Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/380eee99-99c9-4ca5-95e3-d588e1af6898.roa
File:                     380eee99-99c9-4ca5-95e3-d588e1af6898.roa (raw, json)
Hash identifier:          6sKrmBqqF690wNcZmiojclMyLwgfq31RLJ0L+DfS1c0=
Subject key identifier:   AD:4F:A1:C3:00:2F:13:A2:32:43:A3:AA:71:81:E8:09:3D:CC:6F:0A
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       27D65075F77403228D54B30ABE399DED53D4D903
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/380eee99-99c9-4ca5-95e3-d588e1af6898.roa
Signing time:             Sat 28 Feb 2026 03:40:54 +0000
ROA not before:           Sat 28 Feb 2026 03:40:54 +0000
ROA not after:            Fri 29 May 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        13.114.192.0/18 maxlen: 18
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Mon 02 Mar 2026 20:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            27:d6:50:75:f7:74:03:22:8d:54:b3:0a:be:39:9d:ed:53:d4:d9:03
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Feb 28 03:40:54 2026 GMT
            Not After : May 29 23:59:59 2026 GMT
        Subject: serialNumber=115827282183c5ef00e00b96217e32b03c6d4fcfd846a43a7a48346653434977, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:dd:6a:31:a1:04:e5:74:6b:2e:23:b1:51:cd:
                    b1:02:66:f0:14:9e:79:de:3e:f9:68:ed:1c:06:aa:
                    71:fa:fb:5d:3f:cc:31:08:9a:78:c1:bf:e2:e0:9f:
                    90:1b:d2:8e:88:1e:46:a8:1d:51:93:db:e8:ae:e6:
                    60:1c:7a:c3:67:cd:30:29:d5:06:76:e6:4d:8d:01:
                    98:45:fe:f9:6e:69:d3:90:6f:db:43:8d:e6:36:b4:
                    3b:95:0d:b6:1d:8f:96:ad:54:cd:e8:2d:b8:13:4b:
                    ef:c1:81:4d:18:7c:0e:a7:55:b8:60:98:d1:45:89:
                    91:3a:e5:08:52:39:75:fa:dd:64:02:ae:94:6b:dd:
                    16:ff:86:d2:41:ab:e6:12:a3:cc:a0:a4:a0:33:4d:
                    21:9b:13:a8:36:51:12:a9:d1:af:af:f8:05:a3:d2:
                    af:a2:3e:ec:50:a6:8a:c9:ad:b8:1c:cc:32:c1:47:
                    44:5e:4e:db:3d:09:6f:39:1d:e0:25:85:af:55:e3:
                    19:2d:cd:c6:20:c3:20:5c:b3:94:3b:d2:2f:3c:c4:
                    4c:0f:66:0a:4f:ba:27:92:4e:13:c2:dd:17:49:e6:
                    99:d2:25:72:3b:84:a2:3b:5a:a0:b4:bb:1b:15:60:
                    9f:0e:5b:c0:aa:09:6a:df:2e:57:4c:25:1f:2e:bf:
                    d1:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AD:4F:A1:C3:00:2F:13:A2:32:43:A3:AA:71:81:E8:09:3D:CC:6F:0A
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/380eee99-99c9-4ca5-95e3-d588e1af6898.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  13.114.192.0/18

    Signature Algorithm: sha256WithRSAEncryption
         5d:b9:fd:77:3b:a2:05:98:70:ac:8b:ef:e6:b8:b9:7a:7b:ab:
         ed:c9:87:ed:3c:2f:dc:2c:86:35:9b:86:f7:d2:cc:53:a5:7e:
         51:7d:d1:40:d9:6f:26:05:ba:9d:5b:ae:b8:d1:9c:bc:7a:27:
         64:34:14:80:0c:d7:8b:7e:a5:f5:a5:13:bd:33:c9:aa:34:65:
         b0:b6:df:72:9d:31:46:4f:af:66:c8:e4:79:e6:f3:fb:eb:37:
         83:93:a2:5d:ad:d8:e2:ee:78:e1:11:36:0c:1a:19:16:9e:c4:
         f9:52:45:e4:af:95:d6:c5:52:90:db:1c:93:4d:b1:0a:67:82:
         d0:da:82:52:a9:43:c0:93:d5:14:5a:28:d6:dc:3c:15:ea:85:
         c7:ce:3e:cf:d1:36:4e:8c:75:35:f1:ac:c3:50:99:c4:9f:15:
         08:b7:d7:73:39:4d:71:10:39:f6:47:5b:2d:d2:22:7c:1f:60:
         48:de:09:90:e1:d0:0d:5f:d7:b8:c5:45:41:27:db:49:c0:83:
         96:12:70:e4:fb:82:25:2f:c5:ee:72:84:b7:d9:77:f3:1b:0e:
         c7:b8:e4:40:22:9e:93:da:e6:67:9f:07:9e:07:25:32:ae:b3:
         96:7a:18:53:b5:7f:3c:b9:8b:00:6d:ed:f2:09:7a:6a:09:3d:
         4e:98:19:18
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUJ9ZQdfd0AyKNVLMKvjmd7VPU2QMwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjYwMjI4MDM0MDU0WhcNMjYwNTI5MjM1OTU5
WjB6MUkwRwYDVQQFE0AxMTU4MjcyODIxODNjNWVmMDBlMDBiOTYyMTdlMzJiMDNj
NmQ0ZmNmZDg0NmE0M2E3YTQ4MzQ2NjUzNDM0OTc3MS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCu3WoxoQTldGsuI7FRzbECZvAUnnnePvlo7RwGqnH6+10/
zDEImnjBv+Lgn5Ab0o6IHkaoHVGT2+iu5mAcesNnzTAp1QZ25k2NAZhF/vluadOQ
b9tDjeY2tDuVDbYdj5atVM3oLbgTS+/BgU0YfA6nVbhgmNFFiZE65QhSOXX63WQC
rpRr3Rb/htJBq+YSo8ygpKAzTSGbE6g2URKp0a+v+AWj0q+iPuxQporJrbgczDLB
R0ReTts9CW85HeAlha9V4xktzcYgwyBcs5Q70i88xEwPZgpPuieSThPC3RdJ5pnS
JXI7hKI7WqC0uxsVYJ8OW8CqCWrfLldMJR8uv9E9AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUrU+hwwAvE6IyQ6OqcYHoCT3MbwowHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzM4MGVlZTk5LTk5YzktNGNhNS05NWUzLWQ1ODhlMWFmNjg5OC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAYNcsAwDQYJKoZIhvcNAQELBQADggEBAF25/Xc7ogWYcKyL7+a4uXp7q+3J
h+08L9wshjWbhvfSzFOlflF90UDZbyYFup1brrjRnLx6J2Q0FIAM14t+pfWlE70z
yao0ZbC233KdMUZPr2bI5Hnm8/vrN4OTol2t2OLueOERNgwaGRaexPlSReSvldbF
UpDbHJNNsQpngtDaglKpQ8CT1RRaKNbcPBXqhcfOPs/RNk6MdTXxrMNQmcSfFQi3
13M5TXEQOfZHWy3SInwfYEjeCZDh0A1f17jFRUEn20nAg5YScOT7giUvxe5yhLfZ
d/MbDse45EAinpPa5mefB54HJTKus5Z6GFO1fzy5iwBt7fIJemoJPU6YGRg=
-----END CERTIFICATE-----