Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/34472a59-2e2d-4c47-9f12-7f181a908493.roa
File:                     34472a59-2e2d-4c47-9f12-7f181a908493.roa (raw, json)
Hash identifier:          XccIrPvAT5+sBPxs887rdEFLCESKHx/LjuxjMnMXGu4=
Subject key identifier:   2A:A5:FB:BB:D3:44:57:A7:4F:A7:0A:3F:AB:DD:0A:9D:40:17:D0:48
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       09744701091CD51663B897460C44371157B1E3B1
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/34472a59-2e2d-4c47-9f12-7f181a908493.roa
Signing time:             Sat 28 Feb 2026 03:01:59 +0000
ROA not before:           Sat 28 Feb 2026 03:01:59 +0000
ROA not after:            Fri 29 May 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        3.174.0.0/15 maxlen: 15
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Wed 04 Mar 2026 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            09:74:47:01:09:1c:d5:16:63:b8:97:46:0c:44:37:11:57:b1:e3:b1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Feb 28 03:01:59 2026 GMT
            Not After : May 29 23:59:59 2026 GMT
        Subject: serialNumber=f03d31f475d0ea71557ac59f547b24c78722e011a3d9ef12f4952c266d9fea35, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:c0:a0:d2:02:e6:0b:5a:bd:16:1c:cb:fd:2a:
                    7b:a0:ba:e7:e6:df:44:55:99:ae:8d:cf:9a:99:f1:
                    60:a8:6c:c2:cb:ea:36:3b:a8:45:39:9a:83:28:97:
                    8a:e6:d3:02:bf:ba:07:21:8a:ac:f7:ca:09:fe:19:
                    32:15:08:a6:ed:e7:52:7b:b9:c3:54:b3:54:8c:57:
                    c5:2b:ab:07:5a:8f:fd:d3:cd:ff:33:4a:7c:44:7a:
                    2c:50:fa:5e:af:06:27:4b:2a:b5:5e:e1:fa:55:54:
                    2e:34:43:1e:3a:6c:6e:79:2c:e9:c7:16:e0:1e:b8:
                    97:5f:bf:a9:08:37:75:c8:84:72:4d:bc:4a:e9:f6:
                    22:1e:cf:f3:d9:a0:63:96:ad:0a:89:18:7e:cd:6f:
                    c2:d4:09:1e:3b:51:ce:27:4a:a3:04:52:17:43:99:
                    23:dd:cc:80:6e:d2:be:ad:1d:fc:a4:b3:68:11:d5:
                    06:cb:96:c5:9b:2d:2f:0e:87:e6:fc:27:7a:67:50:
                    ee:18:3e:8f:24:1f:c3:ac:20:ef:7e:7e:6b:5c:0e:
                    56:01:be:3b:01:9a:f7:13:9e:d8:e2:ec:e0:d6:e3:
                    bc:c5:e4:70:b7:af:28:90:ed:e8:c2:e7:5a:c9:c6:
                    9c:2e:3c:75:30:e0:7f:be:90:82:d1:6d:58:bb:74:
                    e3:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2A:A5:FB:BB:D3:44:57:A7:4F:A7:0A:3F:AB:DD:0A:9D:40:17:D0:48
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/34472a59-2e2d-4c47-9f12-7f181a908493.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  3.174.0.0/15

    Signature Algorithm: sha256WithRSAEncryption
         07:3d:83:8c:c6:f4:6a:83:d4:45:09:be:d4:d3:31:cd:58:e8:
         2b:1d:94:08:16:13:06:34:80:c6:2e:e3:af:aa:75:10:c7:6a:
         60:a0:55:40:9c:65:4b:18:49:71:91:9a:32:39:06:c8:3a:b5:
         9b:0b:ad:0f:81:9f:da:50:46:db:51:fd:3d:7b:5f:1b:2a:74:
         9d:01:08:3b:03:93:77:ef:76:92:a6:ce:ce:dc:97:ef:bd:4b:
         88:b4:7f:64:df:18:a9:fb:00:fd:6c:3e:14:60:66:13:43:44:
         2f:bc:ee:47:92:58:97:77:19:0c:3e:7c:e2:d5:10:a8:f7:29:
         c6:b5:3e:8d:ab:b7:73:40:39:5c:5c:7e:e1:6a:49:86:0b:48:
         88:c0:11:a3:31:dd:e4:cd:81:2c:5e:fe:c3:1c:a8:70:06:4a:
         fb:66:7f:26:e8:d8:ce:b3:5a:be:f4:48:c4:74:97:ba:f7:dc:
         80:fb:5f:d6:33:84:80:32:bf:e9:02:65:b3:65:3c:41:2c:16:
         d0:50:d8:39:e7:ab:74:95:27:3a:18:da:aa:08:d5:02:63:0a:
         45:f7:c7:e9:a8:c4:ae:ae:3c:98:67:8a:e0:b5:2e:c2:8b:5f:
         a3:79:eb:48:48:7b:78:0c:cd:8f:ee:47:7c:3f:26:7c:6e:b3:
         ed:9a:d5:95
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUCXRHAQkc1RZjuJdGDEQ3EVex47EwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjYwMjI4MDMwMTU5WhcNMjYwNTI5MjM1OTU5
WjB6MUkwRwYDVQQFE0BmMDNkMzFmNDc1ZDBlYTcxNTU3YWM1OWY1NDdiMjRjNzg3
MjJlMDExYTNkOWVmMTJmNDk1MmMyNjZkOWZlYTM1MS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC5wKDSAuYLWr0WHMv9Knuguufm30RVma6Nz5qZ8WCobMLL
6jY7qEU5moMol4rm0wK/ugchiqz3ygn+GTIVCKbt51J7ucNUs1SMV8Urqwdaj/3T
zf8zSnxEeixQ+l6vBidLKrVe4fpVVC40Qx46bG55LOnHFuAeuJdfv6kIN3XIhHJN
vErp9iIez/PZoGOWrQqJGH7Nb8LUCR47Uc4nSqMEUhdDmSPdzIBu0r6tHfyks2gR
1QbLlsWbLS8Oh+b8J3pnUO4YPo8kH8OsIO9+fmtcDlYBvjsBmvcTntji7ODW47zF
5HC3ryiQ7ejC51rJxpwuPHUw4H++kILRbVi7dOO9AgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUKqX7u9NEV6dPpwo/q90KnUAX0EgwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzM0NDcyYTU5LTJlMmQtNGM0Ny05ZjEyLTdmMTgxYTkwODQ5My5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwEDrjANBgkqhkiG9w0BAQsFAAOCAQEABz2DjMb0aoPURQm+1NMxzVjoKx2U
CBYTBjSAxi7jr6p1EMdqYKBVQJxlSxhJcZGaMjkGyDq1mwutD4Gf2lBG21H9PXtf
Gyp0nQEIOwOTd+92kqbOztyX771LiLR/ZN8YqfsA/Ww+FGBmE0NEL7zuR5JYl3cZ
DD584tUQqPcpxrU+jau3c0A5XFx+4WpJhgtIiMARozHd5M2BLF7+wxyocAZK+2Z/
JujYzrNavvRIxHSXuvfcgPtf1jOEgDK/6QJls2U8QSwW0FDYOeerdJUnOhjaqgjV
AmMKRffH6ajErq48mGeK4LUuwotfo3nrSEh7eAzNj+5HfD8mfG6z7ZrVlQ==
-----END CERTIFICATE-----