Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/38e0a1eb-3034-410b-90e3-e19ffb48fc1f.roa
File:                     38e0a1eb-3034-410b-90e3-e19ffb48fc1f.roa (raw, json)
Hash identifier:          eG5ATu5JRwP7+X7+w8wMrMf9q1KA6UcLaVl0URd6jeg=
Subject key identifier:   37:50:5E:A2:D1:B2:5D:E5:11:DC:5A:E1:69:63:CE:06:CD:54:E2:4A
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       78153D224F03D5F9A7B8F0209A136FE3032EA4E6
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/38e0a1eb-3034-410b-90e3-e19ffb48fc1f.roa
Signing time:             Tue 10 Feb 2026 00:50:54 +0000
ROA not before:           Tue 10 Feb 2026 00:50:54 +0000
ROA not after:            Mon 11 May 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        56.35.0.0/16 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 03 Mar 2026 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            78:15:3d:22:4f:03:d5:f9:a7:b8:f0:20:9a:13:6f:e3:03:2e:a4:e6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Feb 10 00:50:54 2026 GMT
            Not After : May 11 23:59:59 2026 GMT
        Subject: serialNumber=f76d74e27d55485e41927773327c055b4b7e30b46431342830670e52311c04ca, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:0c:e8:d5:14:d7:39:ee:b5:b8:49:b7:28:70:
                    70:56:db:bc:87:97:f3:33:e6:b2:fa:96:aa:4d:10:
                    ac:92:a5:33:94:7c:25:fc:6d:b4:4a:88:6f:86:cc:
                    45:2a:ec:8b:bc:34:fd:15:c5:81:77:13:1d:42:49:
                    57:68:86:ac:c2:c8:75:0b:5c:af:b1:d9:64:5b:35:
                    db:ac:66:fe:a7:96:61:32:b9:08:d2:d1:c1:81:04:
                    fd:0b:47:f8:2f:04:c9:f0:5d:84:1d:fb:de:6d:0b:
                    9b:f5:f0:1c:08:b8:fa:c8:5e:98:f4:93:0e:97:64:
                    13:6d:ce:3c:ff:d8:91:d7:06:b7:da:e0:05:34:dc:
                    22:b2:a3:a4:58:e8:2f:3e:17:8d:ab:70:23:c4:01:
                    19:64:bf:58:0b:31:74:b8:2b:ab:8a:c3:f9:3a:db:
                    78:eb:92:3b:49:da:c9:0f:e8:2a:4b:76:53:1c:69:
                    90:77:75:b2:78:f1:17:9b:04:8d:e7:4e:3c:d7:33:
                    b7:25:79:99:47:9f:c1:a7:26:31:b6:14:10:b1:05:
                    0d:a0:af:54:7f:e4:f2:6d:7c:81:ab:1c:58:e7:91:
                    8d:fa:81:de:00:24:8a:c7:03:63:1a:66:fa:16:18:
                    0c:63:85:56:dd:00:25:e0:5d:4b:80:b0:21:fc:ba:
                    2a:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                37:50:5E:A2:D1:B2:5D:E5:11:DC:5A:E1:69:63:CE:06:CD:54:E2:4A
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/38e0a1eb-3034-410b-90e3-e19ffb48fc1f.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  56.35.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         01:56:09:b9:5b:ac:3f:f9:c6:77:eb:37:f8:ac:e1:f7:aa:95:
         93:52:0e:47:84:fe:0b:c0:e2:3e:e5:35:cb:01:32:b4:fe:f0:
         c7:55:2f:10:53:df:8c:28:ab:80:79:fb:0a:e4:63:a6:e6:f6:
         46:1e:29:d7:af:78:a8:37:00:45:2b:f1:e4:3e:70:9e:e0:67:
         ef:e2:ab:9d:d6:c2:8e:bc:cb:f0:3c:61:85:a0:47:61:28:8b:
         2f:79:d5:d6:85:7b:06:f0:ac:cb:f0:a3:32:fe:af:81:2f:b9:
         71:9e:b7:bc:12:42:73:7d:a2:ab:b1:14:88:22:b8:90:0a:20:
         69:c9:23:86:b6:b7:56:fa:62:29:bf:85:1b:0d:56:0d:b1:be:
         35:58:6b:26:eb:67:3d:c6:93:e5:e1:14:fc:7b:af:3c:ec:74:
         d0:8b:93:f3:8b:25:d3:5d:23:bd:d9:0b:58:e1:f5:ff:db:20:
         7b:0c:5b:50:a7:3b:0f:1c:21:4f:fd:b5:bd:de:bf:e3:9f:e3:
         87:b8:9b:a0:a9:21:56:66:bf:b9:52:26:68:8f:d6:eb:0b:bb:
         e0:96:e5:ab:51:57:76:f8:dc:f7:2f:37:f5:cd:43:4c:0f:5d:
         64:9f:05:74:df:5d:5d:5d:f5:b5:02:87:a0:af:a0:01:22:fb:
         a6:74:03:85
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUeBU9Ik8D1fmnuPAgmhNv4wMupOYwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjYwMjEwMDA1MDU0WhcNMjYwNTExMjM1OTU5
WjB6MUkwRwYDVQQFE0BmNzZkNzRlMjdkNTU0ODVlNDE5Mjc3NzMzMjdjMDU1YjRi
N2UzMGI0NjQzMTM0MjgzMDY3MGU1MjMxMWMwNGNhMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCxDOjVFNc57rW4SbcocHBW27yHl/Mz5rL6lqpNEKySpTOU
fCX8bbRKiG+GzEUq7Iu8NP0VxYF3Ex1CSVdohqzCyHULXK+x2WRbNdusZv6nlmEy
uQjS0cGBBP0LR/gvBMnwXYQd+95tC5v18BwIuPrIXpj0kw6XZBNtzjz/2JHXBrfa
4AU03CKyo6RY6C8+F42rcCPEARlkv1gLMXS4K6uKw/k623jrkjtJ2skP6CpLdlMc
aZB3dbJ48RebBI3nTjzXM7cleZlHn8GnJjG2FBCxBQ2gr1R/5PJtfIGrHFjnkY36
gd4AJIrHA2MaZvoWGAxjhVbdACXgXUuAsCH8uiqdAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUN1BeotGyXeUR3FrhaWPOBs1U4kowHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzM4ZTBhMWViLTMwMzQtNDEwYi05MGUzLWUxOWZmYjQ4ZmMxZi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwA4IzANBgkqhkiG9w0BAQsFAAOCAQEAAVYJuVusP/nGd+s3+Kzh96qVk1IO
R4T+C8DiPuU1ywEytP7wx1UvEFPfjCirgHn7CuRjpub2Rh4p1694qDcARSvx5D5w
nuBn7+KrndbCjrzL8DxhhaBHYSiLL3nV1oV7BvCsy/CjMv6vgS+5cZ63vBJCc32i
q7EUiCK4kAogackjhra3VvpiKb+FGw1WDbG+NVhrJutnPcaT5eEU/HuvPOx00IuT
84sl010jvdkLWOH1/9sgewxbUKc7DxwhT/21vd6/45/jh7iboKkhVma/uVImaI/W
6wu74Jblq1FXdvjc9y839c1DTA9dZJ8FdN9dXV31tQKHoK+gASL7pnQDhQ==
-----END CERTIFICATE-----