Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/2eededf7-f3f8-4d80-8d73-d02124acd34f.roa
File:                     2eededf7-f3f8-4d80-8d73-d02124acd34f.roa (raw, json)
Hash identifier:          PNvvOO97NFs5ro88H1r8fSnjt5v8VADyskGdnTTXiaY=
Subject key identifier:   A6:3C:23:1A:FC:1D:E9:5E:78:DA:AC:10:8C:91:F2:E0:3C:7A:C7:06
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       53B335CAA6F84680307614920774FBF5C95458CA
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/2eededf7-f3f8-4d80-8d73-d02124acd34f.roa
Signing time:             Tue 19 May 2026 01:51:05 +0000
ROA not before:           Tue 19 May 2026 01:51:05 +0000
ROA not after:            Mon 17 Aug 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        54.79.0.0/17 maxlen: 17
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 18 Jun 2026 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            53:b3:35:ca:a6:f8:46:80:30:76:14:92:07:74:fb:f5:c9:54:58:ca
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: May 19 01:51:05 2026 GMT
            Not After : Aug 17 23:59:59 2026 GMT
        Subject: serialNumber=cef155be3ed1df53bc5242f3058e94e6de4f9d1d2e1887ffa7d67a928103f5e3, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:de:e9:92:0f:78:61:2d:e7:34:49:40:28:b0:89:
                    dc:78:9c:dd:75:50:83:0e:f9:90:b9:b2:e0:4a:d6:
                    3a:4d:aa:e0:d6:a1:44:1b:6d:fc:71:af:e0:27:e7:
                    71:a4:bc:be:33:4b:0e:7d:84:f6:1e:3f:33:4e:25:
                    cc:f0:3a:76:0a:c8:db:63:be:d2:ee:18:88:37:1a:
                    3f:9c:d0:ed:09:9b:cb:0f:db:2c:d8:f4:1d:32:d6:
                    9e:ec:dc:07:a7:88:0e:32:b0:2c:f6:84:2d:25:3e:
                    3f:f7:eb:07:2b:b6:4a:bf:b7:0e:87:26:51:9e:81:
                    d8:de:8f:af:bd:ec:bc:b7:6f:a3:6f:69:03:58:ed:
                    f7:77:d8:55:64:53:ea:a2:93:7c:6f:b9:a4:f0:71:
                    1b:95:21:40:9e:d2:a6:bd:4f:48:6d:24:72:25:2a:
                    8e:03:f6:a9:ae:dc:af:3e:6a:cb:ed:74:5c:90:fd:
                    97:b2:09:05:aa:46:6c:87:80:7b:76:50:89:99:aa:
                    9c:1d:3a:b0:50:24:b5:12:9c:7a:5e:60:2b:e0:d3:
                    0e:67:c0:7b:22:5f:85:e4:55:ae:85:7a:0b:ac:0f:
                    35:e5:be:58:c5:37:b3:ad:55:8f:d2:8f:4c:f3:ed:
                    3d:01:1b:f9:0e:1d:9c:24:20:2c:5b:1c:70:d5:17:
                    ee:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A6:3C:23:1A:FC:1D:E9:5E:78:DA:AC:10:8C:91:F2:E0:3C:7A:C7:06
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/2eededf7-f3f8-4d80-8d73-d02124acd34f.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  54.79.0.0/17

    Signature Algorithm: sha256WithRSAEncryption
         0c:47:51:db:b5:08:df:95:ca:4b:64:83:33:7e:93:23:42:73:
         74:41:78:4e:3d:e4:d0:63:69:1d:d1:a9:1f:ee:aa:47:a6:6f:
         37:7d:b9:29:f7:f1:89:b0:96:ec:da:2c:94:18:2d:7f:02:03:
         a9:d2:cd:af:8d:29:3d:2c:f8:0d:25:97:18:f2:b9:a7:0c:9d:
         eb:77:5e:c1:34:b3:b9:c2:a4:58:15:2c:12:91:28:d0:d1:1a:
         79:f3:b5:a9:a1:21:51:21:7f:e0:64:e9:b2:bc:3a:a9:04:0e:
         d9:49:a8:a7:f9:87:99:1b:19:83:90:ca:ea:3a:a1:1c:a3:3e:
         58:24:b2:40:58:af:6a:98:80:b1:85:3f:a2:10:6c:d1:07:5d:
         24:1c:a3:d9:b5:2c:43:01:73:e1:2f:c4:f3:9c:6c:e7:a1:91:
         5b:32:7a:9a:92:1b:ec:0f:d3:d0:11:51:85:c1:38:66:42:86:
         e6:5b:35:73:06:83:a5:75:49:66:e6:31:b9:7c:ae:6d:1e:a6:
         9c:ef:fb:d5:d8:40:90:3d:a1:bd:87:28:ec:8b:a8:c8:fc:06:
         25:e0:41:1d:fc:c4:e2:b7:db:e0:42:9c:27:1a:93:4e:f1:21:
         51:f3:17:4c:92:cb:43:91:9f:7f:0e:99:cb:8d:4e:48:67:ec:
         18:0e:92:5a
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUU7M1yqb4RoAwdhSSB3T79clUWMowDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjYwNTE5MDE1MTA1WhcNMjYwODE3MjM1OTU5
WjB6MUkwRwYDVQQFE0BjZWYxNTViZTNlZDFkZjUzYmM1MjQyZjMwNThlOTRlNmRl
NGY5ZDFkMmUxODg3ZmZhN2Q2N2E5MjgxMDNmNWUzMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDe6ZIPeGEt5zRJQCiwidx4nN11UIMO+ZC5suBK1jpNquDW
oUQbbfxxr+An53GkvL4zSw59hPYePzNOJczwOnYKyNtjvtLuGIg3Gj+c0O0Jm8sP
2yzY9B0y1p7s3AeniA4ysCz2hC0lPj/36wcrtkq/tw6HJlGegdjej6+97Ly3b6Nv
aQNY7fd32FVkU+qik3xvuaTwcRuVIUCe0qa9T0htJHIlKo4D9qmu3K8+asvtdFyQ
/ZeyCQWqRmyHgHt2UImZqpwdOrBQJLUSnHpeYCvg0w5nwHsiX4XkVa6FegusDzXl
vljFN7OtVY/Sj0zz7T0BG/kOHZwkICxbHHDVF+5ZAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUpjwjGvwd6V542qwQjJHy4Dx6xwYwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzJlZWRlZGY3LWYzZjgtNGQ4MC04ZDczLWQwMjEyNGFjZDM0Zi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAc2TwAwDQYJKoZIhvcNAQELBQADggEBAAxHUdu1CN+VyktkgzN+kyNCc3RB
eE495NBjaR3RqR/uqkembzd9uSn38YmwluzaLJQYLX8CA6nSza+NKT0s+A0llxjy
uacMnet3XsE0s7nCpFgVLBKRKNDRGnnztamhIVEhf+Bk6bK8OqkEDtlJqKf5h5kb
GYOQyuo6oRyjPlgkskBYr2qYgLGFP6IQbNEHXSQco9m1LEMBc+EvxPOcbOehkVsy
epqSG+wP09ARUYXBOGZChuZbNXMGg6V1SWbmMbl8rm0eppzv+9XYQJA9ob2HKOyL
qMj8BiXgQR38xOK32+BCnCcak07xIVHzF0ySy0ORn38OmcuNTkhn7BgOklo=
-----END CERTIFICATE-----