Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/1da3f1fb-2590-422d-9b28-4bd14d22f09b.roa
File:                     1da3f1fb-2590-422d-9b28-4bd14d22f09b.roa (raw, json)
Hash identifier:          ev7MmOYCHVrKGsahU2XedPLia298EZmo0hfw6zu7ul0=
Subject key identifier:   C0:31:94:9C:FE:1B:59:2C:0D:66:94:D1:39:D4:ED:35:29:0E:93:28
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       5F2AE4C846B2D7A0E647AEB3F66B31A48A4AF6BB
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/1da3f1fb-2590-422d-9b28-4bd14d22f09b.roa
Signing time:             Sat 28 Feb 2026 03:50:07 +0000
ROA not before:           Sat 28 Feb 2026 03:50:07 +0000
ROA not after:            Fri 29 May 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        54.239.113.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Wed 04 Mar 2026 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5f:2a:e4:c8:46:b2:d7:a0:e6:47:ae:b3:f6:6b:31:a4:8a:4a:f6:bb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Feb 28 03:50:07 2026 GMT
            Not After : May 29 23:59:59 2026 GMT
        Subject: serialNumber=e3fec889c7dc2210f02c238d62dc997ba27e19e644fc452c33bf282bbf6d610d, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d8:f9:ff:bf:ec:19:f4:d7:ee:e2:5d:46:fc:7e:
                    e2:f0:ab:1f:22:18:de:27:67:c8:6e:f0:b5:bc:a1:
                    23:9b:4f:b8:cb:ed:b7:8c:cf:3b:eb:fa:ca:5e:71:
                    83:78:01:37:bd:e7:3d:77:f2:e2:54:65:e0:e4:d3:
                    e2:23:46:c0:23:e4:30:d3:65:46:eb:e6:43:cd:74:
                    f4:c1:e5:94:46:c0:f9:ea:b3:b0:9e:2b:3d:2c:a3:
                    74:4b:46:8d:5e:84:57:4c:9d:36:11:e1:9e:03:49:
                    0c:6b:ca:4a:90:11:91:85:70:70:92:80:e8:b0:27:
                    ab:fb:0e:07:90:7a:94:c4:25:57:42:b2:69:e5:ec:
                    77:65:9e:c2:60:d9:e9:c1:0f:1c:fe:f5:96:66:3f:
                    e7:77:86:59:f5:f6:59:28:8a:7e:58:06:25:91:48:
                    a9:62:1d:20:5c:ba:2a:1c:75:24:b5:52:43:ab:aa:
                    a4:e1:70:c6:20:5e:10:80:ee:c4:73:31:ff:aa:b6:
                    5c:e0:47:94:ec:e0:93:5f:7c:8b:29:0b:e4:60:81:
                    3c:71:23:91:3b:96:bd:06:48:24:d7:3e:fc:76:f4:
                    7d:95:b7:1c:7e:ac:a7:bc:73:45:0e:64:c5:d2:8c:
                    3c:c2:e6:0d:81:f5:08:8e:5d:07:69:c9:11:cb:10:
                    3f:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C0:31:94:9C:FE:1B:59:2C:0D:66:94:D1:39:D4:ED:35:29:0E:93:28
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/1da3f1fb-2590-422d-9b28-4bd14d22f09b.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  54.239.113.0/24

    Signature Algorithm: sha256WithRSAEncryption
         9d:c6:81:22:5b:75:ae:7c:74:c0:71:9b:1e:a6:38:f0:98:72:
         af:1a:16:d3:f6:39:ba:08:77:be:a5:58:59:ed:04:67:1b:8d:
         db:f6:b2:7a:f7:b4:22:11:62:db:4b:db:b6:17:da:75:9f:ff:
         74:26:a1:c8:14:cb:f9:fd:7b:91:47:9d:1d:be:5c:05:f3:f9:
         68:cd:77:c5:18:d7:5d:38:da:f1:d4:7c:f2:2a:b7:17:74:ff:
         7f:7b:0f:5f:08:10:05:d7:7a:ca:ca:da:e4:65:c8:f5:f8:f0:
         56:36:c0:52:d6:23:e2:9d:ce:4b:0c:b8:5e:6d:79:33:60:38:
         ca:2f:ab:4c:55:3c:7e:c5:4f:e2:d0:24:07:4e:5a:44:d7:f2:
         df:30:ee:5a:68:52:74:49:ce:d7:5b:d3:09:a3:65:e6:0b:49:
         36:15:fd:2a:6d:73:77:d6:18:39:92:70:5e:54:dc:d4:7c:eb:
         bf:cf:ec:36:56:fb:39:31:d2:ac:bc:ec:16:2a:ae:9e:36:af:
         3e:01:6f:ab:b9:6a:61:67:af:42:94:f6:db:6c:8c:2c:4c:1c:
         ef:bd:79:07:06:2b:a4:40:5b:18:6c:20:e8:a6:78:86:40:53:
         89:76:42:d5:b6:52:db:25:32:f9:c2:e7:53:b3:55:5e:95:f9:
         79:93:cf:85
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUXyrkyEay16DmR66z9msxpIpK9rswDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjYwMjI4MDM1MDA3WhcNMjYwNTI5MjM1OTU5
WjB6MUkwRwYDVQQFE0BlM2ZlYzg4OWM3ZGMyMjEwZjAyYzIzOGQ2MmRjOTk3YmEy
N2UxOWU2NDRmYzQ1MmMzM2JmMjgyYmJmNmQ2MTBkMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDY+f+/7Bn01+7iXUb8fuLwqx8iGN4nZ8hu8LW8oSObT7jL
7beMzzvr+specYN4ATe95z138uJUZeDk0+IjRsAj5DDTZUbr5kPNdPTB5ZRGwPnq
s7CeKz0so3RLRo1ehFdMnTYR4Z4DSQxrykqQEZGFcHCSgOiwJ6v7DgeQepTEJVdC
smnl7HdlnsJg2enBDxz+9ZZmP+d3hln19lkoin5YBiWRSKliHSBcuiocdSS1UkOr
qqThcMYgXhCA7sRzMf+qtlzgR5Ts4JNffIspC+RggTxxI5E7lr0GSCTXPvx29H2V
txx+rKe8c0UOZMXSjDzC5g2B9QiOXQdpyRHLED9FAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUwDGUnP4bWSwNZpTROdTtNSkOkygwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzFkYTNmMWZiLTI1OTAtNDIyZC05YjI4LTRiZDE0ZDIyZjA5Yi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAA273EwDQYJKoZIhvcNAQELBQADggEBAJ3GgSJbda58dMBxmx6mOPCYcq8a
FtP2OboId76lWFntBGcbjdv2snr3tCIRYttL27YX2nWf/3QmocgUy/n9e5FHnR2+
XAXz+WjNd8UY11042vHUfPIqtxd0/397D18IEAXXesrK2uRlyPX48FY2wFLWI+Kd
zksMuF5teTNgOMovq0xVPH7FT+LQJAdOWkTX8t8w7lpoUnRJztdb0wmjZeYLSTYV
/Sptc3fWGDmScF5U3NR867/P7DZW+zkx0qy87BYqrp42rz4Bb6u5amFnr0KU9tts
jCxMHO+9eQcGK6RAWxhsIOimeIZAU4l2QtW2UtslMvnC51OzVV6V+XmTz4U=
-----END CERTIFICATE-----