Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/5c32d065-6dc1-41e7-add0-dbb0800942ae.roa
File:                     5c32d065-6dc1-41e7-add0-dbb0800942ae.roa (raw, json)
Hash identifier:          Jm6/Pcf5y08FqHKHpjZT5WEGeudJ5aXvnxu9m55Jm8o=
Subject key identifier:   4C:84:F1:6C:B7:95:69:BE:0E:96:2A:FA:2D:70:56:26:FA:39:67:6B
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       42CEC6298EBEAB0FCBA02C18EB8307F905CD16FD
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/5c32d065-6dc1-41e7-add0-dbb0800942ae.roa
Signing time:             Sun 15 Feb 2026 00:40:07 +0000
ROA not before:           Sun 15 Feb 2026 00:40:07 +0000
ROA not after:            Sat 16 May 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        72.17.128.0/17 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 03 Mar 2026 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            42:ce:c6:29:8e:be:ab:0f:cb:a0:2c:18:eb:83:07:f9:05:cd:16:fd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Feb 15 00:40:07 2026 GMT
            Not After : May 16 23:59:59 2026 GMT
        Subject: serialNumber=6bd6486481ec79f530f60681ade4d36e538516796441326fbc70ec8249b42a05, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f2:62:06:4c:10:57:3d:84:a1:64:b0:81:eb:d4:
                    54:ef:28:f1:3e:35:57:d0:ff:b6:3a:fa:62:c0:22:
                    29:05:70:09:cd:3e:91:42:a9:9d:8f:9c:b4:4a:91:
                    77:e1:e3:95:ed:55:fa:44:22:65:73:32:0c:40:79:
                    86:c2:b4:e8:ad:7d:06:4d:09:9a:ed:a8:4c:e4:0b:
                    1d:a2:69:37:37:cc:83:92:51:7e:6f:95:0e:90:d0:
                    43:5a:c5:8b:71:0c:f5:23:c8:6f:99:20:72:01:e6:
                    83:75:92:6c:25:dd:fe:07:56:6b:a6:b9:5c:62:b8:
                    12:81:25:6e:8a:c0:91:4b:f1:4d:5a:83:6b:81:27:
                    78:de:8b:35:2e:e7:30:d6:4f:4e:6b:16:2a:db:a2:
                    ad:2b:63:f7:a7:d1:d6:d8:9f:27:0f:f0:64:9d:c6:
                    d3:11:c1:7e:d0:53:0b:20:9c:5a:68:e7:a8:e9:7c:
                    3f:55:c6:5b:85:c8:4e:58:db:e8:89:e3:90:4a:6b:
                    bc:d5:60:b3:74:98:85:76:18:78:1d:a9:28:7b:1b:
                    f2:34:63:6c:a2:79:2e:8f:cd:c0:39:c3:e7:3d:1a:
                    64:c0:fd:3f:cb:41:d6:f3:c4:69:ba:59:a9:79:9a:
                    b3:77:19:cf:2d:63:df:c8:53:c3:ab:27:e6:dc:46:
                    3e:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4C:84:F1:6C:B7:95:69:BE:0E:96:2A:FA:2D:70:56:26:FA:39:67:6B
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/5c32d065-6dc1-41e7-add0-dbb0800942ae.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  72.17.128.0/17

    Signature Algorithm: sha256WithRSAEncryption
         85:f8:f8:a9:fb:e9:11:cd:c2:e1:9e:fd:09:44:c0:c0:f8:42:
         2f:4c:60:bf:dc:fa:d9:68:2d:59:eb:51:64:18:2e:9d:25:da:
         2d:b0:89:4c:c9:93:e9:ac:96:11:68:65:86:da:ea:fa:3e:df:
         80:89:8b:47:7d:30:e2:a1:17:82:02:52:0e:08:62:2a:b3:7c:
         45:95:88:31:8e:a8:4e:4e:04:6f:09:e6:32:7c:32:dc:d2:83:
         75:74:4f:bc:fc:4c:cd:67:47:42:4d:a4:b0:c7:de:38:eb:b6:
         0b:48:cd:17:7c:da:83:b9:2e:1a:41:a5:0c:21:33:cf:e2:5e:
         e8:f3:20:b7:0b:dd:79:ac:ea:91:b3:50:79:86:d8:59:8f:39:
         a5:5b:64:ad:2d:7f:8a:20:ed:47:58:ce:a7:37:a3:d1:b6:ac:
         fd:42:68:df:24:7f:1f:c9:4b:9a:8d:6e:06:dc:09:53:3f:50:
         b4:ba:68:ea:2b:ad:df:b2:ec:dd:a6:e2:e2:b1:14:03:b3:50:
         75:83:46:be:f6:e5:d9:79:49:23:3d:af:fa:d9:c2:ce:76:2c:
         fc:0e:8d:07:7c:21:36:ef:2d:33:44:d9:7b:a3:70:e9:91:7d:
         f0:99:5d:1d:7c:91:12:f8:d7:9b:8d:3c:b0:9f:90:6b:76:e9:
         4e:fd:31:71
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUQs7GKY6+qw/LoCwY64MH+QXNFv0wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjYwMjE1MDA0MDA3WhcNMjYwNTE2MjM1OTU5
WjB6MUkwRwYDVQQFE0A2YmQ2NDg2NDgxZWM3OWY1MzBmNjA2ODFhZGU0ZDM2ZTUz
ODUxNjc5NjQ0MTMyNmZiYzcwZWM4MjQ5YjQyYTA1MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDyYgZMEFc9hKFksIHr1FTvKPE+NVfQ/7Y6+mLAIikFcAnN
PpFCqZ2PnLRKkXfh45XtVfpEImVzMgxAeYbCtOitfQZNCZrtqEzkCx2iaTc3zIOS
UX5vlQ6Q0ENaxYtxDPUjyG+ZIHIB5oN1kmwl3f4HVmumuVxiuBKBJW6KwJFL8U1a
g2uBJ3jeizUu5zDWT05rFirboq0rY/en0dbYnycP8GSdxtMRwX7QUwsgnFpo56jp
fD9VxluFyE5Y2+iJ45BKa7zVYLN0mIV2GHgdqSh7G/I0Y2yieS6PzcA5w+c9GmTA
/T/LQdbzxGm6Wal5mrN3Gc8tY9/IU8OrJ+bcRj69AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUTITxbLeVab4Olir6LXBWJvo5Z2swHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzVjMzJkMDY1LTZkYzEtNDFlNy1hZGQwLWRiYjA4MDA5NDJhZS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAdIEYAwDQYJKoZIhvcNAQELBQADggEBAIX4+Kn76RHNwuGe/QlEwMD4Qi9M
YL/c+tloLVnrUWQYLp0l2i2wiUzJk+mslhFoZYba6vo+34CJi0d9MOKhF4ICUg4I
YiqzfEWViDGOqE5OBG8J5jJ8MtzSg3V0T7z8TM1nR0JNpLDH3jjrtgtIzRd82oO5
LhpBpQwhM8/iXujzILcL3Xms6pGzUHmG2FmPOaVbZK0tf4og7UdYzqc3o9G2rP1C
aN8kfx/JS5qNbgbcCVM/ULS6aOorrd+y7N2m4uKxFAOzUHWDRr725dl5SSM9r/rZ
ws52LPwOjQd8ITbvLTNE2XujcOmRffCZXR18kRL415uNPLCfkGt26U79MXE=
-----END CERTIFICATE-----