Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/bc9009b0-19f7-4ca9-911b-e035c960f977.roa
File:                     bc9009b0-19f7-4ca9-911b-e035c960f977.roa (raw, json)
Hash identifier:          VHjEya3/l7Kel77CXhCFsr/tqyqLVR7EPaOl6VsA6NY=
Subject key identifier:   29:BB:9C:28:D9:0B:81:85:B9:CF:4B:06:80:76:72:2E:1F:D3:D7:14
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       10918D4C7BA32A539599110CB85936539217E75B
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/bc9009b0-19f7-4ca9-911b-e035c960f977.roa
Signing time:             Tue 19 May 2026 03:30:10 +0000
ROA not before:           Tue 19 May 2026 03:30:10 +0000
ROA not after:            Mon 17 Aug 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        15.206.0.0/15 maxlen: 15
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 14 Jun 2026 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            10:91:8d:4c:7b:a3:2a:53:95:99:11:0c:b8:59:36:53:92:17:e7:5b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: May 19 03:30:10 2026 GMT
            Not After : Aug 17 23:59:59 2026 GMT
        Subject: serialNumber=965057c7885a7ff8c110bc0bb497b88e65b188eda042d0d03c9363cb2213fb2d, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:57:ce:d4:f7:33:a9:14:4a:f9:35:4a:d7:c1:
                    9f:26:a6:89:a0:6c:85:1e:2e:ce:48:14:12:8d:c2:
                    0c:61:3c:27:1e:2c:ef:1d:e6:7b:20:97:89:03:a4:
                    60:89:96:71:a8:80:1a:f8:18:30:d5:47:e4:44:99:
                    39:ed:e2:91:bf:c0:8d:12:a3:b8:f0:16:8a:75:63:
                    50:3c:82:e4:a7:f0:38:a5:e2:5c:56:3e:04:4b:f5:
                    7e:39:0e:3e:01:0c:7e:16:a9:62:31:56:ce:5e:ac:
                    bc:8c:13:2b:cf:39:90:1b:b8:c8:f4:18:32:7c:8b:
                    ad:cd:ae:28:60:28:c9:cb:9a:e9:1c:0e:2b:f6:42:
                    05:e7:10:94:9c:31:c8:2d:25:56:43:aa:fa:ce:50:
                    ad:e6:da:3b:c2:ec:62:3f:80:f6:80:10:1e:dd:72:
                    8d:ba:f2:20:32:67:a7:5f:8e:3f:0b:44:a1:01:67:
                    bf:3c:83:3e:af:9f:7c:5a:2d:26:9a:ed:80:25:19:
                    43:14:42:36:74:99:b3:33:0a:d0:1f:49:c1:b9:b8:
                    5f:7b:99:5d:2c:29:74:8b:d4:a9:b1:00:d2:88:41:
                    1f:94:c7:b0:4f:2a:e8:ce:5b:36:16:2e:8e:5f:49:
                    c2:59:fc:8d:d2:52:69:b1:e5:cb:42:25:f1:39:ad:
                    da:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                29:BB:9C:28:D9:0B:81:85:B9:CF:4B:06:80:76:72:2E:1F:D3:D7:14
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/bc9009b0-19f7-4ca9-911b-e035c960f977.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  15.206.0.0/15

    Signature Algorithm: sha256WithRSAEncryption
         3f:9f:48:cc:a2:2e:f9:f0:3f:94:d2:3d:93:bc:88:66:b0:f0:
         7d:ab:d9:72:ab:9b:ef:4a:af:61:e8:84:72:8f:de:e7:79:9c:
         27:c4:01:6d:87:0d:64:69:5c:2a:15:d3:7c:ce:e7:19:52:07:
         68:c5:43:89:77:35:1b:17:8d:e2:a1:73:56:81:e4:f0:db:32:
         e6:a5:0f:de:b7:cc:df:98:44:8f:71:5c:3e:ab:dd:f2:b9:39:
         0f:21:15:48:1c:b3:13:2b:fb:29:2e:5d:b0:f9:3c:10:40:4e:
         b3:ef:94:69:05:17:23:2e:df:a6:b5:38:ef:d6:a7:62:69:26:
         e5:05:c1:d1:1c:e5:be:88:8a:ca:cf:3d:11:6b:64:69:27:1a:
         bb:39:ba:e2:ae:d9:90:2b:95:e0:da:01:a8:c5:5a:13:dc:49:
         b3:8f:ed:2c:74:9b:16:c5:bf:d2:c3:7b:aa:12:71:81:e8:69:
         c4:aa:e5:b6:7c:7b:e0:4c:f8:c4:63:9a:94:b4:69:8d:17:e3:
         17:97:5d:9b:25:ca:80:2a:e7:cb:a3:ab:c0:1f:94:19:ac:1e:
         c6:30:60:64:2c:41:df:12:2a:d2:2d:43:20:e1:fe:c2:18:f5:
         76:db:89:6c:3a:71:bc:3a:3a:64:9b:9c:74:1e:e0:d0:f1:4a:
         09:f4:7d:a8
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUEJGNTHujKlOVmREMuFk2U5IX51swDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjYwNTE5MDMzMDEwWhcNMjYwODE3MjM1OTU5
WjB6MUkwRwYDVQQFE0A5NjUwNTdjNzg4NWE3ZmY4YzExMGJjMGJiNDk3Yjg4ZTY1
YjE4OGVkYTA0MmQwZDAzYzkzNjNjYjIyMTNmYjJkMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDAV87U9zOpFEr5NUrXwZ8mpomgbIUeLs5IFBKNwgxhPCce
LO8d5nsgl4kDpGCJlnGogBr4GDDVR+REmTnt4pG/wI0So7jwFop1Y1A8guSn8Dil
4lxWPgRL9X45Dj4BDH4WqWIxVs5erLyMEyvPOZAbuMj0GDJ8i63NrihgKMnLmukc
Div2QgXnEJScMcgtJVZDqvrOUK3m2jvC7GI/gPaAEB7dco268iAyZ6dfjj8LRKEB
Z788gz6vn3xaLSaa7YAlGUMUQjZ0mbMzCtAfScG5uF97mV0sKXSL1KmxANKIQR+U
x7BPKujOWzYWLo5fScJZ/I3SUmmx5ctCJfE5rdr/AgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUKbucKNkLgYW5z0sGgHZyLh/T1xQwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyL2JjOTAwOWIwLTE5ZjctNGNhOS05MTFiLWUwMzVjOTYwZjk3Ny5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwEPzjANBgkqhkiG9w0BAQsFAAOCAQEAP59IzKIu+fA/lNI9k7yIZrDwfavZ
cqub70qvYeiEco/e53mcJ8QBbYcNZGlcKhXTfM7nGVIHaMVDiXc1GxeN4qFzVoHk
8Nsy5qUP3rfM35hEj3FcPqvd8rk5DyEVSByzEyv7KS5dsPk8EEBOs++UaQUXIy7f
prU479anYmkm5QXB0RzlvoiKys89EWtkaScauzm64q7ZkCuV4NoBqMVaE9xJs4/t
LHSbFsW/0sN7qhJxgehpxKrltnx74Ez4xGOalLRpjRfjF5ddmyXKgCrny6OrwB+U
GawexjBgZCxB3xIq0i1DIOH+whj1dtuJbDpxvDo6ZJucdB7g0PFKCfR9qA==
-----END CERTIFICATE-----