Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/02e1c12d-4148-4d82-a499-de2a31ace895.roa
File:                     02e1c12d-4148-4d82-a499-de2a31ace895.roa (raw, json)
Hash identifier:          BtCRmmJuAjJiQL/Ob+pzo2t/dZ3OHyR/IUqcTD7ir6U=
Subject key identifier:   C1:1A:C5:EC:FE:C2:63:EF:79:33:3A:19:F9:B0:C0:9B:5F:6E:44:BE
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       408959C91668BBC407082C23503BBFD58B4A35E7
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/02e1c12d-4148-4d82-a499-de2a31ace895.roa
Signing time:             Tue 17 Feb 2026 02:00:10 +0000
ROA not before:           Tue 17 Feb 2026 02:00:10 +0000
ROA not after:            Mon 18 May 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        54.160.0.0/18 maxlen: 18
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Mon 02 Mar 2026 20:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            40:89:59:c9:16:68:bb:c4:07:08:2c:23:50:3b:bf:d5:8b:4a:35:e7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Feb 17 02:00:10 2026 GMT
            Not After : May 18 23:59:59 2026 GMT
        Subject: serialNumber=fa11cdfa171fc44d5cde82c6b0524dbc344cc7a8ac0c0dd275ae4836c1fca251, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f1:16:6c:37:7c:6b:0d:a6:51:b3:cb:0d:8f:f4:
                    d7:2c:34:1a:b5:75:db:8a:ee:a4:3b:0d:d1:93:28:
                    f6:2b:f2:23:4b:1a:de:3b:07:03:d5:96:51:a3:71:
                    b4:fa:cb:84:98:ce:80:cf:ce:6b:03:20:1d:9b:5d:
                    0b:0b:66:f9:c4:4d:48:95:ae:b7:f0:66:71:4a:e3:
                    62:51:c8:dc:74:dc:4a:4b:52:de:22:f4:38:3a:cc:
                    9e:09:31:54:13:6a:0e:48:c0:f5:01:69:61:1e:39:
                    d1:e5:ac:d9:7d:d2:da:e1:73:ba:66:8f:3c:a8:49:
                    74:8a:05:90:e7:af:63:8c:e0:87:6a:7c:27:f1:29:
                    6a:48:97:25:5f:bd:94:ac:96:3c:3e:83:d2:fe:3b:
                    8e:32:c4:8b:0e:50:07:e9:59:53:13:67:8f:c9:e9:
                    a7:ee:0b:03:c5:eb:ef:28:41:a1:ce:15:de:56:36:
                    dc:ba:34:9d:b1:96:a5:2d:1b:ad:06:3d:20:f4:bf:
                    f3:ba:5d:3f:12:79:15:7a:89:fb:a8:20:8d:21:19:
                    e9:6e:ef:20:9b:4e:ce:0c:c5:3f:33:70:34:5e:76:
                    d5:1b:92:d1:66:ea:a3:e8:73:f4:a9:6a:8b:5f:8a:
                    da:34:18:df:f5:f4:34:2b:94:77:b9:28:72:7a:92:
                    ff:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C1:1A:C5:EC:FE:C2:63:EF:79:33:3A:19:F9:B0:C0:9B:5F:6E:44:BE
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/02e1c12d-4148-4d82-a499-de2a31ace895.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  54.160.0.0/18

    Signature Algorithm: sha256WithRSAEncryption
         64:7b:98:a0:2a:3a:b3:a1:a1:ca:40:2f:a0:90:d2:9d:0d:4e:
         ca:97:e8:fd:21:7b:55:d5:14:8f:9e:d8:10:48:68:ce:3c:f9:
         31:33:ab:02:b7:f9:01:6b:37:8f:de:0a:64:b1:d4:7f:81:4f:
         2a:5f:ba:41:11:b8:75:38:7f:a4:7b:82:09:eb:c6:d2:b3:aa:
         d1:64:3f:f6:db:11:fd:9d:31:d2:13:c7:8e:34:8d:aa:77:ce:
         d7:d9:48:2e:c0:d3:7e:b7:2e:5b:26:4b:45:8b:c8:ca:61:08:
         b2:3a:73:f2:6a:96:b2:fa:b4:f6:29:d6:82:a6:dd:38:79:79:
         2c:a1:90:0d:d0:69:8f:cd:6d:d3:94:25:b1:ea:ac:8b:99:83:
         9f:da:ed:3e:80:74:6d:0c:e5:5d:ad:87:90:68:79:fc:4d:fa:
         74:83:89:cf:a9:ba:e5:85:65:cf:a2:71:30:da:31:e0:e8:20:
         59:66:f4:11:7b:10:25:4c:f9:3e:79:02:cf:8b:8f:30:08:2b:
         f7:4f:7c:63:24:f9:4b:fd:97:24:c6:71:63:ee:25:94:81:72:
         cd:99:dc:44:14:5a:38:34:40:f8:79:0b:56:8a:3c:06:39:d3:
         fe:39:02:06:56:c8:32:93:6c:17:cd:7e:25:a4:f2:5e:80:17:
         92:4c:5e:27
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUQIlZyRZou8QHCCwjUDu/1YtKNecwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjYwMjE3MDIwMDEwWhcNMjYwNTE4MjM1OTU5
WjB6MUkwRwYDVQQFE0BmYTExY2RmYTE3MWZjNDRkNWNkZTgyYzZiMDUyNGRiYzM0
NGNjN2E4YWMwYzBkZDI3NWFlNDgzNmMxZmNhMjUxMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDxFmw3fGsNplGzyw2P9NcsNBq1dduK7qQ7DdGTKPYr8iNL
Gt47BwPVllGjcbT6y4SYzoDPzmsDIB2bXQsLZvnETUiVrrfwZnFK42JRyNx03EpL
Ut4i9Dg6zJ4JMVQTag5IwPUBaWEeOdHlrNl90trhc7pmjzyoSXSKBZDnr2OM4Idq
fCfxKWpIlyVfvZSsljw+g9L+O44yxIsOUAfpWVMTZ4/J6afuCwPF6+8oQaHOFd5W
Nty6NJ2xlqUtG60GPSD0v/O6XT8SeRV6ifuoII0hGelu7yCbTs4MxT8zcDRedtUb
ktFm6qPoc/Spaotfito0GN/19DQrlHe5KHJ6kv/FAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUwRrF7P7CY+95MzoZ+bDAm19uRL4wHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzAyZTFjMTJkLTQxNDgtNGQ4Mi1hNDk5LWRlMmEzMWFjZTg5NS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAY2oAAwDQYJKoZIhvcNAQELBQADggEBAGR7mKAqOrOhocpAL6CQ0p0NTsqX
6P0he1XVFI+e2BBIaM48+TEzqwK3+QFrN4/eCmSx1H+BTypfukERuHU4f6R7ggnr
xtKzqtFkP/bbEf2dMdITx440jap3ztfZSC7A0363LlsmS0WLyMphCLI6c/JqlrL6
tPYp1oKm3Th5eSyhkA3QaY/NbdOUJbHqrIuZg5/a7T6AdG0M5V2th5BoefxN+nSD
ic+puuWFZc+icTDaMeDoIFlm9BF7ECVM+T55As+LjzAIK/dPfGMk+Uv9lyTGcWPu
JZSBcs2Z3EQUWjg0QPh5C1aKPAY50/45AgZWyDKTbBfNfiWk8l6AF5JMXic=
-----END CERTIFICATE-----