Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/b4c433a1-52bd-4a34-af35-a61c38d2ae00.roa
File:                     b4c433a1-52bd-4a34-af35-a61c38d2ae00.roa (raw, json)
Hash identifier:          f/cypQ+ZfQx4OpzqIbh4LjZFytddi38wslNmzAApPyw=
Subject key identifier:   85:F5:0C:D9:F9:E3:5A:AD:FC:AF:B9:56:BA:12:51:89:D6:30:DF:C2
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       1BFB6F6CED862F4A294B7E4E5BBC0A5FCDCFDC6A
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/b4c433a1-52bd-4a34-af35-a61c38d2ae00.roa
Signing time:             Wed 20 May 2026 00:11:04 +0000
ROA not before:           Wed 20 May 2026 00:11:04 +0000
ROA not after:            Tue 18 Aug 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        76.223.168.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Mon 15 Jun 2026 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1b:fb:6f:6c:ed:86:2f:4a:29:4b:7e:4e:5b:bc:0a:5f:cd:cf:dc:6a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: May 20 00:11:04 2026 GMT
            Not After : Aug 18 23:59:59 2026 GMT
        Subject: serialNumber=3d0f0075559f9ad5f905ae7772faf6acd6b22f37d28cb73c15079e2a91a0cf81, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:1c:7a:b8:bb:bd:1a:4b:45:df:69:23:c0:01:
                    fc:48:d3:77:e0:a6:0b:88:fb:d2:bc:92:8a:50:85:
                    58:6d:58:eb:fe:a6:e9:57:8c:fc:e5:02:54:e5:95:
                    b2:6d:5a:7b:0c:b5:1d:41:28:a1:5c:f4:8d:1b:aa:
                    4f:c6:cb:ed:4d:c0:00:a2:d1:4a:36:42:a9:2f:71:
                    b6:a9:4a:4b:04:b0:61:37:b6:f1:6c:17:1b:43:76:
                    e0:25:fa:09:52:a2:16:6a:c3:1f:6e:50:b9:2b:50:
                    9f:41:aa:9b:36:0a:26:08:1a:07:03:53:1d:3e:aa:
                    3a:78:d4:83:c2:ad:cd:18:ce:5f:d1:c1:04:bf:d6:
                    56:36:76:2c:c6:62:ae:72:84:e6:57:72:4d:d6:fd:
                    d0:6b:d2:69:d5:9b:d9:15:2f:72:43:af:33:ca:cd:
                    ca:d9:5e:8c:50:bb:50:44:e2:e1:da:58:6f:9e:42:
                    dd:55:ad:b6:55:60:12:6f:71:84:80:e8:81:7d:db:
                    68:2b:99:4b:08:1e:65:03:85:e8:74:f9:f9:8e:2d:
                    ab:70:c0:f1:9f:9e:17:3c:96:71:37:47:da:81:7c:
                    1b:6b:14:04:68:59:5b:10:f4:9d:86:93:a5:9f:62:
                    51:51:36:a1:25:cd:48:90:17:0c:b9:49:f1:95:f3:
                    0f:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                85:F5:0C:D9:F9:E3:5A:AD:FC:AF:B9:56:BA:12:51:89:D6:30:DF:C2
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/b4c433a1-52bd-4a34-af35-a61c38d2ae00.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  76.223.168.0/24

    Signature Algorithm: sha256WithRSAEncryption
         73:55:ce:a5:8f:29:62:b9:63:7a:9d:b4:bf:ab:e1:08:0d:d6:
         a4:eb:87:64:53:48:42:ea:37:78:16:de:c0:20:a3:6d:e1:b9:
         ba:29:3c:a5:51:da:20:23:ef:e0:b4:96:e1:d1:69:0c:a3:66:
         8b:87:85:cf:3a:b3:5b:27:16:a1:5e:12:a1:35:1a:b8:46:24:
         22:75:8f:32:20:e2:57:0a:44:25:43:2b:48:49:1d:f8:14:55:
         66:7d:04:a5:e5:b2:2d:bd:86:46:60:e6:53:27:f6:ab:9b:12:
         d2:2c:ae:38:36:89:b8:7b:ba:b3:84:af:5a:71:76:8d:07:d0:
         13:2c:11:53:a2:11:5b:70:04:54:50:68:dc:26:e8:8b:2f:72:
         ba:ce:85:ae:a8:2e:40:08:a5:fb:cb:95:d2:0e:31:c7:be:3d:
         53:2f:e7:a9:c1:86:f8:38:e7:3f:a9:7b:3c:1d:35:b6:17:54:
         0e:d5:25:eb:c1:19:68:9d:de:89:64:8a:ab:af:18:4c:ad:a5:
         71:67:83:05:f3:f0:c9:1d:4d:41:9d:aa:fb:b9:0f:ae:0c:61:
         ed:b2:88:62:f0:5f:dd:08:ae:95:fc:a6:81:dd:f4:57:fd:17:
         61:dc:0a:e6:66:d1:ea:e7:8e:c8:51:50:97:f9:e0:b6:a6:5b:
         72:95:02:be
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUG/tvbO2GL0opS35OW7wKX83P3GowDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjYwNTIwMDAxMTA0WhcNMjYwODE4MjM1OTU5
WjB6MUkwRwYDVQQFE0AzZDBmMDA3NTU1OWY5YWQ1ZjkwNWFlNzc3MmZhZjZhY2Q2
YjIyZjM3ZDI4Y2I3M2MxNTA3OWUyYTkxYTBjZjgxMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCgHHq4u70aS0XfaSPAAfxI03fgpguI+9K8kopQhVhtWOv+
pulXjPzlAlTllbJtWnsMtR1BKKFc9I0bqk/Gy+1NwACi0Uo2QqkvcbapSksEsGE3
tvFsFxtDduAl+glSohZqwx9uULkrUJ9Bqps2CiYIGgcDUx0+qjp41IPCrc0Yzl/R
wQS/1lY2dizGYq5yhOZXck3W/dBr0mnVm9kVL3JDrzPKzcrZXoxQu1BE4uHaWG+e
Qt1VrbZVYBJvcYSA6IF922grmUsIHmUDheh0+fmOLatwwPGfnhc8lnE3R9qBfBtr
FARoWVsQ9J2Gk6WfYlFRNqElzUiQFwy5SfGV8w+PAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUhfUM2fnjWq38r7lWuhJRidYw38IwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2I0YzQzM2ExLTUyYmQtNGEzNC1hZjM1LWE2MWMzOGQyYWUwMC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBABM36gwDQYJKoZIhvcNAQELBQADggEBAHNVzqWPKWK5Y3qdtL+r4QgN1qTr
h2RTSELqN3gW3sAgo23hubopPKVR2iAj7+C0luHRaQyjZouHhc86s1snFqFeEqE1
GrhGJCJ1jzIg4lcKRCVDK0hJHfgUVWZ9BKXlsi29hkZg5lMn9qubEtIsrjg2ibh7
urOEr1pxdo0H0BMsEVOiEVtwBFRQaNwm6IsvcrrOha6oLkAIpfvLldIOMce+PVMv
56nBhvg45z+pezwdNbYXVA7VJevBGWid3olkiquvGEytpXFngwXz8MkdTUGdqvu5
D64MYe2yiGLwX90IrpX8poHd9Ff9F2HcCuZm0ernjshRUJf54LamW3KVAr4=
-----END CERTIFICATE-----