Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/3541ea2c-784f-4cbe-b441-92b652e155de.roa
File:                     3541ea2c-784f-4cbe-b441-92b652e155de.roa (raw, json)
Hash identifier:          E97jJmgn6DyUYayYPILDpKacebyIzts5/LxpwIsnJ7E=
Subject key identifier:   2C:C2:E5:E4:D8:CE:60:5B:EC:F6:DF:19:8A:F2:2F:40:64:1A:D0:74
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       227894BB506250443EB2B226D7F5E90FED27FB98
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/3541ea2c-784f-4cbe-b441-92b652e155de.roa
Signing time:             Thu 14 May 2026 00:11:08 +0000
ROA not before:           Thu 14 May 2026 00:11:08 +0000
ROA not after:            Wed 12 Aug 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        54.144.0.0/18 maxlen: 18
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 18 Jun 2026 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            22:78:94:bb:50:62:50:44:3e:b2:b2:26:d7:f5:e9:0f:ed:27:fb:98
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: May 14 00:11:08 2026 GMT
            Not After : Aug 12 23:59:59 2026 GMT
        Subject: serialNumber=caa64f1d481f1a58e770b8b933623c5ec08af4794d1f0644c95baec943230ebd, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:b2:fe:e8:f0:4d:36:8e:be:3d:f6:ad:34:c1:
                    bd:0a:34:ae:43:3b:14:6a:e7:02:a2:1a:7f:68:c1:
                    d3:ec:ef:ef:13:0d:9b:d4:0e:82:c1:c3:96:3a:24:
                    60:74:ee:57:f9:c5:19:7d:c1:d6:f9:ab:5e:4d:e8:
                    23:1b:e3:4a:fb:d5:88:17:56:84:57:55:48:6e:df:
                    8b:b9:3b:62:32:9a:6d:48:ad:75:0e:f7:52:bf:ac:
                    ae:04:92:1c:e1:01:7b:25:dc:00:60:1f:1a:78:6a:
                    cc:b0:bc:2c:7d:0f:5d:cc:7f:04:41:fb:8c:78:9d:
                    81:70:8e:aa:4a:8b:fc:f1:83:e4:ad:03:b5:b4:ad:
                    44:2b:83:56:f8:0c:c4:73:62:46:b1:da:37:f4:3e:
                    a0:c4:41:ad:fc:5e:54:ab:ad:71:d5:de:cf:db:2c:
                    2f:3d:e0:df:34:a9:34:c4:85:2b:de:b7:99:97:cd:
                    7b:77:56:3b:3f:9e:d8:3e:28:2b:07:45:0e:9d:f9:
                    45:04:62:b4:f9:f8:46:ba:fa:8a:48:50:a1:d4:c5:
                    80:b6:30:dc:b5:15:61:61:ef:21:71:ed:40:2e:bd:
                    8b:1a:8e:06:1c:9a:8f:20:ce:9f:ec:30:59:39:cf:
                    f4:4e:bf:6a:93:d3:35:01:1a:8d:be:35:3e:aa:1c:
                    ad:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2C:C2:E5:E4:D8:CE:60:5B:EC:F6:DF:19:8A:F2:2F:40:64:1A:D0:74
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/3541ea2c-784f-4cbe-b441-92b652e155de.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  54.144.0.0/18

    Signature Algorithm: sha256WithRSAEncryption
         b3:55:76:a1:96:41:6f:56:b3:4a:81:51:e0:ea:e2:40:e7:93:
         b2:6a:2d:2a:b0:79:37:9a:76:5f:00:4c:50:a5:2e:da:5c:7c:
         15:5b:b2:34:c0:3f:fd:48:be:cc:7a:03:f4:a4:e3:e0:71:f8:
         46:78:b6:c4:cd:6c:a7:ff:73:1b:1f:4e:57:62:ba:9b:d6:73:
         e2:ec:af:cf:65:de:f8:06:b9:e7:9d:7f:5c:7a:05:fb:b9:d7:
         33:e6:d6:9d:f4:f6:f9:56:71:aa:5f:b4:47:0d:b8:a3:80:1b:
         fa:4b:af:d9:06:fe:b9:78:c5:d0:10:f4:84:f2:ad:3a:22:eb:
         87:fd:4e:68:26:49:59:f6:3f:9a:ea:23:3d:e7:e9:57:ab:29:
         7d:e5:a1:f3:bf:f5:b7:5d:40:e4:f0:76:b1:55:60:d5:30:06:
         1b:61:55:7a:47:cd:aa:b9:93:25:25:f9:b1:59:81:1f:89:09:
         20:ce:1b:1c:6c:dd:1b:85:ec:f4:b1:02:16:e9:18:20:20:a7:
         6a:5c:11:72:0d:c2:b5:04:4c:e0:99:dd:2b:bc:29:aa:69:34:
         2c:de:2d:c6:da:c1:77:4a:0e:c0:8b:b2:d9:d5:27:dc:11:bb:
         71:dd:2b:dd:d6:6a:c2:06:c0:09:80:e7:d3:2c:8d:5e:d3:d5:
         9b:3f:18:93
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUIniUu1BiUEQ+srIm1/XpD+0n+5gwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjYwNTE0MDAxMTA4WhcNMjYwODEyMjM1OTU5
WjB6MUkwRwYDVQQFE0BjYWE2NGYxZDQ4MWYxYTU4ZTc3MGI4YjkzMzYyM2M1ZWMw
OGFmNDc5NGQxZjA2NDRjOTViYWVjOTQzMjMwZWJkMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC8sv7o8E02jr499q00wb0KNK5DOxRq5wKiGn9owdPs7+8T
DZvUDoLBw5Y6JGB07lf5xRl9wdb5q15N6CMb40r71YgXVoRXVUhu34u5O2Iymm1I
rXUO91K/rK4EkhzhAXsl3ABgHxp4asywvCx9D13MfwRB+4x4nYFwjqpKi/zxg+St
A7W0rUQrg1b4DMRzYkax2jf0PqDEQa38XlSrrXHV3s/bLC894N80qTTEhSvet5mX
zXt3Vjs/ntg+KCsHRQ6d+UUEYrT5+Ea6+opIUKHUxYC2MNy1FWFh7yFx7UAuvYsa
jgYcmo8gzp/sMFk5z/ROv2qT0zUBGo2+NT6qHK1XAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQULMLl5NjOYFvs9t8ZivIvQGQa0HQwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzM1NDFlYTJjLTc4NGYtNGNiZS1iNDQxLTkyYjY1MmUxNTVkZS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAY2kAAwDQYJKoZIhvcNAQELBQADggEBALNVdqGWQW9Ws0qBUeDq4kDnk7Jq
LSqweTeadl8ATFClLtpcfBVbsjTAP/1Ivsx6A/Sk4+Bx+EZ4tsTNbKf/cxsfTldi
upvWc+Lsr89l3vgGueedf1x6Bfu51zPm1p309vlWcapftEcNuKOAG/pLr9kG/rl4
xdAQ9ITyrToi64f9TmgmSVn2P5rqIz3n6VerKX3lofO/9bddQOTwdrFVYNUwBhth
VXpHzaq5kyUl+bFZgR+JCSDOGxxs3RuF7PSxAhbpGCAgp2pcEXINwrUETOCZ3Su8
KappNCzeLcbawXdKDsCLstnVJ9wRu3HdK93WasIGwAmA59MsjV7T1Zs/GJM=
-----END CERTIFICATE-----
Generated at Wed Jun 17 08:58:52 2026 by rpki-client