Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/d9bda163-e4c4-4a0b-a17b-80c77fecb3d5.roa
File:                     d9bda163-e4c4-4a0b-a17b-80c77fecb3d5.roa (raw, json)
Hash identifier:          19Znt5At0b4kKig1VNXAK9Vl/ibDRTz0Ojlab7eN5ig=
Subject key identifier:   45:8C:2F:B7:37:12:40:59:2D:8A:82:88:DA:76:87:B4:6E:EA:28:05
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       48C0D139247E74C3AD55518B7F3682830ED72218
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/d9bda163-e4c4-4a0b-a17b-80c77fecb3d5.roa
Signing time:             Sat 16 May 2026 02:31:19 +0000
ROA not before:           Sat 16 May 2026 02:31:19 +0000
ROA not after:            Fri 14 Aug 2026 23:59:59 +0000
asID:                     14618
IP address blocks:        54.237.192.0/19 maxlen: 19
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 14 Jun 2026 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            48:c0:d1:39:24:7e:74:c3:ad:55:51:8b:7f:36:82:83:0e:d7:22:18
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: May 16 02:31:19 2026 GMT
            Not After : Aug 14 23:59:59 2026 GMT
        Subject: serialNumber=566f13944211edc98592c62ad900219398de0606c0ed7c7b9fbd7938ee72fee5, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:34:36:b4:96:b0:a2:c0:e7:6d:a8:d3:7f:14:
                    7b:dc:a0:79:4d:5b:c4:dd:52:79:ca:db:fa:2f:75:
                    23:48:7d:93:77:53:ae:8e:f5:9e:2b:03:df:d9:4e:
                    8b:75:ff:25:2f:04:4f:32:c6:cb:c5:92:70:49:f4:
                    c2:6a:20:c8:7c:b9:95:f1:9e:0b:c9:bb:b8:4b:3e:
                    8b:d1:ce:b4:2b:73:6c:c0:d5:4f:da:de:3d:7a:23:
                    3a:27:ff:5b:90:99:7f:45:54:1d:91:29:18:42:7f:
                    f2:2a:f1:5f:19:2c:66:b1:42:e6:bf:06:01:f7:8c:
                    84:72:fd:78:54:bf:51:93:4f:33:22:ee:f5:5d:0e:
                    8b:5f:dd:db:9d:65:8e:c8:c2:57:08:b8:73:2f:66:
                    9d:e7:4e:6c:64:79:fc:40:50:4b:69:33:9d:59:27:
                    af:7c:ae:b9:3d:5a:62:fd:b3:5a:40:47:a3:0f:98:
                    5a:44:85:cd:41:45:c7:b1:4b:16:79:9f:98:d5:75:
                    e9:57:66:66:4b:09:d2:de:87:81:45:24:a7:de:7d:
                    c2:06:6a:ba:42:a8:2e:1d:69:0d:6c:50:21:ba:2b:
                    f1:fb:a1:e8:d4:a0:c3:fa:8d:86:ba:b7:56:1c:c8:
                    fa:87:ef:90:40:08:f6:1d:e5:fd:91:ca:f1:6d:32:
                    a7:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                45:8C:2F:B7:37:12:40:59:2D:8A:82:88:DA:76:87:B4:6E:EA:28:05
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/d9bda163-e4c4-4a0b-a17b-80c77fecb3d5.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  54.237.192.0/19

    Signature Algorithm: sha256WithRSAEncryption
         76:60:eb:c9:ca:d2:92:18:15:0b:e5:87:c3:59:e4:76:1c:0f:
         c0:cb:e9:3c:1e:c4:67:b2:0f:a9:7e:96:3e:77:1e:0d:46:59:
         c6:ab:3d:26:75:72:db:e5:3c:7f:c7:91:f7:5f:1f:3f:df:e0:
         c6:b3:49:d7:0b:9d:9f:7a:47:2d:d2:8c:88:2b:b9:0f:ca:a4:
         f6:e6:d1:e4:3b:36:77:57:af:de:0f:83:3d:4e:e0:c2:1f:b2:
         0b:52:4b:d3:79:76:a5:c4:1b:e3:8c:13:21:8d:e1:41:46:17:
         48:c8:8e:47:dd:32:ca:a6:70:37:e4:33:e4:0e:19:bf:9e:c6:
         f5:02:19:23:23:d2:69:19:1d:db:83:d2:03:4f:d3:b7:d8:56:
         19:bd:5f:aa:e6:cc:66:e0:78:a5:66:d3:51:87:18:47:f0:e1:
         b5:5e:d6:8a:60:91:0a:f4:36:b8:f0:92:5f:73:64:70:04:d4:
         c8:68:08:4d:4b:81:09:02:a0:c1:6a:6d:b4:35:bd:e8:90:43:
         a3:a9:47:f0:f4:46:03:7f:ba:0e:37:5c:6e:87:83:d6:d5:53:
         47:ee:c2:78:ff:73:08:c2:9e:1d:77:ca:66:b1:1d:c5:53:dd:
         94:5b:f2:43:58:f0:24:9b:4d:5d:ef:60:58:3e:7c:62:53:a2:
         96:e7:37:98
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUSMDROSR+dMOtVVGLfzaCgw7XIhgwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjYwNTE2MDIzMTE5WhcNMjYwODE0MjM1OTU5
WjB6MUkwRwYDVQQFE0A1NjZmMTM5NDQyMTFlZGM5ODU5MmM2MmFkOTAwMjE5Mzk4
ZGUwNjA2YzBlZDdjN2I5ZmJkNzkzOGVlNzJmZWU1MS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC3NDa0lrCiwOdtqNN/FHvcoHlNW8TdUnnK2/ovdSNIfZN3
U66O9Z4rA9/ZTot1/yUvBE8yxsvFknBJ9MJqIMh8uZXxngvJu7hLPovRzrQrc2zA
1U/a3j16Izon/1uQmX9FVB2RKRhCf/Iq8V8ZLGaxQua/BgH3jIRy/XhUv1GTTzMi
7vVdDotf3dudZY7IwlcIuHMvZp3nTmxkefxAUEtpM51ZJ698rrk9WmL9s1pAR6MP
mFpEhc1BRcexSxZ5n5jVdelXZmZLCdLeh4FFJKfefcIGarpCqC4daQ1sUCG6K/H7
oejUoMP6jYa6t1YcyPqH75BACPYd5f2RyvFtMqe9AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQURYwvtzcSQFktioKI2naHtG7qKAUwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyL2Q5YmRhMTYzLWU0YzQtNGEwYi1hMTdiLTgwYzc3ZmVjYjNkNS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAU27cAwDQYJKoZIhvcNAQELBQADggEBAHZg68nK0pIYFQvlh8NZ5HYcD8DL
6TwexGeyD6l+lj53Hg1GWcarPSZ1ctvlPH/HkfdfHz/f4MazSdcLnZ96Ry3SjIgr
uQ/KpPbm0eQ7NndXr94Pgz1O4MIfsgtSS9N5dqXEG+OMEyGN4UFGF0jIjkfdMsqm
cDfkM+QOGb+exvUCGSMj0mkZHduD0gNP07fYVhm9X6rmzGbgeKVm01GHGEfw4bVe
1opgkQr0Nrjwkl9zZHAE1MhoCE1LgQkCoMFqbbQ1veiQQ6OpR/D0RgN/ug43XG6H
g9bVU0fuwnj/cwjCnh13ymaxHcVT3ZRb8kNY8CSbTV3vYFg+fGJTopbnN5g=
-----END CERTIFICATE-----