Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/2eededf7-f3f8-4d80-8d73-d02124acd34f.roa
File:                     2eededf7-f3f8-4d80-8d73-d02124acd34f.roa (raw, json)
Hash identifier:          UedeqGquas3P3RD97hKKabtB9pZe0BUZuScSfkexynM=
Subject key identifier:   93:00:81:01:6A:87:09:1D:EF:41:C5:58:29:00:35:21:4F:F5:27:4C
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       010A73EE0BEE46687041F9971E598BF4C83F3897
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/2eededf7-f3f8-4d80-8d73-d02124acd34f.roa
Signing time:             Sat 28 Feb 2026 02:11:01 +0000
ROA not before:           Sat 28 Feb 2026 02:11:01 +0000
ROA not after:            Fri 29 May 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        54.79.0.0/17 maxlen: 17
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Wed 04 Mar 2026 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:0a:73:ee:0b:ee:46:68:70:41:f9:97:1e:59:8b:f4:c8:3f:38:97
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Feb 28 02:11:01 2026 GMT
            Not After : May 29 23:59:59 2026 GMT
        Subject: serialNumber=f1a326381a546721f3cd50e827fe8f65e3879aa6d1263a12a1808db2549990f3, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f3:3e:e4:3b:e1:b1:de:86:b7:eb:d4:cd:1a:dd:
                    ab:d1:2b:23:84:05:25:24:d8:3e:1c:66:a1:87:a2:
                    4c:53:69:ee:99:f0:d1:6a:f9:71:88:26:e7:a2:82:
                    f7:d1:70:4a:9b:56:f1:5f:2d:78:3a:b4:6c:8d:d8:
                    9d:d1:4b:46:c4:40:a9:9a:88:2a:87:63:bc:40:9f:
                    85:2c:5d:f4:0b:ea:87:f0:18:50:06:16:d1:3d:13:
                    a0:cf:2b:ea:05:0a:6b:ba:bb:03:6f:ab:76:4b:7d:
                    93:97:e3:31:eb:1b:9c:9a:e3:32:6c:9e:36:32:62:
                    98:e4:f7:2c:5b:5b:0d:81:2b:18:40:15:e4:99:7b:
                    03:b9:22:10:c6:7d:cb:9d:36:0c:8f:e1:95:1a:54:
                    37:23:e1:27:8f:68:77:4b:a1:ba:e5:38:9b:d3:eb:
                    99:06:13:fa:6e:df:56:c0:d4:43:ee:e3:c2:db:fe:
                    3a:ec:1f:38:dd:eb:d2:f2:b7:96:70:f3:e8:d3:68:
                    11:45:cb:67:69:8d:8b:b9:b0:d5:b4:80:b0:06:79:
                    ef:6f:e7:8b:1d:68:14:4f:d5:8e:9a:ab:c7:b5:cd:
                    7d:22:4a:4d:1b:f3:9c:d8:ed:20:e2:dd:fb:e2:6d:
                    2e:38:52:89:8a:55:3b:31:60:cc:6b:12:c3:cf:ed:
                    44:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                93:00:81:01:6A:87:09:1D:EF:41:C5:58:29:00:35:21:4F:F5:27:4C
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/2eededf7-f3f8-4d80-8d73-d02124acd34f.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  54.79.0.0/17

    Signature Algorithm: sha256WithRSAEncryption
         75:51:4c:29:5f:ac:82:b0:78:71:8e:7f:f1:69:40:2a:b0:72:
         85:ea:1c:4c:f3:ed:ba:a7:27:b0:78:84:cd:4b:22:1c:d0:21:
         1f:59:c4:6e:25:64:c8:db:1d:18:f7:37:51:7d:99:20:b4:a8:
         26:37:7d:0b:a5:14:79:f2:58:23:66:75:da:80:1f:97:68:c0:
         98:10:4a:20:20:93:22:0f:bc:98:90:81:a5:e2:78:01:46:3b:
         47:f6:7e:9e:89:10:9a:4a:d4:d9:f6:4a:4f:e3:a6:af:94:e8:
         d1:b1:d6:10:0d:41:d3:b7:6b:df:49:5a:46:7c:02:c0:c9:55:
         59:fd:1c:28:a4:22:63:88:33:f4:9e:fc:d7:6b:36:e4:e4:5e:
         6d:ce:e6:bb:98:74:72:17:bf:59:1c:c4:2d:5c:69:8b:72:5f:
         1e:01:6d:c1:8b:bd:5d:e2:ad:c5:cf:3b:d2:ff:90:cb:24:84:
         a6:e8:37:74:c9:20:a1:99:0a:f6:af:ec:f3:29:68:ed:75:e0:
         e8:7a:11:7d:51:ee:96:f9:82:84:82:b5:2c:2d:c5:12:24:81:
         39:ab:37:66:bc:f5:c1:8e:f3:f6:19:8d:ec:94:e2:83:0a:b2:
         67:bf:47:3c:e5:65:c7:3b:86:7c:15:d6:63:b5:11:e0:1f:fb:
         0a:bc:2e:45
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUAQpz7gvuRmhwQfmXHlmL9Mg/OJcwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjYwMjI4MDIxMTAxWhcNMjYwNTI5MjM1OTU5
WjB6MUkwRwYDVQQFE0BmMWEzMjYzODFhNTQ2NzIxZjNjZDUwZTgyN2ZlOGY2NWUz
ODc5YWE2ZDEyNjNhMTJhMTgwOGRiMjU0OTk5MGYzMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDzPuQ74bHehrfr1M0a3avRKyOEBSUk2D4cZqGHokxTae6Z
8NFq+XGIJueigvfRcEqbVvFfLXg6tGyN2J3RS0bEQKmaiCqHY7xAn4UsXfQL6ofw
GFAGFtE9E6DPK+oFCmu6uwNvq3ZLfZOX4zHrG5ya4zJsnjYyYpjk9yxbWw2BKxhA
FeSZewO5IhDGfcudNgyP4ZUaVDcj4SePaHdLobrlOJvT65kGE/pu31bA1EPu48Lb
/jrsHzjd69Lyt5Zw8+jTaBFFy2dpjYu5sNW0gLAGee9v54sdaBRP1Y6aq8e1zX0i
Sk0b85zY7SDi3fvibS44UomKVTsxYMxrEsPP7URdAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUkwCBAWqHCR3vQcVYKQA1IU/1J0wwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzJlZWRlZGY3LWYzZjgtNGQ4MC04ZDczLWQwMjEyNGFjZDM0Zi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAc2TwAwDQYJKoZIhvcNAQELBQADggEBAHVRTClfrIKweHGOf/FpQCqwcoXq
HEzz7bqnJ7B4hM1LIhzQIR9ZxG4lZMjbHRj3N1F9mSC0qCY3fQulFHnyWCNmddqA
H5dowJgQSiAgkyIPvJiQgaXieAFGO0f2fp6JEJpK1Nn2Sk/jpq+U6NGx1hANQdO3
a99JWkZ8AsDJVVn9HCikImOIM/Se/NdrNuTkXm3O5ruYdHIXv1kcxC1caYtyXx4B
bcGLvV3ircXPO9L/kMskhKboN3TJIKGZCvav7PMpaO114Oh6EX1R7pb5goSCtSwt
xRIkgTmrN2a89cGO8/YZjeyU4oMKsme/RzzlZcc7hnwV1mO1EeAf+wq8LkU=
-----END CERTIFICATE-----