Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/bfcfe9a0-5cb3-497e-a0bc-f735c12c78a0.roa
File:                     bfcfe9a0-5cb3-497e-a0bc-f735c12c78a0.roa (raw, json)
Hash identifier:          X+A6+y97g8ci9fQC7T6dVaNksonZTAquYZ5hySJTy2k=
Subject key identifier:   1C:32:AF:FE:D0:BA:77:42:27:11:35:E5:4D:50:7F:B1:81:BD:1B:86
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       07F641739619CD68A5D051DA60D58F82D1E06F73
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/bfcfe9a0-5cb3-497e-a0bc-f735c12c78a0.roa
Signing time:             Wed 18 Feb 2026 00:21:34 +0000
ROA not before:           Wed 18 Feb 2026 00:21:34 +0000
ROA not after:            Tue 19 May 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        203.110.198.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 03 Mar 2026 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            07:f6:41:73:96:19:cd:68:a5:d0:51:da:60:d5:8f:82:d1:e0:6f:73
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Feb 18 00:21:34 2026 GMT
            Not After : May 19 23:59:59 2026 GMT
        Subject: serialNumber=8cea1b19655dbe99947bb6b4976027c350bbc08dcf4234ad67ad42852cb646e9, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:84:b7:09:1d:2a:7a:97:8b:52:71:d6:23:77:
                    54:3d:fa:aa:fc:b2:eb:bd:2e:be:d4:de:cf:a2:50:
                    72:74:d5:04:f7:06:ac:88:ce:dd:0b:cb:56:91:cf:
                    07:0f:c3:e8:65:71:32:1e:66:72:24:11:f6:81:6d:
                    a2:7b:68:52:6c:0a:57:88:de:18:d4:51:c9:bf:f4:
                    a0:03:13:ee:e2:33:7a:cc:42:be:45:e5:c9:d5:e5:
                    96:3c:22:1e:69:94:cb:2b:ba:6b:49:0a:30:81:7d:
                    f3:6f:59:ba:39:cb:ba:cb:3a:2f:5f:16:1d:43:07:
                    1e:7b:ca:05:82:0c:fb:75:8b:d7:92:c7:f0:ee:01:
                    fe:92:32:a0:87:20:58:d6:53:28:0d:a3:57:a0:ce:
                    db:7c:e8:40:bd:ce:17:d2:6b:c7:3e:ea:3b:40:b4:
                    37:74:70:65:7c:cd:a1:1e:08:27:d4:41:20:14:25:
                    cd:88:26:ad:b3:2c:99:0b:61:e0:c7:16:e0:b0:fd:
                    bd:dd:ed:04:92:01:6a:ac:c6:d2:92:9f:f0:b8:78:
                    89:73:38:e9:56:cc:5f:68:23:e3:04:bf:0d:83:70:
                    b5:3a:07:40:01:6b:0b:4c:27:96:65:6f:f8:cb:91:
                    e0:3e:46:87:c5:57:44:ef:0b:0a:e5:9e:18:bb:f0:
                    02:83
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1C:32:AF:FE:D0:BA:77:42:27:11:35:E5:4D:50:7F:B1:81:BD:1B:86
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/bfcfe9a0-5cb3-497e-a0bc-f735c12c78a0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  203.110.198.0/24

    Signature Algorithm: sha256WithRSAEncryption
         be:32:d1:f8:df:79:0d:12:23:5d:5f:ea:c5:40:1b:da:25:df:
         3d:2f:1a:61:ce:62:32:ad:85:56:95:ae:23:e2:08:ff:b7:ba:
         80:41:d9:75:f6:ef:68:3e:f3:0a:80:f7:37:3b:8f:b7:7d:f1:
         98:33:9c:d7:b9:c7:bf:45:0e:0d:40:12:e5:d7:83:20:8c:b3:
         d2:08:a0:fa:e5:b5:eb:18:29:a0:44:8b:50:10:88:cb:e7:75:
         60:17:bb:38:e6:2b:85:3d:92:99:4a:d8:13:38:85:41:54:9d:
         68:1d:82:9c:dc:fe:6f:7d:ab:4f:83:b6:82:83:1e:ad:23:b9:
         03:50:5d:89:1b:d2:c3:93:18:d1:61:3f:81:9d:61:94:c3:6e:
         7e:7c:5e:a4:98:b6:b0:be:4a:98:de:40:be:30:2f:15:2b:38:
         35:25:a8:cc:b4:78:32:0c:d0:30:a3:03:e9:e4:4b:67:9f:04:
         f9:9a:27:0c:8e:7e:6a:40:f3:35:dd:5c:49:63:22:03:0f:fd:
         f6:5a:97:a6:cf:9a:47:f7:3f:7b:4f:c7:a3:3b:df:d0:ae:9a:
         bd:45:16:1c:66:ce:90:d9:2c:26:0d:0b:eb:62:fc:e2:e5:80:
         99:c9:d7:6a:fe:04:f0:d2:cd:76:d5:a6:c8:9c:24:75:ee:04:
         21:c7:56:16
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUB/ZBc5YZzWil0FHaYNWPgtHgb3MwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjYwMjE4MDAyMTM0WhcNMjYwNTE5MjM1OTU5
WjB6MUkwRwYDVQQFE0A4Y2VhMWIxOTY1NWRiZTk5OTQ3YmI2YjQ5NzYwMjdjMzUw
YmJjMDhkY2Y0MjM0YWQ2N2FkNDI4NTJjYjY0NmU5MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC0hLcJHSp6l4tScdYjd1Q9+qr8suu9Lr7U3s+iUHJ01QT3
BqyIzt0Ly1aRzwcPw+hlcTIeZnIkEfaBbaJ7aFJsCleI3hjUUcm/9KADE+7iM3rM
Qr5F5cnV5ZY8Ih5plMsrumtJCjCBffNvWbo5y7rLOi9fFh1DBx57ygWCDPt1i9eS
x/DuAf6SMqCHIFjWUygNo1egztt86EC9zhfSa8c+6jtAtDd0cGV8zaEeCCfUQSAU
Jc2IJq2zLJkLYeDHFuCw/b3d7QSSAWqsxtKSn/C4eIlzOOlWzF9oI+MEvw2DcLU6
B0ABawtMJ5Zlb/jLkeA+RofFV0TvCwrlnhi78AKDAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUHDKv/tC6d0InETXlTVB/sYG9G4YwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2JmY2ZlOWEwLTVjYjMtNDk3ZS1hMGJjLWY3MzVjMTJjNzhhMC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADLbsYwDQYJKoZIhvcNAQELBQADggEBAL4y0fjfeQ0SI11f6sVAG9ol3z0v
GmHOYjKthVaVriPiCP+3uoBB2XX272g+8wqA9zc7j7d98ZgznNe5x79FDg1AEuXX
gyCMs9IIoPrltesYKaBEi1AQiMvndWAXuzjmK4U9kplK2BM4hUFUnWgdgpzc/m99
q0+DtoKDHq0juQNQXYkb0sOTGNFhP4GdYZTDbn58XqSYtrC+SpjeQL4wLxUrODUl
qMy0eDIM0DCjA+nkS2efBPmaJwyOfmpA8zXdXEljIgMP/fZal6bPmkf3P3tPx6M7
39Cumr1FFhxmzpDZLCYNC+ti/OLlgJnJ12r+BPDSzXbVpsicJHXuBCHHVhY=
-----END CERTIFICATE-----