Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/a6dcd16d-daef-4a90-b296-c7bf31293638.roa
File:                     a6dcd16d-daef-4a90-b296-c7bf31293638.roa (raw, json)
Hash identifier:          GyrPRj1Hld1+0U35iG1JKdo5anJMPemWSRtEdTVxSoI=
Subject key identifier:   2D:19:9A:D3:D6:59:51:C6:77:2F:8F:BE:EE:97:36:D4:09:76:FA:05
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       6DB4E9E5504F3D32C833BCBB4C6C24B135E4171E
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/a6dcd16d-daef-4a90-b296-c7bf31293638.roa
Signing time:             Wed 20 May 2026 11:32:10 +0000
ROA not before:           Wed 20 May 2026 11:32:10 +0000
ROA not after:            Tue 18 Aug 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        18.226.2.0/23 maxlen: 23
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 31 May 2026 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6d:b4:e9:e5:50:4f:3d:32:c8:33:bc:bb:4c:6c:24:b1:35:e4:17:1e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: May 20 11:32:10 2026 GMT
            Not After : Aug 18 23:59:59 2026 GMT
        Subject: serialNumber=33d047c2d899c160a37bb6a8c0a20767a04af2640ba9f43733c091fc8b9c92de, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:90:d0:3a:6b:14:80:9f:c2:94:aa:23:85:6e:b2:
                    2e:84:39:51:88:bc:55:0c:08:35:8f:ca:2d:ed:78:
                    38:7c:02:69:37:2f:e7:7c:28:16:42:11:50:28:3e:
                    06:cb:b6:a5:ab:68:fe:d0:3c:2e:90:d1:f8:d6:56:
                    73:46:ca:d8:20:11:f8:2e:be:42:7c:53:b2:c4:cc:
                    d5:66:ae:02:36:70:b5:e3:27:ba:4c:ee:da:63:44:
                    8e:a2:6b:34:33:81:b2:1c:4f:31:0d:f9:58:e2:e2:
                    f2:c5:42:0a:a7:4f:61:6e:92:88:73:30:34:1c:1d:
                    a5:65:81:28:b7:19:e7:d1:4b:b9:26:0b:ca:e2:55:
                    7c:f5:dd:58:27:c0:e3:7e:95:07:92:88:90:6d:44:
                    6a:e1:b6:98:10:fa:f3:f2:95:b2:59:63:14:e1:5f:
                    96:3d:b9:55:1d:c0:09:03:98:1b:c7:f4:bc:18:1c:
                    f5:c9:9c:0f:15:7e:db:a4:12:7d:c7:91:f4:9d:ce:
                    84:a7:01:53:07:01:bd:c7:3e:14:bc:64:94:81:54:
                    d5:99:00:9e:19:da:5f:30:a4:17:1e:b4:d0:35:64:
                    69:9e:69:d1:6f:f6:a1:00:06:5a:86:a0:9a:cc:e6:
                    69:1b:60:35:e5:1c:17:36:08:5e:6e:e7:42:40:0e:
                    df:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2D:19:9A:D3:D6:59:51:C6:77:2F:8F:BE:EE:97:36:D4:09:76:FA:05
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/a6dcd16d-daef-4a90-b296-c7bf31293638.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  18.226.2.0/23

    Signature Algorithm: sha256WithRSAEncryption
         4b:cf:47:c6:56:de:8f:82:b9:05:80:ae:67:18:ff:fa:f2:31:
         50:51:90:e1:9c:f3:ae:25:81:99:e7:92:dd:96:ab:77:72:b9:
         87:05:34:d3:da:ae:f7:08:39:ca:72:e9:35:b5:c9:a2:da:da:
         84:99:93:5a:36:eb:00:19:66:97:35:c0:3b:cc:b8:cc:b6:ce:
         0f:82:db:c6:2c:e0:b4:ad:48:23:2f:25:53:d3:8f:61:f8:89:
         44:37:6e:9a:03:cd:81:9b:80:49:a3:3d:fd:75:1c:35:e6:8b:
         8d:fd:63:a0:41:ac:f7:31:f3:69:67:e9:d9:23:3d:0a:05:be:
         80:aa:d8:d1:1a:d0:b4:21:2a:f8:7c:d5:3b:26:c4:6f:f2:59:
         8a:4e:da:29:c0:47:6a:64:8c:50:c7:2c:bb:76:df:3b:2f:4a:
         fc:38:6b:9e:3b:fd:db:96:be:13:f2:df:22:a8:63:be:e5:21:
         12:b4:34:df:76:b6:38:f6:2b:e9:75:e2:b8:8e:f2:99:61:cf:
         cd:ee:d6:a8:de:f7:be:8b:de:11:dd:4e:a1:08:39:ef:fe:f5:
         d9:b4:b4:a2:5b:0a:0e:e1:a7:fe:b0:f6:d8:70:1d:bd:6b:11:
         38:40:f8:fd:5b:e5:fb:20:a6:3b:14:fc:3e:2d:7f:43:11:7a:
         ad:63:68:5a
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUbbTp5VBPPTLIM7y7TGwksTXkFx4wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjYwNTIwMTEzMjEwWhcNMjYwODE4MjM1OTU5
WjB6MUkwRwYDVQQFE0AzM2QwNDdjMmQ4OTljMTYwYTM3YmI2YThjMGEyMDc2N2Ew
NGFmMjY0MGJhOWY0MzczM2MwOTFmYzhiOWM5MmRlMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCQ0DprFICfwpSqI4Vusi6EOVGIvFUMCDWPyi3teDh8Amk3
L+d8KBZCEVAoPgbLtqWraP7QPC6Q0fjWVnNGytggEfguvkJ8U7LEzNVmrgI2cLXj
J7pM7tpjRI6iazQzgbIcTzEN+Vji4vLFQgqnT2FukohzMDQcHaVlgSi3GefRS7km
C8riVXz13VgnwON+lQeSiJBtRGrhtpgQ+vPylbJZYxThX5Y9uVUdwAkDmBvH9LwY
HPXJnA8VftukEn3HkfSdzoSnAVMHAb3HPhS8ZJSBVNWZAJ4Z2l8wpBcetNA1ZGme
adFv9qEABlqGoJrM5mkbYDXlHBc2CF5u50JADt8lAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQULRma09ZZUcZ3L4++7pc21Al2+gUwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyL2E2ZGNkMTZkLWRhZWYtNGE5MC1iMjk2LWM3YmYzMTI5MzYzOC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAES4gIwDQYJKoZIhvcNAQELBQADggEBAEvPR8ZW3o+CuQWArmcY//ryMVBR
kOGc864lgZnnkt2Wq3dyuYcFNNParvcIOcpy6TW1yaLa2oSZk1o26wAZZpc1wDvM
uMy2zg+C28Ys4LStSCMvJVPTj2H4iUQ3bpoDzYGbgEmjPf11HDXmi439Y6BBrPcx
82ln6dkjPQoFvoCq2NEa0LQhKvh81TsmxG/yWYpO2inAR2pkjFDHLLt23zsvSvw4
a547/duWvhPy3yKoY77lIRK0NN92tjj2K+l14riO8plhz83u1qje976L3hHdTqEI
Oe/+9dm0tKJbCg7hp/6w9thwHb1rEThA+P1b5fsgpjsU/D4tf0MReq1jaFo=
-----END CERTIFICATE-----
Generated at Sat May 30 01:57:21 2026 by rpki-client