Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/485009d1-d135-4106-a876-5dd2f923a157.roa
File:                     485009d1-d135-4106-a876-5dd2f923a157.roa (raw, json)
Hash identifier:          uZ9OF5/yiOxWUryD5A0YPoIrdNyJCoJZXSGxvxGmM/s=
Subject key identifier:   F9:DD:5A:00:AC:60:10:AC:F3:3B:88:14:BE:35:4B:68:E2:F9:B1:EA
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       5B5D141816DCBD4A900E374883A646C895014EEE
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/485009d1-d135-4106-a876-5dd2f923a157.roa
Signing time:             Sat 14 Feb 2026 01:10:35 +0000
ROA not before:           Sat 14 Feb 2026 01:10:35 +0000
ROA not after:            Fri 15 May 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        13.210.0.0/15 maxlen: 15
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Wed 04 Mar 2026 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5b:5d:14:18:16:dc:bd:4a:90:0e:37:48:83:a6:46:c8:95:01:4e:ee
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Feb 14 01:10:35 2026 GMT
            Not After : May 15 23:59:59 2026 GMT
        Subject: serialNumber=cbc24419d1b72838b7e49fe4928096fbdb8f51f3b9d58af2823a76484d0ebb94, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:72:8d:4c:90:30:6c:c1:65:1a:04:dc:ad:cc:
                    e4:be:73:ca:de:cf:55:fa:07:a1:81:55:66:8e:a3:
                    7b:d6:4e:34:0f:dc:b7:a9:9d:89:1e:48:c2:03:9f:
                    32:30:5b:87:54:87:e6:97:32:c1:c6:38:c2:83:2c:
                    a3:b2:26:78:1f:0c:1f:2f:e1:e0:d1:0e:a7:ce:da:
                    e4:19:a2:37:82:2a:71:91:55:a2:cb:c3:19:c5:a7:
                    9a:de:42:d1:39:61:d5:3c:2b:54:f5:74:7f:29:7a:
                    7a:fb:3e:a1:fd:73:64:68:f9:cb:9f:2a:cf:30:bf:
                    67:d4:7d:89:44:83:6e:11:f9:2c:f0:49:dc:f8:dc:
                    e2:e4:93:7e:38:47:81:27:00:4a:97:d2:f8:b0:8e:
                    76:11:62:b0:fc:ac:c7:e8:f3:e5:f2:b9:5d:77:7d:
                    73:2c:41:01:db:46:ae:a8:29:44:49:5c:60:a7:0c:
                    8d:c8:f7:72:3e:6d:4a:73:a6:79:d3:54:d7:27:b2:
                    27:ae:53:55:c9:aa:43:18:ad:e7:1e:9c:61:7a:97:
                    44:8a:b7:70:7f:c0:bf:28:ba:af:13:fe:c0:f8:b1:
                    4e:e7:f2:1b:96:4e:4d:04:f7:a0:14:6e:bd:6c:34:
                    11:aa:5b:1c:d6:19:60:79:e5:63:df:5d:ed:d4:b1:
                    22:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F9:DD:5A:00:AC:60:10:AC:F3:3B:88:14:BE:35:4B:68:E2:F9:B1:EA
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/485009d1-d135-4106-a876-5dd2f923a157.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  13.210.0.0/15

    Signature Algorithm: sha256WithRSAEncryption
         48:5c:24:d4:02:68:a2:27:b1:36:12:46:a4:e8:8a:d7:f8:64:
         33:a5:cd:7e:6c:83:ae:25:19:1e:4e:99:2a:52:15:c8:e7:c3:
         be:af:6d:4a:08:45:9a:85:1e:bb:32:af:cf:e1:57:5a:df:6d:
         53:b8:ce:b8:41:2c:bc:14:85:96:a2:c8:35:ab:58:ac:bf:a3:
         50:1a:11:d7:d9:ab:8e:f7:d4:c9:35:86:82:63:03:32:bc:54:
         7a:38:5e:98:e9:67:80:0d:ea:07:11:1e:e9:25:04:b7:d8:f0:
         30:33:52:aa:48:d0:bb:09:8a:8c:ec:24:c8:d9:bc:a7:57:08:
         14:c9:3c:6a:fb:47:8b:e9:36:84:8e:2e:bb:5b:60:06:47:2d:
         39:d0:c8:f7:e0:10:0f:43:d5:9a:13:67:2e:24:b9:45:d0:d5:
         51:44:f0:f8:3f:c1:0d:1c:af:fc:10:c8:d1:b9:97:f7:d2:85:
         6a:bc:fe:49:c0:82:e0:98:24:c9:1f:18:f9:bc:de:4d:d8:e9:
         d8:95:d4:22:71:62:ca:27:fb:b4:01:15:2b:96:52:a3:b8:53:
         27:02:c9:12:ef:4e:ef:6d:3d:e1:3e:fb:7f:37:01:d7:15:e8:
         10:28:70:e3:96:9e:ec:63:18:16:6b:b1:f2:66:5c:7c:4f:d1:
         a1:ce:3d:d9
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUW10UGBbcvUqQDjdIg6ZGyJUBTu4wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjYwMjE0MDExMDM1WhcNMjYwNTE1MjM1OTU5
WjB6MUkwRwYDVQQFE0BjYmMyNDQxOWQxYjcyODM4YjdlNDlmZTQ5MjgwOTZmYmRi
OGY1MWYzYjlkNThhZjI4MjNhNzY0ODRkMGViYjk0MS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCgco1MkDBswWUaBNytzOS+c8rez1X6B6GBVWaOo3vWTjQP
3LepnYkeSMIDnzIwW4dUh+aXMsHGOMKDLKOyJngfDB8v4eDRDqfO2uQZojeCKnGR
VaLLwxnFp5reQtE5YdU8K1T1dH8penr7PqH9c2Ro+cufKs8wv2fUfYlEg24R+Szw
Sdz43OLkk344R4EnAEqX0viwjnYRYrD8rMfo8+XyuV13fXMsQQHbRq6oKURJXGCn
DI3I93I+bUpzpnnTVNcnsieuU1XJqkMYrecenGF6l0SKt3B/wL8ouq8T/sD4sU7n
8huWTk0E96AUbr1sNBGqWxzWGWB55WPfXe3UsSJlAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQU+d1aAKxgEKzzO4gUvjVLaOL5seowHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzQ4NTAwOWQxLWQxMzUtNDEwNi1hODc2LTVkZDJmOTIzYTE1Ny5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwEN0jANBgkqhkiG9w0BAQsFAAOCAQEASFwk1AJooiexNhJGpOiK1/hkM6XN
fmyDriUZHk6ZKlIVyOfDvq9tSghFmoUeuzKvz+FXWt9tU7jOuEEsvBSFlqLINatY
rL+jUBoR19mrjvfUyTWGgmMDMrxUejhemOlngA3qBxEe6SUEt9jwMDNSqkjQuwmK
jOwkyNm8p1cIFMk8avtHi+k2hI4uu1tgBkctOdDI9+AQD0PVmhNnLiS5RdDVUUTw
+D/BDRyv/BDI0bmX99KFarz+ScCC4JgkyR8Y+bzeTdjp2JXUInFiyif7tAEVK5ZS
o7hTJwLJEu9O72094T77fzcB1xXoEChw45ae7GMYFmux8mZcfE/Roc492Q==
-----END CERTIFICATE-----
Generated at Sun Mar 1 23:36:42 2026 by rpki-client