Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/ce405dda-d644-4b18-9da6-a7f51dc6cbf2.roa
File:                     ce405dda-d644-4b18-9da6-a7f51dc6cbf2.roa (raw, json)
Hash identifier:          f7UvzfWJdOR/pWP1CSOJ3hKmOMO5Annl/BW6MxskzEs=
Subject key identifier:   EC:F8:60:39:F0:87:E1:38:23:99:1B:30:06:11:22:70:30:85:89:CC
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       279B612E8CB48DDF8C4475BFC88F4AEF302B611A
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/ce405dda-d644-4b18-9da6-a7f51dc6cbf2.roa
Signing time:             Sat 16 May 2026 00:30:45 +0000
ROA not before:           Sat 16 May 2026 00:30:45 +0000
ROA not after:            Fri 14 Aug 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        99.151.106.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 18 Jun 2026 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            27:9b:61:2e:8c:b4:8d:df:8c:44:75:bf:c8:8f:4a:ef:30:2b:61:1a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: May 16 00:30:45 2026 GMT
            Not After : Aug 14 23:59:59 2026 GMT
        Subject: serialNumber=6bebce671975c1889e8417796a7c6844d5933a45c944061fd32d04ff619ed3b6, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:31:4f:28:1b:23:15:86:8a:00:e0:2d:7d:91:
                    55:ad:19:ee:ad:34:e7:83:f1:bf:8e:89:79:91:98:
                    d2:41:ed:e5:69:55:c2:0f:4a:24:f6:cd:52:90:2e:
                    36:c5:20:95:4d:f9:de:d1:0b:e0:ed:5d:14:2e:ab:
                    e9:c1:be:59:b2:26:8e:f0:69:cd:a3:92:cf:db:88:
                    60:dd:8c:0e:60:0b:95:71:54:89:14:60:3b:91:62:
                    48:0f:47:84:ed:c5:53:a0:3e:05:07:b3:10:a4:3c:
                    fa:60:54:4c:fe:ca:83:ba:9d:e8:34:5a:aa:d7:32:
                    4b:e4:0c:47:9e:8b:61:2a:66:e1:07:49:b0:9e:3f:
                    dd:b7:f8:9d:dc:0d:76:ac:bf:e7:21:14:94:44:e6:
                    e1:64:69:67:94:20:96:54:62:2e:a0:df:28:78:a7:
                    52:16:49:c4:17:4d:71:8c:d3:87:ef:a1:66:fb:d0:
                    21:5c:00:44:b2:b1:14:dc:81:6d:08:63:1c:05:7b:
                    3b:99:76:ac:5b:79:4c:50:8b:11:4c:cd:46:79:34:
                    d0:f1:f5:91:a0:36:b3:0b:56:99:92:d1:6f:66:60:
                    2a:cd:13:ae:9b:21:5f:3a:de:eb:f7:aa:d5:0b:78:
                    7a:44:a2:fd:a2:71:79:1c:8e:7f:c1:5c:94:5f:11:
                    22:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EC:F8:60:39:F0:87:E1:38:23:99:1B:30:06:11:22:70:30:85:89:CC
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/ce405dda-d644-4b18-9da6-a7f51dc6cbf2.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  99.151.106.0/24

    Signature Algorithm: sha256WithRSAEncryption
         15:68:bb:84:6a:8e:36:97:46:c8:dc:1c:cf:53:2c:0c:5c:b6:
         e3:58:c8:70:5e:33:89:0d:1b:4b:fb:b4:96:ba:ce:38:f4:a8:
         3d:b7:28:2a:24:7e:e2:6e:20:83:a8:19:d8:eb:82:83:d0:fb:
         6d:49:74:9f:9d:a7:e3:22:d8:33:db:2f:06:b6:80:9c:df:49:
         15:83:82:4d:9f:cd:2c:33:fd:c4:4a:89:a7:77:db:d2:06:9d:
         85:8e:c3:01:fc:4a:e3:a5:51:64:eb:f9:f1:f6:31:db:0e:7c:
         71:6b:8a:05:fb:c3:c6:9b:20:1f:68:76:fd:e7:de:f9:2a:53:
         0b:59:17:61:78:f0:ab:cf:f7:2f:3c:d2:89:cd:72:23:d8:f5:
         2d:04:c4:78:df:33:11:72:7d:8a:df:18:50:68:ba:91:53:a4:
         48:7e:53:fb:5e:8e:55:a8:5a:d3:0a:f4:4c:40:3d:00:b7:d9:
         f8:18:e1:79:cb:89:dc:ae:e4:60:02:ed:1b:d4:05:ac:f5:c7:
         37:2d:af:25:14:56:8d:88:22:8b:21:5d:1d:bf:49:39:9d:ec:
         2f:57:3a:1f:de:1d:45:7e:07:1d:2d:fc:b3:00:c1:84:31:fd:
         99:86:f6:c7:3a:27:c3:02:84:2f:71:ea:62:b4:70:2d:10:7a:
         26:b7:77:54
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUJ5thLoy0jd+MRHW/yI9K7zArYRowDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjYwNTE2MDAzMDQ1WhcNMjYwODE0MjM1OTU5
WjB6MUkwRwYDVQQFE0A2YmViY2U2NzE5NzVjMTg4OWU4NDE3Nzk2YTdjNjg0NGQ1
OTMzYTQ1Yzk0NDA2MWZkMzJkMDRmZjYxOWVkM2I2MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC0MU8oGyMVhooA4C19kVWtGe6tNOeD8b+OiXmRmNJB7eVp
VcIPSiT2zVKQLjbFIJVN+d7RC+DtXRQuq+nBvlmyJo7wac2jks/biGDdjA5gC5Vx
VIkUYDuRYkgPR4TtxVOgPgUHsxCkPPpgVEz+yoO6neg0WqrXMkvkDEeei2EqZuEH
SbCeP923+J3cDXasv+chFJRE5uFkaWeUIJZUYi6g3yh4p1IWScQXTXGM04fvoWb7
0CFcAESysRTcgW0IYxwFezuZdqxbeUxQixFMzUZ5NNDx9ZGgNrMLVpmS0W9mYCrN
E66bIV863uv3qtULeHpEov2icXkcjn/BXJRfESInAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU7PhgOfCH4TgjmRswBhEicDCFicwwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2NlNDA1ZGRhLWQ2NDQtNGIxOC05ZGE2LWE3ZjUxZGM2Y2JmMi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBABjl2owDQYJKoZIhvcNAQELBQADggEBABVou4RqjjaXRsjcHM9TLAxctuNY
yHBeM4kNG0v7tJa6zjj0qD23KCokfuJuIIOoGdjrgoPQ+21JdJ+dp+Mi2DPbLwa2
gJzfSRWDgk2fzSwz/cRKiad329IGnYWOwwH8SuOlUWTr+fH2MdsOfHFrigX7w8ab
IB9odv3n3vkqUwtZF2F48KvP9y880onNciPY9S0ExHjfMxFyfYrfGFBoupFTpEh+
U/tejlWoWtMK9ExAPQC32fgY4XnLidyu5GAC7RvUBaz1xzctryUUVo2IIoshXR2/
STmd7C9XOh/eHUV+Bx0t/LMAwYQx/ZmG9sc6J8MChC9x6mK0cC0Qeia3d1Q=
-----END CERTIFICATE-----