Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/a42a738c-9b5f-415d-a4cc-d638a82f8193.roa
File:                     a42a738c-9b5f-415d-a4cc-d638a82f8193.roa (raw, json)
Hash identifier:          FX8+9vbJuOn6evPOEhZYbb8Hc14tedP1I7SwWHkShX8=
Subject key identifier:   DF:02:76:B9:C7:E8:26:F6:BC:E8:98:04:EE:44:C9:FD:77:35:45:C1
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       035C99A9FC74B37F5D30EB56AAC179FA35EA3055
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/a42a738c-9b5f-415d-a4cc-d638a82f8193.roa
Signing time:             Sun 15 Feb 2026 00:30:42 +0000
ROA not before:           Sun 15 Feb 2026 00:30:42 +0000
ROA not after:            Sat 16 May 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        99.150.122.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 03 Mar 2026 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            03:5c:99:a9:fc:74:b3:7f:5d:30:eb:56:aa:c1:79:fa:35:ea:30:55
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Feb 15 00:30:42 2026 GMT
            Not After : May 16 23:59:59 2026 GMT
        Subject: serialNumber=5c1e68c3d09531283e6e76bde5971de382ddefd1932e93203c3b3239234f76f9, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:47:7a:c0:99:af:ae:58:67:0b:c6:f6:74:0f:
                    97:b6:3a:f4:df:4f:d6:51:c6:71:e8:f4:d4:29:fc:
                    26:c3:12:e7:ad:6a:f7:6a:5f:32:92:59:42:5c:53:
                    d5:9a:e7:ad:e3:cf:71:d3:73:aa:f5:b1:4b:ea:13:
                    26:2e:c1:4e:be:75:94:8e:30:48:49:1f:fa:0a:a0:
                    46:c7:1f:54:16:4a:5d:73:d4:05:31:c8:cb:f1:7e:
                    73:cf:20:69:63:75:96:59:f6:98:60:be:fb:03:00:
                    61:25:28:a1:06:6d:7e:e8:6b:d3:3f:ae:c2:12:70:
                    47:92:ce:83:cd:f1:6c:3c:29:93:ba:24:a6:22:94:
                    6a:c6:25:0c:82:55:50:44:b5:9b:bb:88:e6:da:eb:
                    8a:55:37:d9:40:de:1c:cc:ce:2a:15:b4:a2:d7:08:
                    2f:1f:a3:14:02:09:c0:11:0c:a7:36:87:7e:a9:5b:
                    db:8e:ea:f4:b7:77:a3:10:9b:44:6d:ea:16:c7:53:
                    ac:b0:32:55:27:52:dc:92:66:53:12:84:1f:99:72:
                    db:73:a7:00:31:9b:b7:33:14:95:5e:aa:0a:4f:76:
                    66:da:21:be:1f:77:1b:81:f6:06:aa:ae:a5:ac:e1:
                    a5:7a:89:4f:45:d9:48:8f:d7:b1:27:bb:31:38:ff:
                    94:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DF:02:76:B9:C7:E8:26:F6:BC:E8:98:04:EE:44:C9:FD:77:35:45:C1
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/a42a738c-9b5f-415d-a4cc-d638a82f8193.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  99.150.122.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8a:32:bb:14:09:cd:d2:c8:b4:25:36:c1:5c:52:b7:7e:d2:e3:
         e7:54:e8:9c:91:71:60:95:e3:a1:c1:22:cb:a3:de:ab:01:75:
         27:2f:40:00:a9:8e:88:be:97:78:d5:8a:56:92:05:04:77:20:
         67:1a:96:98:6d:53:17:79:3b:6a:2d:dd:52:bb:8c:24:d4:20:
         1d:3f:10:b9:55:34:35:f7:42:7d:59:9a:ba:c9:f3:09:07:96:
         fe:08:da:cb:b1:0c:db:21:cc:aa:8f:22:11:f8:0b:22:41:f8:
         a9:11:80:d3:d4:cd:0e:1e:a2:46:ed:3d:8d:23:50:a9:b5:2e:
         db:fa:87:0e:2d:ae:fe:65:09:98:7f:73:ef:ab:14:61:e2:41:
         4e:d4:fb:94:fe:f5:0f:53:0a:eb:b5:5d:4a:ad:2d:3f:22:c8:
         53:79:96:e9:29:3a:d7:a4:a7:e0:ae:a7:ab:fb:c1:30:9f:69:
         a0:78:ff:60:1c:74:a6:66:f9:94:e5:85:d0:00:6c:37:e3:ce:
         20:62:1b:af:5a:0f:df:1e:be:31:14:84:fb:0c:7d:9f:fb:6a:
         2b:81:fa:83:9f:cd:a4:34:50:74:3a:81:0e:d4:bc:49:69:4d:
         0d:e8:6c:a7:7a:15:a0:14:7e:5f:f7:21:cc:83:92:e0:8a:c4:
         e4:ae:8d:1e
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUA1yZqfx0s39dMOtWqsF5+jXqMFUwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjYwMjE1MDAzMDQyWhcNMjYwNTE2MjM1OTU5
WjB6MUkwRwYDVQQFE0A1YzFlNjhjM2QwOTUzMTI4M2U2ZTc2YmRlNTk3MWRlMzgy
ZGRlZmQxOTMyZTkzMjAzYzNiMzIzOTIzNGY3NmY5MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC3R3rAma+uWGcLxvZ0D5e2OvTfT9ZRxnHo9NQp/CbDEuet
avdqXzKSWUJcU9Wa563jz3HTc6r1sUvqEyYuwU6+dZSOMEhJH/oKoEbHH1QWSl1z
1AUxyMvxfnPPIGljdZZZ9phgvvsDAGElKKEGbX7oa9M/rsIScEeSzoPN8Ww8KZO6
JKYilGrGJQyCVVBEtZu7iOba64pVN9lA3hzMzioVtKLXCC8foxQCCcARDKc2h36p
W9uO6vS3d6MQm0Rt6hbHU6ywMlUnUtySZlMShB+ZcttzpwAxm7czFJVeqgpPdmba
Ib4fdxuB9gaqrqWs4aV6iU9F2UiP17EnuzE4/5SpAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU3wJ2ucfoJva86JgE7kTJ/Xc1RcEwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2E0MmE3MzhjLTliNWYtNDE1ZC1hNGNjLWQ2MzhhODJmODE5My5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBABjlnowDQYJKoZIhvcNAQELBQADggEBAIoyuxQJzdLItCU2wVxSt37S4+dU
6JyRcWCV46HBIsuj3qsBdScvQACpjoi+l3jVilaSBQR3IGcalphtUxd5O2ot3VK7
jCTUIB0/ELlVNDX3Qn1ZmrrJ8wkHlv4I2suxDNshzKqPIhH4CyJB+KkRgNPUzQ4e
okbtPY0jUKm1Ltv6hw4trv5lCZh/c++rFGHiQU7U+5T+9Q9TCuu1XUqtLT8iyFN5
lukpOtekp+Cup6v7wTCfaaB4/2AcdKZm+ZTlhdAAbDfjziBiG69aD98evjEUhPsM
fZ/7aiuB+oOfzaQ0UHQ6gQ7UvElpTQ3obKd6FaAUfl/3IcyDkuCKxOSujR4=
-----END CERTIFICATE-----