Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/88f09a26-8b70-4d31-b73b-01df50c56e50.roa
File:                     88f09a26-8b70-4d31-b73b-01df50c56e50.roa (raw, json)
Hash identifier:          O+HRPUJItEwgp/g6JXFyQNnzklUpbNtZbbwv6nS6nZM=
Subject key identifier:   0E:64:98:AF:92:69:93:55:95:BD:64:C9:65:31:9E:8B:61:4C:C2:7F
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       50C7F24CBAFCEB86C0427001CB6A42B17909E003
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/88f09a26-8b70-4d31-b73b-01df50c56e50.roa
Signing time:             Sun 17 May 2026 01:10:11 +0000
ROA not before:           Sun 17 May 2026 01:10:11 +0000
ROA not after:            Sat 15 Aug 2026 23:59:59 +0000
asID:                     6167
IP address blocks:        155.146.128.0/20 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sat 23 May 2026 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            50:c7:f2:4c:ba:fc:eb:86:c0:42:70:01:cb:6a:42:b1:79:09:e0:03
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: May 17 01:10:11 2026 GMT
            Not After : Aug 15 23:59:59 2026 GMT
        Subject: serialNumber=9e22ac519f8b6c40d54c7c4fe93f0d8ed225ec1a7fd8dce501bdf480eb93b843, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e6:ca:27:03:99:a5:1d:f3:1c:c4:56:9e:f2:6f:
                    32:b1:0b:ab:bc:0a:6b:40:f6:6f:b3:b9:a6:8b:2b:
                    39:1a:69:55:29:21:95:f4:2e:ae:e8:d1:7a:2b:f8:
                    74:d9:c8:ff:8c:a6:06:90:fb:6b:9f:44:66:24:c9:
                    f9:cb:b1:41:aa:83:7f:00:84:4c:7c:e7:bd:eb:21:
                    9f:46:fe:69:4b:5b:ca:7b:ee:8f:b2:92:19:62:14:
                    f8:2a:c3:3b:62:83:f6:a2:f8:da:71:5d:f2:d9:8d:
                    88:1b:46:77:bb:83:03:09:39:44:55:1c:7b:d9:0e:
                    bb:6a:a1:cd:e9:95:af:4a:da:b8:88:14:c6:ec:41:
                    a0:45:04:46:ef:f8:a6:85:d2:2a:ad:b7:b4:9a:f4:
                    7b:7b:a0:cc:ab:84:54:aa:63:6c:4a:6d:f3:36:1b:
                    5b:41:8b:39:0b:42:9a:03:eb:b2:e5:89:bb:96:40:
                    83:f8:ab:1d:b4:6d:63:1e:86:06:32:88:91:86:98:
                    31:b0:b3:eb:ee:71:99:22:21:70:05:f5:83:6a:ea:
                    0a:04:26:0d:4a:06:fc:cf:fc:28:fd:95:46:d2:e7:
                    36:ca:1b:ec:b1:2c:53:7e:dd:52:ed:30:c2:b3:27:
                    04:b5:f7:08:bd:ef:f7:f8:17:ce:7b:e0:a4:b5:03:
                    63:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0E:64:98:AF:92:69:93:55:95:BD:64:C9:65:31:9E:8B:61:4C:C2:7F
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/88f09a26-8b70-4d31-b73b-01df50c56e50.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  155.146.128.0/20

    Signature Algorithm: sha256WithRSAEncryption
         a1:08:8b:88:d6:2b:9f:33:72:8f:c1:88:b5:39:f5:0e:3f:a1:
         8c:08:72:63:ab:c2:99:2d:e6:b4:fd:1c:c5:e6:ae:0b:73:20:
         14:b1:11:dd:78:07:0d:d3:bc:5e:88:b7:50:9e:00:8c:63:ff:
         ee:bb:d1:ef:9b:b2:4d:e1:30:71:ae:df:dc:a7:2f:57:51:bc:
         75:cd:4c:d6:a9:5e:e8:7e:5f:85:55:1f:be:15:36:1d:16:d0:
         49:46:b9:54:80:d7:87:85:a3:88:b6:ce:2d:5a:c4:cc:2d:ac:
         1d:3a:37:1a:c3:3c:5c:56:3d:20:23:87:bf:46:8a:0d:b4:5c:
         f4:84:c9:3d:9d:b3:e8:d5:12:f8:07:39:76:0d:5a:b9:d9:e8:
         74:6f:19:84:d8:18:d4:86:c2:e8:f3:ce:e1:3d:21:c8:e2:fc:
         bb:7a:d7:74:bc:57:98:14:3b:f6:fb:83:8e:dc:20:25:82:29:
         ab:11:ca:68:1d:e0:f9:8b:cb:e3:76:10:ec:0c:85:2b:c4:12:
         62:60:8a:0d:e8:6e:c5:20:06:71:0e:7f:fb:19:38:f2:d9:cb:
         76:98:91:b1:2e:b9:ab:82:77:54:72:d6:45:7e:13:5d:ad:4c:
         b3:5e:cf:73:4d:70:02:52:68:48:03:6b:70:24:ad:6c:b4:c0:
         00:fb:34:0c
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUUMfyTLr864bAQnABy2pCsXkJ4AMwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjYwNTE3MDExMDExWhcNMjYwODE1MjM1OTU5
WjB6MUkwRwYDVQQFE0A5ZTIyYWM1MTlmOGI2YzQwZDU0YzdjNGZlOTNmMGQ4ZWQy
MjVlYzFhN2ZkOGRjZTUwMWJkZjQ4MGViOTNiODQzMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDmyicDmaUd8xzEVp7ybzKxC6u8CmtA9m+zuaaLKzkaaVUp
IZX0Lq7o0Xor+HTZyP+MpgaQ+2ufRGYkyfnLsUGqg38AhEx8573rIZ9G/mlLW8p7
7o+ykhliFPgqwztig/ai+NpxXfLZjYgbRne7gwMJOURVHHvZDrtqoc3pla9K2riI
FMbsQaBFBEbv+KaF0iqtt7Sa9Ht7oMyrhFSqY2xKbfM2G1tBizkLQpoD67LlibuW
QIP4qx20bWMehgYyiJGGmDGws+vucZkiIXAF9YNq6goEJg1KBvzP/Cj9lUbS5zbK
G+yxLFN+3VLtMMKzJwS19wi97/f4F8574KS1A2PZAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUDmSYr5Jpk1WVvWTJZTGei2FMwn8wHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzg4ZjA5YTI2LThiNzAtNGQzMS1iNzNiLTAxZGY1MGM1NmU1MC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBASbkoAwDQYJKoZIhvcNAQELBQADggEBAKEIi4jWK58zco/BiLU59Q4/oYwI
cmOrwpkt5rT9HMXmrgtzIBSxEd14Bw3TvF6It1CeAIxj/+670e+bsk3hMHGu39yn
L1dRvHXNTNapXuh+X4VVH74VNh0W0ElGuVSA14eFo4i2zi1axMwtrB06NxrDPFxW
PSAjh79Gig20XPSEyT2ds+jVEvgHOXYNWrnZ6HRvGYTYGNSGwujzzuE9Icji/Lt6
13S8V5gUO/b7g47cICWCKasRymgd4PmLy+N2EOwMhSvEEmJgig3obsUgBnEOf/sZ
OPLZy3aYkbEuuauCd1Ry1kV+E12tTLNez3NNcAJSaEgDa3AkrWy0wAD7NAw=
-----END CERTIFICATE-----