Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/7d0e3caf-bdbd-4f93-a5c4-ad3263a8469c.roa
File:                     7d0e3caf-bdbd-4f93-a5c4-ad3263a8469c.roa (raw, json)
Hash identifier:          z+KT0lwgZm0sTldl9m/XpLWnq3r/WQh/84PXUZnGaD8=
Subject key identifier:   E5:2A:C2:B6:4E:1C:18:1C:69:DF:D9:CE:2D:04:43:39:6A:5B:87:E3
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       340202EB757EA9BEC5D15DC41C0CDB645682EC4F
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/7d0e3caf-bdbd-4f93-a5c4-ad3263a8469c.roa
Signing time:             Tue 19 May 2026 02:10:11 +0000
ROA not before:           Tue 19 May 2026 02:10:11 +0000
ROA not after:            Mon 17 Aug 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        146.207.0.0/16 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 31 May 2026 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            34:02:02:eb:75:7e:a9:be:c5:d1:5d:c4:1c:0c:db:64:56:82:ec:4f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: May 19 02:10:11 2026 GMT
            Not After : Aug 17 23:59:59 2026 GMT
        Subject: serialNumber=4fe0cf00dbd93bc6e821a1e80ff2b4a3682cf7ebc9c092342781a8b00d0a2aa7, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:cc:3d:af:01:9b:58:31:c6:c4:ef:d3:46:47:
                    c5:99:bc:22:52:66:65:3a:c3:18:3e:5f:ef:2c:2f:
                    74:6b:b5:6b:3b:97:f1:1d:04:c4:8f:eb:60:8c:0b:
                    a2:ff:f2:d4:1a:b0:e5:cd:8d:31:05:10:a8:4e:28:
                    a3:9b:e5:23:d3:78:1f:85:42:5a:9c:8d:ec:e1:c3:
                    fe:75:12:02:4e:ff:67:aa:23:5d:29:ce:35:b4:3c:
                    b2:38:e6:6e:75:f9:c0:d1:0a:bc:2b:db:ee:2c:bd:
                    da:0f:39:2b:6a:e4:f8:b2:0d:93:64:e2:a3:5d:16:
                    1b:65:e5:c4:30:27:1b:7a:f1:8a:bb:65:66:ea:31:
                    fb:09:94:31:7c:d6:cc:54:56:5b:4d:aa:b9:b7:0b:
                    21:9a:2d:1e:9b:a8:8a:80:aa:82:84:74:c9:02:82:
                    43:04:9b:ec:e4:df:a6:2f:86:35:2a:48:8a:71:3f:
                    64:14:7a:73:a1:11:52:fb:f0:d0:92:26:10:ad:ae:
                    c9:54:9d:62:e7:9f:34:8b:57:49:c7:83:63:12:38:
                    09:ec:8a:af:a4:fa:85:d7:5e:b7:02:ce:46:10:95:
                    f6:af:e6:54:26:57:dc:bb:25:c7:60:22:82:cf:7c:
                    48:2a:af:ec:e0:26:3f:b1:80:55:e5:fb:7f:8c:95:
                    cb:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E5:2A:C2:B6:4E:1C:18:1C:69:DF:D9:CE:2D:04:43:39:6A:5B:87:E3
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/7d0e3caf-bdbd-4f93-a5c4-ad3263a8469c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  146.207.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         70:f1:05:ef:49:82:aa:64:ec:8b:64:86:24:89:68:c0:80:54:
         c6:a5:04:16:94:4d:63:a9:f3:d1:f2:af:bb:1a:df:fd:2c:16:
         85:be:2e:83:c5:e7:ca:6b:90:7f:fb:33:82:1c:bf:f6:97:67:
         00:0f:71:3c:21:b5:71:9d:e2:50:38:43:ff:a4:2b:4c:b5:d7:
         aa:c3:7b:3c:63:54:45:73:31:69:b9:11:ff:ec:ed:53:f1:71:
         49:e0:63:6c:4f:2d:92:9f:63:20:6d:12:79:df:75:72:c9:85:
         f5:2e:a3:83:5a:e9:99:5f:86:48:19:04:b7:a0:bd:e2:66:3b:
         b3:1b:51:b5:8d:c4:c6:d1:92:59:ec:05:68:1e:d2:a4:9e:8c:
         49:4a:71:f4:8c:3a:6d:e1:38:46:2f:a0:30:e3:af:e2:26:cc:
         cb:97:de:9c:b2:c0:9c:be:99:49:68:ec:2b:1b:af:bf:e6:78:
         16:9a:e8:06:62:b0:e8:5f:a7:c7:d8:b2:75:9f:6f:a0:3d:37:
         de:ae:99:5a:ee:55:00:f8:f5:12:50:c4:f9:3f:9c:07:f1:3f:
         e9:bb:c0:e6:48:96:97:2b:1c:f0:5d:54:5d:e8:75:fe:8b:95:
         d2:32:5e:ac:8d:f5:4a:63:42:db:dd:4e:f5:fd:8a:46:45:56:
         1a:cd:f9:66
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUNAIC63V+qb7F0V3EHAzbZFaC7E8wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjYwNTE5MDIxMDExWhcNMjYwODE3MjM1OTU5
WjB6MUkwRwYDVQQFE0A0ZmUwY2YwMGRiZDkzYmM2ZTgyMWExZTgwZmYyYjRhMzY4
MmNmN2ViYzljMDkyMzQyNzgxYThiMDBkMGEyYWE3MS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDTzD2vAZtYMcbE79NGR8WZvCJSZmU6wxg+X+8sL3RrtWs7
l/EdBMSP62CMC6L/8tQasOXNjTEFEKhOKKOb5SPTeB+FQlqcjezhw/51EgJO/2eq
I10pzjW0PLI45m51+cDRCrwr2+4svdoPOStq5PiyDZNk4qNdFhtl5cQwJxt68Yq7
ZWbqMfsJlDF81sxUVltNqrm3CyGaLR6bqIqAqoKEdMkCgkMEm+zk36YvhjUqSIpx
P2QUenOhEVL78NCSJhCtrslUnWLnnzSLV0nHg2MSOAnsiq+k+oXXXrcCzkYQlfav
5lQmV9y7JcdgIoLPfEgqr+zgJj+xgFXl+3+Mlcu7AgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQU5SrCtk4cGBxp39nOLQRDOWpbh+MwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzdkMGUzY2FmLWJkYmQtNGY5My1hNWM0LWFkMzI2M2E4NDY5Yy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwCSzzANBgkqhkiG9w0BAQsFAAOCAQEAcPEF70mCqmTsi2SGJIlowIBUxqUE
FpRNY6nz0fKvuxrf/SwWhb4ug8XnymuQf/szghy/9pdnAA9xPCG1cZ3iUDhD/6Qr
TLXXqsN7PGNURXMxabkR/+ztU/FxSeBjbE8tkp9jIG0Sed91csmF9S6jg1rpmV+G
SBkEt6C94mY7sxtRtY3ExtGSWewFaB7SpJ6MSUpx9Iw6beE4Ri+gMOOv4ibMy5fe
nLLAnL6ZSWjsKxuvv+Z4FproBmKw6F+nx9iydZ9voD033q6ZWu5VAPj1ElDE+T+c
B/E/6bvA5kiWlysc8F1UXeh1/ouV0jJerI31SmNC291O9f2KRkVWGs35Zg==
-----END CERTIFICATE-----