Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/47d76cb8-4a77-4b47-bcc1-2306da9cea6d.roa
File:                     47d76cb8-4a77-4b47-bcc1-2306da9cea6d.roa (raw, json)
Hash identifier:          O1hEvnfS7i33/r7ROKs17h9T3QLHD9Az9tQ5usBTE1c=
Subject key identifier:   9F:A8:0E:75:31:9D:1E:A2:34:59:CB:28:65:5A:7F:EC:3D:82:23:06
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       58DD258616B0A0A0A54728CEA7AB0DCDFF7714E6
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/47d76cb8-4a77-4b47-bcc1-2306da9cea6d.roa
Signing time:             Tue 19 May 2026 03:31:51 +0000
ROA not before:           Tue 19 May 2026 03:31:51 +0000
ROA not after:            Mon 17 Aug 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        52.95.248.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 18 Jun 2026 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            58:dd:25:86:16:b0:a0:a0:a5:47:28:ce:a7:ab:0d:cd:ff:77:14:e6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: May 19 03:31:51 2026 GMT
            Not After : Aug 17 23:59:59 2026 GMT
        Subject: serialNumber=144cb72fbb5902b6799691a27ebc8132285e09b9d634cd9ee61f1df6e3f62b9c, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:14:89:31:5b:c6:0a:d9:c0:7a:0b:ec:90:b6:
                    a7:b9:73:1c:de:63:63:28:f3:1e:ee:04:b5:ca:4e:
                    8d:1c:f6:61:89:ff:a2:5f:2e:d0:b0:7f:74:66:9f:
                    45:a3:2c:69:fe:93:4e:84:1c:f0:68:4f:b5:39:2e:
                    c0:f5:ec:3f:78:a3:90:b5:fc:6f:ed:27:d3:42:dd:
                    dc:06:52:a5:6e:94:5f:27:f4:12:d3:9f:63:2f:e8:
                    0f:76:bc:9b:9b:4b:3b:64:d6:75:57:de:c5:59:be:
                    e4:31:ea:4f:8d:0a:b0:36:c7:49:e1:96:d0:68:21:
                    fd:c5:bd:95:f5:15:36:cd:d8:c1:da:6f:16:f2:b4:
                    79:41:11:d3:86:2c:7c:63:63:07:32:ad:56:c0:a1:
                    f7:a7:8a:a1:3d:93:5f:10:c9:59:6b:3e:7c:b6:4c:
                    6d:a4:9e:23:08:d7:fd:75:a9:29:87:e7:03:87:4f:
                    9c:3b:36:64:e7:43:a3:77:99:f3:55:bb:58:a4:50:
                    d7:58:ce:95:ea:c1:47:24:22:47:67:05:f9:4c:0e:
                    02:db:cf:9c:93:8f:e0:93:8b:20:46:76:c3:57:c5:
                    29:a2:73:46:81:71:c0:70:27:8d:8a:ec:b8:f2:62:
                    4a:0b:bd:a8:24:51:73:21:8f:a0:dc:de:09:6b:14:
                    57:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9F:A8:0E:75:31:9D:1E:A2:34:59:CB:28:65:5A:7F:EC:3D:82:23:06
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/47d76cb8-4a77-4b47-bcc1-2306da9cea6d.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  52.95.248.0/24

    Signature Algorithm: sha256WithRSAEncryption
         3f:1a:5f:38:d0:cb:12:0e:a7:33:e1:02:c2:2c:6c:20:5a:32:
         ba:18:8a:1f:87:b4:cf:58:42:7b:bd:41:67:17:89:a7:87:81:
         e1:cb:5c:29:3c:90:c6:2e:e2:85:3d:c4:73:4e:cf:51:17:da:
         e2:27:54:21:a0:1e:bf:62:82:1b:8b:52:14:e8:78:46:95:8d:
         29:59:5c:a6:15:43:fc:8f:0c:36:c0:b7:6b:72:ad:b5:00:94:
         68:58:29:96:e9:df:6d:fc:4f:a1:c3:ff:f5:95:ee:f5:fd:1f:
         9f:cd:e4:a3:7b:cb:ad:eb:82:77:1e:06:00:22:0b:8a:cf:e7:
         b8:b9:47:65:21:71:a6:4f:df:ec:1c:9c:cd:1f:42:f1:77:30:
         dd:11:a6:2e:2a:46:26:90:a5:a2:c9:8f:76:32:7b:7a:d7:aa:
         8c:32:2c:cf:37:61:fb:09:bf:80:98:06:cf:46:a1:46:ce:04:
         f9:74:f7:2c:19:88:1c:b3:f7:aa:ed:6a:f3:8e:9c:8f:c5:ae:
         ea:6d:a5:14:77:00:bf:d6:a3:f0:91:99:96:41:ab:a2:bf:7f:
         80:db:07:19:11:d4:d6:fa:cc:81:93:16:0a:d1:db:d4:1e:51:
         d0:13:9b:2a:8a:fc:87:44:b8:da:13:b7:f2:0a:08:e5:50:18:
         40:be:52:71
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUWN0lhhawoKClRyjOp6sNzf93FOYwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjYwNTE5MDMzMTUxWhcNMjYwODE3MjM1OTU5
WjB6MUkwRwYDVQQFE0AxNDRjYjcyZmJiNTkwMmI2Nzk5NjkxYTI3ZWJjODEzMjI4
NWUwOWI5ZDYzNGNkOWVlNjFmMWRmNmUzZjYyYjljMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCuFIkxW8YK2cB6C+yQtqe5cxzeY2Mo8x7uBLXKTo0c9mGJ
/6JfLtCwf3Rmn0WjLGn+k06EHPBoT7U5LsD17D94o5C1/G/tJ9NC3dwGUqVulF8n
9BLTn2Mv6A92vJubSztk1nVX3sVZvuQx6k+NCrA2x0nhltBoIf3FvZX1FTbN2MHa
bxbytHlBEdOGLHxjYwcyrVbAofeniqE9k18QyVlrPny2TG2kniMI1/11qSmH5wOH
T5w7NmTnQ6N3mfNVu1ikUNdYzpXqwUckIkdnBflMDgLbz5yTj+CTiyBGdsNXxSmi
c0aBccBwJ42K7LjyYkoLvagkUXMhj6Dc3glrFFcdAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUn6gOdTGdHqI0WcsoZVp/7D2CIwYwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzQ3ZDc2Y2I4LTRhNzctNGI0Ny1iY2MxLTIzMDZkYTljZWE2ZC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAA0X/gwDQYJKoZIhvcNAQELBQADggEBAD8aXzjQyxIOpzPhAsIsbCBaMroY
ih+HtM9YQnu9QWcXiaeHgeHLXCk8kMYu4oU9xHNOz1EX2uInVCGgHr9ighuLUhTo
eEaVjSlZXKYVQ/yPDDbAt2tyrbUAlGhYKZbp3238T6HD//WV7vX9H5/N5KN7y63r
gnceBgAiC4rP57i5R2UhcaZP3+wcnM0fQvF3MN0Rpi4qRiaQpaLJj3Yye3rXqowy
LM83YfsJv4CYBs9GoUbOBPl09ywZiByz96rtavOOnI/FruptpRR3AL/Wo/CRmZZB
q6K/f4DbBxkR1Nb6zIGTFgrR29QeUdATmyqK/IdEuNoTt/IKCOVQGEC+UnE=
-----END CERTIFICATE-----