Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/6687a933-3a48-4f34-a556-83d1ca5aabc7.roa
File:                     6687a933-3a48-4f34-a556-83d1ca5aabc7.roa (raw, json)
Hash identifier:          UJEVRtJSGgzQNn9BK+QQWqOjeGy8a1JGqZuJFPt1mpY=
Subject key identifier:   37:33:71:3C:BD:52:4F:26:6A:E2:8E:79:3A:F2:4A:61:89:6E:91:D5
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       1BDE2136772D98BA65668CB9136C79010A946988
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/6687a933-3a48-4f34-a556-83d1ca5aabc7.roa
Signing time:             Tue 17 Feb 2026 04:53:26 +0000
ROA not before:           Tue 17 Feb 2026 04:53:26 +0000
ROA not after:            Mon 18 May 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        72.5.116.0/22 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 03 Mar 2026 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1b:de:21:36:77:2d:98:ba:65:66:8c:b9:13:6c:79:01:0a:94:69:88
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Feb 17 04:53:26 2026 GMT
            Not After : May 18 23:59:59 2026 GMT
        Subject: serialNumber=b4f054491b12838cb8e49c02ac49e3276dffe4cbc9116f02de0802e38500645c, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:2b:6d:a5:c2:1a:10:31:7f:73:9e:66:0e:25:
                    50:0b:40:64:21:c0:32:b4:be:d1:79:9b:12:ac:93:
                    b3:5a:25:a9:39:82:4e:9d:d8:20:eb:78:5e:e7:a4:
                    07:76:c3:e6:e6:27:df:88:95:c7:7d:e0:e7:c7:73:
                    ef:0f:b6:d1:fb:a2:85:dd:10:fb:f2:d5:43:5b:0c:
                    5d:43:de:7a:4c:57:aa:7a:77:cf:27:40:bb:e5:ed:
                    10:a0:ab:fc:56:40:f2:bc:5f:a5:79:7f:00:48:fa:
                    40:14:73:80:5c:c0:af:80:cf:bc:e7:c7:bf:0c:48:
                    48:eb:e3:a7:d5:6c:7a:f3:ee:81:e2:97:8c:c7:29:
                    bc:ae:88:2a:d7:d4:4d:16:fc:21:4d:10:a7:99:ae:
                    be:56:42:0e:4d:62:3c:81:38:f9:8c:3d:7d:32:c8:
                    34:b7:1b:6f:57:17:be:0a:75:f7:67:2c:5c:ab:6c:
                    0e:63:2f:e0:c7:22:8e:79:43:cd:f3:f2:ec:fb:76:
                    c9:11:d3:14:11:ef:b9:49:a9:85:31:a8:c8:2e:80:
                    10:22:36:c6:39:ec:14:d0:ae:46:a5:ad:9c:3d:a0:
                    e6:d4:64:e4:e9:51:1c:09:3e:5e:7a:a7:7d:b5:5e:
                    d8:a1:eb:0c:b2:c5:5a:f9:26:87:44:bd:4f:77:7e:
                    ff:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                37:33:71:3C:BD:52:4F:26:6A:E2:8E:79:3A:F2:4A:61:89:6E:91:D5
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/6687a933-3a48-4f34-a556-83d1ca5aabc7.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  72.5.116.0/22

    Signature Algorithm: sha256WithRSAEncryption
         84:ca:0b:86:7f:a5:af:3f:4b:6c:fd:c9:12:e1:01:56:40:f5:
         f2:de:be:e3:09:7e:0b:9c:38:70:c8:e0:86:b3:90:ba:1e:e7:
         f4:4c:e2:75:e7:fa:52:24:0d:09:65:74:f0:08:df:72:60:c2:
         84:71:23:05:7d:e7:1f:c1:94:24:ce:62:0e:cf:15:82:4b:d1:
         f8:fa:20:bd:c8:31:44:cc:d0:7f:ae:d0:dc:40:7c:6e:4f:68:
         f3:69:90:76:79:66:36:2f:58:fe:ab:2b:ba:6a:fa:5f:7e:59:
         11:64:b9:ee:f8:38:fa:ab:8d:8f:ab:62:1e:c5:64:10:20:60:
         ff:76:a2:c1:59:2c:c0:7f:b2:36:4d:db:a1:c5:df:f7:3b:46:
         e6:43:0b:35:eb:b5:ee:4f:83:69:d0:44:8c:20:cd:64:f0:57:
         99:87:2a:86:ec:e3:a7:e6:e6:85:ab:28:3b:96:89:dd:87:f7:
         01:e1:79:a4:d2:a3:6e:60:da:23:d6:11:25:80:12:20:0c:bc:
         2d:a3:bb:b9:43:3a:e8:f1:2a:86:8a:58:e9:c5:b4:3d:15:52:
         6a:13:8a:a9:76:9c:80:38:b7:18:26:0d:e0:09:e1:bf:6f:ea:
         ed:5e:be:54:45:ca:05:a5:f0:07:a6:45:99:46:14:8a:b7:c2:
         e0:c0:35:95
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUG94hNnctmLplZoy5E2x5AQqUaYgwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjYwMjE3MDQ1MzI2WhcNMjYwNTE4MjM1OTU5
WjB6MUkwRwYDVQQFE0BiNGYwNTQ0OTFiMTI4MzhjYjhlNDljMDJhYzQ5ZTMyNzZk
ZmZlNGNiYzkxMTZmMDJkZTA4MDJlMzg1MDA2NDVjMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCiK22lwhoQMX9znmYOJVALQGQhwDK0vtF5mxKsk7NaJak5
gk6d2CDreF7npAd2w+bmJ9+Ilcd94OfHc+8PttH7ooXdEPvy1UNbDF1D3npMV6p6
d88nQLvl7RCgq/xWQPK8X6V5fwBI+kAUc4BcwK+Az7znx78MSEjr46fVbHrz7oHi
l4zHKbyuiCrX1E0W/CFNEKeZrr5WQg5NYjyBOPmMPX0yyDS3G29XF74KdfdnLFyr
bA5jL+DHIo55Q83z8uz7dskR0xQR77lJqYUxqMgugBAiNsY57BTQrkalrZw9oObU
ZOTpURwJPl56p321Xtih6wyyxVr5JodEvU93fv93AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUNzNxPL1STyZq4o55OvJKYYlukdUwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzY2ODdhOTMzLTNhNDgtNGYzNC1hNTU2LTgzZDFjYTVhYWJjNy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAJIBXQwDQYJKoZIhvcNAQELBQADggEBAITKC4Z/pa8/S2z9yRLhAVZA9fLe
vuMJfgucOHDI4IazkLoe5/RM4nXn+lIkDQlldPAI33JgwoRxIwV95x/BlCTOYg7P
FYJL0fj6IL3IMUTM0H+u0NxAfG5PaPNpkHZ5ZjYvWP6rK7pq+l9+WRFkue74OPqr
jY+rYh7FZBAgYP92osFZLMB/sjZN26HF3/c7RuZDCzXrte5Pg2nQRIwgzWTwV5mH
Kobs46fm5oWrKDuWid2H9wHheaTSo25g2iPWESWAEiAMvC2ju7lDOujxKoaKWOnF
tD0VUmoTiql2nIA4txgmDeAJ4b9v6u1evlRFygWl8AemRZlGFIq3wuDANZU=
-----END CERTIFICATE-----