Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/2df51cd2-e6af-493a-a88a-3221d01f7d90/82100f84-33b5-43a7-a078-7090448b8504.roa
File:                     82100f84-33b5-43a7-a078-7090448b8504.roa (raw, json)
Hash identifier:          Mvo9CaHsS61PM6HJnCXy5gidWEoQLvl8ks3rGNOFZXI=
Subject key identifier:   A9:60:8A:CD:76:A9:E7:78:5A:39:A0:7C:37:29:C4:08:F6:60:3C:AE
Certificate issuer:       /CN=c319424e039f86d6ad9fc4e7223df841d20ae6d0ff12428173
Certificate serial:       1F1313073CDEC53A25F4B3FFA3E9F084B1E984C3
Authority key identifier: CC:10:61:27:3F:FF:76:3F:76:D2:DE:E2:85:83:E8:BA:3B:05:C4:30
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/d6b5ad28-1cbc-47ab-904e-45361a5487c3/e5dea660-bf59-4b4c-b9ad-4a6787e03fce/c319424e039f86d6ad9fc4e7223df841d20ae6d0ff12428173.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/2df51cd2-e6af-493a-a88a-3221d01f7d90/82100f84-33b5-43a7-a078-7090448b8504.roa
Signing time:             Wed 25 Feb 2026 00:10:18 +0000
ROA not before:           Wed 25 Feb 2026 00:10:18 +0000
ROA not after:            Tue 26 May 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        198.41.96.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/2df51cd2-e6af-493a-a88a-3221d01f7d90/n4bWrZ_E5yI9-EHSCubQ_xJCgXM.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/2df51cd2-e6af-493a-a88a-3221d01f7d90/n4bWrZ_E5yI9-EHSCubQ_xJCgXM.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/d6b5ad28-1cbc-47ab-904e-45361a5487c3/e5dea660-bf59-4b4c-b9ad-4a6787e03fce/c319424e039f86d6ad9fc4e7223df841d20ae6d0ff12428173.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/d6b5ad28-1cbc-47ab-904e-45361a5487c3/e5dea660-bf59-4b4c-b9ad-4a6787e03fce/e5dea660-bf59-4b4c-b9ad-4a6787e03fce.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/d6b5ad28-1cbc-47ab-904e-45361a5487c3/e5dea660-bf59-4b4c-b9ad-4a6787e03fce/e5dea660-bf59-4b4c-b9ad-4a6787e03fce.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/d6b5ad28-1cbc-47ab-904e-45361a5487c3/e5dea660-bf59-4b4c-b9ad-4a6787e03fce.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/d6b5ad28-1cbc-47ab-904e-45361a5487c3/d6b5ad28-1cbc-47ab-904e-45361a5487c3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/d6b5ad28-1cbc-47ab-904e-45361a5487c3/d6b5ad28-1cbc-47ab-904e-45361a5487c3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/d6b5ad28-1cbc-47ab-904e-45361a5487c3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 03 Mar 2026 19:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1f:13:13:07:3c:de:c5:3a:25:f4:b3:ff:a3:e9:f0:84:b1:e9:84:c3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c319424e039f86d6ad9fc4e7223df841d20ae6d0ff12428173
        Validity
            Not Before: Feb 25 00:10:18 2026 GMT
            Not After : May 26 23:59:59 2026 GMT
        Subject: serialNumber=41dba0fa46c83fcf4f6ebd1d9248f9f8409c09ed1670e498b5df3690758b615c, CN=88af7b95-2ef7-49fc-a37d-1b8f0547180d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:44:32:39:39:f1:a6:2a:cd:5c:2b:7b:18:53:
                    2b:2f:74:70:d4:05:c8:7b:f9:07:45:70:51:3e:0b:
                    31:f9:4c:c9:2c:6e:e9:45:90:32:26:57:67:47:3b:
                    ec:f6:69:27:0e:6c:84:d6:13:04:75:75:6e:e9:81:
                    95:59:46:35:9a:6a:55:3a:53:ae:40:95:93:e1:a3:
                    cd:a9:e1:08:e5:a2:64:b0:0b:7e:0b:27:04:f7:63:
                    26:92:ab:1f:de:f6:e3:49:90:ab:5e:ee:43:08:27:
                    b6:32:ca:fe:87:b3:3d:5e:cf:94:bb:8a:a2:8d:8d:
                    1d:17:b5:08:67:ad:c8:6d:8d:18:23:30:a9:24:92:
                    8b:ea:76:63:9d:98:e5:42:4c:8c:20:07:49:31:d9:
                    af:8a:c7:d8:a9:ee:85:68:2d:65:92:ac:26:6b:80:
                    61:e9:13:5e:20:35:d8:8e:a7:2d:63:6a:91:90:91:
                    40:99:aa:17:c5:84:f0:77:7a:73:41:65:b5:ce:bd:
                    74:3f:e3:f8:9a:75:aa:1b:5b:b3:b2:de:65:30:bb:
                    ef:be:8c:19:78:c1:99:24:1e:f6:f0:e0:6d:ec:ff:
                    d2:f2:e6:db:40:f6:ca:41:e5:c5:d9:36:cf:ee:9c:
                    4a:26:0c:c4:5c:05:50:f3:db:39:88:b0:2f:9f:6a:
                    0d:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A9:60:8A:CD:76:A9:E7:78:5A:39:A0:7C:37:29:C4:08:F6:60:3C:AE
            X509v3 Authority Key Identifier:
                keyid:CC:10:61:27:3F:FF:76:3F:76:D2:DE:E2:85:83:E8:BA:3B:05:C4:30

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/d6b5ad28-1cbc-47ab-904e-45361a5487c3/e5dea660-bf59-4b4c-b9ad-4a6787e03fce/c319424e039f86d6ad9fc4e7223df841d20ae6d0ff12428173.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/2df51cd2-e6af-493a-a88a-3221d01f7d90/82100f84-33b5-43a7-a078-7090448b8504.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/2df51cd2-e6af-493a-a88a-3221d01f7d90/n4bWrZ_E5yI9-EHSCubQ_xJCgXM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  198.41.96.0/24

    Signature Algorithm: sha256WithRSAEncryption
         3c:44:27:9c:40:cf:bd:4d:68:2a:db:aa:cf:65:dc:7f:3b:78:
         be:01:88:5d:16:c0:49:e7:63:00:b3:45:56:40:86:f0:a8:8e:
         a7:21:56:1d:a5:53:ed:4a:d1:e4:02:44:34:56:ba:00:23:62:
         d8:af:ab:ba:eb:fd:5e:3a:85:5e:a7:26:bb:12:c7:d9:12:75:
         65:89:2d:c9:fe:b3:ac:f3:10:57:e8:6f:76:45:be:fc:76:ef:
         51:6f:c5:fb:1a:36:69:e8:99:67:8f:d0:ca:1a:37:87:0c:7d:
         6c:93:4b:d4:18:49:98:4d:87:10:ed:4f:0c:cf:eb:1b:94:6f:
         ef:c8:7c:f1:68:92:83:f6:0c:0f:68:32:ec:2d:4e:98:d0:02:
         2c:b4:3f:dd:00:9a:be:1d:c5:75:1b:e8:cd:b3:a6:7f:06:f5:
         72:a7:3f:b1:7b:eb:a1:d5:2b:c7:cb:c1:d5:31:6f:b2:41:f5:
         14:8e:a8:b7:42:38:20:c8:d1:d1:6a:06:75:4a:db:d0:04:0b:
         f1:7d:3a:c6:1f:01:46:73:ae:0a:8c:03:4b:10:52:88:b2:b8:
         d7:6e:3b:04:13:e4:ed:3d:0c:96:b2:dc:41:9b:33:a6:de:18:
         b1:8a:7d:17:b6:52:05:9f:19:b2:c7:0d:10:e6:ed:d6:ce:8f:
         1d:12:db:f0
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUHxMTBzzexTol9LP/o+nwhLHphMMwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyYzMxOTQyNGUwMzlmODZkNmFkOWZjNGU3MjIzZGY4NDFk
MjBhZTZkMGZmMTI0MjgxNzMwHhcNMjYwMjI1MDAxMDE4WhcNMjYwNTI2MjM1OTU5
WjB6MUkwRwYDVQQFE0A0MWRiYTBmYTQ2YzgzZmNmNGY2ZWJkMWQ5MjQ4ZjlmODQw
OWMwOWVkMTY3MGU0OThiNWRmMzY5MDc1OGI2MTVjMS0wKwYDVQQDEyQ4OGFmN2I5
NS0yZWY3LTQ5ZmMtYTM3ZC0xYjhmMDU0NzE4MGQwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC/RDI5OfGmKs1cK3sYUysvdHDUBch7+QdFcFE+CzH5TMks
bulFkDImV2dHO+z2aScObITWEwR1dW7pgZVZRjWaalU6U65AlZPho82p4QjlomSw
C34LJwT3YyaSqx/e9uNJkKte7kMIJ7Yyyv6Hsz1ez5S7iqKNjR0XtQhnrchtjRgj
MKkkkovqdmOdmOVCTIwgB0kx2a+Kx9ip7oVoLWWSrCZrgGHpE14gNdiOpy1japGQ
kUCZqhfFhPB3enNBZbXOvXQ/4/iadaobW7Oy3mUwu+++jBl4wZkkHvbw4G3s/9Ly
5ttA9spB5cXZNs/unEomDMRcBVDz2zmIsC+fag27AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUqWCKzXap53haOaB8NynECPZgPK4wHwYDVR0jBBgwFoAUzBBhJz//dj92
0t7ihYPoujsFxDAwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
L2Q2YjVhZDI4LTFjYmMtNDdhYi05MDRlLTQ1MzYxYTU0ODdjMy9lNWRlYTY2MC1i
ZjU5LTRiNGMtYjlhZC00YTY3ODdlMDNmY2UvYzMxOTQyNGUwMzlmODZkNmFkOWZj
NGU3MjIzZGY4NDFkMjBhZTZkMGZmMTI0MjgxNzMuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMmRmNTFjZDItZTZhZi00OTNhLWE4OGEtMzIy
MWQwMWY3ZDkwLzgyMTAwZjg0LTMzYjUtNDNhNy1hMDc4LTcwOTA0NDhiODUwNC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzJkZjUxY2QyLWU2YWYtNDkzYS1hODhh
LTMyMjFkMDFmN2Q5MC9uNGJXclpfRTV5STktRUhTQ3ViUV94SkNnWE0uY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADGKWAwDQYJKoZIhvcNAQELBQADggEBADxEJ5xAz71NaCrbqs9l3H87eL4B
iF0WwEnnYwCzRVZAhvCojqchVh2lU+1K0eQCRDRWugAjYtivq7rr/V46hV6nJrsS
x9kSdWWJLcn+s6zzEFfob3ZFvvx271FvxfsaNmnomWeP0MoaN4cMfWyTS9QYSZhN
hxDtTwzP6xuUb+/IfPFokoP2DA9oMuwtTpjQAiy0P90Amr4dxXUb6M2zpn8G9XKn
P7F766HVK8fLwdUxb7JB9RSOqLdCOCDI0dFqBnVK29AEC/F9OsYfAUZzrgqMA0sQ
UoiyuNduOwQT5O09DJay3EGbM6beGLGKfRe2UgWfGbLHDRDm7dbOjx0S2/A=
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:52:24 2026 by rpki-client