Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/63e2c87d-66d8-43ee-ae3c-1e725e3fb8ba.roa
File:                     63e2c87d-66d8-43ee-ae3c-1e725e3fb8ba.roa (raw, json)
Hash identifier:          XZv6HqaTj0eoTf3TsM7qveLwNMMjR8GrFYvL4QBgNwU=
Subject key identifier:   E1:EE:E7:F9:6A:3F:24:10:94:B6:16:51:96:88:3C:98:53:6A:2E:8A
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       055DCB591AA3BC5702840562E1B38C526D170E81
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/63e2c87d-66d8-43ee-ae3c-1e725e3fb8ba.roa
Signing time:             Tue 10 Feb 2026 01:10:07 +0000
ROA not before:           Tue 10 Feb 2026 01:10:07 +0000
ROA not after:            Mon 11 May 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        66.184.0.0/16 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 03 Mar 2026 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            05:5d:cb:59:1a:a3:bc:57:02:84:05:62:e1:b3:8c:52:6d:17:0e:81
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Feb 10 01:10:07 2026 GMT
            Not After : May 11 23:59:59 2026 GMT
        Subject: serialNumber=4a65e50b8009008d58e43d7b063343df8c5f2d5775fa8c3efa22812e3d1b25fd, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:5d:f7:2b:ca:0d:60:f2:1f:79:48:5e:35:55:
                    75:41:61:94:08:a8:9c:b4:2a:23:42:19:70:a0:6e:
                    41:3a:26:fb:ef:b2:1d:73:0f:47:08:95:af:93:ba:
                    f4:e3:d5:9d:59:00:a4:8e:1c:8e:66:6e:6f:4c:1b:
                    f9:3f:f6:19:88:a6:66:cd:a2:18:a7:cb:20:49:03:
                    79:f2:4d:0f:2a:74:16:d9:d6:2c:e1:69:06:6d:04:
                    64:f8:f4:cd:ac:e3:01:d4:00:1c:21:df:c4:9a:68:
                    6a:17:7c:db:3d:9e:04:f1:df:75:17:a0:ef:49:f2:
                    29:60:f0:cf:96:10:1c:8e:a2:12:cf:db:90:2f:fe:
                    0a:40:59:4b:b5:8b:66:a8:bb:ed:ea:dc:cb:ae:6f:
                    98:2e:65:b0:1b:6c:04:cd:4b:eb:9d:d0:ff:1a:76:
                    52:4c:d6:4d:11:25:c2:aa:1c:88:df:c7:fb:80:b1:
                    09:9f:56:6f:f5:77:c5:ed:ac:a2:95:a4:98:fa:29:
                    90:99:90:2c:bb:d4:6c:da:7c:d2:c1:06:46:93:2f:
                    98:71:e0:a9:bd:3e:1f:e6:c1:cc:54:f3:41:69:c6:
                    59:5a:34:bb:97:70:4a:be:3a:6b:ca:72:8f:fd:31:
                    79:b6:a6:c1:04:99:f2:d3:b4:8e:ef:63:fc:d0:fe:
                    f0:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E1:EE:E7:F9:6A:3F:24:10:94:B6:16:51:96:88:3C:98:53:6A:2E:8A
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/63e2c87d-66d8-43ee-ae3c-1e725e3fb8ba.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  66.184.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         78:5b:7c:de:ad:67:db:78:1c:22:c7:fe:85:fc:1f:0b:eb:a6:
         be:ae:20:95:17:eb:3e:e6:76:c5:75:4e:48:d8:1b:03:28:9a:
         2d:30:ae:b9:7b:9c:58:f1:4a:9a:c4:72:ad:51:fc:d6:65:31:
         7e:70:93:0e:6a:3c:a9:11:65:1b:80:f3:c1:ed:b9:02:22:82:
         b6:a5:59:1a:43:00:ec:8e:30:5a:6c:36:0c:1b:d9:87:90:34:
         25:f2:c0:76:3d:49:4e:3e:b0:82:7b:9d:39:a2:37:c8:95:83:
         93:5b:37:ef:96:1c:0f:bf:30:aa:ed:0b:6d:03:d6:11:54:2e:
         2b:25:0f:35:21:15:59:b6:93:ff:d4:c4:cf:40:9d:44:19:f4:
         d8:c0:5c:f2:3d:48:30:24:ce:a3:66:e7:56:a8:0e:ed:7a:62:
         07:94:d2:88:f2:a5:6d:6d:07:bb:2c:b3:70:ca:69:17:1e:ba:
         78:d4:7e:56:14:0d:b3:61:a3:7d:05:a7:1f:59:56:38:d6:09:
         c9:5b:88:d7:e1:30:d5:ee:a6:5d:3c:59:18:be:6b:51:43:33:
         5e:68:79:74:11:d3:3a:84:2f:a0:76:44:15:2c:1e:fa:14:39:
         4d:e4:b7:ee:dc:89:80:92:ae:34:95:cf:1d:29:9e:e6:fe:7a:
         f7:e7:3d:87
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUBV3LWRqjvFcChAVi4bOMUm0XDoEwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjYwMjEwMDExMDA3WhcNMjYwNTExMjM1OTU5
WjB6MUkwRwYDVQQFE0A0YTY1ZTUwYjgwMDkwMDhkNThlNDNkN2IwNjMzNDNkZjhj
NWYyZDU3NzVmYThjM2VmYTIyODEyZTNkMWIyNWZkMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCiXfcryg1g8h95SF41VXVBYZQIqJy0KiNCGXCgbkE6Jvvv
sh1zD0cIla+TuvTj1Z1ZAKSOHI5mbm9MG/k/9hmIpmbNohinyyBJA3nyTQ8qdBbZ
1izhaQZtBGT49M2s4wHUABwh38SaaGoXfNs9ngTx33UXoO9J8ilg8M+WEByOohLP
25Av/gpAWUu1i2aou+3q3Muub5guZbAbbATNS+ud0P8adlJM1k0RJcKqHIjfx/uA
sQmfVm/1d8XtrKKVpJj6KZCZkCy71GzafNLBBkaTL5hx4Km9Ph/mwcxU80Fpxlla
NLuXcEq+OmvKco/9MXm2psEEmfLTtI7vY/zQ/vABAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQU4e7n+Wo/JBCUthZRlog8mFNqLoowHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzYzZTJjODdkLTY2ZDgtNDNlZS1hZTNjLTFlNzI1ZTNmYjhiYS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwBCuDANBgkqhkiG9w0BAQsFAAOCAQEAeFt83q1n23gcIsf+hfwfC+umvq4g
lRfrPuZ2xXVOSNgbAyiaLTCuuXucWPFKmsRyrVH81mUxfnCTDmo8qRFlG4Dzwe25
AiKCtqVZGkMA7I4wWmw2DBvZh5A0JfLAdj1JTj6wgnudOaI3yJWDk1s375YcD78w
qu0LbQPWEVQuKyUPNSEVWbaT/9TEz0CdRBn02MBc8j1IMCTOo2bnVqgO7XpiB5TS
iPKlbW0HuyyzcMppFx66eNR+VhQNs2GjfQWnH1lWONYJyVuI1+Ew1e6mXTxZGL5r
UUMzXmh5dBHTOoQvoHZEFSwe+hQ5TeS37tyJgJKuNJXPHSme5v569+c9hw==
-----END CERTIFICATE-----