Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/3b45d39f-1f02-4091-a271-281a1b311fe3.roa
File:                     3b45d39f-1f02-4091-a271-281a1b311fe3.roa (raw, json)
Hash identifier:          YTpixUdTfwzc6pGu/lccyaU07/uzSqTqmHil/P8Ut7U=
Subject key identifier:   C1:31:79:DB:A6:3A:80:F6:0E:F4:62:D9:16:D7:AD:5B:71:B7:AB:E0
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       0F1FA7AC925D6513B4D675CB04C2A6C612A119B2
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/3b45d39f-1f02-4091-a271-281a1b311fe3.roa
Signing time:             Mon 23 Feb 2026 01:50:45 +0000
ROA not before:           Mon 23 Feb 2026 01:50:45 +0000
ROA not after:            Sun 24 May 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        52.46.244.0/22 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Wed 04 Mar 2026 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0f:1f:a7:ac:92:5d:65:13:b4:d6:75:cb:04:c2:a6:c6:12:a1:19:b2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Feb 23 01:50:45 2026 GMT
            Not After : May 24 23:59:59 2026 GMT
        Subject: serialNumber=04eef7a3d1b07302f66d2dee297aba33f0d6e4b526d013fd3c4a59c9334e741a, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:85:36:2c:46:c5:cf:67:f7:22:b9:9d:47:a0:
                    36:9e:f1:ed:8c:89:5f:22:47:b1:30:90:ec:23:fe:
                    29:c4:88:80:7c:49:89:1b:2a:02:17:16:a1:0c:f5:
                    5a:6b:04:a8:07:32:17:27:26:f2:ff:79:f0:32:8f:
                    15:5a:13:83:1a:13:f7:d5:f2:84:ef:40:64:a8:01:
                    05:a8:d6:cd:fd:b9:87:a0:22:65:8c:19:df:97:89:
                    02:ae:ab:d2:a8:57:f3:fd:a5:39:e6:7f:1b:9a:34:
                    03:4c:b0:4f:8a:b7:c3:a4:ed:27:8a:ee:43:61:2f:
                    f8:e8:6e:78:87:60:fa:f4:9a:1f:b9:f0:ac:53:26:
                    68:c1:1b:37:c7:9f:0b:36:03:dd:89:04:d8:e7:f4:
                    2e:a7:c1:24:84:fd:14:e7:29:51:36:40:52:42:30:
                    cf:d4:a3:cf:ad:55:a7:00:5a:8b:82:ba:29:d8:9d:
                    a6:18:11:07:3f:0a:e0:0f:26:e8:7a:85:c5:32:a3:
                    91:2e:31:fb:da:62:79:1b:c8:04:c4:94:f9:bc:53:
                    63:0e:58:2a:de:55:4c:51:84:d6:f7:a0:c6:42:36:
                    03:62:0f:78:9d:61:70:ed:45:19:ab:b8:74:65:3b:
                    db:6c:b4:d9:93:44:2b:bf:89:e2:cf:2e:ea:02:2f:
                    63:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C1:31:79:DB:A6:3A:80:F6:0E:F4:62:D9:16:D7:AD:5B:71:B7:AB:E0
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/3b45d39f-1f02-4091-a271-281a1b311fe3.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  52.46.244.0/22

    Signature Algorithm: sha256WithRSAEncryption
         52:08:03:1b:17:40:80:31:23:e3:cf:50:88:6a:b4:a7:fd:ce:
         01:57:e3:90:b8:3a:17:f2:6e:da:e0:fd:15:1d:dc:94:9d:ae:
         c3:5d:02:fc:49:b7:fc:90:94:10:1c:c8:8f:07:5d:3e:11:db:
         f5:07:8a:ea:d2:12:1d:52:4c:90:16:11:b3:2b:d6:72:ee:aa:
         a4:34:3e:c1:a0:a5:a0:ca:2f:f2:32:1e:15:8a:4d:34:4b:75:
         8d:65:77:e9:40:8f:1a:62:60:ae:20:d2:de:c2:06:0e:5d:24:
         7d:6a:86:63:e9:b0:06:39:54:00:b2:c1:71:01:a1:a3:00:db:
         28:9a:48:4c:b7:db:be:5b:6b:90:78:81:07:53:61:6c:9b:1c:
         33:b6:79:d6:3f:58:16:18:43:9d:aa:fc:2b:bd:92:d3:97:52:
         c0:40:6e:9f:af:54:a5:ff:42:93:61:bb:81:13:08:2a:20:2e:
         d3:69:1e:61:44:db:aa:16:90:fd:45:ca:e5:00:39:c8:19:eb:
         54:40:2e:29:b1:62:e1:b4:fa:c4:ea:e5:13:5c:e5:f1:71:b4:
         68:9c:5b:a2:2e:4c:85:af:25:f6:e7:ac:ad:5d:70:ab:0b:29:
         07:39:4b:e5:7e:8a:0c:e5:d9:4f:28:a9:b6:33:21:88:97:fb:
         28:7c:14:4a
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUDx+nrJJdZRO01nXLBMKmxhKhGbIwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjYwMjIzMDE1MDQ1WhcNMjYwNTI0MjM1OTU5
WjB6MUkwRwYDVQQFE0AwNGVlZjdhM2QxYjA3MzAyZjY2ZDJkZWUyOTdhYmEzM2Yw
ZDZlNGI1MjZkMDEzZmQzYzRhNTljOTMzNGU3NDFhMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDEhTYsRsXPZ/ciuZ1HoDae8e2MiV8iR7EwkOwj/inEiIB8
SYkbKgIXFqEM9VprBKgHMhcnJvL/efAyjxVaE4MaE/fV8oTvQGSoAQWo1s39uYeg
ImWMGd+XiQKuq9KoV/P9pTnmfxuaNANMsE+Kt8Ok7SeK7kNhL/jobniHYPr0mh+5
8KxTJmjBGzfHnws2A92JBNjn9C6nwSSE/RTnKVE2QFJCMM/Uo8+tVacAWouCuinY
naYYEQc/CuAPJuh6hcUyo5EuMfvaYnkbyATElPm8U2MOWCreVUxRhNb3oMZCNgNi
D3idYXDtRRmruHRlO9tstNmTRCu/ieLPLuoCL2PpAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUwTF526Y6gPYO9GLZFtetW3G3q+AwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzNiNDVkMzlmLTFmMDItNDA5MS1hMjcxLTI4MWExYjMxMWZlMy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAI0LvQwDQYJKoZIhvcNAQELBQADggEBAFIIAxsXQIAxI+PPUIhqtKf9zgFX
45C4Ohfybtrg/RUd3JSdrsNdAvxJt/yQlBAcyI8HXT4R2/UHiurSEh1STJAWEbMr
1nLuqqQ0PsGgpaDKL/IyHhWKTTRLdY1ld+lAjxpiYK4g0t7CBg5dJH1qhmPpsAY5
VACywXEBoaMA2yiaSEy3275ba5B4gQdTYWybHDO2edY/WBYYQ52q/Cu9ktOXUsBA
bp+vVKX/QpNhu4ETCCogLtNpHmFE26oWkP1FyuUAOcgZ61RALimxYuG0+sTq5RNc
5fFxtGicW6IuTIWvJfbnrK1dcKsLKQc5S+V+igzl2U8oqbYzIYiX+yh8FEo=
-----END CERTIFICATE-----