Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/48af1dfe-0e61-4862-8ae2-75b053bcc924.roa
File:                     48af1dfe-0e61-4862-8ae2-75b053bcc924.roa (raw, json)
Hash identifier:          HSnSHyWir+x2rdGN2h4B7uO37QolNx2Li+wHNzEcTXc=
Subject key identifier:   6B:BA:6D:71:AC:3C:41:D2:62:CA:A0:B1:4A:9A:A8:17:98:82:5A:0E
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       0D49800A20262EA3ED04AB9171864AC9AB00C5DD
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/48af1dfe-0e61-4862-8ae2-75b053bcc924.roa
Signing time:             Fri 13 Feb 2026 00:20:53 +0000
ROA not before:           Fri 13 Feb 2026 00:20:53 +0000
ROA not after:            Thu 14 May 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        44.215.136.0/22 maxlen: 22
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 03 Mar 2026 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0d:49:80:0a:20:26:2e:a3:ed:04:ab:91:71:86:4a:c9:ab:00:c5:dd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Feb 13 00:20:53 2026 GMT
            Not After : May 14 23:59:59 2026 GMT
        Subject: serialNumber=ebc0e080db89a1fbe6899846b57a8a83a2e5bb2dfd26b22701ca0a916f197676, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:d5:61:ae:d5:63:8a:ff:5b:f1:57:f5:d5:e4:
                    7f:b3:6b:b4:e7:a1:a4:00:56:6c:97:3f:9e:98:ac:
                    5e:3e:74:c6:48:a7:5e:76:1e:db:c9:b4:fe:1a:95:
                    55:d4:42:44:e7:6b:25:dc:1a:fc:ff:b6:e9:5c:7b:
                    52:32:af:20:e7:95:ea:68:a0:cc:ed:03:5d:22:f5:
                    4d:a2:f8:4b:42:32:75:e6:2d:aa:e4:43:79:c6:63:
                    f3:be:fc:b2:d9:5c:aa:ab:dd:b4:54:0e:c6:82:33:
                    3e:95:a1:25:c9:4b:8f:b8:0f:7e:fa:e6:bf:03:3a:
                    50:f0:51:49:42:a9:25:72:56:84:d4:77:5d:b3:43:
                    89:44:52:5c:1b:98:9d:52:51:da:1c:ed:b4:b4:2d:
                    86:3f:98:eb:d4:03:fc:22:5b:0d:4c:54:ef:db:ef:
                    78:e7:a1:1e:80:88:72:52:89:ff:74:e2:7c:6e:67:
                    66:c2:41:60:d5:c0:48:92:81:9f:0e:90:ea:ba:df:
                    7b:73:70:56:03:ce:67:78:37:4a:a5:07:46:11:05:
                    72:97:d7:52:51:6e:de:bd:6f:ca:db:61:5f:ce:fb:
                    1a:e8:2a:e9:66:62:61:34:04:3f:1c:3c:59:c9:57:
                    b7:ed:99:f6:55:76:32:0e:b5:d7:ad:5e:dc:29:d9:
                    7e:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6B:BA:6D:71:AC:3C:41:D2:62:CA:A0:B1:4A:9A:A8:17:98:82:5A:0E
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/48af1dfe-0e61-4862-8ae2-75b053bcc924.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  44.215.136.0/22

    Signature Algorithm: sha256WithRSAEncryption
         62:70:e1:cf:96:0a:ca:14:df:0d:2b:94:35:8b:72:02:b9:52:
         e0:60:53:99:c1:06:8a:d9:da:e5:ed:12:a5:9e:89:9b:66:c2:
         6d:95:64:b6:a3:ed:da:fb:93:c4:cb:c8:ea:5e:e0:d2:88:7e:
         c3:12:af:33:42:a7:90:c5:1c:43:8d:17:f3:bf:29:de:16:ee:
         20:c5:a4:f4:95:08:67:ad:e5:11:c7:6f:66:d7:cc:3e:1a:f0:
         d8:dd:97:6f:36:88:f7:4a:1f:27:ec:3f:d6:d1:5c:84:71:3b:
         eb:5f:00:75:e6:58:76:fa:39:67:fd:1a:4c:d6:ca:6e:f4:6f:
         8b:38:c1:00:5b:32:b6:ca:f3:eb:09:01:01:69:54:c0:b6:9a:
         38:a1:fe:93:a6:dc:2e:ee:40:d2:13:f8:65:71:d6:50:f9:cb:
         df:91:5a:df:c8:4b:2c:1f:a0:95:a6:39:5e:21:9a:1a:73:e3:
         5c:a5:da:ee:9f:c4:e3:d9:92:e8:af:56:59:30:5b:6f:bf:be:
         0c:55:a1:32:ab:db:6d:11:0b:96:57:63:5a:6a:5a:5a:26:c2:
         d3:08:a5:ec:74:bf:cd:c6:b5:63:8c:e2:7a:8f:34:cd:e2:98:
         72:c8:73:93:be:2f:1e:25:ea:4a:6a:2e:df:84:9a:6c:8e:96:
         58:a8:78:bf
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUDUmACiAmLqPtBKuRcYZKyasAxd0wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjYwMjEzMDAyMDUzWhcNMjYwNTE0MjM1OTU5
WjB6MUkwRwYDVQQFE0BlYmMwZTA4MGRiODlhMWZiZTY4OTk4NDZiNTdhOGE4M2Ey
ZTViYjJkZmQyNmIyMjcwMWNhMGE5MTZmMTk3Njc2MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCh1WGu1WOK/1vxV/XV5H+za7TnoaQAVmyXP56YrF4+dMZI
p152HtvJtP4alVXUQkTnayXcGvz/tulce1IyryDnlepooMztA10i9U2i+EtCMnXm
LarkQ3nGY/O+/LLZXKqr3bRUDsaCMz6VoSXJS4+4D3765r8DOlDwUUlCqSVyVoTU
d12zQ4lEUlwbmJ1SUdoc7bS0LYY/mOvUA/wiWw1MVO/b73jnoR6AiHJSif904nxu
Z2bCQWDVwEiSgZ8OkOq633tzcFYDzmd4N0qlB0YRBXKX11JRbt69b8rbYV/O+xro
KulmYmE0BD8cPFnJV7ftmfZVdjIOtdetXtwp2X4VAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUa7ptcaw8QdJiyqCxSpqoF5iCWg4wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzQ4YWYxZGZlLTBlNjEtNDg2Mi04YWUyLTc1YjA1M2JjYzkyNC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAIs14gwDQYJKoZIhvcNAQELBQADggEBAGJw4c+WCsoU3w0rlDWLcgK5UuBg
U5nBBorZ2uXtEqWeiZtmwm2VZLaj7dr7k8TLyOpe4NKIfsMSrzNCp5DFHEONF/O/
Kd4W7iDFpPSVCGet5RHHb2bXzD4a8Njdl282iPdKHyfsP9bRXIRxO+tfAHXmWHb6
OWf9GkzWym70b4s4wQBbMrbK8+sJAQFpVMC2mjih/pOm3C7uQNIT+GVx1lD5y9+R
Wt/ISywfoJWmOV4hmhpz41yl2u6fxOPZkuivVlkwW2+/vgxVoTKr220RC5ZXY1pq
WlomwtMIpex0v83GtWOM4nqPNM3imHLIc5O+Lx4l6kpqLt+EmmyOllioeL8=
-----END CERTIFICATE-----