Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/c20a63f1-f1c7-44fa-b1ea-4432da4a911f.roa
File:                     c20a63f1-f1c7-44fa-b1ea-4432da4a911f.roa (raw, json)
Hash identifier:          Tn+jYGevSy6TrHPj8YhHx2gtjGgEN2GXQLBCRobcO0k=
Subject key identifier:   67:6C:E0:FF:05:7B:BB:F2:5B:B8:F4:31:C0:61:C2:F2:16:B5:91:1A
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       5760484B806C852AC8A74A245F511557873479F0
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/c20a63f1-f1c7-44fa-b1ea-4432da4a911f.roa
Signing time:             Tue 24 Feb 2026 02:50:07 +0000
ROA not before:           Tue 24 Feb 2026 02:50:07 +0000
ROA not after:            Mon 25 May 2026 23:59:59 +0000
asID:                     14618
IP address blocks:        54.224.0.0/15 maxlen: 15
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sat 28 Feb 2026 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            57:60:48:4b:80:6c:85:2a:c8:a7:4a:24:5f:51:15:57:87:34:79:f0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Feb 24 02:50:07 2026 GMT
            Not After : May 25 23:59:59 2026 GMT
        Subject: serialNumber=21a80ff9d80ee4d784bc7731978946910cb6bed04f0d69c61f477442d292c59b, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:e6:38:45:a8:f3:18:65:d7:30:09:76:de:48:
                    d1:05:79:fa:69:fd:b6:c7:01:7a:38:64:97:ed:b5:
                    68:db:c3:ff:7c:3f:56:f6:f0:16:6d:42:c2:e4:ab:
                    06:7e:54:73:62:4e:0d:ce:74:26:8f:49:44:47:79:
                    ef:fd:50:e5:7f:c1:86:b8:e7:4a:07:1f:d0:a3:b4:
                    79:ba:98:fe:90:6c:68:cb:19:eb:c9:24:ff:d6:3b:
                    a6:cb:48:17:9e:4f:20:54:ee:2c:9f:ff:ae:9e:b5:
                    82:0a:72:0c:cc:da:e8:68:f4:25:c1:bc:8b:1c:29:
                    72:ee:16:7e:be:50:d0:44:41:5e:82:11:52:93:64:
                    0c:24:77:af:43:80:77:27:32:34:dd:80:64:73:df:
                    1f:81:a0:95:ff:24:b7:12:1a:27:a3:eb:1f:49:fa:
                    e4:c8:cf:25:d0:eb:30:aa:9c:af:90:13:49:6b:d5:
                    77:99:19:f7:3d:d8:0f:61:7d:35:56:cc:38:7f:23:
                    d8:7d:4f:1a:cc:de:41:aa:4a:dc:15:c8:2c:a7:a7:
                    97:b7:2e:d1:c9:70:e6:6c:a4:5d:86:77:b6:bc:d5:
                    a9:11:67:94:e3:7e:dd:b9:9b:16:0c:59:e7:ab:30:
                    f4:06:50:c7:4f:04:bb:6c:21:04:f8:7b:c9:bb:10:
                    66:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                67:6C:E0:FF:05:7B:BB:F2:5B:B8:F4:31:C0:61:C2:F2:16:B5:91:1A
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/c20a63f1-f1c7-44fa-b1ea-4432da4a911f.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  54.224.0.0/15

    Signature Algorithm: sha256WithRSAEncryption
         3d:e5:2b:e9:fe:32:01:1a:96:47:bd:d8:5e:9b:3b:e8:2a:60:
         f5:16:3b:26:41:65:2c:9d:ce:51:b8:21:31:e2:84:a6:13:9c:
         ba:61:ff:f0:f5:9f:e5:7b:87:24:d7:61:0e:01:67:0b:13:af:
         09:1d:a0:a1:24:82:eb:14:bf:71:74:ad:74:93:cd:c2:a7:49:
         c2:f2:c2:2a:b9:7a:77:61:b4:63:09:52:85:8e:ad:7b:f9:6c:
         68:e7:43:89:2a:26:10:6e:b8:e1:2f:d1:d9:ec:50:5c:84:ca:
         4c:38:f5:63:87:82:6f:a4:b9:dc:cd:42:73:2d:b7:66:95:f2:
         c4:00:67:a5:10:19:4a:47:7b:b6:a6:fa:d4:c8:2e:08:21:5d:
         f5:b0:58:7a:70:c7:8b:c2:38:1f:33:e3:05:e0:97:c3:ae:21:
         7b:61:92:8c:4e:40:4e:a9:44:72:ea:44:61:e2:1a:e8:a6:0f:
         1c:a4:17:c5:09:f3:ce:a5:18:e3:16:15:16:66:53:56:dc:65:
         32:1f:42:79:be:53:69:8b:55:a1:af:f1:28:28:44:bd:a3:de:
         84:8e:1a:6f:17:74:3a:33:18:69:34:eb:50:8a:1f:af:7a:a3:
         8f:1e:f1:c8:aa:82:85:cf:40:37:70:a1:c5:57:87:18:d1:ad:
         96:66:29:91
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUV2BIS4BshSrIp0okX1EVV4c0efAwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjYwMjI0MDI1MDA3WhcNMjYwNTI1MjM1OTU5
WjB6MUkwRwYDVQQFE0AyMWE4MGZmOWQ4MGVlNGQ3ODRiYzc3MzE5Nzg5NDY5MTBj
YjZiZWQwNGYwZDY5YzYxZjQ3NzQ0MmQyOTJjNTliMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDL5jhFqPMYZdcwCXbeSNEFefpp/bbHAXo4ZJfttWjbw/98
P1b28BZtQsLkqwZ+VHNiTg3OdCaPSURHee/9UOV/wYa450oHH9CjtHm6mP6QbGjL
GevJJP/WO6bLSBeeTyBU7iyf/66etYIKcgzM2uho9CXBvIscKXLuFn6+UNBEQV6C
EVKTZAwkd69DgHcnMjTdgGRz3x+BoJX/JLcSGiej6x9J+uTIzyXQ6zCqnK+QE0lr
1XeZGfc92A9hfTVWzDh/I9h9TxrM3kGqStwVyCynp5e3LtHJcOZspF2Gd7a81akR
Z5Tjft25mxYMWeerMPQGUMdPBLtsIQT4e8m7EGYZAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUZ2zg/wV7u/JbuPQxwGHC8ha1kRowHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyL2MyMGE2M2YxLWYxYzctNDRmYS1iMWVhLTQ0MzJkYTRhOTExZi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwE24DANBgkqhkiG9w0BAQsFAAOCAQEAPeUr6f4yARqWR73YXps76Cpg9RY7
JkFlLJ3OUbghMeKEphOcumH/8PWf5XuHJNdhDgFnCxOvCR2goSSC6xS/cXStdJPN
wqdJwvLCKrl6d2G0YwlShY6te/lsaOdDiSomEG644S/R2exQXITKTDj1Y4eCb6S5
3M1Ccy23ZpXyxABnpRAZSkd7tqb61MguCCFd9bBYenDHi8I4HzPjBeCXw64he2GS
jE5ATqlEcupEYeIa6KYPHKQXxQnzzqUY4xYVFmZTVtxlMh9Ceb5TaYtVoa/xKChE
vaPehI4abxd0OjMYaTTrUIofr3qjjx7xyKqChc9AN3ChxVeHGNGtlmYpkQ==
-----END CERTIFICATE-----
Generated at Thu Feb 26 02:08:42 2026 by rpki-client