Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/0a62f6cd-82ea-4bfa-ac20-43291afe7df2.roa
File:                     0a62f6cd-82ea-4bfa-ac20-43291afe7df2.roa (raw, json)
Hash identifier:          AFBzxYxqLwudUNxrmwpj+HzEaBYief4Sp8Zj9pGrUqM=
Subject key identifier:   FC:DA:58:FD:F6:1B:42:33:55:6F:7F:44:CC:8D:2C:14:79:3C:D1:7D
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       03A0F78E3BD66A4BC905E32F709087C7E3CFC2A2
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/0a62f6cd-82ea-4bfa-ac20-43291afe7df2.roa
Signing time:             Thu 26 Feb 2026 01:01:29 +0000
ROA not before:           Thu 26 Feb 2026 01:01:29 +0000
ROA not after:            Wed 27 May 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        56.244.0.0/16 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 03 Mar 2026 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            03:a0:f7:8e:3b:d6:6a:4b:c9:05:e3:2f:70:90:87:c7:e3:cf:c2:a2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Feb 26 01:01:29 2026 GMT
            Not After : May 27 23:59:59 2026 GMT
        Subject: serialNumber=ed5d87e771e810a01fce2fbfa973e9355244dddeac1a6021c3410a56657b33a3, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:2b:fd:64:59:96:ac:c6:29:df:6b:a0:52:67:
                    bc:83:17:76:83:61:93:52:cb:df:a0:42:d9:3c:b0:
                    e3:5f:7e:b4:5b:92:e4:b9:38:00:6d:df:6b:ef:0b:
                    f4:e4:f0:fd:36:4a:c8:1d:0b:65:eb:d5:a0:fa:fb:
                    cf:8f:c0:c2:ac:73:f2:da:c6:69:96:3b:91:6a:47:
                    85:de:e2:a9:01:70:cb:bd:13:2a:ae:6a:7e:ce:b5:
                    73:61:6b:3b:5f:51:77:53:fe:7d:ab:6b:35:ec:9b:
                    28:b9:8b:b7:7e:37:99:f2:ea:9a:8d:fe:57:d3:d4:
                    e6:a5:37:af:c8:50:28:e6:14:6d:d6:aa:c9:22:45:
                    47:ce:2c:00:fe:88:32:62:9e:79:be:5f:2f:28:27:
                    44:2f:c6:15:df:62:d6:a4:be:8d:c9:73:ec:6c:d6:
                    1a:3a:8b:77:2b:fa:75:d2:f0:5d:35:b6:e7:be:ba:
                    29:95:25:e2:0b:29:e8:ba:b0:1a:d8:bc:18:b8:f1:
                    72:fa:b0:b6:55:9c:8a:87:fe:f6:e9:c6:3b:49:c7:
                    ca:ee:2e:dc:58:b7:58:21:50:3f:bb:49:76:b4:e3:
                    35:bc:94:ba:5c:f0:60:a3:7d:be:ff:72:ad:ac:a5:
                    b7:f3:e9:da:b6:02:ed:97:15:8b:88:63:f6:03:5b:
                    92:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FC:DA:58:FD:F6:1B:42:33:55:6F:7F:44:CC:8D:2C:14:79:3C:D1:7D
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/0a62f6cd-82ea-4bfa-ac20-43291afe7df2.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  56.244.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         a7:8f:39:79:02:24:3e:5b:2f:3b:20:c4:04:5b:7a:45:d7:d0:
         73:3d:a3:75:3c:a1:74:be:f2:ad:6b:fb:b4:02:38:b1:e6:26:
         99:d2:8e:3d:93:bf:33:23:08:e9:e2:38:91:80:a3:4d:b6:14:
         03:00:63:7d:d2:3d:b9:67:d7:69:ad:57:d9:73:e5:76:56:fa:
         70:98:e8:99:2a:8c:27:99:e2:b6:09:f0:32:03:6e:42:64:23:
         b7:9b:f6:0c:20:84:5c:15:f6:09:f6:33:ba:d7:c8:c2:1a:30:
         06:43:a5:3b:c4:8c:a0:f5:56:77:26:0f:f0:1e:50:77:c1:81:
         8d:1a:6b:c3:f3:19:eb:7d:ee:ec:a6:9b:42:e9:39:5f:51:6d:
         80:11:1c:e3:ad:fc:74:83:80:0a:d8:f5:d2:53:86:0c:df:f8:
         0b:51:7a:5b:7f:1d:a2:0d:d1:da:19:f4:ec:78:f5:85:36:07:
         27:96:c5:39:a5:81:33:96:85:89:10:4f:05:22:d5:19:65:b4:
         89:e2:77:4b:b5:8f:84:d8:ad:e7:c7:4e:a6:0b:9e:de:a7:49:
         3f:32:66:65:70:df:49:de:da:9a:54:e4:2f:13:00:f5:a5:10:
         8f:35:93:33:50:ba:0c:01:e1:e0:88:24:41:c6:61:66:29:6a:
         2f:9e:29:68
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUA6D3jjvWakvJBeMvcJCHx+PPwqIwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjYwMjI2MDEwMTI5WhcNMjYwNTI3MjM1OTU5
WjB6MUkwRwYDVQQFE0BlZDVkODdlNzcxZTgxMGEwMWZjZTJmYmZhOTczZTkzNTUy
NDRkZGRlYWMxYTYwMjFjMzQxMGE1NjY1N2IzM2EzMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC+K/1kWZasxinfa6BSZ7yDF3aDYZNSy9+gQtk8sONffrRb
kuS5OABt32vvC/Tk8P02SsgdC2Xr1aD6+8+PwMKsc/LaxmmWO5FqR4Xe4qkBcMu9
Eyquan7OtXNhaztfUXdT/n2razXsmyi5i7d+N5ny6pqN/lfT1OalN6/IUCjmFG3W
qskiRUfOLAD+iDJinnm+Xy8oJ0QvxhXfYtakvo3Jc+xs1ho6i3cr+nXS8F01tue+
uimVJeILKei6sBrYvBi48XL6sLZVnIqH/vbpxjtJx8ruLtxYt1ghUD+7SXa04zW8
lLpc8GCjfb7/cq2spbfz6dq2Au2XFYuIY/YDW5INAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQU/NpY/fYbQjNVb39EzI0sFHk80X0wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzBhNjJmNmNkLTgyZWEtNGJmYS1hYzIwLTQzMjkxYWZlN2RmMi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwA49DANBgkqhkiG9w0BAQsFAAOCAQEAp485eQIkPlsvOyDEBFt6RdfQcz2j
dTyhdL7yrWv7tAI4seYmmdKOPZO/MyMI6eI4kYCjTbYUAwBjfdI9uWfXaa1X2XPl
dlb6cJjomSqMJ5nitgnwMgNuQmQjt5v2DCCEXBX2CfYzutfIwhowBkOlO8SMoPVW
dyYP8B5Qd8GBjRprw/MZ633u7KabQuk5X1FtgBEc4638dIOACtj10lOGDN/4C1F6
W38dog3R2hn07Hj1hTYHJ5bFOaWBM5aFiRBPBSLVGWW0ieJ3S7WPhNit58dOpgue
3qdJPzJmZXDfSd7amlTkLxMA9aUQjzWTM1C6DAHh4IgkQcZhZilqL54paA==
-----END CERTIFICATE-----
Generated at Sun Mar 1 23:53:21 2026 by rpki-client