Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/08f80ed4-3c00-4313-8805-d61f0b1663df.roa
File:                     08f80ed4-3c00-4313-8805-d61f0b1663df.roa (raw, json)
Hash identifier:          b5OcZszfRhQdJ3IASPcRCsf5TEvyXo3Ycy4F3xOY/ZM=
Subject key identifier:   3D:8A:72:A9:4E:63:8B:23:19:8F:77:A4:B3:AD:D6:85:5F:BF:45:AC
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       5F48B531120700F483A3BD9C589B82F1FEACD4B9
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/08f80ed4-3c00-4313-8805-d61f0b1663df.roa
Signing time:             Thu 26 Feb 2026 01:21:33 +0000
ROA not before:           Thu 26 Feb 2026 01:21:33 +0000
ROA not after:            Wed 27 May 2026 23:59:59 +0000
asID:                     14618
IP address blocks:        52.95.63.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Wed 04 Mar 2026 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5f:48:b5:31:12:07:00:f4:83:a3:bd:9c:58:9b:82:f1:fe:ac:d4:b9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Feb 26 01:21:33 2026 GMT
            Not After : May 27 23:59:59 2026 GMT
        Subject: serialNumber=45db58d371801336eadd671101fd9cc8114396f6f418639d1cc132eff562863e, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:69:87:51:08:98:f8:ce:bd:01:4c:f0:8a:93:
                    df:0c:6e:fc:0a:30:d1:d8:12:ec:da:50:3d:73:b4:
                    94:f1:df:fa:3e:b4:1b:fc:8e:cb:84:a6:3a:a3:df:
                    52:b0:de:7f:61:7b:ce:f7:65:e4:8b:bb:4a:fd:95:
                    38:1a:94:76:6d:22:ca:92:71:66:2c:97:30:1f:e7:
                    60:60:01:24:46:a0:92:2f:1d:9e:e3:98:fd:98:0b:
                    88:e0:5e:91:dd:14:b1:4c:86:4e:83:b7:68:b4:6f:
                    2b:33:a2:ba:10:70:51:e2:5e:66:51:4d:b8:72:6a:
                    69:d9:8a:3e:01:0d:75:73:06:6d:f8:1e:f7:c8:f2:
                    d9:1b:fa:98:98:36:8b:b2:77:06:c5:57:28:8c:c3:
                    2e:a8:8a:e0:cc:df:48:9b:70:b8:6d:d0:21:08:d5:
                    bc:c4:0e:e8:06:01:53:c4:b9:fe:ab:d5:11:a7:07:
                    2b:6f:1a:b3:44:fc:fe:11:9f:26:03:ef:e1:ce:ba:
                    90:f6:36:ac:0b:a3:8f:09:39:ad:6a:e1:81:89:40:
                    9a:52:90:a8:28:72:f5:70:a5:f2:2c:6e:9f:83:0c:
                    18:45:45:ce:6b:d2:35:85:69:6d:0d:dc:b5:64:44:
                    67:f4:f1:f9:a4:92:71:e5:6f:f3:61:78:ff:f3:b1:
                    bb:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3D:8A:72:A9:4E:63:8B:23:19:8F:77:A4:B3:AD:D6:85:5F:BF:45:AC
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/08f80ed4-3c00-4313-8805-d61f0b1663df.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  52.95.63.0/24

    Signature Algorithm: sha256WithRSAEncryption
         51:88:56:98:96:54:27:59:3c:31:5b:c9:bb:85:4a:a4:f9:b1:
         0b:a7:e2:29:6e:fb:b2:b8:6d:ce:48:bb:69:42:9b:16:1d:4d:
         7c:64:b2:c4:a8:17:fe:90:3d:e1:ed:e7:7c:04:c5:ab:d8:a2:
         38:22:80:af:88:31:13:0e:69:30:51:f6:40:d2:ef:45:5c:d4:
         9f:4d:ce:9e:a0:7f:ad:94:d0:f8:87:a9:9e:f7:b3:ac:c2:e0:
         b3:c7:65:d8:9b:4d:74:22:3c:d5:33:04:af:92:f9:9b:91:46:
         7e:98:74:7e:01:77:9c:ef:4e:94:55:62:d2:80:9d:4e:e4:31:
         5e:06:3c:fb:b1:c2:2a:9d:5e:d7:99:f5:ed:ae:d8:80:d6:e9:
         5f:96:06:d8:b2:b2:de:91:bc:97:83:2d:b6:8f:05:7a:d8:41:
         9c:ae:74:e4:6d:a4:43:54:08:d4:9e:f2:69:b2:52:75:34:a8:
         bd:24:a7:f4:ef:e0:b7:c1:60:d6:69:cf:5b:90:d5:86:ee:3b:
         c7:0d:73:1f:b2:4d:5c:61:27:ac:25:25:46:9f:5e:5b:b0:4f:
         15:66:c4:78:12:7a:c2:e1:92:40:f4:c3:ff:a3:ff:65:ea:eb:
         c6:dc:61:08:3f:e4:79:a3:ac:7b:f1:48:99:d6:98:e3:07:94:
         58:25:26:8d
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUX0i1MRIHAPSDo72cWJuC8f6s1LkwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjYwMjI2MDEyMTMzWhcNMjYwNTI3MjM1OTU5
WjB6MUkwRwYDVQQFE0A0NWRiNThkMzcxODAxMzM2ZWFkZDY3MTEwMWZkOWNjODEx
NDM5NmY2ZjQxODYzOWQxY2MxMzJlZmY1NjI4NjNlMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCXaYdRCJj4zr0BTPCKk98MbvwKMNHYEuzaUD1ztJTx3/o+
tBv8jsuEpjqj31Kw3n9he873ZeSLu0r9lTgalHZtIsqScWYslzAf52BgASRGoJIv
HZ7jmP2YC4jgXpHdFLFMhk6Dt2i0byszoroQcFHiXmZRTbhyamnZij4BDXVzBm34
HvfI8tkb+piYNouydwbFVyiMwy6oiuDM30ibcLht0CEI1bzEDugGAVPEuf6r1RGn
BytvGrNE/P4RnyYD7+HOupD2NqwLo48JOa1q4YGJQJpSkKgocvVwpfIsbp+DDBhF
Rc5r0jWFaW0N3LVkRGf08fmkknHlb/NheP/zsbujAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUPYpyqU5jiyMZj3eks63WhV+/RawwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzA4ZjgwZWQ0LTNjMDAtNDMxMy04ODA1LWQ2MWYwYjE2NjNkZi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAA0Xz8wDQYJKoZIhvcNAQELBQADggEBAFGIVpiWVCdZPDFbybuFSqT5sQun
4ilu+7K4bc5Iu2lCmxYdTXxkssSoF/6QPeHt53wExavYojgigK+IMRMOaTBR9kDS
70Vc1J9Nzp6gf62U0PiHqZ73s6zC4LPHZdibTXQiPNUzBK+S+ZuRRn6YdH4Bd5zv
TpRVYtKAnU7kMV4GPPuxwiqdXteZ9e2u2IDW6V+WBtiyst6RvJeDLbaPBXrYQZyu
dORtpENUCNSe8mmyUnU0qL0kp/Tv4LfBYNZpz1uQ1YbuO8cNcx+yTVxhJ6wlJUaf
XluwTxVmxHgSesLhkkD0w/+j/2Xq68bcYQg/5HmjrHvxSJnWmOMHlFglJo0=
-----END CERTIFICATE-----