Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/6694171a-aae2-4bbb-a718-43a3f95c6dc1.roa
File:                     6694171a-aae2-4bbb-a718-43a3f95c6dc1.roa (raw, json)
Hash identifier:          Sc0Py4OnqP/kuucZFlXOUwAEM/jIY6CPQYeZv9CWGcI=
Subject key identifier:   09:F6:6C:FE:2B:36:21:52:2A:61:37:F1:CD:84:73:E8:00:11:B3:C3
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       4A48756B88521E6E07D8ED76C4DA529F1BC0C8A4
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/6694171a-aae2-4bbb-a718-43a3f95c6dc1.roa
Signing time:             Sat 16 May 2026 00:51:14 +0000
ROA not before:           Sat 16 May 2026 00:51:14 +0000
ROA not after:            Fri 14 Aug 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        204.236.144.0/20 maxlen: 20
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 14 Jun 2026 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4a:48:75:6b:88:52:1e:6e:07:d8:ed:76:c4:da:52:9f:1b:c0:c8:a4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: May 16 00:51:14 2026 GMT
            Not After : Aug 14 23:59:59 2026 GMT
        Subject: serialNumber=ea8212083c1f9c7eb778d84d1ea8ed502a13a6ea102584fc6c1eb5458099104b, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:14:7c:6b:52:e5:70:76:ad:56:d6:1e:eb:92:
                    2e:7c:05:b0:2e:87:ea:1e:d6:07:50:8a:b5:2f:73:
                    5d:4a:e8:d8:95:64:68:05:49:0a:b6:50:ae:2b:f5:
                    c4:31:75:a4:e0:62:e8:f1:ef:2e:8d:9a:b9:39:d6:
                    59:c1:50:32:ee:a7:d4:f5:4d:24:72:49:ce:1c:45:
                    f2:d6:b4:6d:29:f8:a9:d1:c8:c9:24:32:af:44:a4:
                    0e:70:a2:af:48:30:22:3c:0d:52:10:1c:bb:e1:61:
                    d9:5f:f4:0b:65:aa:9c:f5:43:d7:c0:d6:5f:d5:7c:
                    f2:da:30:7d:b2:91:df:b3:fc:dd:bc:1f:e1:d2:e4:
                    d8:28:06:71:f5:7f:fe:7c:af:82:a1:fc:d4:6e:b1:
                    cc:e7:8d:7f:11:69:b2:14:6a:a0:27:10:5e:cf:08:
                    1f:cf:39:13:2f:d1:32:90:1c:bd:7d:11:65:e3:18:
                    6e:ac:3a:eb:eb:29:c3:ca:0c:97:83:c5:bf:b5:53:
                    a2:e2:1b:58:95:16:72:71:4c:e0:3a:7e:4d:ae:4c:
                    cd:e2:e1:05:e6:ae:03:84:e2:4a:5d:ae:a5:25:f7:
                    7c:e6:60:4b:7f:0d:f6:4c:31:00:0f:64:9d:40:cf:
                    d2:df:b8:e4:c0:da:04:65:84:2a:02:67:30:43:6f:
                    dc:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                09:F6:6C:FE:2B:36:21:52:2A:61:37:F1:CD:84:73:E8:00:11:B3:C3
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/6694171a-aae2-4bbb-a718-43a3f95c6dc1.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  204.236.144.0/20

    Signature Algorithm: sha256WithRSAEncryption
         b7:f4:32:d6:c3:44:87:63:47:d4:58:6e:f4:90:c2:4d:5f:e5:
         9f:7e:bc:17:a3:36:c8:87:4f:a2:c2:ed:3d:90:f5:83:c4:a5:
         7a:d6:a9:a8:1a:45:ec:f4:65:99:f8:12:83:57:67:17:64:c0:
         8f:8e:b8:9b:ae:f2:53:47:ac:a1:d9:8e:3b:2c:df:cc:d5:a5:
         6f:dc:06:67:e0:2c:02:d0:cc:eb:ae:b8:ef:8d:8c:e8:77:c4:
         23:b8:3d:67:3e:63:1a:1b:82:6b:33:87:0d:e0:45:9f:24:71:
         6f:e7:18:78:2a:c4:44:c8:cd:e6:15:1d:0d:b2:43:ee:8a:32:
         5f:77:a7:90:2b:6c:0d:5b:be:1c:de:38:d2:c9:db:52:3f:82:
         49:99:be:6a:0b:16:e7:b5:a8:b7:10:1d:12:da:4a:f6:f5:58:
         9b:fa:b8:e5:e1:63:fb:d6:d2:a9:84:df:dd:dd:69:bb:b0:73:
         09:e8:a4:d1:88:49:65:c2:4f:65:53:b8:05:ae:39:bc:69:c2:
         48:6a:86:00:f6:a8:6b:9b:05:f8:b3:c4:94:22:f4:74:56:0d:
         71:c1:6f:e6:37:97:07:60:39:47:58:8e:ec:4e:2d:c8:69:4d:
         b6:48:d1:1d:5d:1a:ae:13:f8:a1:f5:88:89:67:f2:71:b5:7f:
         e8:23:88:b0
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUSkh1a4hSHm4H2O12xNpSnxvAyKQwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjYwNTE2MDA1MTE0WhcNMjYwODE0MjM1OTU5
WjB6MUkwRwYDVQQFE0BlYTgyMTIwODNjMWY5YzdlYjc3OGQ4NGQxZWE4ZWQ1MDJh
MTNhNmVhMTAyNTg0ZmM2YzFlYjU0NTgwOTkxMDRiMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCwFHxrUuVwdq1W1h7rki58BbAuh+oe1gdQirUvc11K6NiV
ZGgFSQq2UK4r9cQxdaTgYujx7y6Nmrk51lnBUDLup9T1TSRySc4cRfLWtG0p+KnR
yMkkMq9EpA5woq9IMCI8DVIQHLvhYdlf9Atlqpz1Q9fA1l/VfPLaMH2ykd+z/N28
H+HS5NgoBnH1f/58r4Kh/NRuscznjX8RabIUaqAnEF7PCB/PORMv0TKQHL19EWXj
GG6sOuvrKcPKDJeDxb+1U6LiG1iVFnJxTOA6fk2uTM3i4QXmrgOE4kpdrqUl93zm
YEt/DfZMMQAPZJ1Az9LfuOTA2gRlhCoCZzBDb9wJAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUCfZs/is2IVIqYTfxzYRz6AARs8MwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzY2OTQxNzFhLWFhZTItNGJiYi1hNzE4LTQzYTNmOTVjNmRjMS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBATM7JAwDQYJKoZIhvcNAQELBQADggEBALf0MtbDRIdjR9RYbvSQwk1f5Z9+
vBejNsiHT6LC7T2Q9YPEpXrWqagaRez0ZZn4EoNXZxdkwI+OuJuu8lNHrKHZjjss
38zVpW/cBmfgLALQzOuuuO+NjOh3xCO4PWc+Yxobgmszhw3gRZ8kcW/nGHgqxETI
zeYVHQ2yQ+6KMl93p5ArbA1bvhzeONLJ21I/gkmZvmoLFue1qLcQHRLaSvb1WJv6
uOXhY/vW0qmE393dabuwcwnopNGISWXCT2VTuAWuObxpwkhqhgD2qGubBfizxJQi
9HRWDXHBb+Y3lwdgOUdYjuxOLchpTbZI0R1dGq4T+KH1iIln8nG1f+gjiLA=
-----END CERTIFICATE-----