Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/662cd1e7-52b9-46fe-aded-bb1573a8af72.roa
File:                     662cd1e7-52b9-46fe-aded-bb1573a8af72.roa (raw, json)
Hash identifier:          HnfaMb+UXb2PIhtITPk4JqssdI7wfHZMxpgdYx15Ua8=
Subject key identifier:   4A:1D:3F:A4:84:97:C3:E6:07:CF:1C:B9:94:2F:9C:F3:55:39:84:9F
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       747C2DD9D55AEBCA23172772CEF4C3BB8F7EF3BD
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/662cd1e7-52b9-46fe-aded-bb1573a8af72.roa
Signing time:             Tue 24 Feb 2026 02:30:54 +0000
ROA not before:           Tue 24 Feb 2026 02:30:54 +0000
ROA not after:            Mon 25 May 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        16.63.88.0/22 maxlen: 22
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 03 Mar 2026 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            74:7c:2d:d9:d5:5a:eb:ca:23:17:27:72:ce:f4:c3:bb:8f:7e:f3:bd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Feb 24 02:30:54 2026 GMT
            Not After : May 25 23:59:59 2026 GMT
        Subject: serialNumber=43dc4e74deeb9d5344c3080b86535bc5a36739275729d77962898efda3a82799, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:c6:0f:b5:25:a4:ab:4a:f3:5f:32:dd:16:03:
                    97:2b:46:a5:0f:ec:a8:e1:14:2c:b8:19:e2:9a:54:
                    54:c1:0e:f4:10:09:d6:bb:38:98:45:63:7a:95:21:
                    b8:20:2f:b3:cc:e1:72:0e:44:98:e0:b6:b5:6f:3a:
                    8f:14:6f:6a:ec:a0:5f:71:a6:ec:bf:1c:7a:ce:87:
                    47:22:34:4f:0a:f5:b8:ea:d7:40:22:6d:f7:d7:c4:
                    86:e8:29:d4:64:ca:85:18:af:eb:45:2b:20:82:88:
                    5e:c2:2e:44:4b:28:53:58:67:40:20:40:b8:73:ba:
                    e3:99:ec:e0:6d:06:df:35:69:c6:5e:4f:e7:b6:f3:
                    37:13:c5:ef:78:bc:4d:df:bc:b6:28:ab:32:64:1d:
                    fc:72:80:99:9b:e3:5a:09:26:cd:8d:f7:e4:0e:a3:
                    76:da:e4:f8:20:1f:94:a0:17:97:bb:66:c3:f5:d6:
                    04:5a:9a:83:7f:e4:cc:ed:c6:8d:18:49:77:ad:a2:
                    e7:1c:91:1c:a9:34:43:19:99:b6:d8:28:00:3a:5b:
                    b7:52:94:e5:e7:f2:0a:3a:9b:a0:57:85:e1:2b:6c:
                    a9:69:16:04:84:1f:cb:2d:75:bd:82:b8:1a:25:bd:
                    8e:2f:96:49:0b:5b:65:9d:35:c5:15:46:92:0e:9e:
                    6f:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4A:1D:3F:A4:84:97:C3:E6:07:CF:1C:B9:94:2F:9C:F3:55:39:84:9F
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/662cd1e7-52b9-46fe-aded-bb1573a8af72.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  16.63.88.0/22

    Signature Algorithm: sha256WithRSAEncryption
         20:ba:82:ad:de:85:bb:b7:09:1f:06:f4:c8:66:5b:e6:5c:fa:
         6d:6c:96:ae:22:b5:fa:32:f5:15:d8:c9:9a:ff:49:1e:2e:80:
         6b:a1:d1:3d:7c:3a:00:08:e8:55:f5:88:f9:08:d9:fe:21:d9:
         cc:08:69:88:a7:0d:37:06:cd:d6:1f:2d:27:51:5e:12:f3:93:
         41:a6:3e:06:fb:37:5a:82:38:3e:a0:25:48:ac:d6:bb:d4:a6:
         72:49:dd:74:08:ce:9f:19:69:89:0c:5a:a8:10:b3:4f:ec:a9:
         d0:39:0a:8b:3c:60:4c:08:54:05:24:94:ec:17:12:b7:6c:4d:
         40:50:85:e7:17:49:1a:32:69:b7:30:d4:e5:88:01:6d:63:c7:
         51:a5:c0:11:50:ca:8f:6f:88:dd:fa:0c:69:fd:3e:c2:6c:3a:
         48:1a:5f:b9:9d:1b:60:9d:be:4e:cd:e1:2c:6d:5e:e2:ef:42:
         99:56:88:0a:03:04:d8:cd:fb:6b:f8:dd:13:d4:d3:15:1b:e9:
         44:1f:b9:51:82:e5:fa:75:01:4f:08:cd:94:8e:2b:48:67:63:
         13:69:1f:00:bd:06:95:b0:df:7c:01:e6:ef:f5:54:9a:24:64:
         52:de:e5:f4:16:bc:16:1b:f7:37:f3:a5:ee:26:5a:6b:71:e9:
         8f:22:aa:2c
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUdHwt2dVa68ojFydyzvTDu49+870wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjYwMjI0MDIzMDU0WhcNMjYwNTI1MjM1OTU5
WjB6MUkwRwYDVQQFE0A0M2RjNGU3NGRlZWI5ZDUzNDRjMzA4MGI4NjUzNWJjNWEz
NjczOTI3NTcyOWQ3Nzk2Mjg5OGVmZGEzYTgyNzk5MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCgxg+1JaSrSvNfMt0WA5crRqUP7KjhFCy4GeKaVFTBDvQQ
Cda7OJhFY3qVIbggL7PM4XIORJjgtrVvOo8Ub2rsoF9xpuy/HHrOh0ciNE8K9bjq
10AibffXxIboKdRkyoUYr+tFKyCCiF7CLkRLKFNYZ0AgQLhzuuOZ7OBtBt81acZe
T+e28zcTxe94vE3fvLYoqzJkHfxygJmb41oJJs2N9+QOo3ba5PggH5SgF5e7ZsP1
1gRamoN/5Mztxo0YSXetoucckRypNEMZmbbYKAA6W7dSlOXn8go6m6BXheErbKlp
FgSEH8stdb2CuBolvY4vlkkLW2WdNcUVRpIOnm+hAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUSh0/pISXw+YHzxy5lC+c81U5hJ8wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzY2MmNkMWU3LTUyYjktNDZmZS1hZGVkLWJiMTU3M2E4YWY3Mi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAIQP1gwDQYJKoZIhvcNAQELBQADggEBACC6gq3ehbu3CR8G9MhmW+Zc+m1s
lq4itfoy9RXYyZr/SR4ugGuh0T18OgAI6FX1iPkI2f4h2cwIaYinDTcGzdYfLSdR
XhLzk0GmPgb7N1qCOD6gJUis1rvUpnJJ3XQIzp8ZaYkMWqgQs0/sqdA5Cos8YEwI
VAUklOwXErdsTUBQhecXSRoyabcw1OWIAW1jx1GlwBFQyo9viN36DGn9PsJsOkga
X7mdG2Cdvk7N4SxtXuLvQplWiAoDBNjN+2v43RPU0xUb6UQfuVGC5fp1AU8IzZSO
K0hnYxNpHwC9BpWw33wB5u/1VJokZFLe5fQWvBYb9zfzpe4mWmtx6Y8iqiw=
-----END CERTIFICATE-----
Generated at Mon Mar 2 04:54:59 2026 by rpki-client