Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/1e6d17b7-34a6-4151-8a41-12f370573800.roa
File:                     1e6d17b7-34a6-4151-8a41-12f370573800.roa (raw, json)
Hash identifier:          Bpe1ZlA983XBP8BWu3VcpkKTU6OU3Hy/+pkWwSj8HRU=
Subject key identifier:   EF:34:C5:AF:EF:2E:E0:7D:60:2C:86:75:0F:D2:05:53:CF:27:77:C6
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       0F7FDD3CE3643EFFD17047788F4CA96B65829D44
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/1e6d17b7-34a6-4151-8a41-12f370573800.roa
Signing time:             Sat 28 Feb 2026 02:31:22 +0000
ROA not before:           Sat 28 Feb 2026 02:31:22 +0000
ROA not after:            Fri 29 May 2026 23:59:59 +0000
asID:                     14618
IP address blocks:        54.82.0.0/17 maxlen: 17
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Wed 04 Mar 2026 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0f:7f:dd:3c:e3:64:3e:ff:d1:70:47:78:8f:4c:a9:6b:65:82:9d:44
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Feb 28 02:31:22 2026 GMT
            Not After : May 29 23:59:59 2026 GMT
        Subject: serialNumber=0358f843aff84a6e9c9af1102a5e3dddb4e89ae1e3c8ac895162df8f9f6f3570, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d9:86:2b:1a:e7:43:88:a2:48:09:f4:f9:86:5f:
                    dc:f7:c8:c9:9d:6d:50:2b:17:86:12:21:7b:9e:b5:
                    f0:5e:95:13:2d:49:42:12:7f:8b:9f:c6:11:63:0b:
                    c1:3c:0b:03:4c:60:dc:ae:dc:31:99:f1:9c:a8:33:
                    aa:2b:f6:e7:6e:9b:c5:bb:7a:58:94:0d:11:14:28:
                    40:2c:4c:dd:ea:e2:0d:48:bf:0b:4f:fd:6f:dd:2d:
                    50:2d:77:0f:f1:0c:16:1d:c2:13:82:8c:6c:a6:2f:
                    d1:33:c2:d9:51:db:57:d7:0d:a7:65:f4:57:30:03:
                    a5:89:93:0d:90:d7:5a:f3:1b:fc:8d:7c:49:ec:8e:
                    7a:a3:e9:be:b8:cc:25:4d:70:4b:f8:d1:5d:60:d7:
                    6a:54:ef:29:ca:b5:61:01:f9:96:fb:3b:41:79:22:
                    6c:52:03:5e:0e:62:c5:85:92:83:51:1d:46:cc:13:
                    f9:2b:cb:a4:e4:6f:21:e3:a1:48:0b:f1:09:05:5c:
                    71:b2:73:7d:ac:0c:d4:38:3f:38:3d:ae:9e:6a:05:
                    e7:b4:d8:26:ae:6e:cd:2d:c1:08:4f:02:08:98:28:
                    13:fd:86:55:3a:25:a4:7c:ec:43:ec:41:34:58:12:
                    6f:57:a4:57:72:a6:47:f6:d7:e0:76:3d:13:81:cd:
                    67:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EF:34:C5:AF:EF:2E:E0:7D:60:2C:86:75:0F:D2:05:53:CF:27:77:C6
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/1e6d17b7-34a6-4151-8a41-12f370573800.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  54.82.0.0/17

    Signature Algorithm: sha256WithRSAEncryption
         26:7b:71:5c:34:4b:a3:d6:b7:80:68:31:f3:d2:c1:2c:2d:e8:
         3f:3c:23:90:88:40:b3:a2:b5:1d:70:5b:03:be:bd:8a:3f:19:
         91:cf:ed:11:72:30:f4:f6:57:fc:48:c9:9c:f5:8e:b5:5e:6d:
         13:62:35:a9:ed:74:42:0d:83:0b:a9:ce:12:de:88:44:07:b2:
         c8:f6:4a:a0:e4:cf:d8:86:e5:ce:af:fd:60:87:01:51:fa:66:
         79:e7:46:ba:01:6d:e5:98:71:84:71:24:f7:f8:93:36:b5:c8:
         d8:99:35:f0:ee:35:42:6d:99:76:cf:0b:db:b6:16:7c:fd:d6:
         5a:9b:cc:98:32:c7:79:68:69:79:64:bc:4e:73:3f:40:00:87:
         44:89:59:db:d2:44:ba:a0:9a:5d:84:33:e2:e7:ab:57:ec:4f:
         d3:d1:99:71:fe:89:33:24:8d:87:93:80:0f:b8:29:d4:07:0a:
         0e:ce:77:44:c6:ac:3a:ad:8e:d8:19:1a:27:90:b0:49:5b:49:
         7d:ae:2a:44:43:84:6a:0d:8c:5b:47:88:d6:89:1a:ee:6e:09:
         29:56:9b:68:b9:53:6a:4b:d1:8a:0e:35:57:ab:f7:c5:b4:ec:
         91:10:e8:0b:00:de:9c:da:c7:d2:a2:1e:b0:72:a5:7e:8b:34:
         53:cc:3a:fc
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUD3/dPONkPv/RcEd4j0ypa2WCnUQwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjYwMjI4MDIzMTIyWhcNMjYwNTI5MjM1OTU5
WjB6MUkwRwYDVQQFE0AwMzU4Zjg0M2FmZjg0YTZlOWM5YWYxMTAyYTVlM2RkZGI0
ZTg5YWUxZTNjOGFjODk1MTYyZGY4ZjlmNmYzNTcwMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDZhisa50OIokgJ9PmGX9z3yMmdbVArF4YSIXuetfBelRMt
SUISf4ufxhFjC8E8CwNMYNyu3DGZ8ZyoM6or9udum8W7eliUDREUKEAsTN3q4g1I
vwtP/W/dLVAtdw/xDBYdwhOCjGymL9EzwtlR21fXDadl9FcwA6WJkw2Q11rzG/yN
fEnsjnqj6b64zCVNcEv40V1g12pU7ynKtWEB+Zb7O0F5ImxSA14OYsWFkoNRHUbM
E/kry6TkbyHjoUgL8QkFXHGyc32sDNQ4Pzg9rp5qBee02Caubs0twQhPAgiYKBP9
hlU6JaR87EPsQTRYEm9XpFdypkf21+B2PROBzWffAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU7zTFr+8u4H1gLIZ1D9IFU88nd8YwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzFlNmQxN2I3LTM0YTYtNDE1MS04YTQxLTEyZjM3MDU3MzgwMC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAc2UgAwDQYJKoZIhvcNAQELBQADggEBACZ7cVw0S6PWt4BoMfPSwSwt6D88
I5CIQLOitR1wWwO+vYo/GZHP7RFyMPT2V/xIyZz1jrVebRNiNantdEINgwupzhLe
iEQHssj2SqDkz9iG5c6v/WCHAVH6ZnnnRroBbeWYcYRxJPf4kza1yNiZNfDuNUJt
mXbPC9u2Fnz91lqbzJgyx3loaXlkvE5zP0AAh0SJWdvSRLqgml2EM+Lnq1fsT9PR
mXH+iTMkjYeTgA+4KdQHCg7Od0TGrDqtjtgZGieQsElbSX2uKkRDhGoNjFtHiNaJ
Gu5uCSlWm2i5U2pL0YoONVer98W07JEQ6AsA3pzax9KiHrBypX6LNFPMOvw=
-----END CERTIFICATE-----