Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/30daddce-6506-4548-abca-4110cddb5ecf.roa
File:                     30daddce-6506-4548-abca-4110cddb5ecf.roa (raw, json)
Hash identifier:          bnCV5dkSrry/bY5c4D2PVaz0oXXIyPxSudo22IX/FUY=
Subject key identifier:   E1:DB:A7:E2:31:C7:83:D8:8F:58:3E:11:E5:62:95:D5:40:01:4B:E3
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       7CAD49B1C9A2E9FEB20EC806FEC14371043BD77D
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/30daddce-6506-4548-abca-4110cddb5ecf.roa
Signing time:             Fri 13 Feb 2026 00:51:24 +0000
ROA not before:           Fri 13 Feb 2026 00:51:24 +0000
ROA not after:            Thu 14 May 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        44.216.196.0/22 maxlen: 22
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 03 Mar 2026 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7c:ad:49:b1:c9:a2:e9:fe:b2:0e:c8:06:fe:c1:43:71:04:3b:d7:7d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Feb 13 00:51:24 2026 GMT
            Not After : May 14 23:59:59 2026 GMT
        Subject: serialNumber=b16036f7db25dbbeae334e73ede4581130eb100098a8337b01182bf210ebe31f, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:b4:4f:ad:65:bd:dd:d7:1c:fa:96:9d:d8:eb:
                    92:15:d7:c4:fc:fe:2a:46:69:76:d2:c8:16:b5:38:
                    01:18:b6:71:ad:5a:6b:95:a5:39:ea:98:5e:5c:25:
                    3e:dd:09:7e:84:41:cc:ac:15:53:80:ac:cb:57:cd:
                    a7:6a:40:a8:dd:33:01:bd:53:35:26:16:53:bd:1b:
                    8e:49:e6:c8:a7:3d:c0:81:28:2e:d9:dc:7b:85:27:
                    2d:90:23:e0:61:1a:f0:0a:bc:02:7e:2b:25:e9:3b:
                    ee:59:4f:7d:fa:ed:a1:5b:da:2f:48:55:eb:dd:34:
                    93:ed:09:e2:cf:23:74:98:00:f9:03:00:02:92:d8:
                    2c:9c:da:3f:d1:23:a7:31:6c:b5:25:4f:70:44:45:
                    32:08:4a:d2:3e:4b:3b:b2:52:b0:ac:bb:d8:4e:9f:
                    2f:7d:85:50:cb:f7:9c:15:ab:8e:37:23:fa:32:36:
                    8e:12:02:f4:83:ae:61:90:44:cd:39:61:66:6b:ef:
                    8b:30:ad:a7:78:a8:84:dc:6a:1e:c8:5a:c0:1e:3d:
                    fb:7b:90:68:fe:ba:12:bc:60:b8:92:18:d8:b8:89:
                    1d:fc:34:5e:7a:a5:6b:5b:46:82:38:cf:d9:a5:54:
                    8a:df:0d:5c:9a:e3:53:50:d1:89:f7:7a:4c:12:34:
                    ae:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E1:DB:A7:E2:31:C7:83:D8:8F:58:3E:11:E5:62:95:D5:40:01:4B:E3
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/30daddce-6506-4548-abca-4110cddb5ecf.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  44.216.196.0/22

    Signature Algorithm: sha256WithRSAEncryption
         59:fd:04:f5:94:46:a8:c7:ca:3d:68:32:9b:8d:84:ca:b6:49:
         e1:62:71:8d:42:ac:94:47:11:40:7b:93:f0:26:de:ee:c4:2b:
         89:0c:0f:06:64:6c:a7:83:d1:ae:5c:cc:45:cf:0b:77:47:8f:
         dd:4b:b8:3f:af:70:d8:cd:86:fd:8c:aa:ec:6b:f0:68:39:e0:
         0d:69:3c:18:64:84:93:f4:3b:8e:5c:35:6c:9b:2d:7a:bd:13:
         47:01:c5:38:e2:30:51:ca:f4:dd:01:0e:aa:5c:bd:58:02:e0:
         7e:97:87:07:f5:2f:5d:64:dd:11:6b:35:fb:be:66:07:41:5c:
         05:f4:e1:e6:ee:57:4e:5f:26:a9:3c:02:cd:2a:39:4e:89:9e:
         59:3d:ad:35:0f:5e:f6:df:23:4f:74:92:6f:d2:69:8c:3e:24:
         8b:53:11:15:7f:73:8a:0f:e4:4a:a9:31:dd:3c:87:92:a1:d4:
         ae:fb:bb:ff:7a:f2:dc:f0:28:c4:e0:55:7d:3a:3d:94:68:88:
         5f:22:b5:59:1a:c4:95:7f:a4:79:15:b7:42:dc:0d:08:c1:c6:
         23:87:5e:ab:34:fc:62:12:6b:7f:f2:7d:c3:95:80:f3:91:5d:
         3f:f9:ec:a7:b0:f4:da:47:db:23:95:d9:51:0f:65:fd:af:26:
         f1:92:63:5b
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUfK1Jscmi6f6yDsgG/sFDcQQ7130wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjYwMjEzMDA1MTI0WhcNMjYwNTE0MjM1OTU5
WjB6MUkwRwYDVQQFE0BiMTYwMzZmN2RiMjVkYmJlYWUzMzRlNzNlZGU0NTgxMTMw
ZWIxMDAwOThhODMzN2IwMTE4MmJmMjEwZWJlMzFmMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQChtE+tZb3d1xz6lp3Y65IV18T8/ipGaXbSyBa1OAEYtnGt
WmuVpTnqmF5cJT7dCX6EQcysFVOArMtXzadqQKjdMwG9UzUmFlO9G45J5sinPcCB
KC7Z3HuFJy2QI+BhGvAKvAJ+KyXpO+5ZT3367aFb2i9IVevdNJPtCeLPI3SYAPkD
AAKS2Cyc2j/RI6cxbLUlT3BERTIIStI+SzuyUrCsu9hOny99hVDL95wVq443I/oy
No4SAvSDrmGQRM05YWZr74swrad4qITcah7IWsAePft7kGj+uhK8YLiSGNi4iR38
NF56pWtbRoI4z9mlVIrfDVya41NQ0Yn3ekwSNK5TAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU4dun4jHHg9iPWD4R5WKV1UABS+MwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzMwZGFkZGNlLTY1MDYtNDU0OC1hYmNhLTQxMTBjZGRiNWVjZi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAIs2MQwDQYJKoZIhvcNAQELBQADggEBAFn9BPWURqjHyj1oMpuNhMq2SeFi
cY1CrJRHEUB7k/Am3u7EK4kMDwZkbKeD0a5czEXPC3dHj91LuD+vcNjNhv2Mquxr
8Gg54A1pPBhkhJP0O45cNWybLXq9E0cBxTjiMFHK9N0BDqpcvVgC4H6Xhwf1L11k
3RFrNfu+ZgdBXAX04ebuV05fJqk8As0qOU6Jnlk9rTUPXvbfI090km/SaYw+JItT
ERV/c4oP5EqpMd08h5Kh1K77u/968tzwKMTgVX06PZRoiF8itVkaxJV/pHkVt0Lc
DQjBxiOHXqs0/GISa3/yfcOVgPORXT/57Kew9NpH2yOV2VEPZf2vJvGSY1s=
-----END CERTIFICATE-----