Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/f72b4c11-8eee-41c0-a62c-55bfb065d457.roa
File:                     f72b4c11-8eee-41c0-a62c-55bfb065d457.roa (raw, json)
Hash identifier:          /xDEUeUALtiYNeNqGzEL1HmMjTEjmS/BAAdmXoCTaDs=
Subject key identifier:   5C:0C:C3:22:90:D3:A1:28:87:48:22:82:C5:F8:74:A4:3F:CF:D5:82
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       2CF4491DF3D5B438701FB5C36C0B78A5D70E41CF
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/f72b4c11-8eee-41c0-a62c-55bfb065d457.roa
Signing time:             Fri 20 Feb 2026 01:11:52 +0000
ROA not before:           Fri 20 Feb 2026 01:11:52 +0000
ROA not after:            Thu 21 May 2026 23:59:59 +0000
asID:                     7224
IP address blocks:        3.2.26.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sat 28 Feb 2026 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2c:f4:49:1d:f3:d5:b4:38:70:1f:b5:c3:6c:0b:78:a5:d7:0e:41:cf
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Feb 20 01:11:52 2026 GMT
            Not After : May 21 23:59:59 2026 GMT
        Subject: serialNumber=df7b17df1309266cf9ffde8687408384993715ee8641b6924d551e8c0932ca73, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8d:6e:7e:d7:da:6d:35:72:14:35:dc:ca:dd:b0:
                    33:d0:27:0f:3a:bd:7a:4f:27:e5:ad:00:c3:0f:ef:
                    ce:5c:f7:90:dc:7c:68:6f:a2:36:48:06:6f:c0:e3:
                    e1:67:1a:23:a1:98:1f:32:e2:81:c0:23:ba:a1:84:
                    65:e0:1c:ac:3e:92:62:a2:89:b3:ed:d4:f7:ce:ee:
                    8f:36:39:4e:03:4a:49:9c:18:93:67:4a:8b:a0:23:
                    19:f4:1f:0f:b8:33:3e:f3:df:46:d3:6e:67:87:77:
                    96:88:54:4e:93:f9:ce:37:54:2c:6d:f8:7c:13:c9:
                    dd:0d:86:52:b0:5a:ad:ba:9d:ae:5d:79:1d:81:f3:
                    89:fe:f7:88:51:e2:76:8c:07:32:b2:ab:95:2c:fe:
                    b3:f3:99:d4:f0:54:c5:04:70:48:9a:88:94:d7:3c:
                    af:8c:50:66:75:e5:d0:cc:d6:ee:e6:85:a2:74:cc:
                    f7:0d:a9:94:8a:48:33:3f:7c:51:2c:a5:ff:20:ec:
                    fa:29:be:d9:ed:a0:41:5c:c0:aa:ae:ef:92:12:47:
                    2a:7c:c9:0c:20:7b:58:c0:9a:f5:96:8d:89:51:82:
                    58:4f:21:2b:bc:ef:6b:08:9e:27:24:36:85:4e:1e:
                    40:4d:c8:94:99:fe:83:f6:42:4d:00:88:57:62:57:
                    c7:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5C:0C:C3:22:90:D3:A1:28:87:48:22:82:C5:F8:74:A4:3F:CF:D5:82
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/f72b4c11-8eee-41c0-a62c-55bfb065d457.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  3.2.26.0/24

    Signature Algorithm: sha256WithRSAEncryption
         32:24:97:11:cd:2e:e7:15:b5:2d:b0:2c:e7:43:ee:d8:9a:30:
         22:05:a9:f9:59:e3:4d:51:e9:8f:28:af:eb:a0:95:a3:70:49:
         e1:80:23:1f:52:85:4c:75:d4:66:7a:e1:ab:df:99:64:75:d0:
         df:31:de:aa:3a:bf:72:ad:2f:49:77:4e:55:8d:91:9c:5e:d0:
         c2:4f:0c:36:05:d4:a8:68:3a:99:7d:21:5c:89:c7:e8:60:dd:
         bb:ab:38:d7:58:75:7c:67:31:61:e2:73:d5:f6:e8:ac:7e:41:
         e0:a1:f2:3f:94:6a:43:58:72:4b:61:c2:e0:74:1e:ce:79:66:
         83:70:2b:ff:b9:0f:d5:9e:44:b0:2a:f3:51:8c:65:61:18:42:
         96:b8:d7:44:86:aa:4e:95:99:97:f8:9f:10:8b:4a:83:e8:58:
         78:01:a2:e8:5d:af:2b:28:8e:9f:32:b9:76:16:6f:b5:a5:cb:
         e4:72:2f:f9:45:66:a4:85:e4:2e:a3:a5:8a:41:3d:e7:a6:db:
         54:fe:21:86:17:4d:b0:9f:0d:01:23:a1:d1:fa:fb:88:45:09:
         98:e8:52:3e:59:a2:d0:d4:3a:8e:54:9b:40:e4:1c:45:42:da:
         c7:53:e1:e4:4b:64:63:a9:6e:56:83:f6:ea:16:11:e7:80:46:
         a6:57:31:58
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIULPRJHfPVtDhwH7XDbAt4pdcOQc8wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjYwMjIwMDExMTUyWhcNMjYwNTIxMjM1OTU5
WjB6MUkwRwYDVQQFE0BkZjdiMTdkZjEzMDkyNjZjZjlmZmRlODY4NzQwODM4NDk5
MzcxNWVlODY0MWI2OTI0ZDU1MWU4YzA5MzJjYTczMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCNbn7X2m01chQ13MrdsDPQJw86vXpPJ+WtAMMP785c95Dc
fGhvojZIBm/A4+FnGiOhmB8y4oHAI7qhhGXgHKw+kmKiibPt1PfO7o82OU4DSkmc
GJNnSougIxn0Hw+4Mz7z30bTbmeHd5aIVE6T+c43VCxt+HwTyd0NhlKwWq26na5d
eR2B84n+94hR4naMBzKyq5Us/rPzmdTwVMUEcEiaiJTXPK+MUGZ15dDM1u7mhaJ0
zPcNqZSKSDM/fFEspf8g7PopvtntoEFcwKqu75ISRyp8yQwge1jAmvWWjYlRglhP
ISu872sInickNoVOHkBNyJSZ/oP2Qk0AiFdiV8c1AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUXAzDIpDToSiHSCKCxfh0pD/P1YIwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyL2Y3MmI0YzExLThlZWUtNDFjMC1hNjJjLTU1YmZiMDY1ZDQ1Ny5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAADAhowDQYJKoZIhvcNAQELBQADggEBADIklxHNLucVtS2wLOdD7tiaMCIF
qflZ401R6Y8or+uglaNwSeGAIx9ShUx11GZ64avfmWR10N8x3qo6v3KtL0l3TlWN
kZxe0MJPDDYF1KhoOpl9IVyJx+hg3burONdYdXxnMWHic9X26Kx+QeCh8j+UakNY
ckthwuB0Hs55ZoNwK/+5D9WeRLAq81GMZWEYQpa410SGqk6VmZf4nxCLSoPoWHgB
ouhdrysojp8yuXYWb7Wly+RyL/lFZqSF5C6jpYpBPeem21T+IYYXTbCfDQEjodH6
+4hFCZjoUj5ZotDUOo5Um0DkHEVC2sdT4eRLZGOpblaD9uoWEeeARqZXMVg=
-----END CERTIFICATE-----