Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/26191af3-5d36-4e52-a2b7-00dda51fdbff.roa
File:                     26191af3-5d36-4e52-a2b7-00dda51fdbff.roa (raw, json)
Hash identifier:          gdHCtZ9em4dDhPxJ8Qulnix4e42H/R4OxKeBm8T1Dzg=
Subject key identifier:   DB:26:89:A7:68:D1:EE:A9:55:32:EA:88:0F:8C:15:22:D8:33:5C:F6
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       083F392186B3DC235AD8984053D6B03D8A410D42
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/26191af3-5d36-4e52-a2b7-00dda51fdbff.roa
Signing time:             Wed 20 May 2026 00:20:05 +0000
ROA not before:           Wed 20 May 2026 00:20:05 +0000
ROA not after:            Tue 18 Aug 2026 23:59:59 +0000
asID:                     6167
IP address blocks:        162.208.122.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 18 Jun 2026 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            08:3f:39:21:86:b3:dc:23:5a:d8:98:40:53:d6:b0:3d:8a:41:0d:42
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: May 20 00:20:05 2026 GMT
            Not After : Aug 18 23:59:59 2026 GMT
        Subject: serialNumber=bf4c438a44d3d4d96183f7bcd24ade0dd9ab91b74d2667ccf47142badce84f5c, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:18:17:0e:33:e7:ed:0e:10:5d:d0:d0:be:f0:
                    dc:be:1c:0e:da:05:e4:2b:b8:c6:0a:10:bb:ad:39:
                    d2:87:c6:4b:10:0c:2b:bb:cb:94:5a:26:5f:a3:61:
                    bb:e9:e6:62:b8:91:0c:85:94:c7:2a:d2:6f:a2:b8:
                    66:11:41:f8:0b:c5:d3:55:88:46:5e:e6:a2:5e:d6:
                    5e:5b:08:d7:8c:ef:4b:fc:f0:5a:15:e9:c2:06:e3:
                    23:6c:04:e7:61:e8:1b:af:04:32:a5:13:a2:66:12:
                    ae:a1:ec:ea:92:fa:22:92:48:b6:cd:78:b6:69:c9:
                    ee:2a:bd:29:62:03:7c:54:52:b7:30:15:c3:57:37:
                    28:df:51:de:1d:f3:23:b3:9a:6d:46:3e:43:5b:18:
                    64:1b:1b:77:db:b8:c8:62:fc:66:c8:1f:b4:da:db:
                    ad:d0:86:5b:f4:0b:e6:2c:d3:b2:55:64:33:7d:58:
                    a9:dc:f4:08:c6:b5:02:02:19:45:d4:88:14:e1:2f:
                    23:77:80:bf:5d:e5:4a:0e:cb:84:8e:26:1a:26:c2:
                    25:fe:00:8a:df:c0:5a:fe:77:13:37:2d:59:e7:ac:
                    65:fd:6d:59:5f:fc:13:ab:02:38:1b:be:c8:0c:80:
                    5a:51:8a:46:11:a0:8d:68:dc:f6:1d:64:68:7e:9e:
                    33:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DB:26:89:A7:68:D1:EE:A9:55:32:EA:88:0F:8C:15:22:D8:33:5C:F6
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/26191af3-5d36-4e52-a2b7-00dda51fdbff.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  162.208.122.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a3:42:7a:86:e0:aa:13:e2:ae:77:83:90:42:f5:e6:ba:f9:86:
         3f:b9:f5:7f:17:d2:80:79:f1:9b:b7:e4:c8:9b:20:4f:fc:6d:
         3f:9a:71:1e:20:d4:6b:a9:a5:a9:b3:5a:44:7c:e6:7b:18:3e:
         58:16:99:f1:7b:46:e2:26:0e:ea:93:af:61:c5:b2:42:57:a3:
         81:22:a0:98:f4:6b:92:e0:ef:da:c6:b5:86:92:83:92:a3:2a:
         93:90:69:0a:3a:7c:29:21:a9:bb:01:3d:e8:48:ef:98:88:ac:
         29:03:5b:a8:21:cf:a2:45:7d:22:c7:0f:e6:7b:b1:5f:79:c5:
         0a:9a:7b:e6:5c:6e:6a:83:40:01:4a:9f:40:80:e4:32:ef:2b:
         89:b4:d5:a2:66:08:46:a9:27:8c:3f:01:f6:e1:3b:00:ac:ae:
         46:16:f5:3e:f6:b0:bc:e8:cb:e4:9d:9d:bd:1e:59:8d:6a:bb:
         6f:03:2f:d6:dc:b1:20:ae:02:4f:4f:90:df:b9:9c:29:05:8d:
         c1:70:fd:a0:86:9c:cc:f1:4f:d0:d4:ea:0b:43:81:08:0d:2e:
         80:ef:dd:1c:48:1a:52:19:85:8a:0d:d3:31:a9:13:fb:79:56:
         f3:b7:e1:73:dc:6a:cf:a3:5a:5f:2e:5b:73:d8:49:69:a0:0d:
         34:78:d3:44
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUCD85IYaz3CNa2JhAU9awPYpBDUIwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjYwNTIwMDAyMDA1WhcNMjYwODE4MjM1OTU5
WjB6MUkwRwYDVQQFE0BiZjRjNDM4YTQ0ZDNkNGQ5NjE4M2Y3YmNkMjRhZGUwZGQ5
YWI5MWI3NGQyNjY3Y2NmNDcxNDJiYWRjZTg0ZjVjMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCmGBcOM+ftDhBd0NC+8Ny+HA7aBeQruMYKELutOdKHxksQ
DCu7y5RaJl+jYbvp5mK4kQyFlMcq0m+iuGYRQfgLxdNViEZe5qJe1l5bCNeM70v8
8FoV6cIG4yNsBOdh6BuvBDKlE6JmEq6h7OqS+iKSSLbNeLZpye4qvSliA3xUUrcw
FcNXNyjfUd4d8yOzmm1GPkNbGGQbG3fbuMhi/GbIH7Ta263Qhlv0C+Ys07JVZDN9
WKnc9AjGtQICGUXUiBThLyN3gL9d5UoOy4SOJhomwiX+AIrfwFr+dxM3LVnnrGX9
bVlf/BOrAjgbvsgMgFpRikYRoI1o3PYdZGh+njNfAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU2yaJp2jR7qlVMuqID4wVItgzXPYwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzI2MTkxYWYzLTVkMzYtNGU1Mi1hMmI3LTAwZGRhNTFmZGJmZi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBACi0HowDQYJKoZIhvcNAQELBQADggEBAKNCeobgqhPirneDkEL15rr5hj+5
9X8X0oB58Zu35MibIE/8bT+acR4g1GuppamzWkR85nsYPlgWmfF7RuImDuqTr2HF
skJXo4EioJj0a5Lg79rGtYaSg5KjKpOQaQo6fCkhqbsBPehI75iIrCkDW6ghz6JF
fSLHD+Z7sV95xQqae+ZcbmqDQAFKn0CA5DLvK4m01aJmCEapJ4w/AfbhOwCsrkYW
9T72sLzoy+Sdnb0eWY1qu28DL9bcsSCuAk9PkN+5nCkFjcFw/aCGnMzxT9DU6gtD
gQgNLoDv3RxIGlIZhYoN0zGpE/t5VvO34XPcas+jWl8uW3PYSWmgDTR400Q=
-----END CERTIFICATE-----