Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/4cab92bc-9aa1-4b48-83bd-11590a716fb1.roa
File:                     4cab92bc-9aa1-4b48-83bd-11590a716fb1.roa (raw, json)
Hash identifier:          5OE2NBp0A+kD+RptEabO7vVIlo2E+wtDW89nr+rtuf8=
Subject key identifier:   10:B0:AC:AC:D5:0B:BC:A8:47:24:F7:35:A5:06:06:D7:06:C3:1B:7C
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       2820BAD9EF3B7EA59E376FDE4D23904AA54BC333
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/4cab92bc-9aa1-4b48-83bd-11590a716fb1.roa
Signing time:             Tue 17 Feb 2026 02:20:06 +0000
ROA not before:           Tue 17 Feb 2026 02:20:06 +0000
ROA not after:            Mon 18 May 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        18.88.0.0/15 maxlen: 15
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Mon 02 Mar 2026 20:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            28:20:ba:d9:ef:3b:7e:a5:9e:37:6f:de:4d:23:90:4a:a5:4b:c3:33
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Feb 17 02:20:06 2026 GMT
            Not After : May 18 23:59:59 2026 GMT
        Subject: serialNumber=f9397436029675211571d60f0e632d209c6074237134d09d1c6158784fcef915, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:6c:8f:be:2c:47:37:59:88:d8:ee:93:76:f7:
                    a6:08:22:7a:94:d9:06:f1:94:82:b3:2d:19:e5:7c:
                    e0:e6:23:72:ea:c6:e9:03:f1:44:61:5c:29:17:8b:
                    71:e9:17:8a:da:0b:92:93:f2:7a:6e:7c:d5:02:78:
                    0a:e4:a3:5b:dd:7d:59:7f:66:f0:11:49:a0:8e:85:
                    b3:9f:cd:f9:93:44:a5:99:81:31:79:11:27:dc:97:
                    75:f8:d2:6b:2c:2b:2f:de:97:58:4f:8a:67:ed:3f:
                    d5:50:73:99:8e:a2:58:70:28:a1:53:e6:ff:49:79:
                    9f:32:07:36:2a:97:f9:bf:74:87:f8:3d:7b:e6:37:
                    ad:23:56:2b:07:7b:6b:28:41:bc:61:82:91:f0:99:
                    ff:68:6a:72:4f:41:85:07:45:97:c0:98:5e:7a:53:
                    79:03:05:18:be:01:20:52:c3:61:95:a3:86:be:35:
                    81:ee:42:08:6a:6a:56:01:07:49:d4:64:fc:af:d8:
                    d8:9e:56:4a:d9:69:c9:8f:ea:95:a6:09:25:28:d5:
                    1f:a8:cb:59:f3:88:9e:cd:a2:5e:00:99:75:ff:8e:
                    bd:92:06:c4:e9:49:dc:8d:66:b0:e6:9e:e9:e4:c9:
                    e0:bc:b7:2b:33:41:5d:c2:cf:bb:32:2f:a2:fb:54:
                    fb:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                10:B0:AC:AC:D5:0B:BC:A8:47:24:F7:35:A5:06:06:D7:06:C3:1B:7C
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/4cab92bc-9aa1-4b48-83bd-11590a716fb1.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  18.88.0.0/15

    Signature Algorithm: sha256WithRSAEncryption
         16:e0:7e:26:9f:22:ae:9d:f2:6c:35:e5:e9:cf:9d:1a:25:e9:
         e8:b8:bf:2a:b4:69:be:65:c6:01:62:d2:fd:31:f4:8a:0c:da:
         3b:93:61:52:39:13:81:09:80:e0:82:0b:ee:53:26:ab:c2:6a:
         61:17:67:df:50:48:91:f2:d0:e0:3d:89:39:df:33:c5:8d:dc:
         6d:9a:88:26:df:23:98:7a:8a:0b:3d:1e:eb:3a:2d:8f:bb:b5:
         73:1f:3a:eb:08:f1:58:41:1f:7b:3c:64:89:07:eb:74:90:bc:
         ad:e4:c7:56:94:4c:99:20:27:40:06:a1:2d:58:16:e0:7e:81:
         5f:e5:a8:71:f9:a6:68:95:25:9f:71:75:ae:5d:fc:ca:37:43:
         cb:d9:bc:96:1c:0a:e0:06:6b:3f:a7:02:09:5c:78:78:ba:2c:
         5a:51:c0:1a:f0:4c:5a:f5:4d:e6:62:73:6a:fd:9d:2a:fb:02:
         32:69:23:25:be:2c:3f:0f:d4:b4:64:d4:da:af:2a:3d:82:b4:
         2b:7e:02:2d:a3:0b:a6:a0:f2:8a:a6:9f:20:03:f8:92:e9:03:
         3f:c3:8e:a1:b7:23:5a:f1:11:67:40:3e:5c:b6:48:ce:6c:ea:
         ad:ae:32:9a:15:a0:cb:41:14:27:60:36:0b:a8:5f:e9:6a:42:
         b3:a0:77:4e
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUKCC62e87fqWeN2/eTSOQSqVLwzMwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjYwMjE3MDIyMDA2WhcNMjYwNTE4MjM1OTU5
WjB6MUkwRwYDVQQFE0BmOTM5NzQzNjAyOTY3NTIxMTU3MWQ2MGYwZTYzMmQyMDlj
NjA3NDIzNzEzNGQwOWQxYzYxNTg3ODRmY2VmOTE1MS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC0bI++LEc3WYjY7pN296YIInqU2QbxlIKzLRnlfODmI3Lq
xukD8URhXCkXi3HpF4raC5KT8npufNUCeArko1vdfVl/ZvARSaCOhbOfzfmTRKWZ
gTF5ESfcl3X40mssKy/el1hPimftP9VQc5mOolhwKKFT5v9JeZ8yBzYql/m/dIf4
PXvmN60jVisHe2soQbxhgpHwmf9oanJPQYUHRZfAmF56U3kDBRi+ASBSw2GVo4a+
NYHuQghqalYBB0nUZPyv2NieVkrZacmP6pWmCSUo1R+oy1nziJ7Nol4AmXX/jr2S
BsTpSdyNZrDmnunkyeC8tyszQV3Cz7syL6L7VPtLAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUELCsrNULvKhHJPc1pQYG1wbDG3wwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzRjYWI5MmJjLTlhYTEtNGI0OC04M2JkLTExNTkwYTcxNmZiMS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwESWDANBgkqhkiG9w0BAQsFAAOCAQEAFuB+Jp8irp3ybDXl6c+dGiXp6Li/
KrRpvmXGAWLS/TH0igzaO5NhUjkTgQmA4IIL7lMmq8JqYRdn31BIkfLQ4D2JOd8z
xY3cbZqIJt8jmHqKCz0e6zotj7u1cx866wjxWEEfezxkiQfrdJC8reTHVpRMmSAn
QAahLVgW4H6BX+WocfmmaJUln3F1rl38yjdDy9m8lhwK4AZrP6cCCVx4eLosWlHA
GvBMWvVN5mJzav2dKvsCMmkjJb4sPw/UtGTU2q8qPYK0K34CLaMLpqDyiqafIAP4
kukDP8OOobcjWvERZ0A+XLZIzmzqra4ymhWgy0EUJ2A2C6hf6WpCs6B3Tg==
-----END CERTIFICATE-----