Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/926673fa-2a99-4a67-830e-3f0967580dd6.roa
File:                     926673fa-2a99-4a67-830e-3f0967580dd6.roa (raw, json)
Hash identifier:          3a16FOo5sd8ntPU4gs5rAI8TRVaFlIk56WVLDEwq2V0=
Subject key identifier:   3E:F0:F6:4B:FC:6A:74:46:66:74:FC:4D:69:1D:1F:C9:42:41:59:01
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       6C6173D0D117615C7222E575A9AEC67B05C68ABC
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/926673fa-2a99-4a67-830e-3f0967580dd6.roa
Signing time:             Tue 19 May 2026 02:41:22 +0000
ROA not before:           Tue 19 May 2026 02:41:22 +0000
ROA not after:            Mon 17 Aug 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        136.13.0.0/16 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 18 Jun 2026 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6c:61:73:d0:d1:17:61:5c:72:22:e5:75:a9:ae:c6:7b:05:c6:8a:bc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: May 19 02:41:22 2026 GMT
            Not After : Aug 17 23:59:59 2026 GMT
        Subject: serialNumber=55921d89bea28fa45cff59bcf6c960988bca1337ff831041914a1ea26a08919b, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:f3:2d:b2:35:99:43:a5:61:29:fd:8f:4e:0b:
                    38:eb:b4:31:72:06:69:cf:00:90:bd:52:54:d2:55:
                    fa:5c:28:6a:95:04:23:a6:11:d0:82:04:ce:44:c2:
                    8d:8c:1e:7e:16:6c:ab:ba:d9:38:4e:70:4e:21:17:
                    2f:cf:ab:ab:8b:e8:54:26:71:c3:e9:24:d0:25:00:
                    87:ba:89:62:de:c4:87:1d:ba:ea:52:56:0d:9d:fa:
                    13:12:19:80:be:d7:5d:a1:08:47:62:b4:f8:dd:05:
                    1f:6f:79:87:57:08:0b:b8:76:ca:7d:7e:06:bc:c1:
                    54:01:f9:90:2c:b9:0d:8d:b4:de:11:c5:4a:43:a1:
                    93:6e:9e:30:c4:7e:47:9f:52:a4:e2:a7:f7:46:45:
                    d7:fb:87:b7:d2:6a:e0:22:b9:97:c4:dd:8f:d5:a1:
                    f6:35:78:44:bc:8c:cf:8e:a8:f8:1e:a6:3a:2f:db:
                    34:59:ff:a4:c4:f0:89:90:85:46:a9:0a:3e:03:e3:
                    4f:2c:62:62:d6:05:de:77:e6:ed:91:0e:47:06:a3:
                    8b:15:65:ca:c9:45:d2:f2:5c:26:5a:cf:de:16:60:
                    19:b9:4e:57:49:e6:be:15:f2:f1:82:77:17:76:d9:
                    fb:9a:fc:01:fa:65:6b:09:4a:21:f4:59:e7:d0:02:
                    f0:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3E:F0:F6:4B:FC:6A:74:46:66:74:FC:4D:69:1D:1F:C9:42:41:59:01
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/926673fa-2a99-4a67-830e-3f0967580dd6.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  136.13.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         69:04:07:70:37:26:03:66:74:ff:3f:5d:a6:45:1c:72:f1:29:
         a0:a3:9b:fc:ba:f8:a0:5a:85:9a:63:d5:c3:b7:c4:d8:2a:64:
         e6:12:96:b3:bd:20:8f:fd:db:11:a9:0f:ae:cb:4a:4b:30:98:
         84:66:7e:df:0d:08:a8:15:e5:05:ba:e7:89:8b:18:19:1b:d7:
         c2:e6:f2:3e:9b:50:74:0d:4c:22:01:8f:ce:48:3f:7c:2a:77:
         46:6d:2e:27:dc:ac:87:60:c1:7e:74:81:f6:18:ef:51:1f:89:
         57:16:d9:22:2f:5c:60:93:c4:56:de:34:9b:10:d8:fe:7a:1d:
         69:f2:fa:78:39:e5:a6:a2:e4:34:cc:58:4f:75:5d:08:a4:36:
         d7:5b:05:fb:9e:db:ae:e3:4c:d8:0c:67:2c:aa:99:fd:52:db:
         6a:36:98:d2:a3:df:8a:bc:2f:a0:74:89:a8:33:09:07:50:03:
         bd:e1:e1:6d:58:40:b0:7b:81:bf:0e:68:62:60:3f:f9:d8:30:
         c1:ea:31:81:b0:6a:a4:dc:c5:8a:32:18:82:8f:58:f8:dd:ce:
         96:1c:c5:20:98:07:32:be:1b:60:0a:02:08:3f:b6:d9:be:93:
         e0:7b:bc:c3:d3:77:07:1e:d2:9f:e9:1d:e1:f7:aa:14:77:b2:
         ed:f5:cc:ab
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUbGFz0NEXYVxyIuV1qa7GewXGirwwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjYwNTE5MDI0MTIyWhcNMjYwODE3MjM1OTU5
WjB6MUkwRwYDVQQFE0A1NTkyMWQ4OWJlYTI4ZmE0NWNmZjU5YmNmNmM5NjA5ODhi
Y2ExMzM3ZmY4MzEwNDE5MTRhMWVhMjZhMDg5MTliMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCf8y2yNZlDpWEp/Y9OCzjrtDFyBmnPAJC9UlTSVfpcKGqV
BCOmEdCCBM5Ewo2MHn4WbKu62ThOcE4hFy/Pq6uL6FQmccPpJNAlAIe6iWLexIcd
uupSVg2d+hMSGYC+112hCEditPjdBR9veYdXCAu4dsp9fga8wVQB+ZAsuQ2NtN4R
xUpDoZNunjDEfkefUqTip/dGRdf7h7fSauAiuZfE3Y/VofY1eES8jM+OqPgepjov
2zRZ/6TE8ImQhUapCj4D408sYmLWBd535u2RDkcGo4sVZcrJRdLyXCZaz94WYBm5
TldJ5r4V8vGCdxd22fua/AH6ZWsJSiH0WefQAvC3AgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUPvD2S/xqdEZmdPxNaR0fyUJBWQEwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzkyNjY3M2ZhLTJhOTktNGE2Ny04MzBlLTNmMDk2NzU4MGRkNi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwCIDTANBgkqhkiG9w0BAQsFAAOCAQEAaQQHcDcmA2Z0/z9dpkUccvEpoKOb
/Lr4oFqFmmPVw7fE2Cpk5hKWs70gj/3bEakPrstKSzCYhGZ+3w0IqBXlBbrniYsY
GRvXwubyPptQdA1MIgGPzkg/fCp3Rm0uJ9ysh2DBfnSB9hjvUR+JVxbZIi9cYJPE
Vt40mxDY/nodafL6eDnlpqLkNMxYT3VdCKQ211sF+57bruNM2AxnLKqZ/VLbajaY
0qPfirwvoHSJqDMJB1ADveHhbVhAsHuBvw5oYmA/+dgwweoxgbBqpNzFijIYgo9Y
+N3OlhzFIJgHMr4bYAoCCD+22b6T4Hu8w9N3Bx7Sn+kd4feqFHey7fXMqw==
-----END CERTIFICATE-----
Generated at Tue Jun 16 15:32:12 2026 by rpki-client