Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/3e920445-55a0-4820-a968-654871f4bb8e.roa
File:                     3e920445-55a0-4820-a968-654871f4bb8e.roa (raw, json)
Hash identifier:          UtptjmY1vkDIuRDto11VuAF2ZGHY5MA33W5bwHt87TU=
Subject key identifier:   F0:2A:D6:D0:55:58:B7:4F:BA:E6:26:C7:FC:B3:6E:75:E0:4E:15:C5
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       10F319171814BAA5AEB4C729AB6F6CEA7A249B2B
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/3e920445-55a0-4820-a968-654871f4bb8e.roa
Signing time:             Tue 17 Feb 2026 02:31:19 +0000
ROA not before:           Tue 17 Feb 2026 02:31:19 +0000
ROA not after:            Mon 18 May 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        3.100.0.0/16 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Wed 04 Mar 2026 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            10:f3:19:17:18:14:ba:a5:ae:b4:c7:29:ab:6f:6c:ea:7a:24:9b:2b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Feb 17 02:31:19 2026 GMT
            Not After : May 18 23:59:59 2026 GMT
        Subject: serialNumber=35b90167b1d474cca78382051a3875b48b43fb859909559ddf97fa385e8a74ea, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:ac:3a:d8:c1:1b:3a:d6:59:6a:a8:09:7c:8c:
                    84:81:a2:cb:eb:bd:c6:80:7a:f2:e8:ab:47:dd:81:
                    9c:a6:03:e5:d5:7a:a8:3b:88:1a:af:01:0e:71:cf:
                    56:d2:b5:14:e5:4d:7b:06:9c:20:77:a3:6a:f7:15:
                    16:61:2b:8a:40:ec:57:e1:b2:5b:3f:5a:74:5f:75:
                    8d:79:12:5a:7b:ba:66:80:1e:03:b1:21:07:7b:79:
                    70:bb:98:7c:62:5b:6f:b4:bb:d7:40:ba:6f:4d:36:
                    97:c4:93:de:1e:bf:f3:a6:ff:56:af:b6:da:17:8f:
                    1c:96:5b:3a:98:9c:93:49:d1:f3:17:80:1d:8e:09:
                    f3:cc:c8:0b:8a:12:ee:3e:97:7f:4b:d0:a0:4a:64:
                    4f:f5:d5:26:2d:ac:4f:bd:33:33:38:61:25:76:a4:
                    e5:ce:26:db:bd:73:5d:1c:78:a2:f5:b4:62:e1:8a:
                    da:68:07:06:b9:fc:a0:f1:26:54:9e:13:94:a6:e7:
                    d2:e5:05:82:34:c9:33:5d:f2:57:dc:85:8d:5d:eb:
                    9c:f2:6a:b2:0e:fe:0a:16:10:30:2e:65:af:c5:58:
                    62:d0:30:78:2e:db:7d:ac:59:24:1f:43:9e:c7:22:
                    fe:36:73:57:65:fe:b7:68:15:a9:93:38:23:cb:76:
                    4d:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F0:2A:D6:D0:55:58:B7:4F:BA:E6:26:C7:FC:B3:6E:75:E0:4E:15:C5
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/3e920445-55a0-4820-a968-654871f4bb8e.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  3.100.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         a4:7b:d0:52:08:e4:05:8d:22:96:62:a8:c1:1b:79:3e:17:fd:
         28:ab:00:f3:4b:32:f1:23:25:ad:4b:f6:fd:96:13:4f:ea:d3:
         df:f8:25:df:c3:d2:1a:df:0d:34:c6:2f:0d:0d:cb:1d:2f:ac:
         06:e2:46:97:ed:93:b0:af:2f:4c:82:9b:90:be:c8:2d:b6:8c:
         7e:3a:f5:38:a0:c9:17:bd:86:0a:c1:ff:9b:f4:e8:79:8a:47:
         23:e4:d1:a2:77:6f:d6:9f:64:e3:89:58:e9:0c:7d:0d:ea:58:
         f0:46:94:3f:14:52:8b:b8:9b:cb:4f:e7:c8:7d:04:c3:07:89:
         6f:82:c6:ee:49:c7:b6:2c:f5:86:3f:be:ab:a5:60:34:db:35:
         30:4f:44:ce:71:78:0d:43:75:7d:8e:d5:9c:e0:ae:ba:3a:ab:
         f8:22:15:98:ba:fd:aa:31:4a:1f:19:2c:ec:20:d5:08:8c:8c:
         4f:8f:fd:90:f2:43:7b:e0:f2:8c:bc:35:ea:36:11:a7:2d:3b:
         c5:c9:f6:34:84:75:d1:f5:41:b7:89:81:f8:cd:45:46:09:40:
         9b:91:0a:65:e5:6b:95:5f:c4:22:9d:7b:55:fa:09:72:0a:34:
         d1:c2:bd:ed:82:0c:c2:dc:1c:39:70:38:70:9c:21:68:52:17:
         54:12:ab:99
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUEPMZFxgUuqWutMcpq29s6nokmyswDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjYwMjE3MDIzMTE5WhcNMjYwNTE4MjM1OTU5
WjB6MUkwRwYDVQQFE0AzNWI5MDE2N2IxZDQ3NGNjYTc4MzgyMDUxYTM4NzViNDhi
NDNmYjg1OTkwOTU1OWRkZjk3ZmEzODVlOGE3NGVhMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDHrDrYwRs61llqqAl8jISBosvrvcaAevLoq0fdgZymA+XV
eqg7iBqvAQ5xz1bStRTlTXsGnCB3o2r3FRZhK4pA7Ffhsls/WnRfdY15Elp7umaA
HgOxIQd7eXC7mHxiW2+0u9dAum9NNpfEk94ev/Om/1avttoXjxyWWzqYnJNJ0fMX
gB2OCfPMyAuKEu4+l39L0KBKZE/11SYtrE+9MzM4YSV2pOXOJtu9c10ceKL1tGLh
itpoBwa5/KDxJlSeE5Sm59LlBYI0yTNd8lfchY1d65zyarIO/goWEDAuZa/FWGLQ
MHgu232sWSQfQ57HIv42c1dl/rdoFamTOCPLdk1dAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQU8CrW0FVYt0+65ibH/LNudeBOFcUwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzNlOTIwNDQ1LTU1YTAtNDgyMC1hOTY4LTY1NDg3MWY0YmI4ZS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwADZDANBgkqhkiG9w0BAQsFAAOCAQEApHvQUgjkBY0ilmKowRt5Phf9KKsA
80sy8SMlrUv2/ZYTT+rT3/gl38PSGt8NNMYvDQ3LHS+sBuJGl+2TsK8vTIKbkL7I
LbaMfjr1OKDJF72GCsH/m/ToeYpHI+TRondv1p9k44lY6Qx9DepY8EaUPxRSi7ib
y0/nyH0EwweJb4LG7knHtiz1hj++q6VgNNs1ME9EznF4DUN1fY7VnOCuujqr+CIV
mLr9qjFKHxks7CDVCIyMT4/9kPJDe+DyjLw16jYRpy07xcn2NIR10fVBt4mB+M1F
RglAm5EKZeVrlV/EIp17VfoJcgo00cK97YIMwtwcOXA4cJwhaFIXVBKrmQ==
-----END CERTIFICATE-----