Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/b88a91dd-515f-4266-821b-b14645dd88f8.roa
File:                     b88a91dd-515f-4266-821b-b14645dd88f8.roa (raw, json)
Hash identifier:          wRUYrcjISv1IjhoyWXCEkEU5IHkWR2ut0XeHS0BXp7M=
Subject key identifier:   59:40:44:04:60:D2:93:B5:14:FE:93:01:29:E4:B3:B9:D9:D8:C6:1F
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       1008710B9790B7797D5BDB3173C8C4EE9DFC4D0C
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/b88a91dd-515f-4266-821b-b14645dd88f8.roa
Signing time:             Sun 17 May 2026 01:20:06 +0000
ROA not before:           Sun 17 May 2026 01:20:06 +0000
ROA not after:            Sat 15 Aug 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        52.119.152.0/22 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 14 Jun 2026 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            10:08:71:0b:97:90:b7:79:7d:5b:db:31:73:c8:c4:ee:9d:fc:4d:0c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: May 17 01:20:06 2026 GMT
            Not After : Aug 15 23:59:59 2026 GMT
        Subject: serialNumber=427d4528f396f89569061de4d05cda072d79a582a35d3d879670a6e301152da5, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:6e:f7:ce:f2:a7:97:6c:f2:cf:4a:e8:6a:4a:
                    6f:7e:b6:b7:02:66:08:5c:ab:41:13:ec:6d:9e:a5:
                    b9:8c:a1:b6:96:78:a3:7b:7b:00:7c:6f:45:8c:34:
                    53:57:3c:e6:5e:0e:9f:54:ae:9c:29:bc:d6:bd:88:
                    96:f4:8c:cd:97:dc:73:c9:89:42:a3:f0:e7:8b:52:
                    81:a7:c2:6d:8b:5d:82:e5:f9:1c:1b:5b:2b:6c:70:
                    ec:25:c0:90:5e:81:22:08:2e:8f:7b:8a:f6:fd:9b:
                    3d:02:e1:79:2e:d9:b0:d3:8a:48:29:43:76:ad:e1:
                    84:05:5e:16:71:28:e0:77:0c:ec:69:3e:4a:6b:67:
                    05:b5:a6:f3:e7:89:1a:d5:e6:e9:9f:15:5f:f9:94:
                    2a:c3:bd:12:b7:af:fc:89:90:29:e6:77:43:71:db:
                    6e:5a:65:17:b3:14:be:97:bf:12:c8:d1:e6:df:09:
                    7c:6a:e5:86:5b:1a:47:7c:16:c9:50:48:dc:83:b3:
                    58:47:b4:0d:e4:70:9c:18:46:4a:43:8a:0b:40:be:
                    b8:87:99:43:9a:53:f7:16:1e:04:56:e0:5e:63:51:
                    e2:d1:b6:2a:8e:d1:41:fa:2d:58:3f:dd:ef:c0:be:
                    ce:45:a4:40:1a:dd:ec:06:9b:68:4a:9b:16:eb:55:
                    5f:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                59:40:44:04:60:D2:93:B5:14:FE:93:01:29:E4:B3:B9:D9:D8:C6:1F
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/b88a91dd-515f-4266-821b-b14645dd88f8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  52.119.152.0/22

    Signature Algorithm: sha256WithRSAEncryption
         a0:0b:30:b5:27:05:66:8b:c4:d2:42:db:91:59:60:11:48:78:
         f2:b1:5d:3c:ff:0f:7c:6d:3f:3a:df:a0:30:8f:8e:0e:5f:19:
         66:6d:69:5c:2b:15:1e:7d:ae:b3:ba:ca:3e:b2:36:6f:b5:c6:
         75:36:e8:ea:03:44:3e:1c:c0:ca:11:e7:fc:64:41:8d:ff:9d:
         61:3b:10:62:c4:37:ca:03:40:b4:f0:64:53:5f:1d:a5:bc:31:
         4b:e0:00:d1:a1:a7:a7:a4:97:2a:f0:ec:c7:12:08:dd:da:dd:
         6f:75:db:ee:5e:9d:d9:8f:ac:16:d1:3b:b9:82:ce:a7:b9:d5:
         b6:b7:7f:ed:ab:78:b5:dd:4d:e7:7e:3a:34:7d:d7:4b:78:a3:
         2b:cd:d7:4d:8d:ec:36:e6:7c:16:32:39:1e:ac:5f:84:29:49:
         49:91:38:62:a2:7c:f0:ca:2a:06:0e:f9:50:4f:60:af:31:05:
         f5:6c:e0:ab:e8:e9:fa:fc:57:ad:7b:f0:9c:e4:4a:90:64:6c:
         16:b0:cb:3f:4e:fb:f3:23:b5:34:d8:d1:97:80:18:f8:b8:ae:
         04:73:c6:43:75:be:f4:f4:ca:a6:9f:60:57:c2:22:20:5f:b5:
         cc:cf:1f:30:a5:e7:13:25:43:c5:82:09:22:0f:26:9f:3e:20:
         e3:11:1d:03
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUEAhxC5eQt3l9W9sxc8jE7p38TQwwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjYwNTE3MDEyMDA2WhcNMjYwODE1MjM1OTU5
WjB6MUkwRwYDVQQFE0A0MjdkNDUyOGYzOTZmODk1NjkwNjFkZTRkMDVjZGEwNzJk
NzlhNTgyYTM1ZDNkODc5NjcwYTZlMzAxMTUyZGE1MS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDQbvfO8qeXbPLPSuhqSm9+trcCZghcq0ET7G2epbmMobaW
eKN7ewB8b0WMNFNXPOZeDp9UrpwpvNa9iJb0jM2X3HPJiUKj8OeLUoGnwm2LXYLl
+RwbWytscOwlwJBegSIILo97ivb9mz0C4Xku2bDTikgpQ3at4YQFXhZxKOB3DOxp
PkprZwW1pvPniRrV5umfFV/5lCrDvRK3r/yJkCnmd0Nx225aZRezFL6XvxLI0ebf
CXxq5YZbGkd8FslQSNyDs1hHtA3kcJwYRkpDigtAvriHmUOaU/cWHgRW4F5jUeLR
tiqO0UH6LVg/3e/Avs5FpEAa3ewGm2hKmxbrVV/BAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUWUBEBGDSk7UU/pMBKeSzudnYxh8wHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyL2I4OGE5MWRkLTUxNWYtNDI2Ni04MjFiLWIxNDY0NWRkODhmOC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAI0d5gwDQYJKoZIhvcNAQELBQADggEBAKALMLUnBWaLxNJC25FZYBFIePKx
XTz/D3xtPzrfoDCPjg5fGWZtaVwrFR59rrO6yj6yNm+1xnU26OoDRD4cwMoR5/xk
QY3/nWE7EGLEN8oDQLTwZFNfHaW8MUvgANGhp6eklyrw7McSCN3a3W912+5endmP
rBbRO7mCzqe51ba3f+2reLXdTed+OjR910t4oyvN102N7DbmfBYyOR6sX4QpSUmR
OGKifPDKKgYO+VBPYK8xBfVs4Kvo6fr8V6178JzkSpBkbBawyz9O+/MjtTTY0ZeA
GPi4rgRzxkN1vvT0yqafYFfCIiBftczPHzCl5xMlQ8WCCSIPJp8+IOMRHQM=
-----END CERTIFICATE-----
Generated at Sat Jun 13 04:51:43 2026 by rpki-client