Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/3803ed73-f0b7-4d1e-a251-bcf48df08162.roa
File:                     3803ed73-f0b7-4d1e-a251-bcf48df08162.roa (raw, json)
Hash identifier:          y6uXRmN67uSZGg++ZFssruosLwOcJ+vSCu/HnGAlHOU=
Subject key identifier:   8D:BC:AB:6C:F8:96:8D:5D:FC:3F:D9:77:48:B3:72:91:CB:F2:B8:C5
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       6C5C17CCEF18CCDF0E0B907204ED80B33402FAE6
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/3803ed73-f0b7-4d1e-a251-bcf48df08162.roa
Signing time:             Fri 15 May 2026 00:41:26 +0000
ROA not before:           Fri 15 May 2026 00:41:26 +0000
ROA not after:            Thu 13 Aug 2026 23:59:59 +0000
asID:                     14618
IP address blocks:        107.22.192.0/18 maxlen: 18
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 14 Jun 2026 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6c:5c:17:cc:ef:18:cc:df:0e:0b:90:72:04:ed:80:b3:34:02:fa:e6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: May 15 00:41:26 2026 GMT
            Not After : Aug 13 23:59:59 2026 GMT
        Subject: serialNumber=198575e36e40c3745b0cc0e3a5610c2cedf2e7ede31aff83bf0cb6265d231ecc, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:15:22:63:7b:bd:d5:b5:f2:22:45:e8:7d:ab:
                    61:30:4c:95:98:9c:5d:42:ea:f4:ba:8b:2b:cd:03:
                    f8:09:f7:6c:e1:2c:64:58:9f:3f:36:45:2f:88:34:
                    6e:33:4b:d7:87:dc:72:e3:e7:27:94:cb:33:b9:29:
                    a5:06:ea:c1:80:59:7a:8b:da:af:71:a5:3e:a7:56:
                    b4:75:81:66:70:74:98:b8:12:0e:54:99:4e:e1:85:
                    bc:3f:ac:97:1d:c0:9b:6c:df:52:0f:0d:84:bd:f8:
                    3a:2f:f0:7a:c5:3b:47:16:c2:72:d3:92:5c:27:90:
                    af:b8:6f:58:d2:04:2f:18:c9:4d:f4:1b:b2:10:76:
                    1b:ee:19:7c:66:f0:77:11:02:bf:be:b1:28:e6:4b:
                    9b:c0:5d:a6:b4:ba:5c:8a:00:9d:c9:48:30:56:9f:
                    7d:2a:c6:03:b4:ec:8d:6f:7d:c5:0a:73:23:9c:e0:
                    b3:f0:6f:f4:b8:e4:55:0b:9a:5e:cd:f5:99:0d:3c:
                    40:f9:a5:05:a1:9c:e0:46:dc:a4:7f:bd:b8:47:c7:
                    2e:cb:66:2a:a6:19:bb:e2:7a:0f:fe:be:e6:78:8a:
                    43:08:d1:b1:94:dd:cb:24:f7:14:8c:96:d5:2e:e4:
                    66:a9:a0:60:a0:82:a7:53:84:2a:d1:80:af:bb:4c:
                    5e:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8D:BC:AB:6C:F8:96:8D:5D:FC:3F:D9:77:48:B3:72:91:CB:F2:B8:C5
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/3803ed73-f0b7-4d1e-a251-bcf48df08162.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  107.22.192.0/18

    Signature Algorithm: sha256WithRSAEncryption
         29:05:22:92:f6:db:da:46:ec:64:d6:2a:fe:42:2c:28:9f:a0:
         55:3c:42:86:9e:48:f1:a9:20:86:00:12:88:86:b5:93:6b:e5:
         93:80:d4:26:e1:2d:4a:3c:9c:77:9c:19:9e:1f:f5:cc:17:c9:
         73:63:0c:78:d8:d4:32:13:1d:a7:c2:55:b9:0a:0a:25:7a:46:
         4e:b1:5e:c0:b6:a2:38:58:d2:7c:20:76:a2:c2:07:40:53:cd:
         d4:4e:f2:ed:47:ea:4b:c5:98:ee:a4:9e:c2:b2:98:da:cc:20:
         ce:d8:42:c7:4e:e3:84:2a:11:5c:a3:38:e3:2f:67:5c:59:62:
         e0:14:20:1e:70:d3:c5:71:02:e6:99:ce:43:54:00:16:46:b1:
         ea:f1:75:5c:5d:a0:b4:6c:b2:47:89:72:33:e7:0e:ec:c6:51:
         3f:21:63:c7:2c:41:97:06:80:2d:8e:4e:b5:4a:25:5b:87:fe:
         68:54:d3:d4:b0:06:b0:63:2a:b0:f1:68:c6:32:37:71:d8:ed:
         c4:2c:8c:89:1c:af:3a:61:67:45:35:bd:08:f7:93:ea:46:5b:
         1f:2c:e1:39:b8:ea:a6:64:c3:cc:34:a3:e4:d4:5a:0a:1f:5a:
         ee:90:00:7d:3b:0c:f5:f6:50:3e:c5:43:a8:c2:be:c5:f5:51:
         fa:88:9b:f2
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUbFwXzO8YzN8OC5ByBO2AszQC+uYwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjYwNTE1MDA0MTI2WhcNMjYwODEzMjM1OTU5
WjB6MUkwRwYDVQQFE0AxOTg1NzVlMzZlNDBjMzc0NWIwY2MwZTNhNTYxMGMyY2Vk
ZjJlN2VkZTMxYWZmODNiZjBjYjYyNjVkMjMxZWNjMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCXFSJje73VtfIiReh9q2EwTJWYnF1C6vS6iyvNA/gJ92zh
LGRYnz82RS+ING4zS9eH3HLj5yeUyzO5KaUG6sGAWXqL2q9xpT6nVrR1gWZwdJi4
Eg5UmU7hhbw/rJcdwJts31IPDYS9+Dov8HrFO0cWwnLTklwnkK+4b1jSBC8YyU30
G7IQdhvuGXxm8HcRAr++sSjmS5vAXaa0ulyKAJ3JSDBWn30qxgO07I1vfcUKcyOc
4LPwb/S45FULml7N9ZkNPED5pQWhnOBG3KR/vbhHxy7LZiqmGbvieg/+vuZ4ikMI
0bGU3csk9xSMltUu5GapoGCggqdThCrRgK+7TF7ZAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUjbyrbPiWjV38P9l3SLNykcvyuMUwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzM4MDNlZDczLWYwYjctNGQxZS1hMjUxLWJjZjQ4ZGYwODE2Mi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAZrFsAwDQYJKoZIhvcNAQELBQADggEBACkFIpL229pG7GTWKv5CLCifoFU8
QoaeSPGpIIYAEoiGtZNr5ZOA1CbhLUo8nHecGZ4f9cwXyXNjDHjY1DITHafCVbkK
CiV6Rk6xXsC2ojhY0nwgdqLCB0BTzdRO8u1H6kvFmO6knsKymNrMIM7YQsdO44Qq
EVyjOOMvZ1xZYuAUIB5w08VxAuaZzkNUABZGserxdVxdoLRsskeJcjPnDuzGUT8h
Y8csQZcGgC2OTrVKJVuH/mhU09SwBrBjKrDxaMYyN3HY7cQsjIkcrzphZ0U1vQj3
k+pGWx8s4Tm46qZkw8w0o+TUWgofWu6QAH07DPX2UD7FQ6jCvsX1UfqIm/I=
-----END CERTIFICATE-----