Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/3a9866d9-cce5-4663-a699-7cccecd1ebfb.roa
File:                     3a9866d9-cce5-4663-a699-7cccecd1ebfb.roa (raw, json)
Hash identifier:          RGDMs2SLAzj/xMNyxcCmvHwnya9SJSD4qeOB8U57Iiw=
Subject key identifier:   15:E7:9E:69:10:A1:C1:05:79:DA:BF:A2:D9:0C:F2:56:88:F1:2D:10
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       7E742C9336FD2D0E96BBDF2C39B7A3CE35683EAC
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/3a9866d9-cce5-4663-a699-7cccecd1ebfb.roa
Signing time:             Sun 22 Feb 2026 00:50:05 +0000
ROA not before:           Sun 22 Feb 2026 00:50:05 +0000
ROA not after:            Sat 23 May 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        144.220.89.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Wed 04 Mar 2026 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7e:74:2c:93:36:fd:2d:0e:96:bb:df:2c:39:b7:a3:ce:35:68:3e:ac
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Feb 22 00:50:05 2026 GMT
            Not After : May 23 23:59:59 2026 GMT
        Subject: serialNumber=77dd95670546f6fa6a4890c8360017d815f0150f9c5691a7747aeea2609ed71d, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ef:3c:f7:5b:7d:88:9a:92:ad:85:b5:26:63:88:
                    36:8d:6d:c8:ea:f2:38:71:46:8b:e3:75:d0:8a:77:
                    7d:81:5e:48:78:73:36:62:f0:e6:ec:18:56:b6:ef:
                    3c:b0:fe:46:59:61:86:68:f7:82:c0:5c:97:0a:20:
                    da:19:8c:16:98:4b:11:70:95:6b:d4:47:b0:f5:31:
                    b3:ce:54:f4:b1:c6:b3:a0:47:c7:1e:f9:39:1b:40:
                    cb:ac:1e:a4:98:c4:e7:94:bb:61:e5:bc:09:de:c2:
                    3d:2b:f0:6f:66:99:59:48:e3:01:e3:af:a3:3f:5c:
                    73:a7:26:cf:9d:ce:e9:d9:42:e2:91:bb:e4:d3:41:
                    34:03:25:7f:40:64:c0:58:ca:b9:da:5b:d6:41:d2:
                    6e:64:0b:a7:67:fd:69:fb:f2:94:9d:c0:4f:b5:97:
                    38:e9:13:01:ba:06:bd:9b:ce:9f:03:15:55:fb:9f:
                    f2:bd:9c:49:33:e8:43:c2:7c:67:84:68:0a:0e:d4:
                    97:1e:a7:00:fb:c3:c6:6c:3c:7d:4b:d0:60:90:c0:
                    c2:5d:1c:3e:6f:da:ef:a0:eb:fe:cf:da:3c:53:47:
                    cf:94:04:d4:e8:2e:94:72:05:52:d2:70:80:d5:85:
                    4b:c8:1c:e5:21:62:33:16:7e:63:a8:a7:03:92:88:
                    e8:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                15:E7:9E:69:10:A1:C1:05:79:DA:BF:A2:D9:0C:F2:56:88:F1:2D:10
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/3a9866d9-cce5-4663-a699-7cccecd1ebfb.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  144.220.89.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8b:11:0e:98:9d:97:1a:8e:91:29:63:d4:1c:09:84:a7:39:ea:
         1b:78:3d:ae:b0:11:7b:a2:8a:33:d2:b1:82:ed:96:7c:ab:c8:
         2e:bd:83:74:d8:b2:99:d4:74:4a:44:9d:23:03:5f:1f:54:a2:
         cf:e3:45:b9:df:45:ae:98:1a:46:3d:68:1a:00:5b:1e:01:80:
         9a:38:3b:a2:71:3d:f3:77:6a:fe:b9:56:a3:18:44:8c:4f:44:
         ad:44:12:b5:76:ec:99:c4:f0:37:27:b0:6c:ea:2f:04:61:23:
         a7:c8:d9:be:70:2d:06:22:b6:de:67:eb:d0:21:56:23:96:9c:
         d0:92:a5:94:27:2d:96:2d:98:0c:d4:d1:38:3f:7d:82:e4:f7:
         d2:3a:08:f4:fe:1b:53:f9:48:e8:a7:64:dc:38:37:ec:54:fd:
         5d:94:49:be:ed:dc:1b:5b:e5:d1:58:86:cd:8d:3f:14:b2:7f:
         32:61:f2:50:7e:5f:42:f2:91:dd:86:73:5b:f0:9f:18:b5:8f:
         5a:e2:e5:28:a5:69:d1:69:84:2f:8e:43:e5:31:78:b3:93:c6:
         b6:c8:b6:f8:31:b1:ac:42:02:57:c3:01:59:4d:5f:db:4e:cb:
         01:c9:16:f9:f2:c6:9b:a5:78:86:f1:a9:f0:31:a3:a1:d9:cf:
         a5:6a:5b:09
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUfnQskzb9LQ6Wu98sObejzjVoPqwwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjYwMjIyMDA1MDA1WhcNMjYwNTIzMjM1OTU5
WjB6MUkwRwYDVQQFE0A3N2RkOTU2NzA1NDZmNmZhNmE0ODkwYzgzNjAwMTdkODE1
ZjAxNTBmOWM1NjkxYTc3NDdhZWVhMjYwOWVkNzFkMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDvPPdbfYiakq2FtSZjiDaNbcjq8jhxRovjddCKd32BXkh4
czZi8ObsGFa27zyw/kZZYYZo94LAXJcKINoZjBaYSxFwlWvUR7D1MbPOVPSxxrOg
R8ce+TkbQMusHqSYxOeUu2HlvAnewj0r8G9mmVlI4wHjr6M/XHOnJs+dzunZQuKR
u+TTQTQDJX9AZMBYyrnaW9ZB0m5kC6dn/Wn78pSdwE+1lzjpEwG6Br2bzp8DFVX7
n/K9nEkz6EPCfGeEaAoO1JcepwD7w8ZsPH1L0GCQwMJdHD5v2u+g6/7P2jxTR8+U
BNToLpRyBVLScIDVhUvIHOUhYjMWfmOopwOSiOjvAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUFeeeaRChwQV52r+i2QzyVojxLRAwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzNhOTg2NmQ5LWNjZTUtNDY2My1hNjk5LTdjY2NlY2QxZWJmYi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBACQ3FkwDQYJKoZIhvcNAQELBQADggEBAIsRDpidlxqOkSlj1BwJhKc56ht4
Pa6wEXuiijPSsYLtlnyryC69g3TYspnUdEpEnSMDXx9Uos/jRbnfRa6YGkY9aBoA
Wx4BgJo4O6JxPfN3av65VqMYRIxPRK1EErV27JnE8DcnsGzqLwRhI6fI2b5wLQYi
tt5n69AhViOWnNCSpZQnLZYtmAzU0Tg/fYLk99I6CPT+G1P5SOinZNw4N+xU/V2U
Sb7t3Btb5dFYhs2NPxSyfzJh8lB+X0Lykd2Gc1vwnxi1j1ri5SiladFphC+OQ+Ux
eLOTxrbItvgxsaxCAlfDAVlNX9tOywHJFvnyxpuleIbxqfAxo6HZz6VqWwk=
-----END CERTIFICATE-----