Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/48bc02e1-4d2b-4854-9155-d218e2fe0e20.roa
File:                     48bc02e1-4d2b-4854-9155-d218e2fe0e20.roa (raw, json)
Hash identifier:          s0/YzB/sB9r6UtJS4Tt33fbvoOPp3RRDu3nBSRt2D5U=
Subject key identifier:   20:DD:59:A0:08:2F:FD:89:A3:57:67:67:D3:6A:EC:06:80:AD:0C:13
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       16ECF57063D7539D362748D42424B8459830A386
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/48bc02e1-4d2b-4854-9155-d218e2fe0e20.roa
Signing time:             Thu 26 Feb 2026 00:00:48 +0000
ROA not before:           Thu 26 Feb 2026 00:00:48 +0000
ROA not after:            Wed 27 May 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        56.159.0.0/16 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 03 Mar 2026 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            16:ec:f5:70:63:d7:53:9d:36:27:48:d4:24:24:b8:45:98:30:a3:86
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Feb 26 00:00:48 2026 GMT
            Not After : May 27 23:59:59 2026 GMT
        Subject: serialNumber=a51473812888fb68dd5af164ba6956665298a9e78455f3d4f3d3664ee3a5cce8, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:79:49:ba:6a:7e:76:83:2f:30:1c:f4:e1:ee:
                    da:73:c8:c0:93:6b:56:42:2c:c7:9f:b1:ec:ea:a7:
                    2e:75:ee:dc:41:4c:7b:01:da:50:59:99:ae:07:56:
                    88:97:5a:ab:6a:6e:5d:61:9d:1d:8b:e9:35:e6:62:
                    e6:9c:db:01:b0:47:62:45:93:f9:34:03:ac:de:28:
                    b2:2c:42:c7:ec:78:5b:df:df:34:eb:05:68:45:92:
                    cd:b5:28:3e:53:ec:26:dc:97:ef:f8:c2:61:16:9d:
                    c5:46:03:d2:81:e0:1b:be:a4:d5:85:c7:a1:9c:7d:
                    76:f4:88:92:8e:14:6f:4f:fd:c6:0f:d6:af:11:03:
                    82:d5:e9:32:30:43:9d:62:68:13:4c:ff:1c:37:74:
                    c4:e0:94:16:9b:a6:42:3a:87:85:31:cb:23:55:5c:
                    a2:67:32:b4:a8:6e:41:b7:74:62:84:f7:33:02:e3:
                    7c:72:01:94:64:41:a7:d9:a6:4b:69:59:a3:9c:d8:
                    e6:0c:2e:e5:9a:9d:15:07:aa:8a:92:56:17:ce:9d:
                    9a:6c:6f:56:56:65:08:ae:ea:c3:02:74:a3:50:8b:
                    91:f1:ea:a7:93:ea:80:c4:2e:0e:26:50:4c:c0:03:
                    b9:71:ae:3d:30:93:69:42:06:f8:93:06:d0:03:9e:
                    14:8d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                20:DD:59:A0:08:2F:FD:89:A3:57:67:67:D3:6A:EC:06:80:AD:0C:13
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/48bc02e1-4d2b-4854-9155-d218e2fe0e20.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  56.159.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         d9:40:da:d3:ae:e3:98:2d:2d:7b:d5:b4:7f:ef:57:1e:43:2e:
         20:87:d6:41:aa:2c:a4:83:08:71:2a:03:57:0f:85:9b:d5:f1:
         81:83:92:a4:35:41:06:eb:ed:ac:19:d0:a4:97:e3:71:ac:bf:
         82:26:04:88:6d:60:50:b0:c6:d5:2d:fd:47:15:a1:71:96:0b:
         2b:14:12:2a:d1:bd:23:e6:e7:e2:a3:f6:9b:60:0e:2d:c0:0f:
         d8:c4:02:30:a1:80:60:3c:cd:b5:61:f3:6f:c1:d5:55:9d:04:
         96:fb:d7:70:19:4b:ab:3d:86:6e:04:d1:42:87:10:64:d9:e2:
         91:ce:0a:73:03:21:96:46:0b:88:74:be:cc:60:f8:ec:a7:69:
         4d:e2:72:16:70:c7:30:fa:33:71:76:64:01:a3:5f:d5:24:32:
         6f:d2:17:77:22:1f:b0:f6:6a:22:18:23:0b:aa:35:cb:85:f9:
         3c:d4:b6:79:eb:62:05:c4:f0:ab:60:12:98:26:f7:69:2b:e9:
         74:2b:41:7c:9e:1d:0e:0b:9b:ba:36:60:01:dd:f1:7a:05:cd:
         10:a9:51:fe:a1:8d:cc:f7:29:33:9a:51:e2:5b:cb:79:cd:f0:
         3d:12:78:2a:60:cb:d7:91:62:78:6f:a8:ed:39:45:8d:dc:03:
         3f:ad:5c:f5
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUFuz1cGPXU502J0jUJCS4RZgwo4YwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjYwMjI2MDAwMDQ4WhcNMjYwNTI3MjM1OTU5
WjB6MUkwRwYDVQQFE0BhNTE0NzM4MTI4ODhmYjY4ZGQ1YWYxNjRiYTY5NTY2NjUy
OThhOWU3ODQ1NWYzZDRmM2QzNjY0ZWUzYTVjY2U4MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC0eUm6an52gy8wHPTh7tpzyMCTa1ZCLMefsezqpy517txB
THsB2lBZma4HVoiXWqtqbl1hnR2L6TXmYuac2wGwR2JFk/k0A6zeKLIsQsfseFvf
3zTrBWhFks21KD5T7Cbcl+/4wmEWncVGA9KB4Bu+pNWFx6GcfXb0iJKOFG9P/cYP
1q8RA4LV6TIwQ51iaBNM/xw3dMTglBabpkI6h4UxyyNVXKJnMrSobkG3dGKE9zMC
43xyAZRkQafZpktpWaOc2OYMLuWanRUHqoqSVhfOnZpsb1ZWZQiu6sMCdKNQi5Hx
6qeT6oDELg4mUEzAA7lxrj0wk2lCBviTBtADnhSNAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUIN1ZoAgv/YmjV2dn02rsBoCtDBMwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzQ4YmMwMmUxLTRkMmItNDg1NC05MTU1LWQyMThlMmZlMGUyMC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwA4nzANBgkqhkiG9w0BAQsFAAOCAQEA2UDa067jmC0te9W0f+9XHkMuIIfW
QaospIMIcSoDVw+Fm9XxgYOSpDVBBuvtrBnQpJfjcay/giYEiG1gULDG1S39RxWh
cZYLKxQSKtG9I+bn4qP2m2AOLcAP2MQCMKGAYDzNtWHzb8HVVZ0ElvvXcBlLqz2G
bgTRQocQZNnikc4KcwMhlkYLiHS+zGD47KdpTeJyFnDHMPozcXZkAaNf1SQyb9IX
dyIfsPZqIhgjC6o1y4X5PNS2eetiBcTwq2ASmCb3aSvpdCtBfJ4dDgubujZgAd3x
egXNEKlR/qGNzPcpM5pR4lvLec3wPRJ4KmDL15FieG+o7TlFjdwDP61c9Q==
-----END CERTIFICATE-----
Generated at Mon Mar 2 04:53:11 2026 by rpki-client