Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/7f26fc43-ea5d-480d-a4fb-87129642c3d1.roa
File:                     7f26fc43-ea5d-480d-a4fb-87129642c3d1.roa (raw, json)
Hash identifier:          T7ykvZUS5ukW1lX+7wllZFJDMXkc+gIMt1YeUfvUKSU=
Subject key identifier:   49:51:90:B3:59:90:1C:2E:69:93:03:4A:63:EE:D9:04:88:76:39:9F
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       7B7B508CA2C58743F79396CB7F30F42B0E956C92
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/7f26fc43-ea5d-480d-a4fb-87129642c3d1.roa
Signing time:             Thu 16 Oct 2025 22:21:08 +0000
ROA not before:           Thu 16 Oct 2025 22:21:08 +0000
ROA not after:            Thu 20 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        54.182.26.0/23 maxlen: 23
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 19 Oct 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7b:7b:50:8c:a2:c5:87:43:f7:93:96:cb:7f:30:f4:2b:0e:95:6c:92
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Oct 16 22:21:08 2025 GMT
            Not After : Nov 20 23:59:59 2025 GMT
        Subject: serialNumber=910707fe19df327ad351c90d75e96a32eecb487acdb09fb8f0930c2ddfae17d1, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:33:80:c1:28:3a:72:f4:fa:8c:d1:db:cb:51:
                    9d:ff:57:32:be:13:1d:3f:10:5c:49:d9:2f:f6:1f:
                    5d:44:14:5b:e7:d1:37:0d:2e:d1:75:4f:c8:1e:21:
                    c8:2f:93:84:ca:04:83:82:05:e9:37:21:ff:77:1f:
                    a8:b5:f0:7e:7e:0a:ac:e4:de:21:84:57:78:22:5d:
                    27:b7:ee:1b:a4:25:59:72:db:dd:2c:bf:ac:ae:d6:
                    df:9d:0f:3d:4b:5f:46:48:e3:a7:66:22:55:58:29:
                    fa:df:23:f1:2c:b8:56:eb:46:1c:33:0a:93:28:6c:
                    c5:c9:c8:c7:a3:35:1b:41:56:46:e6:8b:9c:a7:df:
                    39:18:0a:74:f0:c3:59:27:e3:9f:78:b7:59:62:03:
                    1a:72:bb:1a:74:f7:f9:5a:f1:91:11:9e:4f:80:9a:
                    51:de:40:ca:8a:1b:a2:fe:ec:51:f4:78:3c:95:08:
                    78:66:20:5c:56:6d:02:b3:49:1d:6f:50:4d:6d:74:
                    9a:0b:74:20:0c:a8:d0:ff:c1:6d:20:09:ef:b0:4c:
                    b9:7b:78:70:84:0b:ca:4a:28:f6:76:b0:32:e5:2d:
                    d6:89:a9:aa:6c:d6:64:4b:03:05:ed:78:68:1a:6d:
                    15:67:2f:ae:e5:ce:a9:06:33:e6:af:20:8d:66:22:
                    b7:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                49:51:90:B3:59:90:1C:2E:69:93:03:4A:63:EE:D9:04:88:76:39:9F
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/7f26fc43-ea5d-480d-a4fb-87129642c3d1.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  54.182.26.0/23

    Signature Algorithm: sha256WithRSAEncryption
         37:36:57:bf:3e:27:9d:15:be:34:1c:3b:ab:2b:8f:79:52:ea:
         6b:2d:13:67:c1:c7:0f:76:cd:5a:8d:90:48:b3:b5:7b:42:b7:
         73:c5:78:dc:38:63:bc:59:ae:a8:37:fa:1b:07:97:f2:4a:76:
         05:18:c8:14:3b:c3:4a:76:4a:6b:0c:6a:cd:6f:d6:6f:56:71:
         6d:79:a3:07:32:87:28:1d:57:ed:59:c9:ba:8b:03:36:60:da:
         49:09:56:02:67:93:dc:11:34:ba:fd:65:e9:4f:ee:cc:7b:2a:
         d8:ba:0f:77:c6:63:20:88:a6:49:fe:c4:b6:ee:53:14:38:62:
         68:40:a6:aa:70:33:b3:ef:f8:ef:18:df:00:58:72:b5:33:a6:
         c8:28:15:7e:3e:fb:d1:ae:1d:f5:8b:f0:b4:79:2f:04:b2:41:
         fb:2b:0f:3a:39:8c:6c:c0:d5:a7:4e:7a:bb:7d:7f:84:d0:f3:
         c4:e5:74:d0:08:40:4f:64:5f:68:38:cf:46:58:d7:1a:57:27:
         fd:2d:db:da:77:ed:1e:57:da:c3:d4:63:58:ad:a1:af:17:c7:
         73:2b:b2:d8:19:9c:9f:16:49:d6:2f:74:28:a0:06:87:5f:b6:
         3f:07:9b:4d:e3:02:d2:04:33:f9:e5:f9:5e:d8:6b:85:75:f3:
         b3:45:db:5e
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUe3tQjKLFh0P3k5bLfzD0Kw6VbJIwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUxMDE2MjIyMTA4WhcNMjUxMTIwMjM1OTU5
WjB6MUkwRwYDVQQFE0A5MTA3MDdmZTE5ZGYzMjdhZDM1MWM5MGQ3NWU5NmEzMmVl
Y2I0ODdhY2RiMDlmYjhmMDkzMGMyZGRmYWUxN2QxMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDRM4DBKDpy9PqM0dvLUZ3/VzK+Ex0/EFxJ2S/2H11EFFvn
0TcNLtF1T8geIcgvk4TKBIOCBek3If93H6i18H5+Cqzk3iGEV3giXSe37hukJVly
290sv6yu1t+dDz1LX0ZI46dmIlVYKfrfI/EsuFbrRhwzCpMobMXJyMejNRtBVkbm
i5yn3zkYCnTww1kn4594t1liAxpyuxp09/la8ZERnk+AmlHeQMqKG6L+7FH0eDyV
CHhmIFxWbQKzSR1vUE1tdJoLdCAMqND/wW0gCe+wTLl7eHCEC8pKKPZ2sDLlLdaJ
qaps1mRLAwXteGgabRVnL67lzqkGM+avII1mIrf5AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUSVGQs1mQHC5pkwNKY+7ZBIh2OZ8wHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzdmMjZmYzQzLWVhNWQtNDgwZC1hNGZiLTg3MTI5NjQyYzNkMS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAE2thowDQYJKoZIhvcNAQELBQADggEBADc2V78+J50VvjQcO6srj3lS6mst
E2fBxw92zVqNkEiztXtCt3PFeNw4Y7xZrqg3+hsHl/JKdgUYyBQ7w0p2SmsMas1v
1m9WcW15owcyhygdV+1ZybqLAzZg2kkJVgJnk9wRNLr9ZelP7sx7Kti6D3fGYyCI
pkn+xLbuUxQ4YmhApqpwM7Pv+O8Y3wBYcrUzpsgoFX4++9GuHfWL8LR5LwSyQfsr
Dzo5jGzA1adOert9f4TQ88TldNAIQE9kX2g4z0ZY1xpXJ/0t29p37R5X2sPUY1it
oa8Xx3MrstgZnJ8WSdYvdCigBodftj8Hm03jAtIEM/nl+V7Ya4V187NF214=
-----END CERTIFICATE-----