Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/944259e1-46ec-4cd6-a18d-22caadd7e03a.roa
File:                     944259e1-46ec-4cd6-a18d-22caadd7e03a.roa (raw, json)
Hash identifier:          yAIKQm6Hl9qaVkQAtmvJUh2u4uyv6HvtP2kVph57b6w=
Subject key identifier:   29:B1:F9:C3:A8:F5:A8:20:62:78:AD:B1:B2:6C:4F:89:5C:55:5F:0F
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       71CC252C2666B67E10E68E0E21C5FF24D2C6A662
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/944259e1-46ec-4cd6-a18d-22caadd7e03a.roa
Signing time:             Thu 26 Feb 2026 00:20:10 +0000
ROA not before:           Thu 26 Feb 2026 00:20:10 +0000
ROA not after:            Wed 27 May 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        56.180.0.0/16 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 03 Mar 2026 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            71:cc:25:2c:26:66:b6:7e:10:e6:8e:0e:21:c5:ff:24:d2:c6:a6:62
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Feb 26 00:20:10 2026 GMT
            Not After : May 27 23:59:59 2026 GMT
        Subject: serialNumber=7a088f59453cf4847fd2662840153947f2b560e349dcc207f054ff9e249a8401, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:b0:90:c6:26:50:fc:37:58:f2:51:5d:17:ab:
                    b5:af:57:58:35:2c:c3:33:a3:55:e5:02:e3:0f:35:
                    40:be:16:22:66:ac:b2:f3:cb:c4:50:80:82:f9:7b:
                    5c:c3:66:93:70:2b:31:7d:83:94:d1:65:2b:22:77:
                    b9:d5:ab:66:ef:e1:da:75:65:7f:5e:9a:10:30:e0:
                    fe:9e:00:ed:b9:0c:66:48:a7:3c:61:1e:e0:96:05:
                    10:9e:04:9e:06:ff:35:5a:2f:3f:00:f7:b5:15:24:
                    62:ce:9a:42:bd:98:c5:72:4c:af:f6:aa:e9:f4:86:
                    7d:b3:7b:43:d7:75:24:52:b8:5b:d0:6e:75:8b:98:
                    f5:46:86:ed:36:f6:95:92:c6:00:ba:5f:cf:2a:68:
                    77:19:f1:f4:64:51:52:da:cb:ab:ab:af:c3:7c:05:
                    0c:0d:3a:1a:af:5f:95:fe:7a:20:41:9c:26:b4:1b:
                    26:99:19:e5:49:15:ee:2f:00:83:13:5f:39:d0:f7:
                    e1:c5:f0:e4:c5:18:7d:f5:fe:a2:cc:e8:9d:63:91:
                    93:95:12:ae:a9:ec:63:e2:5a:66:fa:37:5c:af:53:
                    ae:a3:93:df:16:66:b5:6d:a5:01:03:b2:66:36:9d:
                    8f:19:77:7c:44:f1:a6:a9:8a:53:79:9d:ca:02:92:
                    8c:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                29:B1:F9:C3:A8:F5:A8:20:62:78:AD:B1:B2:6C:4F:89:5C:55:5F:0F
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/944259e1-46ec-4cd6-a18d-22caadd7e03a.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  56.180.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         9f:26:d4:2d:39:2b:86:8e:5e:81:63:87:66:1f:f8:90:1d:0e:
         f6:10:0a:92:08:e5:2a:4d:19:19:18:4e:ed:94:a8:fd:95:41:
         14:30:f5:ad:f2:77:0c:45:f6:1b:dd:fc:05:82:54:95:e8:ff:
         c3:44:fa:a9:b7:53:4a:29:04:84:89:fa:58:33:4c:f9:43:c7:
         db:45:63:ce:8b:97:07:68:fa:39:0a:b0:f9:8f:8a:81:52:d3:
         6f:90:b3:a9:a1:f0:82:e7:3e:d8:d7:8f:09:94:04:eb:90:d5:
         df:5d:04:32:26:1f:21:af:8b:e8:f2:89:59:d0:56:14:38:a9:
         1a:8f:c1:d5:cf:58:14:ef:c0:46:42:84:8a:93:6f:4c:2f:f3:
         66:ec:19:63:57:12:56:17:52:e4:73:7b:80:03:b7:8b:55:fa:
         47:1f:d8:75:40:7c:87:ae:09:a5:8a:1b:dc:26:db:7b:65:cd:
         84:e9:d3:c3:1b:c7:e7:0d:41:d2:fb:9e:7b:06:86:a5:53:f3:
         77:26:c4:0d:ec:2f:64:6b:9c:cd:88:2f:25:8b:84:f2:ff:36:
         a7:81:89:58:71:1b:00:a4:6f:86:6d:93:a5:78:10:2d:9e:c2:
         ee:92:e5:68:cd:24:98:7f:b4:0b:19:23:c7:50:c4:47:28:26:
         12:5d:25:c5
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUccwlLCZmtn4Q5o4OIcX/JNLGpmIwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjYwMjI2MDAyMDEwWhcNMjYwNTI3MjM1OTU5
WjB6MUkwRwYDVQQFE0A3YTA4OGY1OTQ1M2NmNDg0N2ZkMjY2Mjg0MDE1Mzk0N2Yy
YjU2MGUzNDlkY2MyMDdmMDU0ZmY5ZTI0OWE4NDAxMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCbsJDGJlD8N1jyUV0Xq7WvV1g1LMMzo1XlAuMPNUC+FiJm
rLLzy8RQgIL5e1zDZpNwKzF9g5TRZSsid7nVq2bv4dp1ZX9emhAw4P6eAO25DGZI
pzxhHuCWBRCeBJ4G/zVaLz8A97UVJGLOmkK9mMVyTK/2qun0hn2ze0PXdSRSuFvQ
bnWLmPVGhu029pWSxgC6X88qaHcZ8fRkUVLay6urr8N8BQwNOhqvX5X+eiBBnCa0
GyaZGeVJFe4vAIMTXznQ9+HF8OTFGH31/qLM6J1jkZOVEq6p7GPiWmb6N1yvU66j
k98WZrVtpQEDsmY2nY8Zd3xE8aapilN5ncoCkozBAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUKbH5w6j1qCBieK2xsmxPiVxVXw8wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzk0NDI1OWUxLTQ2ZWMtNGNkNi1hMThkLTIyY2FhZGQ3ZTAzYS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwA4tDANBgkqhkiG9w0BAQsFAAOCAQEAnybULTkrho5egWOHZh/4kB0O9hAK
kgjlKk0ZGRhO7ZSo/ZVBFDD1rfJ3DEX2G938BYJUlej/w0T6qbdTSikEhIn6WDNM
+UPH20VjzouXB2j6OQqw+Y+KgVLTb5CzqaHwguc+2NePCZQE65DV310EMiYfIa+L
6PKJWdBWFDipGo/B1c9YFO/ARkKEipNvTC/zZuwZY1cSVhdS5HN7gAO3i1X6Rx/Y
dUB8h64JpYob3Cbbe2XNhOnTwxvH5w1B0vueewaGpVPzdybEDewvZGuczYgvJYuE
8v82p4GJWHEbAKRvhm2TpXgQLZ7C7pLlaM0kmH+0Cxkjx1DERygmEl0lxQ==
-----END CERTIFICATE-----