Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/68d10ddc-0e77-4eb8-a625-89c8780d49ea.roa
File:                     68d10ddc-0e77-4eb8-a625-89c8780d49ea.roa (raw, json)
Hash identifier:          OYDSMMafWIt/CYpzPUUnLolHEGtSMhDgVM3Cgm1zDMM=
Subject key identifier:   D4:85:E5:95:00:31:65:CA:3B:8D:B9:34:A2:79:E0:25:AD:C9:2E:C9
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       2D52DA935D23E780B51190112C46CA779C88EC28
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/68d10ddc-0e77-4eb8-a625-89c8780d49ea.roa
Signing time:             Sat 28 Feb 2026 00:10:48 +0000
ROA not before:           Sat 28 Feb 2026 00:10:48 +0000
ROA not after:            Fri 29 May 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        77.123.0.0/17 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 03 Mar 2026 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2d:52:da:93:5d:23:e7:80:b5:11:90:11:2c:46:ca:77:9c:88:ec:28
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Feb 28 00:10:48 2026 GMT
            Not After : May 29 23:59:59 2026 GMT
        Subject: serialNumber=2c42df1bf32c62091dc4b00739ddcdc4c5950dce1fc260f86edd76a31e48edf6, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:b3:f7:8a:ae:6b:6c:8f:5f:9c:15:cb:44:bb:
                    5c:6a:b3:08:9a:75:a2:2c:e3:49:2c:e3:82:a3:8e:
                    8b:01:71:c9:6f:b9:3c:bf:af:3f:21:5e:8b:f6:19:
                    6e:ab:9f:a9:79:56:36:30:20:46:38:e7:8c:b4:51:
                    c9:c5:6e:bf:ee:5c:26:15:37:6f:98:97:12:2d:28:
                    2e:bc:b4:5d:ce:0a:7a:86:f9:ce:0f:5e:b5:fd:69:
                    c5:8a:0e:db:bc:95:47:e6:6d:82:c2:0d:01:27:dd:
                    f3:be:1e:98:de:25:24:17:2d:79:6d:94:80:1a:8f:
                    b4:df:01:63:bf:0e:4e:7d:a9:03:b9:f4:78:0b:13:
                    e0:d9:78:2f:c4:a4:72:6b:7f:cf:a5:08:c0:e2:64:
                    a4:00:10:22:02:2a:8e:51:5c:f7:b4:2e:19:4e:cc:
                    f9:c4:5f:db:e3:5c:b0:43:a0:10:f8:07:ea:d4:b4:
                    0c:cc:c3:9f:2b:29:f6:f6:6f:de:e7:34:33:c7:87:
                    c6:c1:09:31:c7:b0:09:c2:44:04:26:d4:d7:a0:63:
                    32:96:7d:a0:a9:3f:71:53:84:74:20:e7:3b:5b:f8:
                    6a:73:4e:84:bc:de:6e:19:81:20:0a:39:6a:bd:59:
                    9e:3f:ca:b0:12:3e:87:0c:88:5a:44:37:c1:ce:94:
                    2f:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D4:85:E5:95:00:31:65:CA:3B:8D:B9:34:A2:79:E0:25:AD:C9:2E:C9
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/68d10ddc-0e77-4eb8-a625-89c8780d49ea.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  77.123.0.0/17

    Signature Algorithm: sha256WithRSAEncryption
         05:f9:88:03:a8:ea:77:75:98:6d:71:db:ae:7d:f7:56:df:b4:
         79:82:8f:91:c5:07:88:5c:10:b4:27:58:5d:b8:bf:2c:ce:cc:
         8e:d3:09:fb:81:1f:ad:8a:7a:32:fa:51:3a:3a:49:82:7a:c5:
         3e:a5:90:20:30:87:30:86:b6:db:70:06:3e:cf:8f:5e:fd:2b:
         91:be:1f:cc:14:3f:cc:2e:5f:5f:57:26:84:9b:9e:12:bb:ac:
         4b:2b:b1:2d:82:bb:23:5b:d5:d5:fe:ea:ee:c7:d8:b0:9f:5b:
         5c:59:66:dc:73:2e:ad:f3:6c:60:f9:5f:87:ef:0a:ac:5b:8d:
         1e:6e:13:76:81:03:a9:4a:b6:82:74:24:1c:11:b1:31:86:62:
         69:ff:86:66:09:14:ba:4a:90:40:48:9e:b9:db:3b:4c:ad:67:
         85:5b:c4:24:fc:bc:b7:ac:6e:6d:5c:a2:66:5e:2e:dc:ed:73:
         73:aa:e5:a9:79:17:f8:7e:cb:51:2c:43:62:78:7c:3a:dc:05:
         b8:d7:00:1e:d3:ee:15:fc:c9:d3:9b:d3:bf:7d:04:09:f6:d2:
         75:55:b5:c0:c3:d8:cb:14:25:73:2e:2f:30:31:86:5f:13:3f:
         ff:8a:62:cc:34:e5:49:b4:2d:6c:76:dc:ae:10:c1:c8:5b:62:
         5d:f1:42:32
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIULVLak10j54C1EZARLEbKd5yI7CgwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjYwMjI4MDAxMDQ4WhcNMjYwNTI5MjM1OTU5
WjB6MUkwRwYDVQQFE0AyYzQyZGYxYmYzMmM2MjA5MWRjNGIwMDczOWRkY2RjNGM1
OTUwZGNlMWZjMjYwZjg2ZWRkNzZhMzFlNDhlZGY2MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCZs/eKrmtsj1+cFctEu1xqswiadaIs40ks44KjjosBcclv
uTy/rz8hXov2GW6rn6l5VjYwIEY454y0UcnFbr/uXCYVN2+YlxItKC68tF3OCnqG
+c4PXrX9acWKDtu8lUfmbYLCDQEn3fO+HpjeJSQXLXltlIAaj7TfAWO/Dk59qQO5
9HgLE+DZeC/EpHJrf8+lCMDiZKQAECICKo5RXPe0LhlOzPnEX9vjXLBDoBD4B+rU
tAzMw58rKfb2b97nNDPHh8bBCTHHsAnCRAQm1NegYzKWfaCpP3FThHQg5ztb+Gpz
ToS83m4ZgSAKOWq9WZ4/yrASPocMiFpEN8HOlC+nAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU1IXllQAxZco7jbk0onngJa3JLskwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzY4ZDEwZGRjLTBlNzctNGViOC1hNjI1LTg5Yzg3ODBkNDllYS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAdNewAwDQYJKoZIhvcNAQELBQADggEBAAX5iAOo6nd1mG1x265991bftHmC
j5HFB4hcELQnWF24vyzOzI7TCfuBH62KejL6UTo6SYJ6xT6lkCAwhzCGtttwBj7P
j179K5G+H8wUP8wuX19XJoSbnhK7rEsrsS2CuyNb1dX+6u7H2LCfW1xZZtxzLq3z
bGD5X4fvCqxbjR5uE3aBA6lKtoJ0JBwRsTGGYmn/hmYJFLpKkEBInrnbO0ytZ4Vb
xCT8vLesbm1comZeLtztc3Oq5al5F/h+y1EsQ2J4fDrcBbjXAB7T7hX8ydOb0799
BAn20nVVtcDD2MsUJXMuLzAxhl8TP/+KYsw05Um0LWx23K4QwchbYl3xQjI=
-----END CERTIFICATE-----