Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/98dabde8-c510-4c80-abcd-864ef2bfbbf9.roa
File:                     98dabde8-c510-4c80-abcd-864ef2bfbbf9.roa (raw, json)
Hash identifier:          IqgF1QWTOtD8KXizr1EIWQrblBaMJf9OgPXJGNk158Q=
Subject key identifier:   37:AB:7F:8D:C3:D7:AE:E9:EE:69:65:98:E5:CA:C4:E5:CB:EA:88:C4
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       7C83A9FBD666BAA8345E5B28B3C9DD54978C4BAC
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/98dabde8-c510-4c80-abcd-864ef2bfbbf9.roa
Signing time:             Sun 17 May 2026 00:31:09 +0000
ROA not before:           Sun 17 May 2026 00:31:09 +0000
ROA not after:            Sat 15 Aug 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        75.101.192.0/18 maxlen: 18
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 14 Jun 2026 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7c:83:a9:fb:d6:66:ba:a8:34:5e:5b:28:b3:c9:dd:54:97:8c:4b:ac
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: May 17 00:31:09 2026 GMT
            Not After : Aug 15 23:59:59 2026 GMT
        Subject: serialNumber=ba0bda2db32e29648244be191465281b3a77eda2ba1f848ed4ffcbfbb191a4bc, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ea:b0:b7:ad:0c:eb:58:fd:c8:d7:17:5f:32:4c:
                    3e:f6:f2:d0:20:f5:6f:0d:61:17:78:43:73:f1:90:
                    0a:bb:0e:65:0f:0d:b3:65:9e:16:aa:62:e9:f4:54:
                    0d:7b:e4:ce:37:58:7c:1b:86:c8:85:0e:6e:07:f4:
                    5c:a1:7d:36:7c:fa:dd:2e:a1:c8:0c:58:fe:d8:dd:
                    7c:ef:b9:f5:84:fd:c4:24:6b:b7:e1:c1:54:ea:78:
                    15:1a:4b:58:d2:36:69:93:b8:b5:93:8d:26:be:3e:
                    ca:f0:0c:83:b2:45:d7:19:31:63:be:a2:ae:3d:3a:
                    aa:fc:02:05:8f:ff:5b:94:93:c6:8d:da:5d:0c:37:
                    62:0e:15:8e:e5:86:e0:ba:c0:68:4e:4b:38:44:4b:
                    ba:ab:a9:c1:a4:c2:eb:59:8e:ae:99:f6:e3:85:f6:
                    e9:fd:f8:df:bc:72:7c:4e:63:ba:18:74:e8:db:c8:
                    88:2b:db:a7:a9:c4:af:a7:84:95:b3:69:bc:53:0e:
                    03:48:3e:f9:1d:78:7b:64:c2:75:c7:23:fc:53:e9:
                    f4:c0:13:f2:b8:0a:5a:8c:f6:be:29:ad:37:70:45:
                    08:90:9c:f8:c5:7c:b1:4f:47:d6:d0:57:44:e5:e2:
                    49:ec:b6:9b:d4:9b:82:14:07:f0:38:48:f9:d1:f2:
                    2e:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                37:AB:7F:8D:C3:D7:AE:E9:EE:69:65:98:E5:CA:C4:E5:CB:EA:88:C4
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/98dabde8-c510-4c80-abcd-864ef2bfbbf9.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  75.101.192.0/18

    Signature Algorithm: sha256WithRSAEncryption
         79:d1:6f:34:1e:73:78:fc:92:8a:58:a4:0a:31:15:71:b6:28:
         5e:30:cd:4c:f8:ea:5a:b1:b5:42:23:e7:30:96:88:10:0b:4a:
         49:b0:dc:19:85:43:97:37:b5:79:f8:aa:e9:0e:d1:33:94:9a:
         19:af:9a:66:c4:42:a4:6d:e3:aa:1e:d7:d4:5d:d0:cc:13:ff:
         e5:3d:76:4b:5d:1c:a2:c5:d8:7a:c5:45:43:25:7a:bd:0a:d6:
         62:5d:93:4b:31:96:ea:bf:b4:aa:b6:32:7a:6b:bc:c7:e2:33:
         b4:1d:a7:60:08:20:dd:cc:12:8c:aa:be:42:b6:bd:8c:ba:7b:
         bf:a4:8b:1a:6c:7c:9b:6b:e1:b0:72:87:73:96:d1:e6:82:b6:
         eb:33:7c:28:b0:16:59:3b:42:7d:8a:72:34:88:15:c6:c1:c9:
         07:17:b0:ab:fc:3c:67:47:2a:45:46:e5:1e:6f:09:74:27:58:
         37:48:ad:61:db:e2:56:72:0d:e7:fa:0d:59:9f:fc:67:ff:d4:
         bc:60:40:3a:0e:55:81:10:62:56:c8:00:0b:11:5d:6b:5a:c1:
         bc:93:bf:6f:c6:1d:28:a5:08:63:7f:37:3a:7c:8d:07:ed:8a:
         6e:62:65:6a:0d:1d:5a:ef:b7:ed:4d:27:ff:c3:2a:3b:52:1d:
         49:e2:a8:59
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUfIOp+9Zmuqg0Xlsos8ndVJeMS6wwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjYwNTE3MDAzMTA5WhcNMjYwODE1MjM1OTU5
WjB6MUkwRwYDVQQFE0BiYTBiZGEyZGIzMmUyOTY0ODI0NGJlMTkxNDY1MjgxYjNh
NzdlZGEyYmExZjg0OGVkNGZmY2JmYmIxOTFhNGJjMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDqsLetDOtY/cjXF18yTD728tAg9W8NYRd4Q3PxkAq7DmUP
DbNlnhaqYun0VA175M43WHwbhsiFDm4H9FyhfTZ8+t0uocgMWP7Y3XzvufWE/cQk
a7fhwVTqeBUaS1jSNmmTuLWTjSa+PsrwDIOyRdcZMWO+oq49Oqr8AgWP/1uUk8aN
2l0MN2IOFY7lhuC6wGhOSzhES7qrqcGkwutZjq6Z9uOF9un9+N+8cnxOY7oYdOjb
yIgr26epxK+nhJWzabxTDgNIPvkdeHtkwnXHI/xT6fTAE/K4ClqM9r4prTdwRQiQ
nPjFfLFPR9bQV0Tl4knstpvUm4IUB/A4SPnR8i53AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUN6t/jcPXrunuaWWY5crE5cvqiMQwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzk4ZGFiZGU4LWM1MTAtNGM4MC1hYmNkLTg2NGVmMmJmYmJmOS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAZLZcAwDQYJKoZIhvcNAQELBQADggEBAHnRbzQec3j8kopYpAoxFXG2KF4w
zUz46lqxtUIj5zCWiBALSkmw3BmFQ5c3tXn4qukO0TOUmhmvmmbEQqRt46oe19Rd
0MwT/+U9dktdHKLF2HrFRUMler0K1mJdk0sxluq/tKq2MnprvMfiM7Qdp2AIIN3M
EoyqvkK2vYy6e7+kixpsfJtr4bByh3OW0eaCtuszfCiwFlk7Qn2KcjSIFcbByQcX
sKv8PGdHKkVG5R5vCXQnWDdIrWHb4lZyDef6DVmf/Gf/1LxgQDoOVYEQYlbIAAsR
XWtawbyTv2/GHSilCGN/Nzp8jQftim5iZWoNHVrvt+1NJ//DKjtSHUniqFk=
-----END CERTIFICATE-----