Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/c0caee73-d612-4f2d-a944-989cb3ca78df.roa
File:                     c0caee73-d612-4f2d-a944-989cb3ca78df.roa (raw, json)
Hash identifier:          TiUzXR1EMas1CN6yvuq68A5y1nQYPdmZXILGutJb7UA=
Subject key identifier:   EE:BC:60:6A:B1:14:EB:DF:29:A1:BA:E9:AE:58:1F:80:A2:D4:A8:E4
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       76DA18BA8D8FDB0411197F31D39AB74322161E2A
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/c0caee73-d612-4f2d-a944-989cb3ca78df.roa
Signing time:             Thu 14 May 2026 00:41:24 +0000
ROA not before:           Thu 14 May 2026 00:41:24 +0000
ROA not after:            Wed 12 Aug 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        54.176.0.0/12 maxlen: 12
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 14 Jun 2026 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            76:da:18:ba:8d:8f:db:04:11:19:7f:31:d3:9a:b7:43:22:16:1e:2a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: May 14 00:41:24 2026 GMT
            Not After : Aug 12 23:59:59 2026 GMT
        Subject: serialNumber=91088381c56c434615bb1bd17b056818cd53b3af1f71be462faf0182caad8fdc, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:2d:59:06:35:7e:dc:89:02:72:67:9d:04:c3:
                    91:9d:66:c6:7a:ea:10:6a:20:89:30:30:6b:82:6c:
                    f5:b5:6e:3b:54:8b:11:be:2b:46:2f:0f:3b:e8:7d:
                    e0:5d:f3:26:3f:b8:6d:51:77:e5:5e:c3:22:8d:2d:
                    e9:ed:71:3d:51:30:77:ea:84:9c:49:dc:9b:1e:a7:
                    59:9b:fb:3f:a9:c1:08:29:ca:d1:18:9f:83:04:60:
                    7d:b8:ef:31:50:5f:e4:33:6b:61:da:0d:72:21:6b:
                    54:f3:a4:c9:51:b0:47:91:f7:67:21:71:e4:fc:30:
                    d7:ba:3f:32:fe:58:15:d1:51:b2:cb:d8:34:8e:53:
                    52:b6:b7:7b:e1:b5:5d:42:55:48:db:1b:c1:22:6e:
                    9a:cc:96:52:9d:13:48:2e:2a:cc:db:6f:81:72:1c:
                    fb:d0:f8:d5:a1:2b:d8:31:54:48:b8:c9:d2:82:cf:
                    4d:e7:8c:1a:56:ad:dc:e0:02:c1:a3:3c:e4:02:80:
                    ea:33:ca:82:d9:75:3a:5b:97:0c:56:9e:85:26:1e:
                    c4:17:65:ac:89:be:40:16:6e:04:4e:a5:5e:a8:5c:
                    1b:49:e2:3e:ae:9e:12:c8:e4:fb:fd:95:b1:be:7e:
                    a2:cc:8d:06:51:e3:7f:3c:95:9f:82:a1:9e:5a:75:
                    4b:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EE:BC:60:6A:B1:14:EB:DF:29:A1:BA:E9:AE:58:1F:80:A2:D4:A8:E4
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/c0caee73-d612-4f2d-a944-989cb3ca78df.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  54.176.0.0/12

    Signature Algorithm: sha256WithRSAEncryption
         48:90:ee:a3:70:47:2c:e7:dc:ec:24:b2:1d:19:9b:7f:93:48:
         5c:b5:69:1b:a7:1f:93:82:75:e8:ae:d9:17:d6:ca:a0:f9:4f:
         0e:43:ac:6a:ce:15:62:9d:e1:e2:2b:0a:7a:b6:c5:84:40:b5:
         99:e0:f4:e2:36:49:67:12:87:77:4d:c9:da:08:4a:57:13:94:
         46:ea:a6:e9:03:dc:d9:05:e8:76:cf:55:26:bd:78:2d:43:e6:
         50:b0:b5:48:a3:e8:90:27:42:c0:23:40:bd:bc:db:a8:0e:83:
         c1:e5:f9:ef:71:53:9e:26:a3:74:c5:cb:e7:7f:16:b6:12:f8:
         9c:e7:60:a9:c4:4b:bb:2f:f1:32:9e:a7:2a:8c:08:44:e2:7e:
         c6:11:c0:e5:a2:dd:7b:0d:6a:cb:fb:d0:f9:7e:4a:99:26:e3:
         a9:49:d1:10:89:a7:56:70:f5:71:fd:ce:c1:f7:76:f8:67:96:
         a7:44:d0:b7:e9:c1:30:aa:fb:25:f2:65:58:54:c8:9e:13:86:
         e8:33:23:84:8c:5d:68:56:6f:32:00:fc:dc:e6:3a:eb:e1:7e:
         3c:38:7b:b8:5f:b9:20:45:fb:bd:12:f9:5b:cf:6c:1d:1a:7f:
         4b:74:95:01:ce:f1:f4:61:8a:bb:4e:eb:41:db:9f:b4:34:c6:
         f6:a0:b2:70
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUdtoYuo2P2wQRGX8x05q3QyIWHiowDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjYwNTE0MDA0MTI0WhcNMjYwODEyMjM1OTU5
WjB6MUkwRwYDVQQFE0A5MTA4ODM4MWM1NmM0MzQ2MTViYjFiZDE3YjA1NjgxOGNk
NTNiM2FmMWY3MWJlNDYyZmFmMDE4MmNhYWQ4ZmRjMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC8LVkGNX7ciQJyZ50Ew5GdZsZ66hBqIIkwMGuCbPW1bjtU
ixG+K0YvDzvofeBd8yY/uG1Rd+VewyKNLentcT1RMHfqhJxJ3Jsep1mb+z+pwQgp
ytEYn4MEYH247zFQX+Qza2HaDXIha1TzpMlRsEeR92chceT8MNe6PzL+WBXRUbLL
2DSOU1K2t3vhtV1CVUjbG8EibprMllKdE0guKszbb4FyHPvQ+NWhK9gxVEi4ydKC
z03njBpWrdzgAsGjPOQCgOozyoLZdTpblwxWnoUmHsQXZayJvkAWbgROpV6oXBtJ
4j6unhLI5Pv9lbG+fqLMjQZR4388lZ+CoZ5adUt7AgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQU7rxgarEU698pobrprlgfgKLUqOQwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyL2MwY2FlZTczLWQ2MTItNGYyZC1hOTQ0LTk4OWNiM2NhNzhkZi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwQ2sDANBgkqhkiG9w0BAQsFAAOCAQEASJDuo3BHLOfc7CSyHRmbf5NIXLVp
G6cfk4J16K7ZF9bKoPlPDkOsas4VYp3h4isKerbFhEC1meD04jZJZxKHd03J2ghK
VxOURuqm6QPc2QXods9VJr14LUPmULC1SKPokCdCwCNAvbzbqA6DweX573FTniaj
dMXL538WthL4nOdgqcRLuy/xMp6nKowIROJ+xhHA5aLdew1qy/vQ+X5KmSbjqUnR
EImnVnD1cf3Owfd2+GeWp0TQt+nBMKr7JfJlWFTInhOG6DMjhIxdaFZvMgD83OY6
6+F+PDh7uF+5IEX7vRL5W89sHRp/S3SVAc7x9GGKu07rQduftDTG9qCycA==
-----END CERTIFICATE-----