Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/dbe635f9-7a83-4748-8a7a-378c042c05e1.roa
File:                     dbe635f9-7a83-4748-8a7a-378c042c05e1.roa (raw, json)
Hash identifier:          Q+hQN/JW9SxdMLXvqGopK+1AyrN5RVcdrnF8YCK7W+M=
Subject key identifier:   A5:B0:C9:D3:DE:BB:DA:85:FD:76:4B:18:D6:87:14:69:15:69:DE:50
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       36ECEE0FF1CDFB27E8E857A5D63EE4749E845E03
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/dbe635f9-7a83-4748-8a7a-378c042c05e1.roa
Signing time:             Tue 19 May 2026 02:11:52 +0000
ROA not before:           Tue 19 May 2026 02:11:52 +0000
ROA not after:            Mon 17 Aug 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        13.250.0.0/15 maxlen: 15
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 31 May 2026 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            36:ec:ee:0f:f1:cd:fb:27:e8:e8:57:a5:d6:3e:e4:74:9e:84:5e:03
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: May 19 02:11:52 2026 GMT
            Not After : Aug 17 23:59:59 2026 GMT
        Subject: serialNumber=dc1aec218eb32d5c1bdf9ff81063c20a12987420540da8296bcd76966de0462b, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:96:10:4c:1c:ba:43:f1:8d:3e:bb:b7:fe:db:
                    ed:06:e3:9a:b4:c5:09:02:83:87:5c:90:6a:36:0d:
                    26:49:91:78:c0:f9:53:06:dd:a5:73:43:30:86:ce:
                    6f:80:fa:fa:6a:14:c1:70:50:c3:29:3d:71:fa:88:
                    03:2c:23:8c:dc:44:ae:bc:59:fd:05:23:0d:34:04:
                    57:98:42:94:50:85:60:b3:b9:13:57:b2:fa:a9:69:
                    1d:cf:64:8b:12:74:0b:83:78:a4:f8:6c:3d:7e:12:
                    7b:70:d8:a8:51:3e:87:a1:45:ca:69:d2:51:5c:c5:
                    84:7c:cd:c2:6a:7a:f8:37:b0:71:36:b2:7a:83:85:
                    73:74:d8:8a:40:4a:bc:4d:37:d5:be:8f:02:b7:37:
                    b4:81:cf:32:a5:a2:38:c8:20:dc:4e:95:d0:97:f9:
                    53:7b:54:aa:ca:94:a1:5f:7f:25:d5:48:80:90:57:
                    93:39:2f:09:f0:34:67:f6:91:64:07:63:5d:c4:a3:
                    91:96:f4:81:10:0d:c5:52:5d:a1:a8:92:61:92:0a:
                    45:27:d6:a6:10:1f:0a:b3:fe:90:18:4c:a1:ad:2d:
                    7e:5f:01:86:41:c8:7a:e6:5d:e3:21:00:fc:db:7d:
                    ab:d4:b1:bf:42:61:eb:80:71:62:9d:03:4a:79:45:
                    d6:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A5:B0:C9:D3:DE:BB:DA:85:FD:76:4B:18:D6:87:14:69:15:69:DE:50
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/dbe635f9-7a83-4748-8a7a-378c042c05e1.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  13.250.0.0/15

    Signature Algorithm: sha256WithRSAEncryption
         83:b8:a1:9f:30:dd:53:3d:a8:5d:d0:8a:42:c6:7d:09:4e:81:
         d1:41:70:d4:e4:5e:18:9f:67:e3:3f:81:3b:87:78:24:63:40:
         09:a9:52:08:39:a0:4f:39:a6:b3:fc:0c:bb:01:0b:4f:c4:a7:
         94:88:3c:49:79:39:6c:24:34:b6:ae:b1:71:4c:56:69:31:cc:
         c2:4c:2f:29:a7:a6:1c:e3:d7:43:57:f4:f6:62:9f:7c:28:2d:
         1d:80:48:f2:e3:a4:10:9a:99:29:a5:7b:e6:75:9f:24:86:f1:
         00:88:08:46:9d:7c:d8:83:14:3d:1a:4e:f1:21:37:5d:92:be:
         b2:55:2e:5b:c5:b3:a5:82:7c:80:05:a0:6a:e9:c0:3f:ba:64:
         d5:63:43:b7:68:93:9d:2c:b5:7f:5d:4c:f8:e5:c2:0f:2b:71:
         c2:38:a8:fc:7e:fd:a6:07:eb:09:e1:8a:5d:b7:64:42:41:35:
         e9:8d:50:4f:72:a4:5e:1d:4b:c1:01:25:15:55:d2:71:03:9b:
         d4:ce:02:86:23:b4:97:97:93:c6:9b:ae:43:b2:dc:c8:97:6e:
         ec:2b:ad:ac:15:54:d3:02:fb:84:a4:18:59:b2:16:03:52:64:
         25:c5:c0:98:8b:c9:22:d0:77:70:e2:6e:e6:94:e5:38:c1:b5:
         30:ca:e9:c4
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUNuzuD/HN+yfo6Fel1j7kdJ6EXgMwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjYwNTE5MDIxMTUyWhcNMjYwODE3MjM1OTU5
WjB6MUkwRwYDVQQFE0BkYzFhZWMyMThlYjMyZDVjMWJkZjlmZjgxMDYzYzIwYTEy
OTg3NDIwNTQwZGE4Mjk2YmNkNzY5NjZkZTA0NjJiMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDRlhBMHLpD8Y0+u7f+2+0G45q0xQkCg4dckGo2DSZJkXjA
+VMG3aVzQzCGzm+A+vpqFMFwUMMpPXH6iAMsI4zcRK68Wf0FIw00BFeYQpRQhWCz
uRNXsvqpaR3PZIsSdAuDeKT4bD1+Entw2KhRPoehRcpp0lFcxYR8zcJqevg3sHE2
snqDhXN02IpASrxNN9W+jwK3N7SBzzKlojjIINxOldCX+VN7VKrKlKFffyXVSICQ
V5M5LwnwNGf2kWQHY13Eo5GW9IEQDcVSXaGokmGSCkUn1qYQHwqz/pAYTKGtLX5f
AYZByHrmXeMhAPzbfavUsb9CYeuAcWKdA0p5RdbfAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUpbDJ09672oX9dksY1ocUaRVp3lAwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyL2RiZTYzNWY5LTdhODMtNDc0OC04YTdhLTM3OGMwNDJjMDVlMS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwEN+jANBgkqhkiG9w0BAQsFAAOCAQEAg7ihnzDdUz2oXdCKQsZ9CU6B0UFw
1OReGJ9n4z+BO4d4JGNACalSCDmgTzmms/wMuwELT8SnlIg8SXk5bCQ0tq6xcUxW
aTHMwkwvKaemHOPXQ1f09mKffCgtHYBI8uOkEJqZKaV75nWfJIbxAIgIRp182IMU
PRpO8SE3XZK+slUuW8WzpYJ8gAWgaunAP7pk1WNDt2iTnSy1f11M+OXCDytxwjio
/H79pgfrCeGKXbdkQkE16Y1QT3KkXh1LwQElFVXScQOb1M4ChiO0l5eTxpuuQ7Lc
yJdu7CutrBVU0wL7hKQYWbIWA1JkJcXAmIvJItB3cOJu5pTlOMG1MMrpxA==
-----END CERTIFICATE-----