Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/75da3273-1141-407e-8be6-2c12ada7102b.roa
File:                     75da3273-1141-407e-8be6-2c12ada7102b.roa (raw, json)
Hash identifier:          oetBraeMfAdtHMEXGl9vikLHWOZ09EOQteenggWiUhY=
Subject key identifier:   83:14:AE:A6:7A:53:9E:31:D5:8D:54:07:37:29:7F:A4:91:59:50:89
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       5CC1D40BFA1062F5652D95BE8C7DAA9EC68953A0
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/75da3273-1141-407e-8be6-2c12ada7102b.roa
Signing time:             Sat 28 Feb 2026 00:00:07 +0000
ROA not before:           Sat 28 Feb 2026 00:00:07 +0000
ROA not after:            Fri 29 May 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        82.176.0.0/16 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 03 Mar 2026 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5c:c1:d4:0b:fa:10:62:f5:65:2d:95:be:8c:7d:aa:9e:c6:89:53:a0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Feb 28 00:00:07 2026 GMT
            Not After : May 29 23:59:59 2026 GMT
        Subject: serialNumber=e20289cde0cfc4525cee736e93836fab2c28dd71a03639803471f41ec231254d, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:8b:f1:3c:c5:7c:8f:30:49:d4:2e:41:12:89:
                    20:ef:6b:2b:40:04:b2:d0:21:1b:52:ec:c5:ba:60:
                    cc:f1:14:44:16:69:fa:11:1a:1a:d1:ad:74:b7:60:
                    49:69:f5:5c:2f:30:fa:fd:c9:9c:e1:6e:be:db:7e:
                    ec:27:7d:8b:52:d6:fb:a5:62:86:49:c4:38:8a:c7:
                    bc:0d:64:b4:90:b9:14:4f:aa:ff:2f:c7:2b:9c:49:
                    5e:4f:27:92:f6:a3:68:bd:83:26:e1:7b:79:34:d0:
                    7d:5d:ff:c4:dd:15:1a:e6:2a:ab:29:81:79:cf:73:
                    af:46:e3:dd:86:3e:62:2e:7c:fe:60:f3:69:ae:74:
                    cd:60:40:de:42:51:41:b8:db:ce:33:ac:14:0b:46:
                    ac:ba:cb:65:0c:16:dd:10:73:bf:9b:aa:d3:33:09:
                    b7:3b:c6:7d:24:06:44:83:bd:b5:8f:20:bc:01:00:
                    8d:30:2e:f0:55:00:88:6c:80:93:bd:39:5a:e3:cd:
                    3e:53:21:fe:ed:cb:78:44:fe:06:3c:8d:eb:16:c3:
                    f5:8e:b4:4e:05:0e:01:08:76:fa:f3:35:e7:b2:86:
                    42:27:7c:57:41:77:82:92:a1:74:ba:30:27:67:aa:
                    ab:11:2c:99:1f:07:93:99:29:a6:c5:60:d5:c2:63:
                    2c:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                83:14:AE:A6:7A:53:9E:31:D5:8D:54:07:37:29:7F:A4:91:59:50:89
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/75da3273-1141-407e-8be6-2c12ada7102b.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.176.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         56:6b:cb:71:8b:cb:e3:42:3f:84:68:b4:18:e7:3b:e7:4b:22:
         3e:ab:85:bf:3b:b4:a3:06:65:5c:7a:c9:c0:a8:fd:f4:de:7a:
         e9:4b:18:56:06:c6:2c:b2:71:1d:18:13:b5:22:61:b0:08:04:
         f7:62:f2:ed:39:e3:77:ee:61:a6:7e:cc:a2:d9:d6:f5:06:77:
         16:2e:22:c5:00:3c:81:d4:95:06:21:94:a8:6a:48:12:fa:4d:
         42:16:f3:d3:3a:44:a7:54:81:99:f8:8f:fa:e9:e1:cd:32:e9:
         33:a6:28:6a:f3:f4:17:49:17:ea:35:65:50:6a:80:97:d4:6e:
         f6:d1:1f:ea:d1:cb:60:70:9d:25:6d:35:00:95:a4:ef:77:1c:
         aa:9b:05:be:b6:65:40:a4:d6:02:be:50:ce:98:f0:c0:8b:e2:
         ba:9b:c5:7f:c0:c0:7f:10:b8:c0:42:e0:50:ad:66:74:36:7f:
         4e:62:50:10:40:14:43:52:b3:dd:2e:c7:86:97:32:ac:3c:fc:
         e3:49:af:51:15:af:85:ff:fc:b7:32:d4:3f:d8:c3:3e:62:99:
         af:45:ff:7a:3a:46:b3:0e:a1:21:ff:94:9c:cf:a7:9c:2f:51:
         0e:ef:00:70:21:3f:de:46:4f:6f:a0:4d:ca:3e:8e:7f:0d:7a:
         80:81:68:91
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUXMHUC/oQYvVlLZW+jH2qnsaJU6AwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjYwMjI4MDAwMDA3WhcNMjYwNTI5MjM1OTU5
WjB6MUkwRwYDVQQFE0BlMjAyODljZGUwY2ZjNDUyNWNlZTczNmU5MzgzNmZhYjJj
MjhkZDcxYTAzNjM5ODAzNDcxZjQxZWMyMzEyNTRkMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDNi/E8xXyPMEnULkESiSDvaytABLLQIRtS7MW6YMzxFEQW
afoRGhrRrXS3YElp9VwvMPr9yZzhbr7bfuwnfYtS1vulYoZJxDiKx7wNZLSQuRRP
qv8vxyucSV5PJ5L2o2i9gybhe3k00H1d/8TdFRrmKqspgXnPc69G492GPmIufP5g
82mudM1gQN5CUUG4284zrBQLRqy6y2UMFt0Qc7+bqtMzCbc7xn0kBkSDvbWPILwB
AI0wLvBVAIhsgJO9OVrjzT5TIf7ty3hE/gY8jesWw/WOtE4FDgEIdvrzNeeyhkIn
fFdBd4KSoXS6MCdnqqsRLJkfB5OZKabFYNXCYyz/AgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUgxSupnpTnjHVjVQHNyl/pJFZUIkwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzc1ZGEzMjczLTExNDEtNDA3ZS04YmU2LTJjMTJhZGE3MTAyYi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwBSsDANBgkqhkiG9w0BAQsFAAOCAQEAVmvLcYvL40I/hGi0GOc750siPquF
vzu0owZlXHrJwKj99N566UsYVgbGLLJxHRgTtSJhsAgE92Ly7Tnjd+5hpn7MotnW
9QZ3Fi4ixQA8gdSVBiGUqGpIEvpNQhbz0zpEp1SBmfiP+unhzTLpM6YoavP0F0kX
6jVlUGqAl9Ru9tEf6tHLYHCdJW01AJWk73ccqpsFvrZlQKTWAr5QzpjwwIviupvF
f8DAfxC4wELgUK1mdDZ/TmJQEEAUQ1Kz3S7HhpcyrDz840mvURWvhf/8tzLUP9jD
PmKZr0X/ejpGsw6hIf+UnM+nnC9RDu8AcCE/3kZPb6BNyj6Ofw16gIFokQ==
-----END CERTIFICATE-----