Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/2ca7fb95-046b-408c-9d33-2af8b2e953f4.roa
File:                     2ca7fb95-046b-408c-9d33-2af8b2e953f4.roa (raw, json)
Hash identifier:          7zVgKtkesEU2TXplbrHknnFQrHtVE1t1orHcPKcXEnM=
Subject key identifier:   A3:2F:43:E0:3C:64:F9:43:1F:36:C8:07:09:60:B1:93:4B:86:9B:AE
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       1BC6617FB3830DF070267EBABAD477ADF31D5645
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/2ca7fb95-046b-408c-9d33-2af8b2e953f4.roa
Signing time:             Tue 24 Feb 2026 03:20:10 +0000
ROA not before:           Tue 24 Feb 2026 03:20:10 +0000
ROA not after:            Mon 25 May 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        54.192.0.0/12 maxlen: 12
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Mon 02 Mar 2026 20:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1b:c6:61:7f:b3:83:0d:f0:70:26:7e:ba:ba:d4:77:ad:f3:1d:56:45
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Feb 24 03:20:10 2026 GMT
            Not After : May 25 23:59:59 2026 GMT
        Subject: serialNumber=70f7eec6aa8cf8c4b2138537d7a932ec7ae235876a58581e1fddbc546949f8d4, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f6:0e:ad:33:c6:e8:b2:68:69:24:83:75:54:d1:
                    f0:c5:34:19:fc:b2:35:9d:e5:56:86:5a:08:59:76:
                    fc:7e:0e:0c:70:f0:2a:07:9f:e8:d4:3e:34:76:4d:
                    72:44:dc:cb:61:d1:fd:f1:d0:ff:56:03:97:af:bd:
                    ac:88:c5:6c:8d:a4:e4:24:a9:6b:3b:51:96:d2:19:
                    90:6f:22:6d:c7:32:1f:3e:2f:0b:26:aa:7a:73:65:
                    9e:ef:87:70:10:82:4e:62:bd:0a:b7:2d:fa:de:29:
                    20:3c:6c:2d:f5:15:23:ac:db:16:72:cd:ab:3e:70:
                    33:d6:8d:64:62:2b:75:f9:89:bb:0e:06:25:2c:47:
                    bc:a3:f2:fc:c3:94:c9:6c:7c:20:b6:9a:f3:c7:f6:
                    8d:f9:8d:72:81:17:bc:80:58:10:4f:e7:ac:79:44:
                    eb:ed:4d:63:c3:d9:f1:2c:b3:39:1f:7d:ef:43:24:
                    da:d0:5d:a9:14:d7:bc:54:23:4b:ff:33:6c:64:9f:
                    d5:8d:b2:ee:c6:05:f6:5d:60:02:c1:7d:30:3b:4b:
                    88:28:9f:96:ae:45:62:1c:15:ef:d6:28:67:6b:10:
                    30:63:e5:82:bf:b0:ec:8e:6c:cb:4b:98:61:61:b5:
                    15:97:d5:00:59:4e:ca:d7:e6:72:7a:45:a1:22:81:
                    60:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A3:2F:43:E0:3C:64:F9:43:1F:36:C8:07:09:60:B1:93:4B:86:9B:AE
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/2ca7fb95-046b-408c-9d33-2af8b2e953f4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  54.192.0.0/12

    Signature Algorithm: sha256WithRSAEncryption
         35:04:7a:01:28:c3:9e:b7:f6:5f:04:ea:69:df:d5:d9:2b:6b:
         0d:a8:a8:df:6e:17:80:75:19:a3:99:b3:cd:d4:da:4c:93:ef:
         72:14:98:6d:d4:bc:be:74:1b:f7:3e:ea:60:65:de:d3:78:f0:
         fa:4e:ce:83:24:49:83:b4:d1:ce:25:da:81:2a:d4:74:d0:18:
         f1:82:78:6a:c6:0c:99:0e:ed:ef:28:00:a5:cd:01:b1:ba:f5:
         3d:56:67:e2:88:c6:5e:c4:47:00:0f:5b:33:f6:72:f8:c6:22:
         bc:0f:0c:a8:8c:a2:73:c1:66:54:46:15:73:97:50:a8:2a:54:
         54:89:cb:ca:b3:ed:83:ca:b8:51:9f:f5:ba:10:3a:58:1e:b1:
         4f:bb:ee:ff:37:5f:92:ff:65:03:2c:73:ec:35:aa:16:63:b2:
         b2:f0:73:72:78:8c:a1:49:9e:e8:6b:3c:ad:36:14:98:05:81:
         1b:a7:81:39:b2:f1:8b:15:24:5d:de:32:54:3e:d3:e4:9e:bf:
         ce:8c:fc:cf:a6:55:71:d1:4f:01:81:2b:5b:b1:60:97:74:41:
         9c:c4:bc:68:bc:b0:92:e9:76:0a:8a:a8:c4:a6:82:9e:b2:f0:
         f2:55:62:f2:0f:f4:af:e2:54:09:32:11:5d:53:cb:89:f0:14:
         88:31:38:f0
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUG8Zhf7ODDfBwJn66utR3rfMdVkUwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjYwMjI0MDMyMDEwWhcNMjYwNTI1MjM1OTU5
WjB6MUkwRwYDVQQFE0A3MGY3ZWVjNmFhOGNmOGM0YjIxMzg1MzdkN2E5MzJlYzdh
ZTIzNTg3NmE1ODU4MWUxZmRkYmM1NDY5NDlmOGQ0MS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQD2Dq0zxuiyaGkkg3VU0fDFNBn8sjWd5VaGWghZdvx+Dgxw
8CoHn+jUPjR2TXJE3Mth0f3x0P9WA5evvayIxWyNpOQkqWs7UZbSGZBvIm3HMh8+
LwsmqnpzZZ7vh3AQgk5ivQq3LfreKSA8bC31FSOs2xZyzas+cDPWjWRiK3X5ibsO
BiUsR7yj8vzDlMlsfCC2mvPH9o35jXKBF7yAWBBP56x5ROvtTWPD2fEsszkffe9D
JNrQXakU17xUI0v/M2xkn9WNsu7GBfZdYALBfTA7S4gon5auRWIcFe/WKGdrEDBj
5YK/sOyObMtLmGFhtRWX1QBZTsrX5nJ6RaEigWBLAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUoy9D4Dxk+UMfNsgHCWCxk0uGm64wHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzJjYTdmYjk1LTA0NmItNDA4Yy05ZDMzLTJhZjhiMmU5NTNmNC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwQ2wDANBgkqhkiG9w0BAQsFAAOCAQEANQR6ASjDnrf2XwTqad/V2StrDaio
324XgHUZo5mzzdTaTJPvchSYbdS8vnQb9z7qYGXe03jw+k7OgyRJg7TRziXagSrU
dNAY8YJ4asYMmQ7t7ygApc0Bsbr1PVZn4ojGXsRHAA9bM/Zy+MYivA8MqIyic8Fm
VEYVc5dQqCpUVInLyrPtg8q4UZ/1uhA6WB6xT7vu/zdfkv9lAyxz7DWqFmOysvBz
cniMoUme6Gs8rTYUmAWBG6eBObLxixUkXd4yVD7T5J6/zoz8z6ZVcdFPAYErW7Fg
l3RBnMS8aLywkul2CoqoxKaCnrLw8lVi8g/0r+JUCTIRXVPLifAUiDE48A==
-----END CERTIFICATE-----