Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/848952e2-f44c-4951-9963-3a457ef26fed.roa
File:                     848952e2-f44c-4951-9963-3a457ef26fed.roa (raw, json)
Hash identifier:          B+BwkeWlOYkf6a58I9iyyAhY3IMmoyBCwW5ITAsgR24=
Subject key identifier:   E4:8C:0A:45:D1:C9:2B:CD:8D:37:92:21:C4:5B:FA:CD:32:3A:07:66
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       46EE6983432C96B3A520F8D0757D76532F3EC2AF
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/848952e2-f44c-4951-9963-3a457ef26fed.roa
Signing time:             Thu 21 May 2026 00:00:32 +0000
ROA not before:           Thu 21 May 2026 00:00:32 +0000
ROA not after:            Wed 19 Aug 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        24.110.52.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 14 Jun 2026 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            46:ee:69:83:43:2c:96:b3:a5:20:f8:d0:75:7d:76:53:2f:3e:c2:af
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: May 21 00:00:32 2026 GMT
            Not After : Aug 19 23:59:59 2026 GMT
        Subject: serialNumber=e763aa06a761ef89a0ad260e8e645c450815d7c9e6a6556272728c5f313c6ca3, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:6c:b0:db:75:06:a3:98:90:7a:d6:47:bf:d6:
                    6f:aa:4e:f2:eb:20:32:ae:5c:8f:14:49:91:e2:57:
                    32:7c:1a:4d:5f:bb:b5:e4:b5:4b:89:72:4a:63:5e:
                    e8:43:25:4f:b5:1b:fe:d4:44:4e:4c:7c:64:1c:c7:
                    48:8e:2b:93:77:5a:a5:2a:92:9c:8b:e3:02:7e:e3:
                    27:a5:b5:7f:2e:05:a5:30:83:48:a3:b7:66:1d:1a:
                    d7:0a:55:f5:0e:be:cf:05:0c:bc:5f:8e:d8:b6:8b:
                    0e:92:f8:cc:67:b7:92:03:3d:12:ec:1a:ea:4a:6d:
                    d6:f3:32:3b:5f:f6:32:cf:65:e7:da:0c:3d:91:a4:
                    5a:bc:1b:b9:fe:f9:08:e4:e2:28:3d:34:12:10:a9:
                    70:36:24:4a:06:e6:b8:dd:82:ee:d0:c4:6b:d1:d1:
                    ac:b5:91:9b:7d:9a:78:65:08:18:40:23:f0:03:f7:
                    71:f7:6c:5a:55:ea:05:13:f3:93:6b:a7:c8:f9:88:
                    e9:f6:09:27:42:dc:73:79:ed:b0:1d:d7:69:f4:e3:
                    4a:59:e1:37:3b:cd:49:57:99:73:37:1b:8b:bf:d9:
                    dd:76:1f:f6:b3:24:45:76:b2:8e:08:46:8d:ae:6b:
                    4d:af:bc:91:40:e7:2f:11:06:3e:ab:e8:dc:fc:c5:
                    ae:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E4:8C:0A:45:D1:C9:2B:CD:8D:37:92:21:C4:5B:FA:CD:32:3A:07:66
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/848952e2-f44c-4951-9963-3a457ef26fed.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  24.110.52.0/24

    Signature Algorithm: sha256WithRSAEncryption
         51:31:cd:a5:25:b8:e7:14:45:23:26:10:f7:0a:9e:7e:44:a5:
         39:a5:3d:65:f0:66:a6:9b:75:61:c0:2d:19:60:4f:15:76:18:
         c8:e8:42:73:86:ff:d6:bb:e6:52:e5:82:9c:30:ef:3b:be:cb:
         f9:a9:99:53:c3:a8:46:a3:26:0d:8a:4d:e7:a8:6a:dc:ec:d6:
         5f:c7:bf:00:ed:f4:5a:53:f1:ce:18:30:ea:44:7e:97:3a:b6:
         35:a2:ae:86:3f:92:68:e9:98:cf:ec:99:06:89:4d:3d:a6:40:
         c9:2d:d1:8f:96:9f:e3:6a:8d:0a:c6:32:18:95:1f:a9:07:b7:
         d1:50:ab:da:c8:8a:2d:9e:7a:c5:6e:a8:a5:c1:99:67:1d:41:
         b5:b9:5a:b6:66:1a:4e:da:8b:a0:26:8d:2e:2e:d8:77:95:bb:
         98:46:55:97:93:39:a9:3e:ac:3a:6e:f6:8c:5c:cb:cb:89:ea:
         59:c8:74:57:2f:6e:e3:53:7f:c6:97:c7:1f:75:7d:c3:df:13:
         10:1c:6d:7a:ec:cd:6b:f6:dd:a4:2c:da:66:c5:02:db:b7:92:
         4c:71:92:1b:b7:a8:e6:b5:fa:b4:6f:c3:87:4c:67:fa:20:e9:
         74:5f:d8:62:f9:88:79:30:45:38:c0:20:d1:21:92:ab:8c:53:
         2b:5d:ad:89
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIURu5pg0MslrOlIPjQdX12Uy8+wq8wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjYwNTIxMDAwMDMyWhcNMjYwODE5MjM1OTU5
WjB6MUkwRwYDVQQFE0BlNzYzYWEwNmE3NjFlZjg5YTBhZDI2MGU4ZTY0NWM0NTA4
MTVkN2M5ZTZhNjU1NjI3MjcyOGM1ZjMxM2M2Y2EzMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDTbLDbdQajmJB61ke/1m+qTvLrIDKuXI8USZHiVzJ8Gk1f
u7XktUuJckpjXuhDJU+1G/7URE5MfGQcx0iOK5N3WqUqkpyL4wJ+4yeltX8uBaUw
g0ijt2YdGtcKVfUOvs8FDLxfjti2iw6S+Mxnt5IDPRLsGupKbdbzMjtf9jLPZefa
DD2RpFq8G7n++Qjk4ig9NBIQqXA2JEoG5rjdgu7QxGvR0ay1kZt9mnhlCBhAI/AD
93H3bFpV6gUT85Nrp8j5iOn2CSdC3HN57bAd12n040pZ4Tc7zUlXmXM3G4u/2d12
H/azJEV2so4IRo2ua02vvJFA5y8RBj6r6Nz8xa6BAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU5IwKRdHJK82NN5IhxFv6zTI6B2YwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzg0ODk1MmUyLWY0NGMtNDk1MS05OTYzLTNhNDU3ZWYyNmZlZC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAAYbjQwDQYJKoZIhvcNAQELBQADggEBAFExzaUluOcURSMmEPcKnn5EpTml
PWXwZqabdWHALRlgTxV2GMjoQnOG/9a75lLlgpww7zu+y/mpmVPDqEajJg2KTeeo
atzs1l/HvwDt9FpT8c4YMOpEfpc6tjWiroY/kmjpmM/smQaJTT2mQMkt0Y+Wn+Nq
jQrGMhiVH6kHt9FQq9rIii2eesVuqKXBmWcdQbW5WrZmGk7ai6AmjS4u2HeVu5hG
VZeTOak+rDpu9oxcy8uJ6lnIdFcvbuNTf8aXxx91fcPfExAcbXrszWv23aQs2mbF
Atu3kkxxkhu3qOa1+rRvw4dMZ/og6XRf2GL5iHkwRTjAINEhkquMUytdrYk=
-----END CERTIFICATE-----