Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/a40471e2-3637-4ea5-abe1-c56419621870.roa
File:                     a40471e2-3637-4ea5-abe1-c56419621870.roa (raw, json)
Hash identifier:          froeYM5XmAEui1SGC/Affl0BT54IgGcHJw2LPtQZ/O0=
Subject key identifier:   26:FE:98:87:64:92:82:DC:F8:E3:E8:62:54:92:DA:44:4D:3F:B2:7E
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       652D5273C77C41E305C21BD329E4A4A4B47549D2
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/a40471e2-3637-4ea5-abe1-c56419621870.roa
Signing time:             Sun 17 May 2026 01:20:31 +0000
ROA not before:           Sun 17 May 2026 01:20:31 +0000
ROA not after:            Sat 15 Aug 2026 23:59:59 +0000
asID:                     14618
IP address blocks:        150.222.216.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sat 06 Jun 2026 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            65:2d:52:73:c7:7c:41:e3:05:c2:1b:d3:29:e4:a4:a4:b4:75:49:d2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: May 17 01:20:31 2026 GMT
            Not After : Aug 15 23:59:59 2026 GMT
        Subject: serialNumber=b1da038ea01310c992610e0d665cfe36fd156deb2e1826c70f3d3c8af843de20, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:f2:2b:7e:0b:c0:9d:71:83:75:8c:d0:55:a4:
                    f3:0c:d4:cc:c9:4c:21:60:64:b7:0a:d2:ee:e4:ff:
                    ff:18:f4:52:83:f3:6d:84:ce:94:01:92:65:93:11:
                    27:38:a3:9a:df:48:d2:bd:a8:2b:37:02:49:7e:fa:
                    ee:02:f7:4b:6f:05:f2:40:95:5f:c1:37:7d:25:a4:
                    c1:c0:5c:ff:24:4b:67:72:46:31:41:ce:c3:6e:d8:
                    66:28:10:e7:85:cc:7d:53:f3:86:12:1c:78:5c:c0:
                    4c:b1:6a:00:43:ae:a1:ad:60:92:bb:cd:44:0f:69:
                    bd:48:ec:96:70:d8:00:cd:3f:d1:92:f1:14:c7:29:
                    ba:35:36:77:15:00:da:65:1a:68:ae:dd:2d:15:30:
                    46:fb:e2:8c:46:87:45:3b:14:4d:c1:66:e3:a1:2f:
                    37:d6:8b:2b:6b:16:39:dd:b1:90:91:a9:bc:e8:32:
                    d3:62:95:85:7e:29:8c:45:7c:e0:f1:ca:35:28:1d:
                    37:b1:0f:14:f4:fc:2c:db:25:65:af:1a:e2:c3:aa:
                    d5:50:80:67:db:ce:92:03:5d:0b:6b:c6:1a:74:9a:
                    4e:8f:26:78:48:2a:f5:7c:c2:09:72:5e:93:95:7d:
                    78:8e:5a:b7:dd:13:8e:26:b9:93:98:75:7e:70:0a:
                    25:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                26:FE:98:87:64:92:82:DC:F8:E3:E8:62:54:92:DA:44:4D:3F:B2:7E
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/a40471e2-3637-4ea5-abe1-c56419621870.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  150.222.216.0/24

    Signature Algorithm: sha256WithRSAEncryption
         40:06:0a:84:38:c5:8f:c2:b9:f8:69:f0:a6:45:54:8b:34:56:
         55:32:da:c7:f3:85:3e:a9:91:3a:3a:0d:9f:82:8d:fb:a2:1e:
         8e:65:6e:e4:2f:10:05:8c:79:5b:15:76:24:f5:a3:9f:b7:33:
         05:61:63:7e:dd:99:9a:08:4d:c7:fd:b9:1c:a0:7c:c8:69:4f:
         37:71:16:02:c1:fe:c2:84:57:84:13:de:60:0c:10:15:15:1f:
         34:44:49:0c:9a:45:7d:31:ff:ce:04:e6:68:df:e4:44:68:68:
         cd:92:d9:96:87:09:b0:65:f7:8e:46:3f:2e:e0:73:73:ac:a1:
         0d:df:ae:bb:75:b0:7b:44:ed:18:14:64:99:fa:2d:b4:f6:0c:
         ab:34:65:57:0d:d1:a4:80:41:d5:80:ab:08:7c:01:b3:e4:09:
         49:0e:65:0c:02:f1:2d:33:2e:5f:58:3c:fe:ae:88:ae:2f:65:
         f1:aa:b6:e3:e9:10:23:d4:0a:96:25:c9:fc:13:80:a5:17:2a:
         b6:40:2d:f8:cb:fa:ac:9c:03:3d:0e:0e:79:20:30:be:94:40:
         e2:5f:32:8c:d7:99:90:f6:d0:7b:97:ee:4e:48:fd:10:da:2e:
         6a:e6:ab:f1:74:7f:36:5f:8d:b3:e1:47:d4:e6:97:68:85:4a:
         7b:fe:8d:2e
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUZS1Sc8d8QeMFwhvTKeSkpLR1SdIwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjYwNTE3MDEyMDMxWhcNMjYwODE1MjM1OTU5
WjB6MUkwRwYDVQQFE0BiMWRhMDM4ZWEwMTMxMGM5OTI2MTBlMGQ2NjVjZmUzNmZk
MTU2ZGViMmUxODI2YzcwZjNkM2M4YWY4NDNkZTIwMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCY8it+C8CdcYN1jNBVpPMM1MzJTCFgZLcK0u7k//8Y9FKD
822EzpQBkmWTESc4o5rfSNK9qCs3Akl++u4C90tvBfJAlV/BN30lpMHAXP8kS2dy
RjFBzsNu2GYoEOeFzH1T84YSHHhcwEyxagBDrqGtYJK7zUQPab1I7JZw2ADNP9GS
8RTHKbo1NncVANplGmiu3S0VMEb74oxGh0U7FE3BZuOhLzfWiytrFjndsZCRqbzo
MtNilYV+KYxFfODxyjUoHTexDxT0/CzbJWWvGuLDqtVQgGfbzpIDXQtrxhp0mk6P
JnhIKvV8wglyXpOVfXiOWrfdE44muZOYdX5wCiUlAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUJv6Yh2SSgtz44+hiVJLaRE0/sn4wHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyL2E0MDQ3MWUyLTM2MzctNGVhNS1hYmUxLWM1NjQxOTYyMTg3MC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBACW3tgwDQYJKoZIhvcNAQELBQADggEBAEAGCoQ4xY/Cufhp8KZFVIs0VlUy
2sfzhT6pkTo6DZ+CjfuiHo5lbuQvEAWMeVsVdiT1o5+3MwVhY37dmZoITcf9uRyg
fMhpTzdxFgLB/sKEV4QT3mAMEBUVHzRESQyaRX0x/84E5mjf5ERoaM2S2ZaHCbBl
945GPy7gc3OsoQ3frrt1sHtE7RgUZJn6LbT2DKs0ZVcN0aSAQdWAqwh8AbPkCUkO
ZQwC8S0zLl9YPP6uiK4vZfGqtuPpECPUCpYlyfwTgKUXKrZALfjL+qycAz0ODnkg
ML6UQOJfMozXmZD20HuX7k5I/RDaLmrmq/F0fzZfjbPhR9Tml2iFSnv+jS4=
-----END CERTIFICATE-----
Generated at Thu Jun 4 16:07:41 2026 by rpki-client