Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/461512e0-a72b-4e95-b675-27ac531c5460.roa
File:                     461512e0-a72b-4e95-b675-27ac531c5460.roa (raw, json)
Hash identifier:          hm4jIzCrkNPcJztQVIcxJx5/74tluhhvloNAQJCmVL0=
Subject key identifier:   23:4B:56:27:14:A7:BF:83:6D:79:54:59:85:C5:0C:90:30:82:F6:C0
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       1C9D14A268F75ABA86E9963329C8E94FC836EEF2
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/461512e0-a72b-4e95-b675-27ac531c5460.roa
Signing time:             Wed 25 Feb 2026 00:20:54 +0000
ROA not before:           Wed 25 Feb 2026 00:20:54 +0000
ROA not after:            Tue 26 May 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        54.115.0.0/16 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 03 Mar 2026 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1c:9d:14:a2:68:f7:5a:ba:86:e9:96:33:29:c8:e9:4f:c8:36:ee:f2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Feb 25 00:20:54 2026 GMT
            Not After : May 26 23:59:59 2026 GMT
        Subject: serialNumber=d5698dde09f3e6194c9434cbae7bd29ed2a4a5d57e05bd90900de652643cebdc, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:c5:8b:83:bb:fd:b3:9b:4d:b1:eb:d2:42:07:
                    21:16:44:f5:5a:c8:67:c4:15:81:12:af:fc:de:7d:
                    69:0e:3d:15:d6:ad:e2:f9:95:7e:84:69:b0:c3:a0:
                    23:d0:15:d3:3c:c4:20:8b:96:ff:03:3c:28:91:6b:
                    5d:ce:8d:4b:66:f9:ae:4a:ff:79:51:42:f6:66:bd:
                    5c:b5:d5:ba:e1:87:cb:50:60:fc:9c:23:26:a1:4b:
                    39:cc:c1:ed:4f:04:3e:89:1a:f7:54:f1:d2:a1:bc:
                    7f:c1:85:c6:11:fb:fe:00:53:ce:d4:5c:aa:fc:86:
                    4b:0e:56:b4:0d:cf:d8:99:29:f2:5d:f4:f1:00:7d:
                    d1:6e:04:59:43:47:ac:db:2f:dd:c5:51:54:f4:48:
                    4f:1e:08:85:80:d8:a4:d9:67:71:12:9b:48:21:58:
                    93:06:d3:6e:07:42:ef:ad:70:31:9b:41:43:e7:de:
                    31:6e:34:e4:87:97:3d:36:ff:e4:c7:e1:d2:22:3f:
                    f5:fe:77:1b:02:ce:86:33:b2:b2:87:76:f2:40:18:
                    e7:b3:ed:05:0a:84:7e:b6:e7:83:17:2a:48:b0:1b:
                    be:1b:21:8a:c1:a8:5c:e3:15:1d:1e:c7:ef:c0:f0:
                    27:32:96:43:f6:57:16:25:0e:b5:81:88:c5:17:11:
                    42:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                23:4B:56:27:14:A7:BF:83:6D:79:54:59:85:C5:0C:90:30:82:F6:C0
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/461512e0-a72b-4e95-b675-27ac531c5460.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  54.115.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         46:af:63:a8:a7:c5:12:cb:b2:ed:d4:96:f0:13:68:b3:6c:4e:
         e9:5a:29:61:90:5d:29:b4:c9:62:19:38:77:85:a2:14:60:9c:
         3d:06:46:81:4c:db:bf:9a:b7:12:77:33:34:76:6d:a3:4e:61:
         6d:02:18:d6:71:42:f4:bc:de:32:12:a6:25:9a:dd:4c:70:dd:
         fa:31:b9:6e:84:3b:65:01:65:23:e8:1a:39:d3:f5:58:71:d6:
         ef:ba:a4:93:a8:eb:4b:d1:b4:58:72:f0:6e:3a:51:83:14:f7:
         ad:b4:6c:8b:a2:5e:10:33:21:6f:4b:5e:8c:50:0c:94:53:45:
         4e:f6:09:c5:94:29:e9:27:15:48:43:53:f4:4e:09:4e:7f:44:
         ae:d9:31:ec:e0:a6:b5:ac:67:97:38:d2:d5:9d:9f:c1:02:c2:
         ec:f0:81:4e:e6:a4:b8:59:af:e0:ab:41:92:b7:57:c3:ed:a7:
         36:99:2c:7e:13:c5:65:7e:31:53:6f:0c:d2:e0:d2:05:78:77:
         34:a1:a8:e7:f2:55:9b:66:26:bf:14:c3:88:9c:a9:78:17:49:
         75:c0:ca:03:e7:61:74:30:2d:e6:ac:20:5a:69:2f:28:26:e2:
         06:9b:cd:96:ca:16:ae:a7:5d:34:cf:b8:d7:55:25:fa:18:47:
         97:3b:8a:e9
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUHJ0Uomj3WrqG6ZYzKcjpT8g27vIwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjYwMjI1MDAyMDU0WhcNMjYwNTI2MjM1OTU5
WjB6MUkwRwYDVQQFE0BkNTY5OGRkZTA5ZjNlNjE5NGM5NDM0Y2JhZTdiZDI5ZWQy
YTRhNWQ1N2UwNWJkOTA5MDBkZTY1MjY0M2NlYmRjMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCVxYuDu/2zm02x69JCByEWRPVayGfEFYESr/zefWkOPRXW
reL5lX6EabDDoCPQFdM8xCCLlv8DPCiRa13OjUtm+a5K/3lRQvZmvVy11brhh8tQ
YPycIyahSznMwe1PBD6JGvdU8dKhvH/BhcYR+/4AU87UXKr8hksOVrQNz9iZKfJd
9PEAfdFuBFlDR6zbL93FUVT0SE8eCIWA2KTZZ3ESm0ghWJMG024HQu+tcDGbQUPn
3jFuNOSHlz02/+TH4dIiP/X+dxsCzoYzsrKHdvJAGOez7QUKhH6254MXKkiwG74b
IYrBqFzjFR0ex+/A8CcylkP2VxYlDrWBiMUXEUJLAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUI0tWJxSnv4NteVRZhcUMkDCC9sAwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzQ2MTUxMmUwLWE3MmItNGU5NS1iNjc1LTI3YWM1MzFjNTQ2MC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwA2czANBgkqhkiG9w0BAQsFAAOCAQEARq9jqKfFEsuy7dSW8BNos2xO6Vop
YZBdKbTJYhk4d4WiFGCcPQZGgUzbv5q3EnczNHZto05hbQIY1nFC9LzeMhKmJZrd
THDd+jG5boQ7ZQFlI+gaOdP1WHHW77qkk6jrS9G0WHLwbjpRgxT3rbRsi6JeEDMh
b0tejFAMlFNFTvYJxZQp6ScVSENT9E4JTn9Ertkx7OCmtaxnlzjS1Z2fwQLC7PCB
TuakuFmv4KtBkrdXw+2nNpksfhPFZX4xU28M0uDSBXh3NKGo5/JVm2YmvxTDiJyp
eBdJdcDKA+dhdDAt5qwgWmkvKCbiBpvNlsoWrqddNM+411Ul+hhHlzuK6Q==
-----END CERTIFICATE-----