Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/726ab840-91a1-4d06-8d70-66d240e7ea7d.roa
File:                     726ab840-91a1-4d06-8d70-66d240e7ea7d.roa (raw, json)
Hash identifier:          YA9PV6ZKyD3WeZjiS1dv642k90WxkiogXgGQh3ITDRo=
Subject key identifier:   BB:1F:FD:47:0A:86:60:6C:D9:6D:1F:B0:AC:27:A0:6D:CD:6F:11:DA
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       264CCDF0C42B832AB5ED76CCE125C7204398DFD7
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/726ab840-91a1-4d06-8d70-66d240e7ea7d.roa
Signing time:             Tue 19 May 2026 03:00:45 +0000
ROA not before:           Tue 19 May 2026 03:00:45 +0000
ROA not after:            Mon 17 Aug 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        18.112.0.0/16 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sat 23 May 2026 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            26:4c:cd:f0:c4:2b:83:2a:b5:ed:76:cc:e1:25:c7:20:43:98:df:d7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: May 19 03:00:45 2026 GMT
            Not After : Aug 17 23:59:59 2026 GMT
        Subject: serialNumber=dda644c3beec92deea59ffaa040af3f85e94711e610364a9b77ffe32248b5140, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:ed:2a:4c:68:b8:e6:58:4b:a2:ac:af:a4:b1:
                    10:5f:09:1d:6e:36:3f:33:ea:53:af:be:b3:25:f6:
                    47:42:47:c4:b4:cd:c3:ad:79:87:e3:3e:73:85:1a:
                    bf:a0:2f:59:87:8e:1f:06:ba:31:65:5d:67:e7:cc:
                    11:cf:86:d8:74:ad:44:03:74:75:ea:4c:08:09:b2:
                    21:31:c6:97:d7:53:4c:e8:be:b5:91:5f:0b:0a:cd:
                    bb:41:37:4a:10:7a:fe:62:04:7b:18:94:dd:c9:e3:
                    da:4a:f7:f7:fd:cd:69:07:04:24:ed:4a:b7:2d:a8:
                    c7:b2:77:ae:f5:66:5b:9e:fa:72:88:d9:b8:aa:16:
                    98:9f:09:a2:43:11:77:1e:ff:e9:1c:f0:80:0d:9c:
                    85:3a:82:27:06:8f:ad:c5:e9:52:45:41:2c:27:44:
                    35:60:f4:b7:45:54:e0:2c:db:f7:c2:0e:15:56:1a:
                    51:1c:e8:11:9d:ae:c8:8a:9f:08:64:18:36:8e:67:
                    4c:83:7c:b3:05:3e:fd:87:ab:ac:19:e2:fc:17:f5:
                    15:07:a7:b3:77:b8:06:f1:4d:2c:0c:08:fe:34:b2:
                    66:65:85:88:be:fe:8b:e5:23:ce:54:c6:45:da:60:
                    35:8a:98:46:79:11:f8:2e:bb:f1:f8:5b:69:c3:9e:
                    3a:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BB:1F:FD:47:0A:86:60:6C:D9:6D:1F:B0:AC:27:A0:6D:CD:6F:11:DA
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/726ab840-91a1-4d06-8d70-66d240e7ea7d.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  18.112.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         a8:c3:32:82:8f:49:72:00:5c:e4:d3:90:0c:c7:0c:fc:ee:66:
         98:d7:77:7a:89:ce:00:51:18:22:12:38:26:93:5c:4d:88:72:
         10:b9:40:a1:3b:ca:51:9f:9a:af:1a:29:57:5e:56:41:20:ae:
         4e:f4:a8:45:ed:44:c3:99:8f:60:06:c1:54:4e:bd:fb:22:51:
         3b:fc:e2:09:19:a0:0d:52:f9:48:19:8e:77:10:94:cf:70:a2:
         71:a8:a2:f3:a6:0c:bc:25:f7:65:53:8e:75:0d:dd:60:38:53:
         9a:3c:ca:17:4a:53:2f:1f:42:98:d1:a0:9b:6a:d2:27:f1:cb:
         45:d9:e8:95:cf:4f:46:0f:50:a2:82:c5:b3:e7:67:e4:b2:a0:
         5b:af:b5:99:52:e1:ea:8a:a7:de:2f:8b:f6:d6:dd:31:e3:03:
         51:85:14:8e:d5:3c:7f:43:24:6f:da:92:8a:b4:d3:f6:8c:69:
         2e:7b:db:d5:30:fa:28:ec:7b:85:2c:d1:87:19:17:49:45:63:
         b2:6d:5e:ad:3e:6f:a0:b6:0c:3f:54:c9:72:2a:0b:f5:29:33:
         52:48:31:04:3e:6f:c9:54:af:ae:59:45:b1:a2:48:14:55:b6:
         b8:35:cb:25:0f:09:37:aa:7e:a4:98:48:ed:91:5b:c5:fc:64:
         b7:a1:c4:73
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUJkzN8MQrgyq17XbM4SXHIEOY39cwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjYwNTE5MDMwMDQ1WhcNMjYwODE3MjM1OTU5
WjB6MUkwRwYDVQQFE0BkZGE2NDRjM2JlZWM5MmRlZWE1OWZmYWEwNDBhZjNmODVl
OTQ3MTFlNjEwMzY0YTliNzdmZmUzMjI0OGI1MTQwMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC67SpMaLjmWEuirK+ksRBfCR1uNj8z6lOvvrMl9kdCR8S0
zcOteYfjPnOFGr+gL1mHjh8GujFlXWfnzBHPhth0rUQDdHXqTAgJsiExxpfXU0zo
vrWRXwsKzbtBN0oQev5iBHsYlN3J49pK9/f9zWkHBCTtSrctqMeyd671Zlue+nKI
2biqFpifCaJDEXce/+kc8IANnIU6gicGj63F6VJFQSwnRDVg9LdFVOAs2/fCDhVW
GlEc6BGdrsiKnwhkGDaOZ0yDfLMFPv2Hq6wZ4vwX9RUHp7N3uAbxTSwMCP40smZl
hYi+/ovlI85UxkXaYDWKmEZ5Efguu/H4W2nDnjqFAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUux/9RwqGYGzZbR+wrCegbc1vEdowHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzcyNmFiODQwLTkxYTEtNGQwNi04ZDcwLTY2ZDI0MGU3ZWE3ZC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwAScDANBgkqhkiG9w0BAQsFAAOCAQEAqMMygo9JcgBc5NOQDMcM/O5mmNd3
eonOAFEYIhI4JpNcTYhyELlAoTvKUZ+arxopV15WQSCuTvSoRe1Ew5mPYAbBVE69
+yJRO/ziCRmgDVL5SBmOdxCUz3Cicaii86YMvCX3ZVOOdQ3dYDhTmjzKF0pTLx9C
mNGgm2rSJ/HLRdnolc9PRg9QooLFs+dn5LKgW6+1mVLh6oqn3i+L9tbdMeMDUYUU
jtU8f0Mkb9qSirTT9oxpLnvb1TD6KOx7hSzRhxkXSUVjsm1erT5voLYMP1TJcioL
9SkzUkgxBD5vyVSvrllFsaJIFFW2uDXLJQ8JN6p+pJhI7ZFbxfxkt6HEcw==
-----END CERTIFICATE-----
Generated at Thu May 21 17:12:28 2026 by rpki-client