Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/06d1397b-e92b-447e-8751-20dfc141f201.roa
File:                     06d1397b-e92b-447e-8751-20dfc141f201.roa (raw, json)
Hash identifier:          BrDw/zXNfQz/9RFa6B6Q8YC1bY96tZ88OUtMCa48WvI=
Subject key identifier:   BF:85:3B:AE:8F:6C:2C:9B:02:55:B0:60:E4:97:F5:6D:0B:F6:83:9F
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       67636B8967D0BEF9B099E310C861A5D5130A9E51
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/06d1397b-e92b-447e-8751-20dfc141f201.roa
Signing time:             Mon 23 Feb 2026 00:10:34 +0000
ROA not before:           Mon 23 Feb 2026 00:10:34 +0000
ROA not after:            Sun 24 May 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        18.68.130.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Wed 04 Mar 2026 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            67:63:6b:89:67:d0:be:f9:b0:99:e3:10:c8:61:a5:d5:13:0a:9e:51
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Feb 23 00:10:34 2026 GMT
            Not After : May 24 23:59:59 2026 GMT
        Subject: serialNumber=1b985dfab6861de84e998afb214a97b681bc7dfb63d916c754bbb587b4fbc4fb, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:45:4e:dc:4f:7e:24:55:33:61:53:58:85:d5:
                    c5:f4:09:0e:9a:62:9e:bd:37:99:2b:08:22:7c:42:
                    e4:60:43:df:49:30:72:9c:84:34:23:c0:b9:e8:6b:
                    3c:62:00:f6:81:de:30:90:15:49:3b:aa:e1:31:29:
                    27:84:ef:7b:db:a0:ef:76:00:15:7a:5b:3e:db:a0:
                    07:7b:7c:ae:c4:c0:51:b5:26:4f:13:6b:b3:f6:2b:
                    f1:7c:37:19:c3:ab:4b:b8:08:38:d3:61:7c:85:a9:
                    44:95:fb:96:97:fa:30:8e:c5:75:1f:35:9d:0b:ac:
                    27:59:f7:af:87:23:f9:6b:99:41:1c:3e:21:41:7b:
                    61:58:1c:8e:59:d3:88:c5:1c:ff:83:c5:9a:20:b5:
                    80:ec:eb:02:f5:64:8e:ec:53:1a:0c:26:b8:59:a8:
                    ea:64:b5:f0:6e:cf:97:e8:59:e8:7f:67:94:35:f5:
                    56:57:42:91:df:ea:ca:9d:68:87:f3:f7:46:32:a1:
                    4d:02:87:d3:bb:ef:de:3f:3e:2f:97:61:88:2f:8f:
                    96:93:75:02:ca:7e:f8:ce:fa:e8:ce:b0:33:fc:56:
                    20:e1:92:e5:48:6c:24:00:9b:27:21:e4:84:1e:40:
                    ff:61:84:5e:dc:56:97:31:69:47:ae:9e:16:66:d4:
                    ae:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BF:85:3B:AE:8F:6C:2C:9B:02:55:B0:60:E4:97:F5:6D:0B:F6:83:9F
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/06d1397b-e92b-447e-8751-20dfc141f201.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  18.68.130.0/24

    Signature Algorithm: sha256WithRSAEncryption
         88:b8:4a:ee:44:e6:9f:78:a5:4b:60:30:a3:3f:23:52:ee:ee:
         1f:cd:bf:c6:34:cd:10:b5:d2:18:30:e0:06:9b:9d:da:56:20:
         d4:a9:07:ee:77:05:7a:ec:7a:22:aa:79:1c:33:12:be:33:ae:
         4b:7a:23:2f:a5:a6:da:fe:2a:85:6e:bf:b7:33:b0:81:24:13:
         f5:2b:4c:79:cb:90:ae:17:64:14:77:48:cd:20:6f:84:91:d3:
         01:38:da:c4:23:1d:b9:79:cc:77:46:29:a0:2b:cb:21:a5:f3:
         f1:14:c0:5b:14:8a:43:78:86:ab:4b:0b:10:d3:26:4f:c1:48:
         33:04:5f:f6:32:92:df:b4:32:e2:42:b4:cc:a7:5d:05:ed:b7:
         4c:3a:17:10:e8:2f:74:25:45:b8:90:a3:cf:c2:77:a2:ed:7e:
         a3:bc:f7:f4:3d:14:55:18:a3:bd:54:28:0f:4a:e0:0e:16:ee:
         ee:74:99:9f:7e:33:03:f1:73:e1:19:fb:62:cb:73:86:4e:2e:
         43:6f:07:d1:76:92:27:58:44:e4:fe:da:63:93:85:37:d7:6c:
         a6:d2:a1:21:74:2d:8d:9b:98:02:f3:f1:ce:f2:28:23:43:ad:
         f1:29:e0:1a:32:46:1a:1a:7c:a0:7a:83:58:c0:95:e5:50:7c:
         4d:cb:51:48
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUZ2NriWfQvvmwmeMQyGGl1RMKnlEwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjYwMjIzMDAxMDM0WhcNMjYwNTI0MjM1OTU5
WjB6MUkwRwYDVQQFE0AxYjk4NWRmYWI2ODYxZGU4NGU5OThhZmIyMTRhOTdiNjgx
YmM3ZGZiNjNkOTE2Yzc1NGJiYjU4N2I0ZmJjNGZiMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCvRU7cT34kVTNhU1iF1cX0CQ6aYp69N5krCCJ8QuRgQ99J
MHKchDQjwLnoazxiAPaB3jCQFUk7quExKSeE73vboO92ABV6Wz7boAd7fK7EwFG1
Jk8Ta7P2K/F8NxnDq0u4CDjTYXyFqUSV+5aX+jCOxXUfNZ0LrCdZ96+HI/lrmUEc
PiFBe2FYHI5Z04jFHP+DxZogtYDs6wL1ZI7sUxoMJrhZqOpktfBuz5foWeh/Z5Q1
9VZXQpHf6sqdaIfz90YyoU0Ch9O7794/Pi+XYYgvj5aTdQLKfvjO+ujOsDP8ViDh
kuVIbCQAmych5IQeQP9hhF7cVpcxaUeunhZm1K7FAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUv4U7ro9sLJsCVbBg5Jf1bQv2g58wHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzA2ZDEzOTdiLWU5MmItNDQ3ZS04NzUxLTIwZGZjMTQxZjIwMS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAASRIIwDQYJKoZIhvcNAQELBQADggEBAIi4Su5E5p94pUtgMKM/I1Lu7h/N
v8Y0zRC10hgw4AabndpWINSpB+53BXrseiKqeRwzEr4zrkt6Iy+lptr+KoVuv7cz
sIEkE/UrTHnLkK4XZBR3SM0gb4SR0wE42sQjHbl5zHdGKaAryyGl8/EUwFsUikN4
hqtLCxDTJk/BSDMEX/Yykt+0MuJCtMynXQXtt0w6FxDoL3QlRbiQo8/Cd6LtfqO8
9/Q9FFUYo71UKA9K4A4W7u50mZ9+MwPxc+EZ+2LLc4ZOLkNvB9F2kidYROT+2mOT
hTfXbKbSoSF0LY2bmALz8c7yKCNDrfEp4BoyRhoafKB6g1jAleVQfE3LUUg=
-----END CERTIFICATE-----
Generated at Mon Mar 2 01:01:18 2026 by rpki-client