Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/9dbc247d-8b36-439c-91d1-b8d7a94dd73b.roa
File:                     9dbc247d-8b36-439c-91d1-b8d7a94dd73b.roa (raw, json)
Hash identifier:          2I36v26dulxesAe98EtOeehUecjIv47QarsKLtpOuag=
Subject key identifier:   BF:B8:E2:18:15:3F:BE:2E:14:FE:0D:B4:AD:53:04:5B:B7:F8:DB:CB
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       643B94CDED26B0DA44013DF74D8AE829ECCD52A7
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/9dbc247d-8b36-439c-91d1-b8d7a94dd73b.roa
Signing time:             Wed 18 Feb 2026 00:21:37 +0000
ROA not before:           Wed 18 Feb 2026 00:21:37 +0000
ROA not after:            Tue 19 May 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        149.144.0.0/16 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 03 Mar 2026 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            64:3b:94:cd:ed:26:b0:da:44:01:3d:f7:4d:8a:e8:29:ec:cd:52:a7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Feb 18 00:21:37 2026 GMT
            Not After : May 19 23:59:59 2026 GMT
        Subject: serialNumber=01f6fa00fd439411c64f3ee3b36b231ce6dbbd7c9a2c13995564edb47448ac75, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8d:71:40:62:a8:89:aa:b0:33:6d:06:cb:be:2f:
                    a9:bd:41:94:0c:1c:41:89:8c:76:7f:3c:4c:e5:4f:
                    b9:8c:ed:50:1a:76:79:6f:2d:ab:3f:c6:79:f4:0e:
                    e4:38:4f:46:af:8b:cd:c4:55:d4:cc:69:28:c0:c7:
                    1d:77:ed:78:8f:f5:80:a5:7c:4d:a8:9f:b2:e1:2e:
                    b3:42:14:e4:3a:99:a3:90:b0:52:57:38:15:3a:48:
                    57:ba:02:87:50:03:af:89:4b:15:a4:2e:98:73:b1:
                    4e:e7:6f:f2:5f:6e:38:8c:1b:66:87:34:2f:01:73:
                    6f:c5:46:d5:09:e7:87:02:bd:bd:0a:c4:cf:b6:aa:
                    b4:0b:59:4d:a9:c8:c8:9e:2e:c1:36:27:41:c9:10:
                    fc:4a:e8:87:84:b8:7b:a0:f7:7d:43:b9:58:dd:a8:
                    59:39:73:57:5e:53:36:6b:81:a4:8f:c7:1c:bc:7d:
                    77:40:6c:30:d9:91:e7:ca:f3:7c:9d:ed:a5:4e:df:
                    e6:a6:b5:53:1e:30:73:34:ce:95:c8:67:25:58:74:
                    4d:a3:d6:9f:2f:6d:5b:a2:cf:93:78:2f:9c:5c:2b:
                    ea:6b:ac:c8:f1:42:21:2c:ae:9f:8e:5c:ae:00:17:
                    a9:62:a0:50:15:06:17:4c:03:8b:39:2a:7a:99:a8:
                    a7:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BF:B8:E2:18:15:3F:BE:2E:14:FE:0D:B4:AD:53:04:5B:B7:F8:DB:CB
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/9dbc247d-8b36-439c-91d1-b8d7a94dd73b.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  149.144.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         be:b0:bb:3b:0e:da:40:65:38:10:6e:9d:44:2b:e3:77:9b:ea:
         01:e3:fd:7d:93:2c:d8:49:42:76:db:31:fa:4e:d3:cd:9b:19:
         44:7e:cd:91:a5:cb:bb:3b:a7:53:d0:de:dd:5c:df:eb:f3:6a:
         ce:22:64:2d:76:dc:ac:98:bd:e5:2b:cc:62:e7:19:16:12:71:
         34:e9:9c:d1:fb:e6:17:0b:e9:f5:2a:60:95:56:af:b6:7b:9c:
         45:ca:da:45:5f:ea:87:9b:e1:d8:3b:e9:f9:c1:6e:36:da:e2:
         3b:d3:b6:76:9f:9e:a2:93:49:11:19:c4:1f:a1:50:01:0d:c8:
         29:e1:c0:da:40:d6:cc:91:04:20:ee:6d:92:89:5a:8b:d7:6c:
         e7:73:1f:48:ef:12:62:3c:f1:68:0b:44:91:d3:2e:56:ee:f4:
         56:92:4f:e5:f8:10:50:ae:c5:ff:07:4b:ab:2f:f5:a6:29:de:
         e2:48:11:68:be:7b:54:39:bf:68:93:62:e2:85:dc:b6:fb:b9:
         51:6b:1d:4e:9a:7e:e3:68:72:51:79:47:38:a7:17:30:f5:30:
         1d:2b:c8:7f:a8:c5:59:84:09:51:84:f8:91:e8:8f:da:e3:ff:
         3b:1a:ee:2f:77:5e:1e:62:b1:ac:ff:10:38:ab:1f:4b:2a:6e:
         98:07:75:2d
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUZDuUze0msNpEAT33TYroKezNUqcwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjYwMjE4MDAyMTM3WhcNMjYwNTE5MjM1OTU5
WjB6MUkwRwYDVQQFE0AwMWY2ZmEwMGZkNDM5NDExYzY0ZjNlZTNiMzZiMjMxY2U2
ZGJiZDdjOWEyYzEzOTk1NTY0ZWRiNDc0NDhhYzc1MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCNcUBiqImqsDNtBsu+L6m9QZQMHEGJjHZ/PEzlT7mM7VAa
dnlvLas/xnn0DuQ4T0avi83EVdTMaSjAxx137XiP9YClfE2on7LhLrNCFOQ6maOQ
sFJXOBU6SFe6AodQA6+JSxWkLphzsU7nb/JfbjiMG2aHNC8Bc2/FRtUJ54cCvb0K
xM+2qrQLWU2pyMieLsE2J0HJEPxK6IeEuHug931DuVjdqFk5c1deUzZrgaSPxxy8
fXdAbDDZkefK83yd7aVO3+amtVMeMHM0zpXIZyVYdE2j1p8vbVuiz5N4L5xcK+pr
rMjxQiEsrp+OXK4AF6lioFAVBhdMA4s5KnqZqKc5AgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUv7jiGBU/vi4U/g20rVMEW7f428swHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzlkYmMyNDdkLThiMzYtNDM5Yy05MWQxLWI4ZDdhOTRkZDczYi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwCVkDANBgkqhkiG9w0BAQsFAAOCAQEAvrC7Ow7aQGU4EG6dRCvjd5vqAeP9
fZMs2ElCdtsx+k7TzZsZRH7NkaXLuzunU9De3Vzf6/NqziJkLXbcrJi95SvMYucZ
FhJxNOmc0fvmFwvp9SpglVavtnucRcraRV/qh5vh2Dvp+cFuNtriO9O2dp+eopNJ
ERnEH6FQAQ3IKeHA2kDWzJEEIO5tkolai9ds53MfSO8SYjzxaAtEkdMuVu70VpJP
5fgQUK7F/wdLqy/1pine4kgRaL57VDm/aJNi4oXctvu5UWsdTpp+42hyUXlHOKcX
MPUwHSvIf6jFWYQJUYT4keiP2uP/OxruL3deHmKxrP8QOKsfSypumAd1LQ==
-----END CERTIFICATE-----
Generated at Sun Mar 1 22:16:13 2026 by rpki-client