Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/3d870e53-93c9-47c6-8720-065c17c64bdd.roa
File:                     3d870e53-93c9-47c6-8720-065c17c64bdd.roa (raw, json)
Hash identifier:          TsSDqS78UfH59bCuIK9NY5YqRhMwVBuxtyeHfSi6A+8=
Subject key identifier:   D0:F2:BE:D5:90:E3:E4:5A:C2:94:8B:15:71:E1:E5:43:BA:48:AD:E4
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       167A80668C4A8810061D88DE1292C60A1743EF22
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/3d870e53-93c9-47c6-8720-065c17c64bdd.roa
Signing time:             Sat 28 Feb 2026 03:20:06 +0000
ROA not before:           Sat 28 Feb 2026 03:20:06 +0000
ROA not after:            Fri 29 May 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        15.220.128.0/21 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Wed 04 Mar 2026 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            16:7a:80:66:8c:4a:88:10:06:1d:88:de:12:92:c6:0a:17:43:ef:22
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Feb 28 03:20:06 2026 GMT
            Not After : May 29 23:59:59 2026 GMT
        Subject: serialNumber=756566ac9af547a259e3abe3cd5016fcdadc8a787ea4937e400c0f60d85ea844, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:36:78:64:f2:64:73:b6:14:50:bf:d4:71:de:
                    75:64:40:aa:3a:61:c6:69:73:05:d3:73:f3:d3:1d:
                    56:8e:68:5b:87:0e:f3:ce:04:17:c6:8b:20:77:d0:
                    d4:28:9e:91:4c:c9:11:6f:7b:de:09:c5:b9:25:16:
                    1a:4d:8e:fa:1b:6b:03:20:b4:7f:cb:08:42:08:4d:
                    87:fc:57:d8:c0:3c:73:a6:eb:f5:4d:17:38:2c:90:
                    8f:e2:8f:0d:48:58:ee:f1:61:bd:21:4d:43:03:7f:
                    3a:35:b1:32:14:68:b6:11:1b:6d:7e:fd:56:a1:3c:
                    d0:c1:fe:c6:f9:16:5a:ac:ed:40:37:8e:1d:db:20:
                    de:ed:c0:4d:cc:09:f2:bb:1a:dc:18:4c:13:a0:ec:
                    c6:89:49:7d:8e:8b:72:99:85:99:4f:e8:dc:a3:54:
                    5a:a6:33:4a:1b:cb:78:5e:98:82:d0:4a:8a:c3:9a:
                    c0:00:03:93:a6:b4:0f:fb:60:36:01:da:e5:06:02:
                    4f:df:79:09:1d:f2:4d:a7:81:a2:e9:77:08:78:f4:
                    9e:25:80:e3:7b:86:e4:da:ab:df:c9:7e:17:01:b9:
                    a0:28:e4:87:d8:c7:41:f5:08:a8:d2:88:5f:93:52:
                    d2:30:e5:0f:98:31:32:cd:e7:02:89:6f:da:08:98:
                    e7:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D0:F2:BE:D5:90:E3:E4:5A:C2:94:8B:15:71:E1:E5:43:BA:48:AD:E4
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/3d870e53-93c9-47c6-8720-065c17c64bdd.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  15.220.128.0/21

    Signature Algorithm: sha256WithRSAEncryption
         5f:95:9f:16:04:f6:b3:7f:cc:71:ba:a7:69:35:a0:26:8a:da:
         00:85:b2:7a:3c:03:d5:0f:aa:f6:b3:86:04:47:a6:bf:12:1d:
         48:51:56:59:be:cb:4d:f8:9d:96:3e:c4:49:fa:27:16:d5:44:
         09:7a:38:6a:01:f5:e4:e3:97:de:be:38:19:75:21:c8:cc:d3:
         7c:d2:df:68:00:70:2a:d2:1c:e0:b4:1e:9f:ce:5d:e0:ec:12:
         7f:4c:8d:ec:d6:9e:f5:21:a7:61:1f:8a:cc:be:20:bd:70:a8:
         93:79:a8:76:66:6d:9f:1e:d4:dd:17:91:07:c6:f6:62:6b:d3:
         52:28:39:3f:ec:da:ec:70:24:26:df:99:6a:1a:03:59:94:68:
         0b:79:d5:ae:7e:e4:4d:c2:1b:f7:01:2b:8c:44:7a:cd:71:f7:
         9c:e2:f8:a7:9f:2c:03:c9:87:ae:1c:55:72:33:f8:b3:c4:42:
         d8:a8:0a:d8:ec:75:c1:7e:23:42:68:9f:80:39:3a:53:51:78:
         db:5e:6f:17:e4:03:f6:bb:15:27:e5:b7:10:cb:7d:6e:26:4a:
         ea:97:51:15:c8:ce:87:c6:e9:f7:f3:f3:12:35:9b:b6:f7:e1:
         e6:3f:73:61:44:d2:77:13:ac:c4:0f:9e:24:10:82:95:c8:92:
         7b:c7:09:8c
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUFnqAZoxKiBAGHYjeEpLGChdD7yIwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjYwMjI4MDMyMDA2WhcNMjYwNTI5MjM1OTU5
WjB6MUkwRwYDVQQFE0A3NTY1NjZhYzlhZjU0N2EyNTllM2FiZTNjZDUwMTZmY2Rh
ZGM4YTc4N2VhNDkzN2U0MDBjMGY2MGQ4NWVhODQ0MS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDINnhk8mRzthRQv9Rx3nVkQKo6YcZpcwXTc/PTHVaOaFuH
DvPOBBfGiyB30NQonpFMyRFve94JxbklFhpNjvobawMgtH/LCEIITYf8V9jAPHOm
6/VNFzgskI/ijw1IWO7xYb0hTUMDfzo1sTIUaLYRG21+/VahPNDB/sb5Flqs7UA3
jh3bIN7twE3MCfK7GtwYTBOg7MaJSX2Oi3KZhZlP6NyjVFqmM0oby3hemILQSorD
msAAA5OmtA/7YDYB2uUGAk/feQkd8k2ngaLpdwh49J4lgON7huTaq9/JfhcBuaAo
5IfYx0H1CKjSiF+TUtIw5Q+YMTLN5wKJb9oImOdBAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU0PK+1ZDj5FrClIsVceHlQ7pIreQwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzNkODcwZTUzLTkzYzktNDdjNi04NzIwLTA2NWMxN2M2NGJkZC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAMP3IAwDQYJKoZIhvcNAQELBQADggEBAF+VnxYE9rN/zHG6p2k1oCaK2gCF
sno8A9UPqvazhgRHpr8SHUhRVlm+y034nZY+xEn6JxbVRAl6OGoB9eTjl96+OBl1
IcjM03zS32gAcCrSHOC0Hp/OXeDsEn9MjezWnvUhp2Efisy+IL1wqJN5qHZmbZ8e
1N0XkQfG9mJr01IoOT/s2uxwJCbfmWoaA1mUaAt51a5+5E3CG/cBK4xEes1x95zi
+KefLAPJh64cVXIz+LPEQtioCtjsdcF+I0Jon4A5OlNReNtebxfkA/a7FSfltxDL
fW4mSuqXURXIzofG6ffz8xI1m7b34eY/c2FE0ncTrMQPniQQgpXIknvHCYw=
-----END CERTIFICATE-----
Generated at Sun Mar 1 23:36:21 2026 by rpki-client