Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/bdb19a32-70e9-4c69-9856-b4ebce3d5a0c.roa
File:                     bdb19a32-70e9-4c69-9856-b4ebce3d5a0c.roa (raw, json)
Hash identifier:          dJyCipcd/b2cb8v1IzmZIbTxu1KX9kA+gry93CjyvS0=
Subject key identifier:   ED:E6:26:32:CA:BA:C3:59:08:5E:85:FE:B3:09:E3:3E:5E:16:1A:39
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       303AB3C4CC8CC6C9BC7360FE82234E848137854B
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/bdb19a32-70e9-4c69-9856-b4ebce3d5a0c.roa
Signing time:             Fri 13 Feb 2026 00:50:04 +0000
ROA not before:           Fri 13 Feb 2026 00:50:04 +0000
ROA not after:            Thu 14 May 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        75.2.112.0/20 maxlen: 20
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 03 Mar 2026 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            30:3a:b3:c4:cc:8c:c6:c9:bc:73:60:fe:82:23:4e:84:81:37:85:4b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Feb 13 00:50:04 2026 GMT
            Not After : May 14 23:59:59 2026 GMT
        Subject: serialNumber=0d84a9d98f52930f8e0c6e6f9ec903a7d8b0e0bcb7f2506293d9e976b4371959, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:9c:d7:76:01:d4:14:c9:0d:ae:ed:39:2b:11:
                    b1:bc:8f:ba:20:58:bc:e6:f1:2e:cd:76:26:f6:f5:
                    4b:06:22:5d:25:be:d6:6c:0f:4d:39:fe:7a:6e:c6:
                    85:17:51:35:e4:22:81:b6:f9:5b:12:0b:d2:51:9d:
                    a5:5f:d9:af:49:4b:03:40:1c:75:12:13:a8:78:4f:
                    72:64:68:34:2a:53:17:e8:66:d6:03:db:a6:50:73:
                    fd:7d:a1:e2:58:64:77:02:cf:a5:1f:5e:af:46:d1:
                    e9:15:eb:86:ae:69:13:53:d2:ac:a1:c9:49:ec:ab:
                    16:17:db:f9:66:72:84:62:ac:c2:95:57:9d:db:6b:
                    ae:39:90:41:dd:95:84:da:4e:84:1d:dc:d0:23:8e:
                    63:92:8d:70:ab:2f:13:d6:de:c5:44:6d:09:93:03:
                    33:44:01:4f:06:98:3b:65:bc:61:32:11:d5:7d:12:
                    4b:c3:86:db:bc:64:6d:7b:b3:55:99:4b:13:11:d4:
                    bb:25:65:3a:0e:f2:0d:1e:48:fb:2e:34:7b:97:fd:
                    65:64:de:5b:44:53:e0:51:10:ec:82:47:6b:51:80:
                    1c:bb:e9:a7:ff:f1:8d:a6:0f:de:49:cf:47:55:f5:
                    8c:50:49:d1:af:c8:4f:04:1a:f8:b2:83:4f:2b:e6:
                    01:af
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                ED:E6:26:32:CA:BA:C3:59:08:5E:85:FE:B3:09:E3:3E:5E:16:1A:39
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/bdb19a32-70e9-4c69-9856-b4ebce3d5a0c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  75.2.112.0/20

    Signature Algorithm: sha256WithRSAEncryption
         17:8c:b2:32:25:a1:f5:32:8f:fc:f9:a4:df:de:50:95:a6:ed:
         e4:fd:e1:23:77:7d:4b:37:bd:5d:94:aa:89:58:c8:e8:69:7f:
         31:48:2b:44:c4:b9:3c:db:df:76:8e:0a:dd:e5:e0:b4:09:f4:
         1c:de:67:c4:75:5f:ea:76:53:0f:c8:18:9b:a5:d8:21:b4:66:
         45:77:8a:cc:44:8a:b4:d3:3b:3c:ff:4f:25:ba:85:02:4e:22:
         49:77:bf:8e:0d:eb:05:26:6f:f3:ed:a1:cd:5f:b5:5c:bd:d1:
         dc:9a:96:a7:a4:0a:9f:d5:9b:e3:65:b9:19:e2:95:b7:c4:16:
         e4:1e:a9:c7:64:03:90:30:96:e6:00:45:e3:39:1e:e9:2f:fc:
         07:ac:04:76:2c:b5:e3:40:08:e8:96:ed:d5:d8:8c:f4:52:41:
         a3:17:8b:b6:12:c8:7e:80:ad:db:61:1b:df:6f:b4:27:e0:cd:
         15:01:22:eb:47:68:35:c8:d6:c9:1e:b4:a8:2d:e3:6d:d3:4d:
         8e:1a:d9:f3:a6:af:84:9a:70:b6:ee:9f:c5:78:ad:08:cf:c0:
         73:f9:4f:a2:d4:00:12:2f:4e:21:0f:e5:77:bc:67:b5:75:2c:
         e8:bd:29:f8:be:6d:65:b7:a0:09:41:f7:c0:b3:3d:64:94:10:
         b3:8c:03:6f
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUMDqzxMyMxsm8c2D+giNOhIE3hUswDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjYwMjEzMDA1MDA0WhcNMjYwNTE0MjM1OTU5
WjB6MUkwRwYDVQQFE0AwZDg0YTlkOThmNTI5MzBmOGUwYzZlNmY5ZWM5MDNhN2Q4
YjBlMGJjYjdmMjUwNjI5M2Q5ZTk3NmI0MzcxOTU5MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCRnNd2AdQUyQ2u7TkrEbG8j7ogWLzm8S7Ndib29UsGIl0l
vtZsD005/npuxoUXUTXkIoG2+VsSC9JRnaVf2a9JSwNAHHUSE6h4T3JkaDQqUxfo
ZtYD26ZQc/19oeJYZHcCz6UfXq9G0ekV64auaRNT0qyhyUnsqxYX2/lmcoRirMKV
V53ba645kEHdlYTaToQd3NAjjmOSjXCrLxPW3sVEbQmTAzNEAU8GmDtlvGEyEdV9
EkvDhtu8ZG17s1WZSxMR1LslZToO8g0eSPsuNHuX/WVk3ltEU+BREOyCR2tRgBy7
6af/8Y2mD95Jz0dV9YxQSdGvyE8EGviyg08r5gGvAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU7eYmMsq6w1kIXoX+swnjPl4WGjkwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2JkYjE5YTMyLTcwZTktNGM2OS05ODU2LWI0ZWJjZTNkNWEwYy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBARLAnAwDQYJKoZIhvcNAQELBQADggEBABeMsjIlofUyj/z5pN/eUJWm7eT9
4SN3fUs3vV2UqolYyOhpfzFIK0TEuTzb33aOCt3l4LQJ9BzeZ8R1X+p2Uw/IGJul
2CG0ZkV3isxEirTTOzz/TyW6hQJOIkl3v44N6wUmb/Ptoc1ftVy90dyalqekCp/V
m+NluRnilbfEFuQeqcdkA5AwluYAReM5Hukv/AesBHYsteNACOiW7dXYjPRSQaMX
i7YSyH6ArdthG99vtCfgzRUBIutHaDXI1sketKgt423TTY4a2fOmr4SacLbun8V4
rQjPwHP5T6LUABIvTiEP5Xe8Z7V1LOi9Kfi+bWW3oAlB98CzPWSUELOMA28=
-----END CERTIFICATE-----