Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/fa95ea74-f12d-43a6-8217-4b1803ba7e69.roa
File:                     fa95ea74-f12d-43a6-8217-4b1803ba7e69.roa (raw, json)
Hash identifier:          DfWkvJjPLU+Dh1+9F1t2OBCOBqFfMV3i6ezQNsWquXA=
Subject key identifier:   A5:A7:B8:78:4F:F0:9E:26:5B:18:A2:E0:B0:EB:B2:E4:A4:FF:9C:66
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       1384C0364289B56DE6C17112DD3030DFDF43BE16
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/fa95ea74-f12d-43a6-8217-4b1803ba7e69.roa
Signing time:             Fri 13 Feb 2026 00:31:24 +0000
ROA not before:           Fri 13 Feb 2026 00:31:24 +0000
ROA not after:            Thu 14 May 2026 23:59:59 +0000
asID:                     14618
IP address blocks:        16.177.0.0/16 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 03 Mar 2026 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            13:84:c0:36:42:89:b5:6d:e6:c1:71:12:dd:30:30:df:df:43:be:16
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Feb 13 00:31:24 2026 GMT
            Not After : May 14 23:59:59 2026 GMT
        Subject: serialNumber=b088b902c5bf0cfcb0cf45e2738ceca3001f2bdbf75045c0f8d5819bc80f5211, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:1d:c9:43:27:34:1f:ec:e9:ce:3f:c4:a0:eb:
                    a7:c8:be:0d:d9:1b:39:5d:68:cc:de:e7:0a:4b:6b:
                    5b:a0:3d:b3:87:1a:33:b4:e8:70:d9:3c:0a:b4:2b:
                    8f:52:d7:b5:fe:78:21:80:aa:7f:f3:9b:8a:b3:86:
                    5f:bb:44:35:6e:dd:78:dc:e5:f8:86:56:c8:8c:f4:
                    1a:d7:0a:0c:8b:cb:a9:cd:10:60:25:12:5e:f4:fe:
                    46:8c:f7:2a:04:22:bf:f7:f5:af:c5:4d:e3:67:6d:
                    96:84:3c:a5:fa:7f:b6:ff:b1:a1:84:d5:d8:61:56:
                    64:1d:ff:b4:d0:ed:eb:2c:42:1b:32:50:b9:b2:57:
                    08:c6:84:6d:47:56:cb:fc:f2:00:9e:92:54:2b:88:
                    d6:2f:09:e2:54:b8:ac:5c:f8:12:57:e8:92:ab:57:
                    5a:b0:d8:61:80:be:f2:d3:3c:ea:8e:b7:93:80:fc:
                    cc:bf:db:79:82:59:b0:44:1a:a0:52:e5:14:bc:f9:
                    78:68:bd:cd:93:66:80:eb:6f:d2:6d:0b:17:18:5f:
                    e6:08:6c:ef:c9:a3:39:fe:3e:7a:91:51:00:23:91:
                    74:a5:a3:e7:d3:ba:7b:8b:43:f8:f4:04:5d:f2:8a:
                    30:47:da:56:61:cf:32:43:8c:38:39:2f:f6:62:e4:
                    4d:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A5:A7:B8:78:4F:F0:9E:26:5B:18:A2:E0:B0:EB:B2:E4:A4:FF:9C:66
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/fa95ea74-f12d-43a6-8217-4b1803ba7e69.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  16.177.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         88:75:b1:08:3b:28:07:7e:19:92:88:53:2e:60:48:c5:11:b1:
         c3:31:01:ba:23:48:ab:f6:6c:79:cb:64:29:c6:8c:c4:76:9e:
         ac:fb:d4:b8:6d:46:88:60:e8:5d:8d:e6:a7:ec:d8:86:03:15:
         1e:1d:da:24:30:8e:d2:5a:cf:0d:99:8b:21:63:92:74:60:ec:
         f7:3f:a5:b7:8d:49:8a:53:96:b2:38:c6:16:52:29:d1:8a:3a:
         5e:e3:f2:af:ca:44:a3:cb:28:a6:44:8c:e4:73:58:f0:26:89:
         92:53:cc:1b:4f:fa:8a:97:5d:86:55:e8:f4:37:fc:3b:e2:c5:
         7d:fc:7f:83:03:1e:9a:53:cd:40:b5:87:3d:f9:ea:0c:f9:ab:
         ab:71:45:a4:57:34:3f:15:3f:de:55:27:b3:b7:7a:e9:b9:34:
         a9:d0:c5:c4:1d:ca:dd:08:de:d7:56:22:ff:34:3a:cb:6a:4c:
         43:1a:9b:36:2f:f5:74:60:18:a8:f3:e6:bd:f1:06:0f:5a:5a:
         59:af:9d:fc:c8:e7:a8:74:09:24:15:93:5c:f2:07:bc:1c:9e:
         e9:a4:06:b7:97:6f:f7:c4:5e:ad:cc:9a:7e:40:b0:e4:60:5b:
         e1:a0:94:23:e4:95:48:dd:bf:18:6a:8e:28:f0:38:9e:45:8e:
         f1:49:b4:8a
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUE4TANkKJtW3mwXES3TAw399DvhYwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjYwMjEzMDAzMTI0WhcNMjYwNTE0MjM1OTU5
WjB6MUkwRwYDVQQFE0BiMDg4YjkwMmM1YmYwY2ZjYjBjZjQ1ZTI3MzhjZWNhMzAw
MWYyYmRiZjc1MDQ1YzBmOGQ1ODE5YmM4MGY1MjExMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC7HclDJzQf7OnOP8Sg66fIvg3ZGzldaMze5wpLa1ugPbOH
GjO06HDZPAq0K49S17X+eCGAqn/zm4qzhl+7RDVu3Xjc5fiGVsiM9BrXCgyLy6nN
EGAlEl70/kaM9yoEIr/39a/FTeNnbZaEPKX6f7b/saGE1dhhVmQd/7TQ7essQhsy
ULmyVwjGhG1HVsv88gCeklQriNYvCeJUuKxc+BJX6JKrV1qw2GGAvvLTPOqOt5OA
/My/23mCWbBEGqBS5RS8+Xhovc2TZoDrb9JtCxcYX+YIbO/Jozn+PnqRUQAjkXSl
o+fTunuLQ/j0BF3yijBH2lZhzzJDjDg5L/Zi5E0RAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUpae4eE/wniZbGKLgsOuy5KT/nGYwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2ZhOTVlYTc0LWYxMmQtNDNhNi04MjE3LTRiMTgwM2JhN2U2OS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwAQsTANBgkqhkiG9w0BAQsFAAOCAQEAiHWxCDsoB34ZkohTLmBIxRGxwzEB
uiNIq/ZsectkKcaMxHaerPvUuG1GiGDoXY3mp+zYhgMVHh3aJDCO0lrPDZmLIWOS
dGDs9z+lt41JilOWsjjGFlIp0Yo6XuPyr8pEo8sopkSM5HNY8CaJklPMG0/6ipdd
hlXo9Df8O+LFffx/gwMemlPNQLWHPfnqDPmrq3FFpFc0PxU/3lUns7d66bk0qdDF
xB3K3Qje11Yi/zQ6y2pMQxqbNi/1dGAYqPPmvfEGD1paWa+d/MjnqHQJJBWTXPIH
vBye6aQGt5dv98RercyafkCw5GBb4aCUI+SVSN2/GGqOKPA4nkWO8Um0ig==
-----END CERTIFICATE-----