Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/2337adfc-3e6e-4798-9efd-afd8e5bd04c9.roa
File:                     2337adfc-3e6e-4798-9efd-afd8e5bd04c9.roa (raw, json)
Hash identifier:          UqyUvxXzsZcBzzdAYRAH+cmez4PwDVjFG3RfGkVGJP8=
Subject key identifier:   19:79:F4:74:9E:89:8F:5E:70:27:42:C3:9F:F6:32:3C:C3:62:63:6E
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       68FD07192F2D5B8BB3EC2AA4E21A64428EE37E8B
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/2337adfc-3e6e-4798-9efd-afd8e5bd04c9.roa
Signing time:             Wed 25 Feb 2026 00:20:56 +0000
ROA not before:           Wed 25 Feb 2026 00:20:56 +0000
ROA not after:            Tue 26 May 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        56.133.0.0/16 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 03 Mar 2026 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            68:fd:07:19:2f:2d:5b:8b:b3:ec:2a:a4:e2:1a:64:42:8e:e3:7e:8b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Feb 25 00:20:56 2026 GMT
            Not After : May 26 23:59:59 2026 GMT
        Subject: serialNumber=dcfce6423846a83e363a929ed7ffb6942cf2a13f1f17263ce248bdb7a99d5ea1, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:77:26:b2:fb:51:59:27:b0:ab:d0:67:76:68:
                    2d:4c:34:35:1a:e8:5c:99:f4:16:54:8a:28:de:6f:
                    3b:a6:2b:db:c4:a9:06:dd:88:90:40:94:44:ed:67:
                    80:a5:b5:ee:d2:f5:01:3a:79:6c:a2:91:58:3b:68:
                    1e:ff:e3:8e:93:9a:11:8c:ba:dc:9b:fd:c9:8b:60:
                    2e:dc:5a:90:35:49:72:79:c5:67:4e:d9:70:58:7d:
                    b8:0c:fa:da:49:36:63:70:d1:b0:11:12:df:63:2b:
                    6f:16:d2:70:ea:dc:24:ee:b5:99:c2:7e:6d:65:a3:
                    63:c2:87:f0:9c:32:50:0f:15:5e:7c:60:b0:0a:89:
                    3d:5e:95:0d:e6:8b:3c:2a:41:c4:a9:73:0c:c1:ed:
                    04:53:4b:7a:56:a3:8a:f1:4b:a6:5c:37:2b:84:87:
                    4d:a4:00:b9:3d:b2:82:7f:7e:a1:51:55:e6:73:c2:
                    7f:89:cd:7b:7a:46:c6:ea:7f:bd:95:e5:83:49:07:
                    f5:96:ee:8c:e7:f6:0e:a9:68:b0:f3:83:89:f0:00:
                    8f:78:44:5b:19:fa:1c:5e:2a:b4:da:25:92:b9:75:
                    84:17:78:24:5d:04:60:17:3e:7c:b3:ec:3c:64:29:
                    10:ca:d1:08:46:49:cf:74:07:29:b2:34:fb:39:87:
                    9d:db
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                19:79:F4:74:9E:89:8F:5E:70:27:42:C3:9F:F6:32:3C:C3:62:63:6E
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/2337adfc-3e6e-4798-9efd-afd8e5bd04c9.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  56.133.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         28:12:1d:fe:51:a0:74:40:29:a5:3f:ef:c1:cb:3e:5f:22:5d:
         42:79:01:13:55:c8:9e:57:3e:96:6b:71:50:91:85:40:8f:12:
         7a:9e:71:eb:8b:5e:a5:26:43:22:c7:9d:8f:83:61:14:e7:9f:
         7a:92:eb:b1:93:e9:2a:84:c7:5b:bd:a2:99:c9:f9:03:89:5a:
         e1:07:4d:e4:e7:aa:29:a7:79:1c:fe:55:23:dc:24:64:71:dd:
         f5:c5:98:86:40:57:c5:f4:5e:73:e1:be:1b:c9:cd:6f:e0:72:
         d6:46:b6:24:f5:f0:15:04:82:c9:52:b1:ff:f3:6c:11:36:af:
         1d:bd:65:2b:b1:60:d6:9a:39:37:8f:c1:c8:16:85:33:ed:1c:
         16:16:97:3b:85:3a:1d:bd:f7:f9:64:5b:69:0e:a8:aa:3a:eb:
         39:9b:a9:61:4e:dd:b1:6b:01:a8:a2:7b:1b:06:8b:bb:c4:03:
         2f:06:fa:c7:2e:cf:0a:3c:19:67:31:04:f4:e2:01:8c:2c:60:
         44:79:2f:1f:41:1d:8a:31:d5:a0:4d:db:f0:69:26:5e:7f:71:
         b7:18:e3:f8:4d:dd:e1:14:74:97:1a:a8:88:1a:ce:ee:76:41:
         67:e1:e7:64:79:9d:63:11:2d:ee:bc:f4:b7:4e:23:48:b8:cc:
         a8:e9:41:00
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUaP0HGS8tW4uz7Cqk4hpkQo7jfoswDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjYwMjI1MDAyMDU2WhcNMjYwNTI2MjM1OTU5
WjB6MUkwRwYDVQQFE0BkY2ZjZTY0MjM4NDZhODNlMzYzYTkyOWVkN2ZmYjY5NDJj
ZjJhMTNmMWYxNzI2M2NlMjQ4YmRiN2E5OWQ1ZWExMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCtdyay+1FZJ7Cr0Gd2aC1MNDUa6FyZ9BZUiijebzumK9vE
qQbdiJBAlETtZ4Clte7S9QE6eWyikVg7aB7/446TmhGMutyb/cmLYC7cWpA1SXJ5
xWdO2XBYfbgM+tpJNmNw0bAREt9jK28W0nDq3CTutZnCfm1lo2PCh/CcMlAPFV58
YLAKiT1elQ3mizwqQcSpcwzB7QRTS3pWo4rxS6ZcNyuEh02kALk9soJ/fqFRVeZz
wn+JzXt6Rsbqf72V5YNJB/WW7ozn9g6paLDzg4nwAI94RFsZ+hxeKrTaJZK5dYQX
eCRdBGAXPnyz7DxkKRDK0QhGSc90BymyNPs5h53bAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUGXn0dJ6Jj15wJ0LDn/YyPMNiY24wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzIzMzdhZGZjLTNlNmUtNDc5OC05ZWZkLWFmZDhlNWJkMDRjOS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwA4hTANBgkqhkiG9w0BAQsFAAOCAQEAKBId/lGgdEAppT/vwcs+XyJdQnkB
E1XInlc+lmtxUJGFQI8Sep5x64tepSZDIsedj4NhFOefepLrsZPpKoTHW72imcn5
A4la4QdN5OeqKad5HP5VI9wkZHHd9cWYhkBXxfRec+G+G8nNb+By1ka2JPXwFQSC
yVKx//NsETavHb1lK7Fg1po5N4/ByBaFM+0cFhaXO4U6Hb33+WRbaQ6oqjrrOZup
YU7dsWsBqKJ7GwaLu8QDLwb6xy7PCjwZZzEE9OIBjCxgRHkvH0EdijHVoE3b8Gkm
Xn9xtxjj+E3d4RR0lxqoiBrO7nZBZ+HnZHmdYxEt7rz0t04jSLjMqOlBAA==
-----END CERTIFICATE-----