Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/d9a6d2b4-6eb6-4846-9180-7b5ff8440cf0.roa
File:                     d9a6d2b4-6eb6-4846-9180-7b5ff8440cf0.roa (raw, json)
Hash identifier:          NFhngdBIzS3VyMuhJ6mhBqvi4+VTVVuJGNlBHqq344s=
Subject key identifier:   27:EC:95:57:09:56:8C:A7:4D:65:97:82:D9:E6:17:6D:B0:BF:28:C6
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       167BAF83E85E6C6F0ED41BBA752C20B86CB539D1
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/d9a6d2b4-6eb6-4846-9180-7b5ff8440cf0.roa
Signing time:             Fri 15 May 2026 01:01:24 +0000
ROA not before:           Fri 15 May 2026 01:01:24 +0000
ROA not after:            Thu 13 Aug 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        1.178.88.0/21 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 14 Jun 2026 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            16:7b:af:83:e8:5e:6c:6f:0e:d4:1b:ba:75:2c:20:b8:6c:b5:39:d1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: May 15 01:01:24 2026 GMT
            Not After : Aug 13 23:59:59 2026 GMT
        Subject: serialNumber=29c69a2cbd0abe67758166999e7a0e691ab8e5d9a114551a7bbb7a8318ca5c7d, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:dc:5e:1f:2f:af:d3:05:09:de:ee:2d:82:61:
                    c2:01:f6:a3:42:71:86:01:93:d9:67:bf:3e:36:85:
                    f4:3d:1a:d9:cb:4f:8a:3e:ce:e1:a1:78:1e:86:5b:
                    1d:2a:75:1c:ae:0b:fc:30:3b:91:8d:01:35:3e:de:
                    c8:47:30:0f:cc:5c:20:da:42:de:dc:93:6c:39:e5:
                    90:40:34:e5:16:33:a0:a5:6a:9f:ab:01:76:45:c0:
                    b2:7e:59:27:1a:76:63:1b:3d:c0:fb:dc:2a:ea:df:
                    a8:85:4c:26:6c:e1:57:a0:09:34:33:fe:ba:c9:63:
                    dd:90:d3:b1:1e:fc:bd:40:51:b8:70:9d:a8:19:fa:
                    cd:cc:cc:ad:e4:cd:bf:dc:ff:4e:ab:d8:7e:ad:1d:
                    c3:17:11:e7:29:0a:b9:6d:96:ca:41:ee:76:c1:b9:
                    94:77:a4:04:b0:24:3b:57:3b:ef:18:7a:35:7e:4d:
                    dd:42:56:e9:72:61:82:ea:62:3b:f2:0e:c3:8e:70:
                    ab:39:80:9e:43:0c:39:db:69:52:d5:6d:9f:01:d2:
                    4f:98:81:14:88:b5:52:aa:a7:41:11:b7:d3:69:51:
                    71:4c:0f:ac:b7:92:a2:74:29:da:3b:24:78:42:f8:
                    59:f1:d0:c9:ef:b9:a5:ce:bd:25:6b:99:de:a1:96:
                    08:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                27:EC:95:57:09:56:8C:A7:4D:65:97:82:D9:E6:17:6D:B0:BF:28:C6
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/d9a6d2b4-6eb6-4846-9180-7b5ff8440cf0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  1.178.88.0/21

    Signature Algorithm: sha256WithRSAEncryption
         89:d3:fe:b8:05:e1:1a:01:33:1b:0e:3e:29:44:c1:2b:d3:20:
         a9:ee:d8:9d:d5:54:9b:a9:d3:ed:e4:0c:b7:21:5d:7c:29:b0:
         7a:15:47:19:de:f2:fe:65:15:72:67:28:ac:4d:09:36:98:e5:
         d8:17:8b:6b:20:ec:ba:0e:a1:3d:81:a8:07:c3:39:70:c9:af:
         92:21:4c:46:8d:b7:59:2c:1b:46:69:b7:40:e3:a9:ad:50:ca:
         9f:c8:1a:bd:b5:eb:52:43:9e:3f:a5:0b:8b:6c:c8:e9:f5:19:
         1c:63:03:1d:47:df:40:a6:b8:d6:ed:e4:b8:bb:92:eb:01:7a:
         9b:b5:6f:51:ad:d9:6d:08:35:0e:61:19:b0:93:9d:8b:42:f9:
         8a:1f:62:0d:2b:dd:b1:c9:b2:92:03:16:1c:50:8f:21:c5:61:
         5f:a6:67:06:d9:73:42:a4:d4:9e:67:08:4f:dc:07:7e:cd:88:
         9c:85:5d:41:08:20:01:e5:76:57:35:8d:b4:e3:e9:e8:0b:c0:
         5a:83:83:ad:7c:90:f0:d0:c2:8c:7b:9e:ad:38:ee:8c:70:1b:
         bf:1a:e1:52:28:b1:6e:62:d4:16:bf:0c:ef:e0:d6:d6:7a:ea:
         05:f0:71:bb:7f:c6:88:f6:81:05:5c:6e:07:45:b0:94:eb:87:
         ff:36:09:f8
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUFnuvg+hebG8O1Bu6dSwguGy1OdEwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjYwNTE1MDEwMTI0WhcNMjYwODEzMjM1OTU5
WjB6MUkwRwYDVQQFE0AyOWM2OWEyY2JkMGFiZTY3NzU4MTY2OTk5ZTdhMGU2OTFh
YjhlNWQ5YTExNDU1MWE3YmJiN2E4MzE4Y2E1YzdkMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDK3F4fL6/TBQne7i2CYcIB9qNCcYYBk9lnvz42hfQ9GtnL
T4o+zuGheB6GWx0qdRyuC/wwO5GNATU+3shHMA/MXCDaQt7ck2w55ZBANOUWM6Cl
ap+rAXZFwLJ+WScadmMbPcD73Crq36iFTCZs4VegCTQz/rrJY92Q07Ee/L1AUbhw
nagZ+s3MzK3kzb/c/06r2H6tHcMXEecpCrltlspB7nbBuZR3pASwJDtXO+8YejV+
Td1CVulyYYLqYjvyDsOOcKs5gJ5DDDnbaVLVbZ8B0k+YgRSItVKqp0ERt9NpUXFM
D6y3kqJ0Kdo7JHhC+Fnx0MnvuaXOvSVrmd6hlgiZAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUJ+yVVwlWjKdNZZeC2eYXbbC/KMYwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2Q5YTZkMmI0LTZlYjYtNDg0Ni05MTgwLTdiNWZmODQ0MGNmMC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAMBslgwDQYJKoZIhvcNAQELBQADggEBAInT/rgF4RoBMxsOPilEwSvTIKnu
2J3VVJup0+3kDLchXXwpsHoVRxne8v5lFXJnKKxNCTaY5dgXi2sg7LoOoT2BqAfD
OXDJr5IhTEaNt1ksG0Zpt0Djqa1Qyp/IGr2161JDnj+lC4tsyOn1GRxjAx1H30Cm
uNbt5Li7kusBepu1b1Gt2W0INQ5hGbCTnYtC+YofYg0r3bHJspIDFhxQjyHFYV+m
ZwbZc0Kk1J5nCE/cB37NiJyFXUEIIAHldlc1jbTj6egLwFqDg618kPDQwox7nq04
7oxwG78a4VIosW5i1Ba/DO/g1tZ66gXwcbt/xoj2gQVcbgdFsJTrh/82Cfg=
-----END CERTIFICATE-----