Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/f1b02f6c-ba0f-4050-a71c-4ffa79eead6b.roa
File:                     f1b02f6c-ba0f-4050-a71c-4ffa79eead6b.roa (raw, json)
Hash identifier:          8QeWYFnW0rKRj0Cii4QefnlUxIsuUDIlvE4J4gxmhhw=
Subject key identifier:   75:9E:EC:D1:5E:CB:74:88:CD:D4:8B:4D:57:2B:42:E3:A6:25:79:A3
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       5A3DD5C937CEB8451AD5A67F580C5C19BB084449
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/f1b02f6c-ba0f-4050-a71c-4ffa79eead6b.roa
Signing time:             Fri 27 Mar 2026 00:00:10 +0000
ROA not before:           Fri 27 Mar 2026 00:00:10 +0000
ROA not after:            Thu 25 Jun 2026 23:59:59 +0000
asID:                     14618
IP address blocks:        54.55.0.0/16 maxlen: 16
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sat 18 Apr 2026 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5a:3d:d5:c9:37:ce:b8:45:1a:d5:a6:7f:58:0c:5c:19:bb:08:44:49
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Mar 27 00:00:10 2026 GMT
            Not After : Jun 25 23:59:59 2026 GMT
        Subject: serialNumber=f0714d13e22cb9d25cf0d897b7af45dc9c820e5269b047f493ca1faa346e4cca, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:24:77:5a:90:95:95:cb:5c:ad:c6:65:4b:1c:
                    67:76:c1:92:70:95:a2:bb:f1:30:10:d5:2d:c7:f2:
                    d3:90:46:15:14:fc:ff:13:9b:30:46:ce:cb:a6:b9:
                    16:f3:b1:49:41:b0:32:30:12:81:fc:86:cb:f0:b8:
                    73:e4:da:d0:20:6b:48:4d:2e:4c:7b:76:2e:80:a8:
                    31:bb:15:59:f3:21:24:da:53:53:0a:16:d6:63:e4:
                    5a:90:0e:80:41:48:3c:dd:78:22:9d:2e:9f:7c:53:
                    60:13:f1:d7:94:3b:60:ef:8f:f0:6e:7a:9a:17:86:
                    9d:9f:38:d4:0a:55:91:d9:94:e8:b8:30:48:00:94:
                    44:70:d3:ad:cd:0a:11:ea:af:34:d6:47:ba:7e:05:
                    8a:f5:ec:9b:9b:6f:5c:53:45:ad:0b:9f:b1:50:a6:
                    1c:67:0a:58:68:e3:d0:54:64:33:13:55:23:91:d8:
                    c3:fd:05:68:b8:81:99:d4:ad:92:17:66:79:d0:dd:
                    7b:87:c9:d1:a9:44:02:6d:3c:a8:a2:08:26:76:d5:
                    d2:81:fb:bb:1a:e1:b2:60:28:9e:42:7b:f7:b2:1b:
                    22:1e:23:94:b9:92:e2:34:fc:29:b7:bf:00:02:2b:
                    f0:7d:80:e4:f8:f5:81:40:fb:2b:41:ec:57:f7:8a:
                    d7:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                75:9E:EC:D1:5E:CB:74:88:CD:D4:8B:4D:57:2B:42:E3:A6:25:79:A3
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/f1b02f6c-ba0f-4050-a71c-4ffa79eead6b.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  54.55.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         2f:dd:a9:91:94:4c:af:b7:36:38:4d:3b:c5:15:9f:90:c8:1d:
         a9:97:13:a7:20:3f:8b:32:59:76:64:8b:16:7a:7f:d8:58:35:
         61:d5:3f:39:dd:ce:49:32:9c:c2:aa:a7:32:af:dc:5b:1f:86:
         b1:ec:a7:f4:c0:db:49:65:ce:3f:54:77:b1:10:f2:37:97:74:
         28:4d:46:48:a1:d1:13:47:a3:23:d8:71:91:3e:46:08:60:1f:
         5c:a4:ad:e6:54:d0:aa:c7:ee:35:6f:33:27:1d:25:ef:18:35:
         b6:5d:f0:e7:62:5b:cd:24:73:db:bf:7e:3e:a8:b6:65:ec:34:
         dc:6e:ab:e1:b2:28:90:aa:65:8e:6c:65:17:e8:4e:4f:58:56:
         0c:3e:e3:f7:21:8a:80:88:90:22:42:ed:af:5c:f9:21:3e:a5:
         18:f7:53:1d:4e:72:04:56:a6:c2:3d:92:c3:6a:75:12:33:74:
         12:a7:29:69:0a:76:24:c5:53:ed:f3:1d:b8:87:3c:e1:52:fe:
         78:70:46:48:98:df:3d:f6:1b:28:fb:17:86:46:5f:96:22:b7:
         bb:4c:d0:47:4e:e1:82:75:1c:07:04:33:84:df:b5:54:3b:47:
         2b:fa:5c:53:4f:62:0c:19:37:92:b4:b5:9e:6b:e6:5a:cc:a4:
         48:67:c1:db
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUWj3VyTfOuEUa1aZ/WAxcGbsIREkwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjYwMzI3MDAwMDEwWhcNMjYwNjI1MjM1OTU5
WjB6MUkwRwYDVQQFE0BmMDcxNGQxM2UyMmNiOWQyNWNmMGQ4OTdiN2FmNDVkYzlj
ODIwZTUyNjliMDQ3ZjQ5M2NhMWZhYTM0NmU0Y2NhMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCrJHdakJWVy1ytxmVLHGd2wZJwlaK78TAQ1S3H8tOQRhUU
/P8TmzBGzsumuRbzsUlBsDIwEoH8hsvwuHPk2tAga0hNLkx7di6AqDG7FVnzISTa
U1MKFtZj5FqQDoBBSDzdeCKdLp98U2AT8deUO2Dvj/BuepoXhp2fONQKVZHZlOi4
MEgAlERw063NChHqrzTWR7p+BYr17Jubb1xTRa0Ln7FQphxnClho49BUZDMTVSOR
2MP9BWi4gZnUrZIXZnnQ3XuHydGpRAJtPKiiCCZ21dKB+7sa4bJgKJ5Ce/eyGyIe
I5S5kuI0/Cm3vwACK/B9gOT49YFA+ytB7Ff3itcbAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUdZ7s0V7LdIjN1ItNVytC46YleaMwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2YxYjAyZjZjLWJhMGYtNDA1MC1hNzFjLTRmZmE3OWVlYWQ2Yi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwA2NzANBgkqhkiG9w0BAQsFAAOCAQEAL92pkZRMr7c2OE07xRWfkMgdqZcT
pyA/izJZdmSLFnp/2Fg1YdU/Od3OSTKcwqqnMq/cWx+Gseyn9MDbSWXOP1R3sRDy
N5d0KE1GSKHRE0ejI9hxkT5GCGAfXKSt5lTQqsfuNW8zJx0l7xg1tl3w52JbzSRz
279+Pqi2Zew03G6r4bIokKpljmxlF+hOT1hWDD7j9yGKgIiQIkLtr1z5IT6lGPdT
HU5yBFamwj2Sw2p1EjN0EqcpaQp2JMVT7fMduIc84VL+eHBGSJjfPfYbKPsXhkZf
liK3u0zQR07hgnUcBwQzhN+1VDtHK/pcU09iDBk3krS1nmvmWsykSGfB2w==
-----END CERTIFICATE-----