Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/431fab42-8dce-4996-981e-0eeb9cb8a5f2.roa
File:                     431fab42-8dce-4996-981e-0eeb9cb8a5f2.roa (raw, json)
Hash identifier:          QG0aZHcpqTVBN+COKdt+OriEflharYQSWctWQAuLX6c=
Subject key identifier:   AB:96:AE:E4:34:87:60:DF:C6:61:47:7F:71:17:55:CE:8B:9B:3D:00
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       1676EA76A2B567B5C10B9B1E392232B6E4E9A0
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/431fab42-8dce-4996-981e-0eeb9cb8a5f2.roa
Signing time:             Mon 23 Feb 2026 00:41:08 +0000
ROA not before:           Mon 23 Feb 2026 00:41:08 +0000
ROA not after:            Sun 24 May 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        54.147.64.0/18 maxlen: 18
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Wed 04 Mar 2026 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            16:76:ea:76:a2:b5:67:b5:c1:0b:9b:1e:39:22:32:b6:e4:e9:a0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Feb 23 00:41:08 2026 GMT
            Not After : May 24 23:59:59 2026 GMT
        Subject: serialNumber=4d075250bd46858edfd9fc681495b3f2943ee54beaee318852e64610466aa3d0, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:f3:32:64:b1:7a:2d:ca:a5:85:c9:7f:cb:4c:
                    b1:96:95:59:d8:88:34:46:e4:0b:95:6f:da:79:dc:
                    fa:4e:5c:42:ad:1f:58:de:96:a6:b4:15:4a:c5:82:
                    89:58:19:f7:d6:a9:69:0b:58:2f:bd:e0:db:2d:1b:
                    96:32:c1:dd:ec:fb:dc:fe:14:27:cf:e3:f1:14:60:
                    94:3f:45:3b:38:22:9a:ba:a5:97:cb:72:da:1c:02:
                    b7:5d:aa:4d:f6:e7:5e:ae:ea:3b:5f:ac:df:8e:e8:
                    3b:14:c6:2a:d7:b0:95:51:0c:19:54:b2:11:ef:0b:
                    bf:a9:81:8a:09:83:81:8e:21:73:f0:c0:58:a5:1f:
                    19:5c:3d:5d:6d:aa:c3:48:4f:86:64:c3:3e:70:38:
                    6f:6e:41:59:61:ca:54:ad:33:25:a9:7c:5d:fb:e4:
                    38:a4:65:0e:01:90:37:6b:90:73:11:2d:fa:16:e4:
                    6b:73:d4:e1:19:88:87:92:15:ad:66:2d:b5:0f:fa:
                    fe:1a:8d:08:04:27:f6:a0:3f:6c:b8:c7:13:c6:8c:
                    c5:50:cb:73:5d:4d:48:df:0f:ce:8a:eb:c5:8b:95:
                    a5:15:7b:30:b4:3b:38:33:68:f8:d1:42:f4:b4:2f:
                    2b:ab:2e:bd:e3:f9:ea:02:86:7a:01:e2:cf:fa:e9:
                    b8:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AB:96:AE:E4:34:87:60:DF:C6:61:47:7F:71:17:55:CE:8B:9B:3D:00
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/431fab42-8dce-4996-981e-0eeb9cb8a5f2.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  54.147.64.0/18

    Signature Algorithm: sha256WithRSAEncryption
         a6:dc:76:34:a0:b2:b3:ff:21:6c:79:7b:61:15:81:df:51:b6:
         9a:20:e0:e5:2a:ac:ae:1a:5e:fa:2e:eb:5a:24:06:12:19:ed:
         54:94:89:dc:e5:06:5c:93:3f:10:63:f6:29:cd:6b:21:59:8b:
         97:2f:d4:36:d3:41:12:2d:72:32:ef:54:d1:0c:16:1b:f4:17:
         19:cd:ce:4f:c2:bf:20:5c:aa:98:90:87:a9:bb:11:aa:1e:38:
         49:89:4f:53:e9:9d:c8:66:92:98:42:e7:6b:62:26:98:0e:1f:
         90:fb:0b:16:27:4f:ec:15:43:49:6a:ef:06:b2:73:ed:14:f2:
         f2:2f:35:39:e1:a4:3b:31:0f:e2:62:03:ab:97:40:e4:d6:e5:
         56:03:73:ec:50:2e:2a:fc:53:67:c8:c9:02:73:d5:2f:de:76:
         21:f5:9f:30:4b:b4:a1:63:3c:ff:fc:a2:4c:2b:70:32:1c:3b:
         c6:7f:f1:c5:00:ea:c3:2e:f4:d1:28:3b:c6:4b:57:34:b0:5b:
         b8:15:ff:65:92:96:4d:b8:ff:98:db:86:bb:8f:75:b5:95:e3:
         4f:12:fc:b2:b1:4e:47:f8:46:7e:8e:0e:49:f6:17:3b:f3:36:
         cd:f0:ff:fc:c9:fb:c3:fa:c9:73:e4:3d:b1:60:0c:44:db:2f:
         ec:c5:d1:5c
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgITFnbqdqK1Z7XBC5seOSIytuTpoDANBgkqhkiG9w0BAQsF
ADA9MTswOQYDVQQDEzJkZjZmM2IzYTM0YjYzODZkMWEzMmQ4ZjRmYTMxNzhlZjMx
ODg3ZDhiNDI4ZGZhYTQ3NjAeFw0yNjAyMjMwMDQxMDhaFw0yNjA1MjQyMzU5NTla
MHoxSTBHBgNVBAUTQDRkMDc1MjUwYmQ0Njg1OGVkZmQ5ZmM2ODE0OTViM2YyOTQz
ZWU1NGJlYWVlMzE4ODUyZTY0NjEwNDY2YWEzZDAxLTArBgNVBAMTJDVmMjc2MDQ1
LTViOWYtNDVlZi05MjNkLWYzZmNlMjRhNjIyNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJ/zMmSxei3KpYXJf8tMsZaVWdiINEbkC5Vv2nnc+k5cQq0f
WN6WprQVSsWCiVgZ99apaQtYL73g2y0bljLB3ez73P4UJ8/j8RRglD9FOzgimrql
l8ty2hwCt12qTfbnXq7qO1+s347oOxTGKtewlVEMGVSyEe8Lv6mBigmDgY4hc/DA
WKUfGVw9XW2qw0hPhmTDPnA4b25BWWHKVK0zJal8XfvkOKRlDgGQN2uQcxEt+hbk
a3PU4RmIh5IVrWYttQ/6/hqNCAQn9qA/bLjHE8aMxVDLc11NSN8PzorrxYuVpRV7
MLQ7ODNo+NFC9LQvK6suveP56gKGegHiz/rpuO8CAwEAAaOCArEwggKtMB0GA1Ud
DgQWBBSrlq7kNIdg38ZhR39xF1XOi5s9ADAfBgNVHSMEGDAWgBQlrdNCsB63pY6t
GZAmiLVLP4H0uDAOBgNVHQ8BAf8EBAMCB4AwgfMGCCsGAQUFBwEBBIHmMIHjMIHg
BggrBgEFBQcwAoaB03JzeW5jOi8vcnBraS5hcmluLm5ldC9yZXBvc2l0b3J5L2Fy
aW4tcnBraS10YS81ZTRhMjNlYS1lODBhLTQwM2UtYjA4Yy0yMTcxZGEyMTU3ZDMv
MmEyNDY5NDctMmQ2Mi00YTZjLWJhMDUtODcxODdmMDA5OWIyLzg1MWNlZjE3LTEz
MmEtNDMzNy1iN2QxLWJmMTZhNTJmZmQwMy9kZjZmM2IzYTM0YjYzODZkMWEzMmQ4
ZjRmYTMxNzhlZjMxODg3ZDhiNDI4ZGZhYTQ3Ni5jZXIwgZ4GCCsGAQUFBwELBIGR
MIGOMIGLBggrBgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS9mNzAzNjk2ZS1lNDdiLTRjMjAtYmQ5My02Zjgw
OTA0ZTQyZDIvNDMxZmFiNDItOGRjZS00OTk2LTk4MWUtMGVlYjljYjhhNWYyLnJv
YTCBiAYDVR0fBIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0
LTIuYW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMt
NmY4MDkwNGU0MmQyL3RqaHRHakxZOVBveGVPOHhpSDJMUW8zNnBIWS5jcmwwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEBjaTQDANBgkqhkiG9w0BAQsFAAOCAQEAptx2NKCys/8hbHl7YRWB31G2miDg
5Sqsrhpe+i7rWiQGEhntVJSJ3OUGXJM/EGP2Kc1rIVmLly/UNtNBEi1yMu9U0QwW
G/QXGc3OT8K/IFyqmJCHqbsRqh44SYlPU+mdyGaSmELna2ImmA4fkPsLFidP7BVD
SWrvBrJz7RTy8i81OeGkOzEP4mIDq5dA5NblVgNz7FAuKvxTZ8jJAnPVL952IfWf
MEu0oWM8//yiTCtwMhw7xn/xxQDqwy700Sg7xktXNLBbuBX/ZZKWTbj/mNuGu491
tZXjTxL8srFOR/hGfo4OSfYXO/M2zfD//Mn7w/rJc+Q9sWAMRNsv7MXRXA==
-----END CERTIFICATE-----