf:ca:74:72:48:5a:8c:3f:65:d3:
         6d:cf:87:9f:d1:38:e0:43:0e:0f:96:6c:d7:d3:01:b2:7d:1e:
         ba:71:34:60:6c:1d:d3:e7:5f:77:83:2a:56:15:06:6c:09:c2:
         8b:8f:52:02:61:69:78:49:ba:01:75:88:17:9b:a9:a9:d5:49:
         68:5a:c6:b5:3e:8f:e4:f9:bd:6e:cd:c2:c8:7c:6e:e7:f4:3f:
         34:d7:a9:9c:7d:ec:a2:09:e8:a9:38:7f:a6:00:c7:3d:02:86:
         75:f2:43:99:54:a0:84:6e:53:78:35:4b:01:2d:93:1f:73:22:
         7f:eb:af:4f:89:c0:77:25:f6:61:bb:c6:83:3e:04:b4:8b:f3:
         7c:cc:31:5b
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUPuSftXosX/8Drj032i5i9lJq0IwwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjYwNTE3MDEyMDMzWhcNMjYwODE1MjM1OTU5
WjB6MUkwRwYDVQQFE0AzNTcyNTRlNDQ4ODFmZTE5MmQ5ODZiNmZiM2U0MjE3MDQx
NzIwZjAxNjgwY2JkNWM0MGRkZDBjN2Y0OWVjNWQxMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCdYa7QQtJ3t4vZ3QbMR7E10+vyC2+4vkrGdSiCYQZwYJbm
4IT5QR4ObfhYk38C8JnUsOXK9xUJvl9D7jvnq11x8cbOXLEMdpqSOCN8PLs15H+u
7lN6781Wt3d+mTTO79XgqEXmorqIB0TANIyNAUKBeJRO2hDrkXncF1tRJVxiIDcM
ct3n408SiVM2vgnsttuhuRcoseVBEwPTb7SPQ26xsgwYuijjlWK/j+2zV+P7FzDI
0uM5x2boe6sCaT6dsj1y4dOXZELoguZwm3jP54bVDJJmLl962egKpAMli2XJJy1d
RnzIE3JguOn4K/8pvWRMBH0ZtGZHxebXA0BM8r7zAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUh2pTnF6oyIHpjM4NvzIzq6rN28UwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzM4MzI2ZmExLTQ5ZTctNGVhOS05OTk2LTJjZDBhNmFiZDgzZi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAI0LrAwDQYJKoZIhvcNAQELBQADggEBABLJPu9ZthN6BGyWRmBUBdffx4ap
/wcCXRBLMcpQ+3q8EtWgQiu8wt/dxGAPeynA8a3iFTjNp6mtDhZBXjuq69N+rx3u
3Xar/yuIzSlp7QiPFnWLVMGaU1WnUPV+PJlWGszwlHUoEmwcRV/Y+lGBpZRRLN9S
z8p0ckhajD9l023Ph5/ROOBDDg+WbNfTAbJ9HrpxNGBsHdPnX3eDKlYVBmwJwouP
UgJhaXhJugF1iBebqanVSWhaxrU+j+T5vW7Nwsh8buf0PzTXqZx97KIJ6Kk4f6YA
xz0ChnXyQ5lUoIRuU3g1SwEtkx9zIn/rr0+JwHcl9mG7xoM+BLSL83zMMVs=
-----END CERTIFICATE-----