Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/19e514fc-84b3-4e18-a36c-84ba61d84273.roa
File:                     19e514fc-84b3-4e18-a36c-84ba61d84273.roa (raw, json)
Hash identifier:          Ys0dHHQ/XqB1H+MO/JswIvut6GW+uQQfyHLMcJpbhtQ=
Subject key identifier:   5B:2A:1E:EA:87:F7:6C:A2:E7:BC:34:9B:25:45:96:FE:C6:7D:F0:10
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       4AD32C2E5DAA185B96864AF906003CFA4A6B6211
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/19e514fc-84b3-4e18-a36c-84ba61d84273.roa
Signing time:             Thu 26 Feb 2026 01:00:07 +0000
ROA not before:           Thu 26 Feb 2026 01:00:07 +0000
ROA not after:            Wed 27 May 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        56.209.0.0/16 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 03 Mar 2026 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4a:d3:2c:2e:5d:aa:18:5b:96:86:4a:f9:06:00:3c:fa:4a:6b:62:11
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Feb 26 01:00:07 2026 GMT
            Not After : May 27 23:59:59 2026 GMT
        Subject: serialNumber=7203a4235e083749f7fa1e7ec47b40dd8cd451082b32c5be6af171414d1bfeeb, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:e0:e1:da:da:7f:79:cc:ce:2f:1e:81:1a:b4:
                    c0:5b:c2:c6:d1:f1:15:dc:f6:26:ee:4a:88:25:73:
                    37:9a:e2:26:0d:6d:69:db:fc:15:f8:cf:d2:4a:50:
                    8a:14:2e:a9:a8:ff:40:1b:ee:12:1f:b3:47:55:84:
                    39:fa:2a:ff:6f:cd:fc:40:3c:3c:72:60:31:df:98:
                    04:15:96:9c:6e:54:02:e3:9a:d2:82:f8:39:08:3c:
                    94:ca:a6:25:c3:d3:8c:cb:b7:66:f7:08:06:ab:67:
                    46:87:85:3a:2a:72:ae:5c:f0:b5:3f:6c:cb:f9:e8:
                    64:01:a7:25:c7:59:b3:e7:3f:e5:c9:e7:dc:6a:99:
                    9d:c1:a2:43:bb:bd:e4:1f:85:26:bb:bd:50:82:5c:
                    6b:86:b0:7a:e5:c5:17:b6:58:2a:4c:4a:74:4b:b2:
                    cf:7e:ef:dd:21:e3:45:8d:d8:95:cb:9f:5c:b9:da:
                    e2:08:93:95:83:68:a4:1e:9e:ec:d3:3a:3f:3e:30:
                    f6:85:7b:73:c4:c0:3c:9c:80:ae:c7:09:83:8b:85:
                    25:ec:7a:c5:6a:c4:bc:cc:59:7e:55:ec:97:58:55:
                    6f:11:9a:6b:ca:06:d8:f7:65:7b:5b:6f:01:bf:40:
                    dc:f0:87:3d:c6:ec:99:3b:6b:2e:b2:6e:6d:92:74:
                    8c:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5B:2A:1E:EA:87:F7:6C:A2:E7:BC:34:9B:25:45:96:FE:C6:7D:F0:10
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/19e514fc-84b3-4e18-a36c-84ba61d84273.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  56.209.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         b8:0a:41:05:18:9f:e9:03:1e:a6:24:3b:73:33:ca:76:56:88:
         2a:19:d6:82:0b:09:83:ef:d2:6c:80:fa:eb:38:bc:8f:6f:17:
         d7:e9:6a:99:da:b8:2f:4f:b2:95:43:d5:b5:ee:02:d8:55:e7:
         b3:18:64:3c:b9:34:a8:78:58:6e:a1:1b:11:ad:c7:ad:46:18:
         f0:b5:78:63:8b:f0:34:67:c9:1b:02:03:73:8c:62:e7:1d:f8:
         06:4e:a7:81:9b:b0:8b:60:4e:17:16:44:28:dd:ad:83:48:ec:
         50:98:c3:cb:1d:82:10:b9:77:65:86:67:38:85:31:22:7d:3e:
         3b:d7:3e:e3:7a:19:cd:38:06:17:3f:7d:af:26:66:80:97:97:
         12:25:fd:95:93:e6:b1:1e:40:96:5a:2d:e5:54:32:29:48:58:
         e9:41:89:77:92:06:23:e0:40:78:c4:c2:bf:16:f0:de:60:d2:
         54:8a:24:c5:e7:86:44:00:2d:ae:b4:17:4c:09:63:bb:27:2e:
         19:4d:5e:e5:32:f4:59:a5:52:bd:38:48:46:a9:b2:30:5f:8d:
         d5:44:c9:eb:dc:26:48:c3:3d:9c:ed:fa:d1:d6:d7:46:28:75:
         13:22:5f:04:f9:b1:59:f3:87:65:7a:f3:56:b6:b2:1c:43:b0:
         a1:45:0a:98
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUStMsLl2qGFuWhkr5BgA8+kprYhEwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjYwMjI2MDEwMDA3WhcNMjYwNTI3MjM1OTU5
WjB6MUkwRwYDVQQFE0A3MjAzYTQyMzVlMDgzNzQ5ZjdmYTFlN2VjNDdiNDBkZDhj
ZDQ1MTA4MmIzMmM1YmU2YWYxNzE0MTRkMWJmZWViMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDJ4OHa2n95zM4vHoEatMBbwsbR8RXc9ibuSoglczea4iYN
bWnb/BX4z9JKUIoULqmo/0Ab7hIfs0dVhDn6Kv9vzfxAPDxyYDHfmAQVlpxuVALj
mtKC+DkIPJTKpiXD04zLt2b3CAarZ0aHhToqcq5c8LU/bMv56GQBpyXHWbPnP+XJ
59xqmZ3BokO7veQfhSa7vVCCXGuGsHrlxRe2WCpMSnRLss9+790h40WN2JXLn1y5
2uIIk5WDaKQenuzTOj8+MPaFe3PEwDycgK7HCYOLhSXsesVqxLzMWX5V7JdYVW8R
mmvKBtj3ZXtbbwG/QNzwhz3G7Jk7ay6ybm2SdIwhAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUWyoe6of3bKLnvDSbJUWW/sZ98BAwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzE5ZTUxNGZjLTg0YjMtNGUxOC1hMzZjLTg0YmE2MWQ4NDI3My5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwA40TANBgkqhkiG9w0BAQsFAAOCAQEAuApBBRif6QMepiQ7czPKdlaIKhnW
ggsJg+/SbID66zi8j28X1+lqmdq4L0+ylUPVte4C2FXnsxhkPLk0qHhYbqEbEa3H
rUYY8LV4Y4vwNGfJGwIDc4xi5x34Bk6ngZuwi2BOFxZEKN2tg0jsUJjDyx2CELl3
ZYZnOIUxIn0+O9c+43oZzTgGFz99ryZmgJeXEiX9lZPmsR5Allot5VQyKUhY6UGJ
d5IGI+BAeMTCvxbw3mDSVIokxeeGRAAtrrQXTAljuycuGU1e5TL0WaVSvThIRqmy
MF+N1UTJ69wmSMM9nO360dbXRih1EyJfBPmxWfOHZXrzVrayHEOwoUUKmA==
-----END CERTIFICATE-----