Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/48843fd0-701f-458d-8038-49a4eae8ba8e.roa
File:                     48843fd0-701f-458d-8038-49a4eae8ba8e.roa (raw, json)
Hash identifier:          LXkQ+R8NSdHa0qjwIMA4F3FoaocitCjNC/Ssd6Q1D04=
Subject key identifier:   A1:8D:E9:A3:EC:17:DC:8D:E2:9D:CD:3B:54:AE:B6:38:06:5C:56:1C
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       68E6AEAA648209590831F2F2A1B0684DF605AC63
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/48843fd0-701f-458d-8038-49a4eae8ba8e.roa
Signing time:             Thu 26 Feb 2026 00:10:07 +0000
ROA not before:           Thu 26 Feb 2026 00:10:07 +0000
ROA not after:            Wed 27 May 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        56.74.0.0/16 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 03 Mar 2026 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            68:e6:ae:aa:64:82:09:59:08:31:f2:f2:a1:b0:68:4d:f6:05:ac:63
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Feb 26 00:10:07 2026 GMT
            Not After : May 27 23:59:59 2026 GMT
        Subject: serialNumber=a17df9aa4fbdc952082a6d356d0cab85340498f91e67d32fd4becbf2dc731968, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:65:7c:0c:f3:c7:6b:d7:18:17:9f:ab:9a:45:
                    bd:6e:31:27:33:66:4b:11:5b:60:22:f6:19:ea:a2:
                    81:87:ed:ff:44:d3:15:2d:8f:0b:15:b9:b8:62:bd:
                    90:ea:79:80:4b:50:a5:19:f6:d4:58:be:19:9f:fe:
                    e2:af:88:9e:a0:6f:f5:f9:b8:84:aa:13:2d:75:e4:
                    69:8f:1b:ad:6c:33:e6:a1:32:71:9b:8b:c6:f8:b2:
                    35:50:d5:14:88:04:bb:41:c9:13:20:3d:81:8d:b7:
                    13:63:90:64:fe:48:62:3b:4d:9f:ba:bf:0d:21:c0:
                    14:43:9b:64:77:b1:e8:a3:67:d5:2a:a1:c5:cb:a1:
                    eb:57:fa:6e:20:96:3d:2f:ad:28:1d:5b:1d:6b:ef:
                    4a:e0:7e:01:4a:ab:db:11:88:d0:c0:36:7b:cc:16:
                    ef:ab:99:18:c5:7e:a1:3e:10:e3:91:76:33:55:34:
                    59:11:43:0f:28:88:d6:7a:4c:44:e2:ef:4f:71:3f:
                    58:f2:ad:0f:b0:d3:54:aa:d7:c8:6c:5d:3d:8f:cb:
                    3b:43:22:0a:81:06:78:3a:31:2c:ea:86:b9:85:1c:
                    6f:3a:77:6d:6e:2d:77:c3:53:25:c3:af:66:d9:1d:
                    f9:65:57:89:f9:04:b0:97:af:17:9f:15:83:62:dd:
                    d8:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A1:8D:E9:A3:EC:17:DC:8D:E2:9D:CD:3B:54:AE:B6:38:06:5C:56:1C
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/48843fd0-701f-458d-8038-49a4eae8ba8e.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  56.74.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         71:5f:fe:41:b1:de:b2:b7:b6:96:8c:ea:0e:ed:c8:7f:f6:4b:
         84:a1:8c:5a:bb:d6:8c:7d:40:51:aa:94:4e:1e:f1:7f:03:9b:
         36:02:f6:82:dc:31:f7:f3:eb:2b:5e:70:81:3b:f7:e9:89:b4:
         c3:f1:ca:83:ed:e9:7d:bb:79:af:c1:86:4e:9e:a9:78:53:df:
         9f:cb:de:40:f1:2a:16:26:86:69:4b:98:0c:b4:75:e2:c1:8a:
         43:87:9a:30:31:31:05:d0:cd:33:16:22:6c:ae:d4:8b:b9:c5:
         2d:06:aa:20:d8:10:2f:15:51:b5:06:25:f3:9e:2a:07:44:0d:
         d0:ff:47:b4:b2:d1:5a:82:cc:54:ac:3e:27:cd:65:7e:52:89:
         55:95:2b:c0:09:c0:a8:a6:8f:19:b6:3e:88:52:fc:e3:00:80:
         a8:fb:ef:8f:52:60:02:83:9b:e9:c6:00:29:54:34:15:db:27:
         18:42:47:4b:f6:81:f6:f9:9f:3c:a7:d8:5b:d7:44:c5:b9:02:
         1a:35:da:19:0f:98:c6:b9:ab:fc:bc:ed:32:1e:53:49:28:2a:
         20:a1:d1:3b:ba:40:39:0c:75:3c:d4:2a:e8:dc:36:9a:f2:c5:
         ba:bb:d3:53:a1:06:62:d0:d1:02:9d:42:93:f7:2b:78:32:2a:
         48:05:ad:66
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUaOauqmSCCVkIMfLyobBoTfYFrGMwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjYwMjI2MDAxMDA3WhcNMjYwNTI3MjM1OTU5
WjB6MUkwRwYDVQQFE0BhMTdkZjlhYTRmYmRjOTUyMDgyYTZkMzU2ZDBjYWI4NTM0
MDQ5OGY5MWU2N2QzMmZkNGJlY2JmMmRjNzMxOTY4MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDQZXwM88dr1xgXn6uaRb1uMSczZksRW2Ai9hnqooGH7f9E
0xUtjwsVubhivZDqeYBLUKUZ9tRYvhmf/uKviJ6gb/X5uISqEy115GmPG61sM+ah
MnGbi8b4sjVQ1RSIBLtByRMgPYGNtxNjkGT+SGI7TZ+6vw0hwBRDm2R3seijZ9Uq
ocXLoetX+m4glj0vrSgdWx1r70rgfgFKq9sRiNDANnvMFu+rmRjFfqE+EOORdjNV
NFkRQw8oiNZ6TETi709xP1jyrQ+w01Sq18hsXT2PyztDIgqBBng6MSzqhrmFHG86
d21uLXfDUyXDr2bZHfllV4n5BLCXrxefFYNi3didAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUoY3po+wX3I3inc07VK62OAZcVhwwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzQ4ODQzZmQwLTcwMWYtNDU4ZC04MDM4LTQ5YTRlYWU4YmE4ZS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwA4SjANBgkqhkiG9w0BAQsFAAOCAQEAcV/+QbHesre2lozqDu3If/ZLhKGM
WrvWjH1AUaqUTh7xfwObNgL2gtwx9/PrK15wgTv36Ym0w/HKg+3pfbt5r8GGTp6p
eFPfn8veQPEqFiaGaUuYDLR14sGKQ4eaMDExBdDNMxYibK7Ui7nFLQaqINgQLxVR
tQYl854qB0QN0P9HtLLRWoLMVKw+J81lflKJVZUrwAnAqKaPGbY+iFL84wCAqPvv
j1JgAoOb6cYAKVQ0FdsnGEJHS/aB9vmfPKfYW9dExbkCGjXaGQ+Yxrmr/LztMh5T
SSgqIKHRO7pAOQx1PNQq6Nw2mvLFurvTU6EGYtDRAp1Ck/creDIqSAWtZg==
-----END CERTIFICATE-----