Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/33276cb0-fd16-405f-bdae-0bcc070e07f8.roa
File:                     33276cb0-fd16-405f-bdae-0bcc070e07f8.roa (raw, json)
Hash identifier:          as148/DB2tHE4OZwaDDyDKjGyBOjSsi/N7aytlJIgl8=
Subject key identifier:   E3:6D:1A:3F:77:5F:15:A4:0F:BA:DC:7F:64:AD:5E:D4:D4:F5:D4:32
Certificate issuer:       /CN=551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce
Certificate serial:       6CE43A9A16F4C4C5E77D18A614B057C773D0FD99
Authority key identifier: E8:F3:C5:20:E2:0E:F2:5D:3A:B7:A2:16:BB:14:04:31:6A:37:38:F1
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/33276cb0-fd16-405f-bdae-0bcc070e07f8.roa
Signing time:             Wed 20 May 2026 00:30:43 +0000
ROA not before:           Wed 20 May 2026 00:30:43 +0000
ROA not after:            Tue 18 Aug 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        204.246.164.0/22 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/XnrVTgTwQuSsDp5lxW5Vx3R40s4.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/XnrVTgTwQuSsDp5lxW5Vx3R40s4.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/99f8fed2-292b-4722-b928-fee7bf0a5910.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/99f8fed2-292b-4722-b928-fee7bf0a5910.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/f60c9f32-a87c-4339-a2f3-6299a3b02e29.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/f60c9f32-a87c-4339-a2f3-6299a3b02e29.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 14 Jun 2026 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6c:e4:3a:9a:16:f4:c4:c5:e7:7d:18:a6:14:b0:57:c7:73:d0:fd:99
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce
        Validity
            Not Before: May 20 00:30:43 2026 GMT
            Not After : Aug 18 23:59:59 2026 GMT
        Subject: serialNumber=c8fc3026eaa0acf98ec9a5364acab5bf195c59e93473f7c5ba827985294c324f, CN=9f230fa9-aa2f-4020-ae2a-1a60374084b8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:84:f3:e2:96:10:74:a5:68:e3:9b:89:cf:c5:47:
                    03:0b:f3:d0:15:57:8d:89:53:ec:50:ed:b9:2e:41:
                    35:5e:16:8e:70:a8:b1:30:4e:1a:58:61:c3:59:fe:
                    f9:40:92:7f:dd:be:bd:dc:b4:2a:b7:16:f3:bc:22:
                    46:ac:d1:b6:f2:2a:b2:ae:89:98:d7:8f:99:3d:45:
                    78:85:44:9d:fa:4a:4f:4c:49:0c:72:f6:41:33:1e:
                    61:8f:b4:1e:87:28:d9:95:c3:6c:f7:52:8e:5d:aa:
                    20:f9:96:42:80:95:67:2b:c8:6b:80:40:a1:db:20:
                    44:37:38:ea:65:fe:0e:87:64:bb:61:e9:d8:4a:c7:
                    b3:f7:6e:55:51:9e:a5:5e:01:7c:d6:b6:96:3b:e2:
                    49:24:87:0c:64:85:e9:dc:96:c9:ad:cd:3e:79:ae:
                    13:e7:84:90:42:ba:df:ca:fa:0a:38:3d:65:4f:f1:
                    89:ca:aa:e3:bb:06:6c:a6:54:70:cf:62:6f:40:ac:
                    19:7a:32:e4:ba:6a:b8:e7:60:c8:8d:a5:19:9e:22:
                    f1:69:19:1c:95:8e:0e:d8:4c:df:8f:3e:47:66:7f:
                    61:47:97:8e:88:c9:0a:6d:1c:40:a7:b5:34:0e:2e:
                    b4:88:5e:99:c6:b3:8c:c6:4e:48:93:3e:c2:b4:61:
                    1c:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E3:6D:1A:3F:77:5F:15:A4:0F:BA:DC:7F:64:AD:5E:D4:D4:F5:D4:32
            X509v3 Authority Key Identifier:
                keyid:E8:F3:C5:20:E2:0E:F2:5D:3A:B7:A2:16:BB:14:04:31:6A:37:38:F1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/33276cb0-fd16-405f-bdae-0bcc070e07f8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/XnrVTgTwQuSsDp5lxW5Vx3R40s4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  204.246.164.0/22

    Signature Algorithm: sha256WithRSAEncryption
         a3:f8:80:6c:f2:8b:67:82:8f:a2:26:8a:ae:dc:af:45:41:65:
         5d:03:08:15:17:f6:f7:54:8b:32:53:0f:75:12:ae:1d:50:d4:
         38:c0:70:ea:a5:22:48:15:f2:81:a0:78:3a:f4:e7:23:4b:36:
         27:0e:7c:5e:5a:7c:a3:b3:ce:cf:65:88:d1:48:89:1b:9d:42:
         48:26:5a:20:28:e0:2e:d8:c1:34:2a:f6:7d:df:66:2a:3e:48:
         5d:e1:7e:c2:34:47:a5:50:2c:79:68:16:4a:4b:76:5c:82:73:
         5b:b5:b2:1e:bd:ae:d1:df:f7:8b:08:33:89:fd:e7:2c:d1:8c:
         51:33:9c:75:92:c7:a1:89:72:e3:c5:1a:a5:0d:18:9f:e9:a4:
         30:46:1a:df:ba:30:1d:d2:64:26:19:db:f3:0e:64:66:4d:84:
         2c:b7:08:aa:e5:e8:fe:24:d1:ef:74:58:c7:83:02:9c:a0:86:
         b4:ee:e3:4f:f2:33:cf:24:f2:9c:85:ae:aa:17:1c:78:33:ed:
         74:27:a4:9e:2e:1b:3b:f6:fa:84:8e:fe:f3:9e:9b:3a:0d:98:
         03:4e:aa:e7:ef:aa:f8:35:ca:32:25:90:13:51:5b:1a:b3:ef:
         88:67:ac:be:8b:eb:4a:43:d5:c4:90:90:87:01:73:84:9d:1b:
         ea:f7:a9:c3
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUbOQ6mhb0xMXnfRimFLBXx3PQ/ZkwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNTUxMjA5MDI3ZjVlN2FkNTRlMDRmMDQyZTRhYzBlOWU2
NWM1NmU1NWM3NzQ3OGQyY2UwHhcNMjYwNTIwMDAzMDQzWhcNMjYwODE4MjM1OTU5
WjB6MUkwRwYDVQQFE0BjOGZjMzAyNmVhYTBhY2Y5OGVjOWE1MzY0YWNhYjViZjE5
NWM1OWU5MzQ3M2Y3YzViYTgyNzk4NTI5NGMzMjRmMS0wKwYDVQQDEyQ5ZjIzMGZh
OS1hYTJmLTQwMjAtYWUyYS0xYTYwMzc0MDg0YjgwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCE8+KWEHSlaOObic/FRwML89AVV42JU+xQ7bkuQTVeFo5w
qLEwThpYYcNZ/vlAkn/dvr3ctCq3FvO8Ikas0bbyKrKuiZjXj5k9RXiFRJ36Sk9M
SQxy9kEzHmGPtB6HKNmVw2z3Uo5dqiD5lkKAlWcryGuAQKHbIEQ3OOpl/g6HZLth
6dhKx7P3blVRnqVeAXzWtpY74kkkhwxkhenclsmtzT55rhPnhJBCut/K+go4PWVP
8YnKquO7BmymVHDPYm9ArBl6MuS6arjnYMiNpRmeIvFpGRyVjg7YTN+PPkdmf2FH
l46IyQptHECntTQOLrSIXpnGs4zGTkiTPsK0YRw7AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU420aP3dfFaQPutx/ZK1e1NT11DIwHwYDVR0jBBgwFoAU6PPFIOIO8l06
t6IWuxQEMWo3OPEwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
L2Y2MGM5ZjMyLWE4N2MtNDMzOS1hMmYzLTYyOTlhM2IwMmUyOS85OWY4ZmVkMi0y
OTJiLTQ3MjItYjkyOC1mZWU3YmYwYTU5MTAvNTUxMjA5MDI3ZjVlN2FkNTRlMDRm
MDQyZTRhYzBlOWU2NWM1NmU1NWM3NzQ3OGQyY2UuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZTc1MThhZjUtYTM0My00MjhkLWJmNzgtZjk4
MmI2ZTYwNTA1LzMzMjc2Y2IwLWZkMTYtNDA1Zi1iZGFlLTBiY2MwNzBlMDdmOC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2U3NTE4YWY1LWEzNDMtNDI4ZC1iZjc4
LWY5ODJiNmU2MDUwNS9YbnJWVGdUd1F1U3NEcDVseFc1VngzUjQwczQuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBALM9qQwDQYJKoZIhvcNAQELBQADggEBAKP4gGzyi2eCj6Imiq7cr0VBZV0D
CBUX9vdUizJTD3USrh1Q1DjAcOqlIkgV8oGgeDr05yNLNicOfF5afKOzzs9liNFI
iRudQkgmWiAo4C7YwTQq9n3fZio+SF3hfsI0R6VQLHloFkpLdlyCc1u1sh69rtHf
94sIM4n95yzRjFEznHWSx6GJcuPFGqUNGJ/ppDBGGt+6MB3SZCYZ2/MOZGZNhCy3
CKrl6P4k0e90WMeDApyghrTu40/yM88k8pyFrqoXHHgz7XQnpJ4uGzv2+oSO/vOe
mzoNmANOqufvqvg1yjIlkBNRWxqz74hnrL6L60pD1cSQkIcBc4SdG+r3qcM=
-----END CERTIFICATE-----