Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/2fbce0b2-9e9c-466b-9b17-180de53a79ea.roa
File:                     2fbce0b2-9e9c-466b-9b17-180de53a79ea.roa (raw, json)
Hash identifier:          dChBAOTwIHdNQ+L6H3XvKChefpYaefbIlVE17d8iWWM=
Subject key identifier:   D6:F4:F9:3D:D0:71:0B:61:BC:E7:61:95:F2:BD:9E:E5:77:02:BB:FC
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       5B3278312686997CCBAA0C14D872FE102814FA51
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/2fbce0b2-9e9c-466b-9b17-180de53a79ea.roa
Signing time:             Tue 19 May 2026 03:30:52 +0000
ROA not before:           Tue 19 May 2026 03:30:52 +0000
ROA not after:            Mon 17 Aug 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        18.156.0.0/14 maxlen: 14
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 18 Jun 2026 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5b:32:78:31:26:86:99:7c:cb:aa:0c:14:d8:72:fe:10:28:14:fa:51
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: May 19 03:30:52 2026 GMT
            Not After : Aug 17 23:59:59 2026 GMT
        Subject: serialNumber=bb00a42e3f3319293342b7f545534bfe4129c60ac7b6543a45740076102cb664, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:c0:08:2e:76:52:56:0f:2c:0d:9b:cb:55:fa:
                    79:43:9e:ba:b2:f6:1f:15:bb:dd:5f:8c:9f:23:56:
                    1f:34:5a:5c:23:a2:55:bf:aa:75:05:b8:2d:ae:5f:
                    0c:f2:fc:e3:12:3d:e0:4b:f5:2f:c0:02:79:a2:0e:
                    a4:ca:09:48:ce:c9:1a:ec:a6:a5:7b:fb:90:a9:c9:
                    6e:90:99:dd:80:1d:94:48:5c:f4:e7:8f:fc:de:c6:
                    8a:bc:73:07:a4:91:f4:ee:19:f4:a5:05:73:74:b5:
                    c6:16:9a:05:42:dc:ea:34:b6:9a:75:fd:33:26:cb:
                    c0:59:74:57:45:2a:16:c4:19:96:87:5b:22:55:7b:
                    62:07:fc:6f:50:cd:d1:fa:e9:7e:b8:29:b4:69:71:
                    f0:95:76:ac:b7:b6:0d:e9:5f:68:0e:9d:09:50:57:
                    10:a7:33:9f:0c:fd:e4:13:94:5c:d4:24:01:f0:32:
                    40:6b:b0:e0:df:cc:85:cd:c5:22:7e:c2:0a:5a:4c:
                    99:5e:d5:64:a6:11:ad:97:7a:71:c6:e6:3f:2a:07:
                    9d:9e:68:db:35:88:67:ab:61:ac:a5:86:df:1e:57:
                    c0:f0:68:d6:98:cd:a2:23:9b:ab:3a:b8:5c:eb:41:
                    ca:4b:e2:68:2d:73:c3:30:8a:11:ba:22:d9:1f:84:
                    b9:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D6:F4:F9:3D:D0:71:0B:61:BC:E7:61:95:F2:BD:9E:E5:77:02:BB:FC
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/2fbce0b2-9e9c-466b-9b17-180de53a79ea.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  18.156.0.0/14

    Signature Algorithm: sha256WithRSAEncryption
         1f:f0:a0:28:61:e9:e0:b7:cd:79:f3:af:8d:d1:61:36:e9:fe:
         b4:d0:0c:55:4f:8d:b8:da:bf:10:bb:ff:bb:dd:a1:b7:36:19:
         58:38:07:6d:dc:a8:ce:58:9a:58:ac:c1:fe:78:2a:88:ef:19:
         78:42:49:02:df:1e:ab:cd:9f:b4:77:45:24:4b:3b:ee:77:e2:
         55:3c:80:42:dd:25:9a:dc:aa:8c:4b:15:da:61:33:7b:eb:28:
         fd:b9:e0:7d:39:ac:d6:68:b0:6b:14:1c:40:74:f2:dc:da:d1:
         bf:d0:cb:89:89:63:95:84:5c:d7:bc:4a:b9:7c:a4:13:96:61:
         6e:7f:73:81:65:9d:89:e1:8b:93:36:d5:c9:d2:2c:23:56:2b:
         5c:4d:91:c0:74:96:bb:6b:34:6a:44:41:2d:d6:b7:4a:70:48:
         46:32:3e:d0:e6:27:56:62:a8:eb:96:10:d2:dc:f3:70:a6:13:
         d3:49:24:62:cf:85:04:40:a6:c2:7e:86:12:fb:08:81:48:56:
         20:e6:ff:92:3d:48:e4:05:13:a9:20:8e:39:4d:21:19:1f:25:
         07:18:58:9d:38:d9:b6:d8:ca:62:21:24:9f:93:81:d6:6f:32:
         96:ee:f0:00:5b:e4:56:68:c8:9b:e6:cb:48:21:c3:3e:09:86:
         7e:f1:b2:60
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUWzJ4MSaGmXzLqgwU2HL+ECgU+lEwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjYwNTE5MDMzMDUyWhcNMjYwODE3MjM1OTU5
WjB6MUkwRwYDVQQFE0BiYjAwYTQyZTNmMzMxOTI5MzM0MmI3ZjU0NTUzNGJmZTQx
MjljNjBhYzdiNjU0M2E0NTc0MDA3NjEwMmNiNjY0MS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDGwAgudlJWDywNm8tV+nlDnrqy9h8Vu91fjJ8jVh80Wlwj
olW/qnUFuC2uXwzy/OMSPeBL9S/AAnmiDqTKCUjOyRrspqV7+5CpyW6Qmd2AHZRI
XPTnj/zexoq8cwekkfTuGfSlBXN0tcYWmgVC3Oo0tpp1/TMmy8BZdFdFKhbEGZaH
WyJVe2IH/G9QzdH66X64KbRpcfCVdqy3tg3pX2gOnQlQVxCnM58M/eQTlFzUJAHw
MkBrsODfzIXNxSJ+wgpaTJle1WSmEa2XenHG5j8qB52eaNs1iGerYaylht8eV8Dw
aNaYzaIjm6s6uFzrQcpL4mgtc8MwihG6ItkfhLl5AgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQU1vT5PdBxC2G852GV8r2e5XcCu/wwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzJmYmNlMGIyLTllOWMtNDY2Yi05YjE3LTE4MGRlNTNhNzllYS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwISnDANBgkqhkiG9w0BAQsFAAOCAQEAH/CgKGHp4LfNefOvjdFhNun+tNAM
VU+NuNq/ELv/u92htzYZWDgHbdyozliaWKzB/ngqiO8ZeEJJAt8eq82ftHdFJEs7
7nfiVTyAQt0lmtyqjEsV2mEze+so/bngfTms1miwaxQcQHTy3NrRv9DLiYljlYRc
17xKuXykE5Zhbn9zgWWdieGLkzbVydIsI1YrXE2RwHSWu2s0akRBLda3SnBIRjI+
0OYnVmKo65YQ0tzzcKYT00kkYs+FBECmwn6GEvsIgUhWIOb/kj1I5AUTqSCOOU0h
GR8lBxhYnTjZttjKYiEkn5OB1m8ylu7wAFvkVmjIm+bLSCHDPgmGfvGyYA==
-----END CERTIFICATE-----