Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/6201dd74-1213-4bad-b129-0b23803b936f.roa
File:                     6201dd74-1213-4bad-b129-0b23803b936f.roa (raw, json)
Hash identifier:          jG7zaHOMjAe1GeOqBwDZ4T9VrfSrJK4AFHbe0ToOcGQ=
Subject key identifier:   C3:54:F6:98:CB:E2:36:BC:43:AE:6D:17:ED:54:16:9C:1B:58:DE:49
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       6A1BFA5CBC75116E59EB0EAE34EE4FE1A0F94833
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/6201dd74-1213-4bad-b129-0b23803b936f.roa
Signing time:             Sat 14 Feb 2026 00:20:08 +0000
ROA not before:           Sat 14 Feb 2026 00:20:08 +0000
ROA not after:            Fri 15 May 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        184.73.0.0/16 maxlen: 16
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 03 Mar 2026 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6a:1b:fa:5c:bc:75:11:6e:59:eb:0e:ae:34:ee:4f:e1:a0:f9:48:33
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Feb 14 00:20:08 2026 GMT
            Not After : May 15 23:59:59 2026 GMT
        Subject: serialNumber=8bfd622aacafbaf9c146bdfe58d4b20625f3e534591ce38493fe7584f7e4043d, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:bc:91:89:cd:07:c0:92:fd:be:c9:eb:b0:2a:
                    40:94:d6:d0:3d:c0:28:dd:37:bc:f4:d2:21:d7:71:
                    c1:fe:bf:12:3b:29:e6:99:d9:06:00:89:32:ce:86:
                    4d:bb:ff:61:d7:ad:06:32:3d:b6:a5:90:b9:21:14:
                    a0:69:59:b3:da:61:8b:81:34:22:ed:54:7a:5f:07:
                    e9:b5:0b:f0:92:ce:38:5e:e4:b5:23:73:aa:58:93:
                    86:ee:2b:8a:31:25:2d:2e:5d:52:73:44:03:46:a9:
                    ee:e3:d7:28:7f:58:91:ac:cc:72:b1:7c:2f:4f:90:
                    b8:05:d6:20:fc:c6:c8:4d:2a:78:1e:62:11:d5:e5:
                    21:38:fa:96:69:a9:aa:7e:36:06:92:85:f4:68:eb:
                    98:c7:e7:67:51:a0:01:1a:b5:c4:20:0e:d8:fd:ca:
                    14:20:12:85:c9:c1:2b:3c:b5:cb:96:82:be:ed:6e:
                    19:57:47:7f:3c:77:a6:be:c6:57:87:7d:95:70:b0:
                    5d:bc:92:1e:78:8b:ce:c1:22:6a:62:fd:64:55:36:
                    0c:16:68:19:3d:c3:4a:b1:bf:68:f6:8e:b8:c4:56:
                    5f:9b:22:b0:25:f8:69:81:69:3d:5f:4c:9d:20:ad:
                    bc:fb:eb:85:e7:9f:87:29:19:be:76:50:1e:fd:4d:
                    65:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C3:54:F6:98:CB:E2:36:BC:43:AE:6D:17:ED:54:16:9C:1B:58:DE:49
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/6201dd74-1213-4bad-b129-0b23803b936f.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  184.73.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         6e:ac:d2:d3:ca:57:25:e9:3d:65:77:63:c0:8a:e7:ce:29:90:
         05:f8:39:25:f8:26:ad:87:cd:b6:23:be:dc:28:7f:20:c4:5d:
         ca:2f:f6:e8:44:13:fa:8a:54:b2:c5:ca:50:34:e5:1e:ff:ee:
         a7:f5:f7:42:ab:d2:16:3d:39:3e:07:94:18:72:ee:f2:36:df:
         71:42:5f:ce:aa:15:79:fb:cc:68:a5:ee:ce:31:1b:aa:55:f5:
         d9:de:22:90:10:a1:3e:af:01:a3:13:7d:14:67:da:2d:0d:76:
         89:b0:18:4f:35:a5:7b:9a:a9:4b:1b:c9:7d:aa:8c:d1:26:ed:
         3d:37:d2:b1:3e:38:99:42:4e:8b:e9:b1:23:31:4c:9f:e8:44:
         85:49:9f:13:ff:27:c2:54:e3:47:bb:55:dc:86:c3:de:26:a9:
         73:03:f4:4a:86:4a:61:5f:b2:c1:ed:4d:18:65:ef:3f:10:bd:
         17:c8:0d:1f:ad:97:a5:9c:a5:52:c7:eb:48:46:fe:2c:b3:84:
         9b:ca:a3:4d:cf:5f:7d:99:2a:77:74:3b:2e:29:d9:37:a7:b9:
         a8:41:79:a6:3d:d8:31:ce:fa:1a:51:18:32:34:70:fe:4d:89:
         1a:d9:1b:99:91:ec:d9:f1:57:8b:33:68:34:09:69:e6:4c:af:
         d6:26:9b:70
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUahv6XLx1EW5Z6w6uNO5P4aD5SDMwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjYwMjE0MDAyMDA4WhcNMjYwNTE1MjM1OTU5
WjB6MUkwRwYDVQQFE0A4YmZkNjIyYWFjYWZiYWY5YzE0NmJkZmU1OGQ0YjIwNjI1
ZjNlNTM0NTkxY2UzODQ5M2ZlNzU4NGY3ZTQwNDNkMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC6vJGJzQfAkv2+yeuwKkCU1tA9wCjdN7z00iHXccH+vxI7
KeaZ2QYAiTLOhk27/2HXrQYyPbalkLkhFKBpWbPaYYuBNCLtVHpfB+m1C/CSzjhe
5LUjc6pYk4buK4oxJS0uXVJzRANGqe7j1yh/WJGszHKxfC9PkLgF1iD8xshNKnge
YhHV5SE4+pZpqap+NgaShfRo65jH52dRoAEatcQgDtj9yhQgEoXJwSs8tcuWgr7t
bhlXR388d6a+xleHfZVwsF28kh54i87BImpi/WRVNgwWaBk9w0qxv2j2jrjEVl+b
IrAl+GmBaT1fTJ0grbz764Xnn4cpGb52UB79TWXrAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUw1T2mMviNrxDrm0X7VQWnBtY3kkwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzYyMDFkZDc0LTEyMTMtNGJhZC1iMTI5LTBiMjM4MDNiOTM2Zi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwC4STANBgkqhkiG9w0BAQsFAAOCAQEAbqzS08pXJek9ZXdjwIrnzimQBfg5
JfgmrYfNtiO+3Ch/IMRdyi/26EQT+opUssXKUDTlHv/up/X3QqvSFj05PgeUGHLu
8jbfcUJfzqoVefvMaKXuzjEbqlX12d4ikBChPq8BoxN9FGfaLQ12ibAYTzWle5qp
SxvJfaqM0SbtPTfSsT44mUJOi+mxIzFMn+hEhUmfE/8nwlTjR7tV3IbD3iapcwP0
SoZKYV+ywe1NGGXvPxC9F8gNH62XpZylUsfrSEb+LLOEm8qjTc9ffZkqd3Q7LinZ
N6e5qEF5pj3YMc76GlEYMjRw/k2JGtkbmZHs2fFXizNoNAlp5kyv1iabcA==
-----END CERTIFICATE-----