Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/2b52e00f-3416-4435-ae70-8cea168ceeb8.roa
File:                     2b52e00f-3416-4435-ae70-8cea168ceeb8.roa (raw, json)
Hash identifier:          3sYrdKKDJMS+tOCYRR8H64omDzADRuo/RLV3ouhaKzo=
Subject key identifier:   91:FE:42:2F:1B:76:78:6D:DB:F3:D8:5C:50:95:CE:5F:85:25:C0:80
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       48091B5BF22B9888ABA2A36A0EA67F5276EEE3B3
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/2b52e00f-3416-4435-ae70-8cea168ceeb8.roa
Signing time:             Tue 26 May 2026 00:00:07 +0000
ROA not before:           Tue 26 May 2026 00:00:07 +0000
ROA not after:            Mon 24 Aug 2026 23:59:59 +0000
asID:                     14618
IP address blocks:        15.129.0.0/17 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 14 Jun 2026 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            48:09:1b:5b:f2:2b:98:88:ab:a2:a3:6a:0e:a6:7f:52:76:ee:e3:b3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: May 26 00:00:07 2026 GMT
            Not After : Aug 24 23:59:59 2026 GMT
        Subject: serialNumber=cbc4b9d69631446264215cf911228b5b7c491db55eee00ad3ba823c1be7ed5e2, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:0b:d7:4e:09:7a:7e:f1:a8:8b:59:72:6a:2e:
                    1b:fc:a0:d9:ac:5c:68:a5:85:b2:71:67:9d:fb:17:
                    8e:cd:22:54:56:d3:a0:19:a1:66:31:4c:bf:ff:88:
                    19:a9:f0:fb:c0:1f:81:9b:c8:8c:08:b7:9b:7f:c1:
                    c1:89:ce:b2:6d:25:d3:a0:92:1b:23:4d:73:4a:5b:
                    71:80:af:72:f8:c9:19:e8:a3:ce:a2:02:cd:3d:84:
                    c5:9a:45:42:d7:85:72:cd:4f:08:2d:fa:30:73:05:
                    b3:06:1c:3c:12:e6:9e:91:10:7e:ae:27:97:5b:f2:
                    ed:3f:e7:24:d7:c1:74:ec:3d:6f:73:d2:19:ac:3d:
                    b6:ac:58:fb:c3:8a:04:5e:72:6d:5a:4a:88:e2:73:
                    73:dc:f6:33:f9:e7:d9:c7:e4:a7:da:1b:5d:5a:7f:
                    48:b4:51:89:5f:49:d9:55:b8:4e:bc:2c:50:f9:28:
                    8c:45:e9:9a:af:95:1e:68:70:1b:16:42:a8:5b:26:
                    24:c1:58:a3:f8:ee:25:04:bb:59:be:58:58:2a:40:
                    df:d6:ac:6e:aa:ca:ef:a0:d6:c2:00:96:bf:60:7e:
                    a7:26:b0:32:70:10:f7:f8:46:fe:22:14:c7:f0:4b:
                    1e:b0:60:f9:7f:ed:87:c2:17:ab:c4:ef:80:15:c4:
                    34:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                91:FE:42:2F:1B:76:78:6D:DB:F3:D8:5C:50:95:CE:5F:85:25:C0:80
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/2b52e00f-3416-4435-ae70-8cea168ceeb8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  15.129.0.0/17

    Signature Algorithm: sha256WithRSAEncryption
         15:8c:9f:f1:06:84:6e:0e:66:57:5d:6e:76:93:0d:af:1f:f6:
         8d:98:57:c2:34:d4:39:39:13:ab:a2:f3:a7:81:ad:36:3e:ca:
         84:14:e2:03:e1:fd:0b:37:ae:05:85:51:c9:08:a9:77:29:9e:
         1f:d8:82:99:b2:f6:23:e6:a9:84:84:2c:7e:8a:45:43:7e:76:
         b9:a0:d2:4b:fe:e1:ec:d1:4d:db:1f:8a:db:b2:f1:27:f2:ab:
         ec:96:03:fb:c5:bb:80:03:08:b1:44:39:a7:2f:20:5a:aa:20:
         e1:82:6f:24:59:1e:35:3c:7f:aa:d5:c4:8b:6a:78:9d:f7:91:
         be:7a:f1:8c:c7:3f:8a:66:cd:08:db:3c:0a:c9:53:7f:ae:da:
         b1:a5:50:56:de:1e:88:70:5b:c6:ad:70:0e:47:d0:ad:35:ba:
         45:71:98:7f:77:05:15:72:1f:b0:c9:2d:e0:d4:ad:c3:13:e6:
         b2:13:a8:8a:06:8e:bd:d0:91:fd:e6:30:90:f8:88:f2:4b:a2:
         71:80:8c:83:66:35:7c:f9:7a:2e:75:32:94:26:67:db:ec:8b:
         75:2c:1c:be:f1:f2:3c:c2:99:3a:5f:3d:c6:6e:7f:e8:61:ee:
         97:8e:44:a5:3d:65:af:ea:dd:f7:3d:ac:0f:09:8c:97:b8:72:
         04:c2:f0:0e
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUSAkbW/IrmIiroqNqDqZ/Unbu47MwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjYwNTI2MDAwMDA3WhcNMjYwODI0MjM1OTU5
WjB6MUkwRwYDVQQFE0BjYmM0YjlkNjk2MzE0NDYyNjQyMTVjZjkxMTIyOGI1Yjdj
NDkxZGI1NWVlZTAwYWQzYmE4MjNjMWJlN2VkNWUyMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCyC9dOCXp+8aiLWXJqLhv8oNmsXGilhbJxZ537F47NIlRW
06AZoWYxTL//iBmp8PvAH4GbyIwIt5t/wcGJzrJtJdOgkhsjTXNKW3GAr3L4yRno
o86iAs09hMWaRULXhXLNTwgt+jBzBbMGHDwS5p6REH6uJ5db8u0/5yTXwXTsPW9z
0hmsPbasWPvDigRecm1aSojic3Pc9jP559nH5KfaG11af0i0UYlfSdlVuE68LFD5
KIxF6ZqvlR5ocBsWQqhbJiTBWKP47iUEu1m+WFgqQN/WrG6qyu+g1sIAlr9gfqcm
sDJwEPf4Rv4iFMfwSx6wYPl/7YfCF6vE74AVxDTvAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUkf5CLxt2eG3b89hcUJXOX4UlwIAwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzJiNTJlMDBmLTM0MTYtNDQzNS1hZTcwLThjZWExNjhjZWViOC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAcPgQAwDQYJKoZIhvcNAQELBQADggEBABWMn/EGhG4OZlddbnaTDa8f9o2Y
V8I01Dk5E6ui86eBrTY+yoQU4gPh/Qs3rgWFUckIqXcpnh/Ygpmy9iPmqYSELH6K
RUN+drmg0kv+4ezRTdsfituy8Sfyq+yWA/vFu4ADCLFEOacvIFqqIOGCbyRZHjU8
f6rVxItqeJ33kb568YzHP4pmzQjbPArJU3+u2rGlUFbeHohwW8atcA5H0K01ukVx
mH93BRVyH7DJLeDUrcMT5rITqIoGjr3Qkf3mMJD4iPJLonGAjINmNXz5ei51MpQm
Z9vsi3UsHL7x8jzCmTpfPcZuf+hh7peORKU9Za/q3fc9rA8JjJe4cgTC8A4=
-----END CERTIFICATE-----
Generated at Sat Jun 13 07:59:35 2026 by rpki-client