Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/fc6c513c-18c6-4cc7-9b28-a83b394fe8aa.roa
File:                     fc6c513c-18c6-4cc7-9b28-a83b394fe8aa.roa (raw, json)
Hash identifier:          W7M2NQYwAr/BxszMBN+VHj201sur/QwHtLJ/g9bCwmI=
Subject key identifier:   EF:15:CF:FC:78:E5:39:9D:2E:5B:19:13:45:8D:C7:B2:5F:A0:D9:44
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       208DFD93F3889CF26FB270647EE5DB905CE65386
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/fc6c513c-18c6-4cc7-9b28-a83b394fe8aa.roa
Signing time:             Sat 14 Feb 2026 01:10:59 +0000
ROA not before:           Sat 14 Feb 2026 01:10:59 +0000
ROA not after:            Fri 15 May 2026 23:59:59 +0000
asID:                     14618
IP address blocks:        15.181.96.0/23 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sat 28 Feb 2026 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            20:8d:fd:93:f3:88:9c:f2:6f:b2:70:64:7e:e5:db:90:5c:e6:53:86
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Feb 14 01:10:59 2026 GMT
            Not After : May 15 23:59:59 2026 GMT
        Subject: serialNumber=9a257dd78435973520e80f3994419fc31ce459b29c85d4b57d6108e2fe8a03cc, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:24:0e:65:09:fa:b9:ad:9f:a6:04:f5:b1:1e:
                    86:25:75:99:a2:f8:89:6e:03:ce:bb:6b:32:d1:ed:
                    bb:44:01:58:da:5a:54:d5:f1:ba:08:5b:d9:81:bc:
                    af:56:cb:c2:a2:7c:6d:3a:88:5e:60:a7:90:75:aa:
                    a1:49:9d:84:67:9a:36:64:f5:f5:19:b3:8b:ac:57:
                    42:ae:c0:e6:28:76:a7:ea:0c:2a:0c:81:c4:37:01:
                    8d:13:f5:a2:38:95:4e:35:69:f2:dc:98:12:6a:63:
                    64:f0:86:a4:10:8b:c9:ff:6c:6e:37:59:19:2e:56:
                    7b:1e:af:a7:d0:2f:f8:fe:dc:0d:e4:35:12:44:76:
                    01:20:0c:89:13:68:c0:13:e2:8e:b7:24:0a:53:2b:
                    49:ce:9e:b7:f7:99:62:a6:b4:34:6c:80:d0:fb:3a:
                    62:c1:1b:d2:c6:a0:ab:5d:61:89:3b:bb:94:63:1f:
                    bb:fb:99:7b:b4:a6:c4:b1:ee:bb:3a:22:e5:47:56:
                    b5:34:79:bc:8f:a9:82:d8:51:97:5a:66:68:e0:09:
                    de:ab:c5:3b:b6:0e:d9:34:61:69:9e:1a:ea:ca:bb:
                    52:ec:9d:16:f1:4f:a5:ff:e6:99:71:86:83:c6:92:
                    33:c8:84:10:86:d0:39:8f:54:11:12:5a:1a:be:c1:
                    9c:8d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EF:15:CF:FC:78:E5:39:9D:2E:5B:19:13:45:8D:C7:B2:5F:A0:D9:44
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/fc6c513c-18c6-4cc7-9b28-a83b394fe8aa.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  15.181.96.0/23

    Signature Algorithm: sha256WithRSAEncryption
         52:28:71:7b:29:75:23:93:82:a6:6c:9e:7e:03:2c:82:a4:a3:
         1a:69:23:41:59:36:bc:ad:9d:b6:46:95:ff:16:fc:51:14:9d:
         27:51:8a:80:9e:38:4f:83:a3:85:55:56:b3:7d:9b:f7:35:38:
         86:5c:47:c2:dc:2a:56:1b:3b:01:83:63:1a:40:e7:18:78:dc:
         f6:ff:69:87:7e:29:38:45:f4:28:ca:9f:17:82:4c:d1:d8:1c:
         d6:3a:f4:9e:96:75:84:b8:5d:a3:c0:53:f7:ec:e2:a1:1e:59:
         cc:0a:6f:5d:d3:27:03:15:f3:c5:af:76:65:c5:ed:2c:85:20:
         bc:d2:c3:05:57:90:be:51:27:c7:8e:e3:eb:26:a1:e2:cf:20:
         08:16:14:9c:5c:e6:bb:ff:4c:29:7b:b6:4d:19:e2:74:2a:94:
         34:99:a1:37:14:5e:88:27:9a:3a:6e:52:4b:2a:33:f5:c1:9d:
         81:ec:74:f1:8c:43:06:f9:2e:75:d4:58:05:17:9f:5c:d0:3d:
         a9:01:3a:e5:17:63:ae:6e:ab:d6:a4:e8:a0:92:98:c4:00:0f:
         2d:20:2e:38:19:cd:3c:b3:a0:7f:a9:4c:f6:45:b7:33:b0:ef:
         36:88:44:70:94:33:37:3a:99:ba:c2:77:3c:cd:e2:e1:09:d0:
         10:68:07:d8
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUII39k/OInPJvsnBkfuXbkFzmU4YwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjYwMjE0MDExMDU5WhcNMjYwNTE1MjM1OTU5
WjB6MUkwRwYDVQQFE0A5YTI1N2RkNzg0MzU5NzM1MjBlODBmMzk5NDQxOWZjMzFj
ZTQ1OWIyOWM4NWQ0YjU3ZDYxMDhlMmZlOGEwM2NjMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDJJA5lCfq5rZ+mBPWxHoYldZmi+IluA867azLR7btEAVja
WlTV8boIW9mBvK9Wy8KifG06iF5gp5B1qqFJnYRnmjZk9fUZs4usV0KuwOYodqfq
DCoMgcQ3AY0T9aI4lU41afLcmBJqY2TwhqQQi8n/bG43WRkuVnser6fQL/j+3A3k
NRJEdgEgDIkTaMAT4o63JApTK0nOnrf3mWKmtDRsgND7OmLBG9LGoKtdYYk7u5Rj
H7v7mXu0psSx7rs6IuVHVrU0ebyPqYLYUZdaZmjgCd6rxTu2Dtk0YWmeGurKu1Ls
nRbxT6X/5plxhoPGkjPIhBCG0DmPVBESWhq+wZyNAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU7xXP/HjlOZ0uWxkTRY3Hsl+g2UQwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyL2ZjNmM1MTNjLTE4YzYtNGNjNy05YjI4LWE4M2IzOTRmZThhYS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAEPtWAwDQYJKoZIhvcNAQELBQADggEBAFIocXspdSOTgqZsnn4DLIKkoxpp
I0FZNrytnbZGlf8W/FEUnSdRioCeOE+Do4VVVrN9m/c1OIZcR8LcKlYbOwGDYxpA
5xh43Pb/aYd+KThF9CjKnxeCTNHYHNY69J6WdYS4XaPAU/fs4qEeWcwKb13TJwMV
88WvdmXF7SyFILzSwwVXkL5RJ8eO4+smoeLPIAgWFJxc5rv/TCl7tk0Z4nQqlDSZ
oTcUXognmjpuUksqM/XBnYHsdPGMQwb5LnXUWAUXn1zQPakBOuUXY65uq9ak6KCS
mMQADy0gLjgZzTyzoH+pTPZFtzOw7zaIRHCUMzc6mbrCdzzN4uEJ0BBoB9g=
-----END CERTIFICATE-----