Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/8e49f25e-d120-4f09-aacc-bf4995405b55.roa
File:                     8e49f25e-d120-4f09-aacc-bf4995405b55.roa (raw, json)
Hash identifier:          xb64wRRP71e9rS6oTuAV67A0IMcfBdYPIBuizkmYD98=
Subject key identifier:   D3:DE:60:54:F0:6A:F3:9F:CA:27:64:75:86:6A:82:AA:CE:F4:29:99
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       06767551F71692F08A263F0807EB195AC2634D11
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/8e49f25e-d120-4f09-aacc-bf4995405b55.roa
Signing time:             Sat 14 Feb 2026 00:21:16 +0000
ROA not before:           Sat 14 Feb 2026 00:21:16 +0000
ROA not after:            Fri 15 May 2026 23:59:59 +0000
asID:                     14618
IP address blocks:        50.19.128.0/18 maxlen: 18
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 03 Mar 2026 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            06:76:75:51:f7:16:92:f0:8a:26:3f:08:07:eb:19:5a:c2:63:4d:11
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Feb 14 00:21:16 2026 GMT
            Not After : May 15 23:59:59 2026 GMT
        Subject: serialNumber=3f4d89c7c436a2157b108e43972e4cb602196881d1a1a52f3cee7456be0f4d0d, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:f2:f0:5e:34:4b:b3:10:0c:de:7d:eb:84:94:
                    d7:8b:26:9d:eb:60:21:54:a3:10:f1:3f:e1:a7:0e:
                    94:20:d1:32:5f:56:4d:c2:5b:f6:75:59:c5:6f:67:
                    1f:86:47:33:7e:01:6d:c3:87:05:b6:f1:e8:11:6a:
                    e2:f4:5b:ee:48:5b:c3:47:53:89:f1:3a:79:47:f0:
                    89:b1:c3:94:2c:d2:49:0a:56:61:be:c2:02:13:87:
                    66:dd:62:b5:77:ec:6f:6f:65:b8:98:6a:99:06:99:
                    ad:4f:2b:5c:a7:bb:ed:4e:96:31:98:06:9c:13:f4:
                    95:7d:3b:9d:f8:df:48:5a:91:d1:e8:8f:c2:9a:78:
                    ec:97:f5:a1:ad:60:66:4b:72:12:c6:5d:da:b2:4d:
                    8e:5e:da:8f:fd:ea:51:1a:b2:41:6e:82:e2:b9:4c:
                    71:ed:a4:eb:85:14:6e:12:9b:52:6e:01:b8:fd:63:
                    a6:2c:19:ae:5a:47:51:60:5a:31:46:3c:2c:d7:9a:
                    7a:fe:71:fa:5f:41:ac:12:de:ef:c7:d4:46:cd:e5:
                    64:0b:a2:67:d6:0c:10:a2:49:fb:0f:c5:1f:c4:a9:
                    20:e9:7c:86:09:91:30:29:ee:09:6a:4e:1d:79:31:
                    45:e4:f4:14:41:7f:1b:7d:6e:9d:a6:f2:ae:2a:0a:
                    26:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D3:DE:60:54:F0:6A:F3:9F:CA:27:64:75:86:6A:82:AA:CE:F4:29:99
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/8e49f25e-d120-4f09-aacc-bf4995405b55.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  50.19.128.0/18

    Signature Algorithm: sha256WithRSAEncryption
         99:ca:69:a8:a3:01:77:43:58:3f:d5:af:b4:fd:f7:cc:7c:90:
         0a:22:9f:0c:96:c7:a6:bd:de:f4:37:98:27:12:33:32:8b:b1:
         97:ef:e1:b4:56:bc:ec:19:c6:ac:3d:ff:7d:d5:a8:9e:f6:ef:
         fb:9e:26:8c:9d:54:b2:dd:1a:f0:64:91:a7:40:84:1f:01:f7:
         1b:70:d2:da:10:df:2c:6b:15:65:b5:7a:4c:b6:27:92:37:2c:
         07:59:81:ea:db:c5:51:84:b5:ef:ab:56:9c:4b:75:a6:31:72:
         4e:a7:a5:31:00:14:65:8c:c3:4d:a4:d0:97:f0:52:65:a8:a5:
         3b:b6:26:5a:16:32:a2:1b:8a:0b:97:34:72:b9:a7:17:3e:6d:
         e4:ff:03:91:b0:fc:4c:b4:5c:5f:54:40:0d:f1:3d:86:95:54:
         3f:60:7a:98:d9:05:14:91:cb:6c:c0:52:a7:e1:61:b4:10:63:
         a5:61:38:2c:93:70:56:1e:f0:db:bf:af:7c:34:9c:db:ee:59:
         7c:30:ed:40:83:66:53:67:90:f4:ef:93:80:d1:fc:1c:8d:39:
         bd:19:d7:a3:8c:b1:8a:e9:c8:33:53:4f:fc:c3:ef:1f:f3:dd:
         8b:5c:96:1f:eb:56:33:09:89:f7:a2:10:3e:d8:ca:c4:db:4d:
         92:a3:2d:d7
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUBnZ1UfcWkvCKJj8IB+sZWsJjTREwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjYwMjE0MDAyMTE2WhcNMjYwNTE1MjM1OTU5
WjB6MUkwRwYDVQQFE0AzZjRkODljN2M0MzZhMjE1N2IxMDhlNDM5NzJlNGNiNjAy
MTk2ODgxZDFhMWE1MmYzY2VlNzQ1NmJlMGY0ZDBkMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCo8vBeNEuzEAzefeuElNeLJp3rYCFUoxDxP+GnDpQg0TJf
Vk3CW/Z1WcVvZx+GRzN+AW3DhwW28egRauL0W+5IW8NHU4nxOnlH8Imxw5Qs0kkK
VmG+wgITh2bdYrV37G9vZbiYapkGma1PK1ynu+1OljGYBpwT9JV9O53430hakdHo
j8KaeOyX9aGtYGZLchLGXdqyTY5e2o/96lEaskFuguK5THHtpOuFFG4Sm1JuAbj9
Y6YsGa5aR1FgWjFGPCzXmnr+cfpfQawS3u/H1EbN5WQLomfWDBCiSfsPxR/EqSDp
fIYJkTAp7glqTh15MUXk9BRBfxt9bp2m8q4qCiZTAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU095gVPBq85/KJ2R1hmqCqs70KZkwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzhlNDlmMjVlLWQxMjAtNGYwOS1hYWNjLWJmNDk5NTQwNWI1NS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAYyE4AwDQYJKoZIhvcNAQELBQADggEBAJnKaaijAXdDWD/Vr7T998x8kAoi
nwyWx6a93vQ3mCcSMzKLsZfv4bRWvOwZxqw9/33VqJ727/ueJoydVLLdGvBkkadA
hB8B9xtw0toQ3yxrFWW1eky2J5I3LAdZgerbxVGEte+rVpxLdaYxck6npTEAFGWM
w02k0JfwUmWopTu2JloWMqIbiguXNHK5pxc+beT/A5Gw/Ey0XF9UQA3xPYaVVD9g
epjZBRSRy2zAUqfhYbQQY6VhOCyTcFYe8Nu/r3w0nNvuWXww7UCDZlNnkPTvk4DR
/ByNOb0Z16OMsYrpyDNTT/zD7x/z3Ytclh/rVjMJifeiED7YysTbTZKjLdc=
-----END CERTIFICATE-----