Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/1c41a2e6-c057-4394-9ba5-1fce83874b1f.roa
File:                     1c41a2e6-c057-4394-9ba5-1fce83874b1f.roa (raw, json)
Hash identifier:          y/KGQia90XkK+OdnpkQzDkNkQIx4UZP4Y5znGrHdnHE=
Subject key identifier:   7B:53:B6:C7:34:8E:5C:41:3C:23:A2:E4:2B:F5:D2:9E:86:59:E7:F4
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       0140076364389D6A4C8A0EBC71D027E8EFCD2B74
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/1c41a2e6-c057-4394-9ba5-1fce83874b1f.roa
Signing time:             Tue 17 Feb 2026 02:01:11 +0000
ROA not before:           Tue 17 Feb 2026 02:01:11 +0000
ROA not after:            Mon 18 May 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        54.166.128.0/17 maxlen: 17
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Wed 04 Mar 2026 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:40:07:63:64:38:9d:6a:4c:8a:0e:bc:71:d0:27:e8:ef:cd:2b:74
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Feb 17 02:01:11 2026 GMT
            Not After : May 18 23:59:59 2026 GMT
        Subject: serialNumber=8abfd7f0878840d4490b8a3452b3405b17667935e096277d0285a69440c85006, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:51:07:8e:33:2a:07:7e:bc:15:10:34:e7:63:
                    a6:99:ec:3b:70:c8:17:5d:fe:52:2c:93:c6:fe:23:
                    ba:47:ff:87:45:7e:27:7a:c3:fe:01:dc:6f:0f:ef:
                    6c:dc:b5:f2:d6:b5:21:46:c8:8f:a7:be:e7:80:d5:
                    dd:c7:04:dd:b8:d4:ae:51:9d:e1:93:5e:16:7c:11:
                    42:95:af:04:0c:82:83:75:49:9c:33:62:74:79:6d:
                    ea:fd:17:ce:fd:dd:10:27:d9:d9:37:eb:ed:76:4c:
                    cc:ea:f2:2c:f7:7d:d0:7c:7b:a5:69:87:af:11:2d:
                    64:73:b3:9f:eb:9a:76:90:4c:3c:36:ae:02:c1:c0:
                    53:34:c8:55:f1:97:33:67:75:33:f6:26:2f:67:95:
                    3f:f0:b1:76:a0:45:8c:d1:7a:38:88:0b:09:52:82:
                    07:71:50:e2:fb:0b:10:d8:d9:31:c2:4e:00:e5:d5:
                    5e:9e:18:aa:7e:36:dc:07:d1:0b:ec:f5:a3:3b:43:
                    1a:7e:db:9c:8e:74:88:35:32:3a:0a:47:18:4c:91:
                    76:aa:f2:ce:47:de:8e:92:90:7c:98:8d:02:50:1a:
                    38:27:8e:92:22:96:3f:7f:92:b4:c6:aa:2f:60:1b:
                    5d:55:9d:a6:4c:74:fc:75:fb:57:db:7f:d8:4d:63:
                    af:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7B:53:B6:C7:34:8E:5C:41:3C:23:A2:E4:2B:F5:D2:9E:86:59:E7:F4
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/1c41a2e6-c057-4394-9ba5-1fce83874b1f.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  54.166.128.0/17

    Signature Algorithm: sha256WithRSAEncryption
         7a:4a:6b:86:b8:86:ae:ec:b0:a8:02:f3:49:cd:04:09:a5:25:
         72:a5:dd:e8:05:0a:d9:55:52:f7:a1:b2:19:1e:24:63:cf:cd:
         fa:85:82:9b:c6:fc:b8:1a:52:1e:4b:c1:6b:29:b2:3d:61:76:
         a0:10:83:fc:cc:27:00:3b:64:94:ad:02:2f:24:bc:bd:c5:b9:
         12:2c:c3:7d:a0:e1:9d:08:96:24:23:5c:2d:ba:73:a3:15:da:
         8e:57:8a:b5:7a:7c:ac:16:58:03:69:eb:0d:8f:06:95:70:7b:
         b6:4f:af:c4:fe:7d:5c:5a:eb:32:3d:af:a4:f6:16:fb:9e:88:
         b8:46:84:b4:9a:f7:a9:45:fe:ff:d1:a9:c1:67:d3:a2:00:21:
         9c:68:35:1c:12:5e:8a:81:7d:b5:09:be:16:40:d8:2a:34:dc:
         bf:5d:1b:30:17:ad:3e:5d:39:1f:8c:27:61:f2:ba:14:1a:ea:
         52:8f:b0:30:39:1e:41:1f:40:60:bb:65:a9:dc:8c:ea:8e:c3:
         9d:e1:d4:50:4e:55:e1:46:e3:78:61:fc:c4:9d:68:b9:ef:4a:
         a5:4c:68:29:79:1c:41:8b:6c:27:01:db:aa:a6:4a:92:29:26:
         ea:a4:4b:94:bf:64:5b:ea:a6:b9:6f:1a:36:64:06:ab:ee:d1:
         7a:3b:2f:a6
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUAUAHY2Q4nWpMig68cdAn6O/NK3QwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjYwMjE3MDIwMTExWhcNMjYwNTE4MjM1OTU5
WjB6MUkwRwYDVQQFE0A4YWJmZDdmMDg3ODg0MGQ0NDkwYjhhMzQ1MmIzNDA1YjE3
NjY3OTM1ZTA5NjI3N2QwMjg1YTY5NDQwYzg1MDA2MS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCXUQeOMyoHfrwVEDTnY6aZ7DtwyBdd/lIsk8b+I7pH/4dF
fid6w/4B3G8P72zctfLWtSFGyI+nvueA1d3HBN241K5RneGTXhZ8EUKVrwQMgoN1
SZwzYnR5ber9F8793RAn2dk36+12TMzq8iz3fdB8e6Vph68RLWRzs5/rmnaQTDw2
rgLBwFM0yFXxlzNndTP2Ji9nlT/wsXagRYzRejiICwlSggdxUOL7CxDY2THCTgDl
1V6eGKp+NtwH0Qvs9aM7Qxp+25yOdIg1MjoKRxhMkXaq8s5H3o6SkHyYjQJQGjgn
jpIilj9/krTGqi9gG11VnaZMdPx1+1fbf9hNY68FAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUe1O2xzSOXEE8I6LkK/XSnoZZ5/QwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzFjNDFhMmU2LWMwNTctNDM5NC05YmE1LTFmY2U4Mzg3NGIxZi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAc2poAwDQYJKoZIhvcNAQELBQADggEBAHpKa4a4hq7ssKgC80nNBAmlJXKl
3egFCtlVUvehshkeJGPPzfqFgpvG/LgaUh5LwWspsj1hdqAQg/zMJwA7ZJStAi8k
vL3FuRIsw32g4Z0IliQjXC26c6MV2o5XirV6fKwWWANp6w2PBpVwe7ZPr8T+fVxa
6zI9r6T2FvueiLhGhLSa96lF/v/RqcFn06IAIZxoNRwSXoqBfbUJvhZA2Co03L9d
GzAXrT5dOR+MJ2HyuhQa6lKPsDA5HkEfQGC7ZancjOqOw53h1FBOVeFG43hh/MSd
aLnvSqVMaCl5HEGLbCcB26qmSpIpJuqkS5S/ZFvqprlvGjZkBqvu0Xo7L6Y=
-----END CERTIFICATE-----