Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/e8e09efd-caa9-4237-aa90-8a63700dbb35.roa
File:                     e8e09efd-caa9-4237-aa90-8a63700dbb35.roa (raw, json)
Hash identifier:          TxkjcadvkcL/FKI/mY07FlK78Oy6MgFKw4aYAsWxs0Y=
Subject key identifier:   15:73:FB:E9:8E:23:C5:3B:E5:2A:9C:8C:D1:31:FF:C0:CC:B5:FB:30
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       17CF4E78A734EF8569E1AA55CF8A9DA39A261CA8
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/e8e09efd-caa9-4237-aa90-8a63700dbb35.roa
Signing time:             Thu 14 May 2026 01:31:18 +0000
ROA not before:           Thu 14 May 2026 01:31:18 +0000
ROA not after:            Wed 12 Aug 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        15.158.0.0/18 maxlen: 18
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 14 Jun 2026 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            17:cf:4e:78:a7:34:ef:85:69:e1:aa:55:cf:8a:9d:a3:9a:26:1c:a8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: May 14 01:31:18 2026 GMT
            Not After : Aug 12 23:59:59 2026 GMT
        Subject: serialNumber=37afff162a035a1fa9340bfe353c70b347edf06694551190def4f4393a56ca38, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:6d:7a:99:d4:15:8c:ca:5e:38:87:2d:e6:e8:
                    e4:b3:e6:d9:34:be:5e:52:05:0d:85:67:d7:95:b2:
                    ca:9b:57:9b:06:15:18:88:fb:e2:85:39:9e:06:df:
                    bb:52:33:eb:1f:d9:7e:c7:b8:b9:9e:1e:06:cb:4b:
                    6b:27:06:31:bb:b8:45:13:c6:a0:5d:13:64:2b:89:
                    18:ed:25:b9:29:35:03:3c:fa:7b:7a:65:af:e9:85:
                    f4:59:ae:2c:96:15:fe:ad:22:d1:eb:64:5b:b8:8d:
                    16:f2:7a:41:01:ce:35:03:f4:e6:c7:fd:90:8f:e5:
                    5d:9f:72:7d:e3:c9:ca:17:d2:40:48:7b:70:cf:e7:
                    83:1b:e6:a2:16:f1:69:6e:b6:6a:97:30:25:ff:c2:
                    2f:e0:d0:bd:db:42:aa:3a:65:cf:d7:c5:37:47:fa:
                    b2:ff:d1:9a:ef:1c:d0:3a:93:5c:d1:e8:1d:37:df:
                    80:19:1f:21:a8:ff:48:36:a7:52:2e:05:8e:6e:41:
                    e8:48:ab:0d:b6:4c:41:06:df:fd:ee:06:23:10:da:
                    0d:7c:16:4f:45:65:2c:13:b0:89:7c:05:2a:84:54:
                    d5:bb:96:0c:1c:e0:3b:6f:fb:eb:5c:1d:a3:c7:ad:
                    76:23:ec:8d:d2:f8:2d:53:58:5c:aa:06:26:c6:7f:
                    40:83
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                15:73:FB:E9:8E:23:C5:3B:E5:2A:9C:8C:D1:31:FF:C0:CC:B5:FB:30
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/e8e09efd-caa9-4237-aa90-8a63700dbb35.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  15.158.0.0/18

    Signature Algorithm: sha256WithRSAEncryption
         96:37:2a:08:32:46:50:c7:30:f9:d9:17:52:28:d8:36:74:71:
         41:06:77:90:9b:ee:1c:ce:2b:39:70:7f:05:a5:14:ac:21:01:
         98:ec:72:0b:bf:12:ba:b3:36:2f:00:0b:75:0b:e4:93:9d:7a:
         04:5c:0d:57:ab:5d:51:bf:29:9c:59:d3:58:9a:db:f6:0b:2a:
         60:5e:02:05:fa:b0:2b:ea:fb:fc:c5:f8:4e:86:28:3c:6b:53:
         de:c3:cf:dc:46:25:3d:6b:07:0b:fc:03:07:44:ce:36:69:26:
         d7:ee:f4:a1:50:10:45:47:9d:be:a7:0e:67:b9:0e:20:23:47:
         ae:21:16:3e:79:a8:05:46:94:29:8c:3d:7f:3f:39:0a:62:e5:
         e1:53:ad:c3:f1:31:de:7b:30:6e:c0:e3:f3:e0:f0:85:9a:e1:
         62:02:a0:d5:1c:50:ab:2e:75:e8:fb:43:e9:00:ae:cc:30:5d:
         da:9a:d2:fa:0e:2a:e7:b1:e5:39:b1:1c:c5:32:e5:2e:4b:02:
         07:6d:ef:3d:f3:d2:43:c4:59:59:a6:5e:ca:0f:1c:b5:8b:c8:
         b4:be:79:81:db:47:f8:c3:34:21:41:b1:58:ca:18:fd:73:da:
         2c:de:6e:4b:bc:da:85:47:8d:08:2b:9e:4b:42:f1:e6:a7:3c:
         7b:a4:33:bd
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUF89OeKc074Vp4apVz4qdo5omHKgwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjYwNTE0MDEzMTE4WhcNMjYwODEyMjM1OTU5
WjB6MUkwRwYDVQQFE0AzN2FmZmYxNjJhMDM1YTFmYTkzNDBiZmUzNTNjNzBiMzQ3
ZWRmMDY2OTQ1NTExOTBkZWY0ZjQzOTNhNTZjYTM4MS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDFbXqZ1BWMyl44hy3m6OSz5tk0vl5SBQ2FZ9eVssqbV5sG
FRiI++KFOZ4G37tSM+sf2X7HuLmeHgbLS2snBjG7uEUTxqBdE2QriRjtJbkpNQM8
+nt6Za/phfRZriyWFf6tItHrZFu4jRbyekEBzjUD9ObH/ZCP5V2fcn3jycoX0kBI
e3DP54Mb5qIW8WlutmqXMCX/wi/g0L3bQqo6Zc/XxTdH+rL/0ZrvHNA6k1zR6B03
34AZHyGo/0g2p1IuBY5uQehIqw22TEEG3/3uBiMQ2g18Fk9FZSwTsIl8BSqEVNW7
lgwc4Dtv++tcHaPHrXYj7I3S+C1TWFyqBibGf0CDAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUFXP76Y4jxTvlKpyM0TH/wMy1+zAwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyL2U4ZTA5ZWZkLWNhYTktNDIzNy1hYTkwLThhNjM3MDBkYmIzNS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAYPngAwDQYJKoZIhvcNAQELBQADggEBAJY3KggyRlDHMPnZF1Io2DZ0cUEG
d5Cb7hzOKzlwfwWlFKwhAZjscgu/ErqzNi8AC3UL5JOdegRcDVerXVG/KZxZ01ia
2/YLKmBeAgX6sCvq+/zF+E6GKDxrU97Dz9xGJT1rBwv8AwdEzjZpJtfu9KFQEEVH
nb6nDme5DiAjR64hFj55qAVGlCmMPX8/OQpi5eFTrcPxMd57MG7A4/Pg8IWa4WIC
oNUcUKsudej7Q+kArswwXdqa0voOKuex5TmxHMUy5S5LAgdt7z3z0kPEWVmmXsoP
HLWLyLS+eYHbR/jDNCFBsVjKGP1z2izebku82oVHjQgrnktC8eanPHukM70=
-----END CERTIFICATE-----