Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/98dabde8-c510-4c80-abcd-864ef2bfbbf9.roa
File:                     98dabde8-c510-4c80-abcd-864ef2bfbbf9.roa (raw, json)
Hash identifier:          s6YVwIFg9plsOLtqDzSjAoAorlGN01sZAIJ4HHxhgaE=
Subject key identifier:   A9:0E:85:7E:A5:DC:A9:BF:4F:46:E4:77:63:B9:C1:8A:85:1E:DF:30
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       63775129F7A4F3803DAAB718FDF9E1A87B57A796
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/98dabde8-c510-4c80-abcd-864ef2bfbbf9.roa
Signing time:             Thu 26 Feb 2026 00:30:44 +0000
ROA not before:           Thu 26 Feb 2026 00:30:44 +0000
ROA not after:            Wed 27 May 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        75.101.192.0/18 maxlen: 18
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 03 Mar 2026 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            63:77:51:29:f7:a4:f3:80:3d:aa:b7:18:fd:f9:e1:a8:7b:57:a7:96
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Feb 26 00:30:44 2026 GMT
            Not After : May 27 23:59:59 2026 GMT
        Subject: serialNumber=325651370d8c379291cd09cc7ab95e7eb32f310eefc40a71a024dee19118f475, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:5c:07:70:a3:06:fb:97:b2:9d:41:13:3f:4c:
                    c7:2b:45:b1:10:71:ec:52:ff:5b:89:16:d2:a6:64:
                    7b:d0:46:27:fe:7a:2d:09:fa:65:15:62:03:53:11:
                    47:5d:0b:c9:ea:15:4a:44:f2:68:42:f7:09:7a:4b:
                    ef:da:81:0c:80:a6:e4:10:a8:b1:01:e7:b5:21:71:
                    d8:4d:97:26:5d:75:06:a3:da:24:c8:01:eb:cb:e8:
                    c6:5a:a8:fc:6c:41:48:e7:0d:af:3f:d6:fe:df:c5:
                    bd:1d:c2:9d:cd:16:1e:74:f7:ab:8b:6d:10:b6:03:
                    29:a9:f7:d2:88:07:cb:aa:77:11:82:8f:10:57:c8:
                    1a:b2:0a:c1:66:35:66:ef:67:c3:97:30:60:16:2b:
                    b5:1c:2b:aa:de:eb:18:3a:5c:3f:77:59:58:46:ed:
                    3c:be:e5:7f:51:22:4d:d0:0f:7f:a5:d0:d8:6b:5c:
                    f5:e7:be:a6:c3:33:39:78:90:c2:be:f8:dd:09:c3:
                    b5:39:b7:6c:17:f0:95:01:4b:9f:b0:c1:32:64:b6:
                    33:83:90:7f:1a:b4:f0:be:13:7b:72:5a:e7:14:02:
                    7d:9f:7a:02:b4:62:1f:9a:36:88:56:ed:71:4c:a3:
                    96:02:be:a9:88:a2:13:04:7f:28:0d:1a:56:eb:33:
                    a8:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A9:0E:85:7E:A5:DC:A9:BF:4F:46:E4:77:63:B9:C1:8A:85:1E:DF:30
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/98dabde8-c510-4c80-abcd-864ef2bfbbf9.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  75.101.192.0/18

    Signature Algorithm: sha256WithRSAEncryption
         52:23:40:4a:6a:23:dc:ad:ff:7b:93:ce:87:90:5d:b9:31:b4:
         10:08:c1:9f:7f:62:da:7c:b8:4d:11:f4:90:f5:85:68:dc:50:
         69:06:91:8b:3f:2f:56:ed:33:04:e5:84:19:01:e2:83:36:03:
         39:d3:c1:1e:0b:c1:2d:b9:39:1d:cd:79:bc:0b:c5:eb:ad:f4:
         da:07:25:f5:e1:86:07:5e:69:00:31:b5:9e:0d:b5:87:e8:19:
         fd:67:09:32:55:aa:34:57:a4:39:9f:bc:fd:f4:56:44:f5:4c:
         bb:ff:aa:f2:44:b4:f8:a4:57:04:c8:83:d8:a6:2a:ac:27:c0:
         a6:18:5c:94:65:bb:d7:32:c3:5f:09:93:b2:3f:de:04:36:7a:
         df:bc:d3:e8:55:86:68:a4:e4:cf:88:a8:e3:fe:21:6a:cc:ca:
         1c:6d:f0:cc:c4:57:a9:5e:da:9d:fa:29:a4:db:5b:e7:ab:9e:
         c2:1d:22:58:07:54:fd:9c:f2:33:9d:88:05:46:f4:71:ce:f6:
         89:e8:76:a6:12:54:af:2c:ec:8b:01:fa:cf:c8:31:69:14:ad:
         a6:db:00:8f:73:5a:e8:21:3f:f2:7d:85:86:cd:25:f1:86:6d:
         a9:4e:bc:1c:9d:1b:06:ec:24:ad:06:0f:25:5e:85:42:b7:ad:
         65:a0:3f:e0
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUY3dRKfek84A9qrcY/fnhqHtXp5YwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjYwMjI2MDAzMDQ0WhcNMjYwNTI3MjM1OTU5
WjB6MUkwRwYDVQQFE0AzMjU2NTEzNzBkOGMzNzkyOTFjZDA5Y2M3YWI5NWU3ZWIz
MmYzMTBlZWZjNDBhNzFhMDI0ZGVlMTkxMThmNDc1MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC7XAdwowb7l7KdQRM/TMcrRbEQcexS/1uJFtKmZHvQRif+
ei0J+mUVYgNTEUddC8nqFUpE8mhC9wl6S+/agQyApuQQqLEB57UhcdhNlyZddQaj
2iTIAevL6MZaqPxsQUjnDa8/1v7fxb0dwp3NFh5096uLbRC2Aymp99KIB8uqdxGC
jxBXyBqyCsFmNWbvZ8OXMGAWK7UcK6re6xg6XD93WVhG7Ty+5X9RIk3QD3+l0Nhr
XPXnvqbDMzl4kMK++N0Jw7U5t2wX8JUBS5+wwTJktjODkH8atPC+E3tyWucUAn2f
egK0Yh+aNohW7XFMo5YCvqmIohMEfygNGlbrM6g1AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUqQ6FfqXcqb9PRuR3Y7nBioUe3zAwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzk4ZGFiZGU4LWM1MTAtNGM4MC1hYmNkLTg2NGVmMmJmYmJmOS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAZLZcAwDQYJKoZIhvcNAQELBQADggEBAFIjQEpqI9yt/3uTzoeQXbkxtBAI
wZ9/Ytp8uE0R9JD1hWjcUGkGkYs/L1btMwTlhBkB4oM2AznTwR4LwS25OR3NebwL
xeut9NoHJfXhhgdeaQAxtZ4NtYfoGf1nCTJVqjRXpDmfvP30VkT1TLv/qvJEtPik
VwTIg9imKqwnwKYYXJRlu9cyw18Jk7I/3gQ2et+80+hVhmik5M+IqOP+IWrMyhxt
8MzEV6le2p36KaTbW+ernsIdIlgHVP2c8jOdiAVG9HHO9onodqYSVK8s7IsB+s/I
MWkUrabbAI9zWughP/J9hYbNJfGGbalOvBydGwbsJK0GDyVehUK3rWWgP+A=
-----END CERTIFICATE-----