Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/546b59e3-3fdb-4211-a78c-99831ce62e34.roa
File:                     546b59e3-3fdb-4211-a78c-99831ce62e34.roa (raw, json)
Hash identifier:          3Aah4wIKkSMpew3ixpTfv958virzkz0GfMQQ3UDFkNM=
Subject key identifier:   C0:97:D0:6F:57:BF:A7:D5:ED:2F:90:3F:FA:E3:BC:4F:30:80:27:74
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       0902C3AD581EA517FC8B5CB05D0322613A6CB7CB
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/546b59e3-3fdb-4211-a78c-99831ce62e34.roa
Signing time:             Sat 28 Feb 2026 01:01:21 +0000
ROA not before:           Sat 28 Feb 2026 01:01:21 +0000
ROA not after:            Fri 29 May 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        54.230.32.0/19 maxlen: 19
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Wed 04 Mar 2026 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            09:02:c3:ad:58:1e:a5:17:fc:8b:5c:b0:5d:03:22:61:3a:6c:b7:cb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Feb 28 01:01:21 2026 GMT
            Not After : May 29 23:59:59 2026 GMT
        Subject: serialNumber=1ed510cc74cb2fd677ffba5749c0af5f17987fa7fe70bf29dedfaeb83cef4ab5, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:01:b0:c6:38:13:ee:52:bd:67:75:d5:6f:b3:
                    66:5f:e9:f5:2c:0e:ea:c0:e1:c2:e0:f4:7c:0a:b1:
                    1d:10:33:04:1d:d7:b6:a0:a7:7d:d2:f5:0f:5d:bf:
                    a3:a7:5d:a8:f1:45:55:76:bc:03:9e:65:04:43:51:
                    ef:72:82:ff:40:10:25:6c:91:72:93:74:56:45:01:
                    5e:4e:aa:06:fb:ad:56:70:ef:a3:75:dd:5a:c0:cd:
                    4f:cb:4f:ef:b0:d4:cd:9c:1b:d5:d4:2d:28:99:90:
                    d1:1b:9d:a0:51:91:2e:52:4a:2d:e1:98:d6:98:5d:
                    59:00:96:7e:79:72:7d:a4:1e:de:70:bc:4f:b4:0b:
                    00:bb:c3:68:71:74:f0:fa:ae:d0:67:58:64:fe:5e:
                    a4:24:97:f5:f9:d0:14:53:97:8e:84:a7:01:e9:63:
                    d2:4d:eb:05:13:73:00:c6:3a:77:e0:9e:90:6d:6a:
                    51:ef:63:79:26:67:c7:a6:56:53:b5:ce:79:93:3c:
                    ea:76:2a:73:ac:b8:50:c2:c7:fb:64:54:ff:91:ca:
                    18:05:17:ce:97:ca:0c:b5:4f:e3:0f:7a:40:da:94:
                    8d:85:85:ad:bb:f8:b4:36:df:ac:c5:ac:93:9b:a3:
                    81:a3:d5:f4:f8:db:e7:58:1f:cc:52:0a:06:2e:fd:
                    5a:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C0:97:D0:6F:57:BF:A7:D5:ED:2F:90:3F:FA:E3:BC:4F:30:80:27:74
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/546b59e3-3fdb-4211-a78c-99831ce62e34.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  54.230.32.0/19

    Signature Algorithm: sha256WithRSAEncryption
         6f:fc:64:16:2a:46:cb:d6:44:cc:c0:68:e7:ce:a7:2b:c2:b0:
         b0:35:56:c1:98:28:67:37:4d:c0:fd:6e:c4:3c:9f:7b:26:08:
         d8:ef:aa:e1:cc:25:ee:45:b2:6d:72:45:f4:b3:58:e5:90:92:
         89:a6:83:b4:84:a3:4d:5f:11:87:23:b2:43:e8:b7:8f:60:43:
         93:a8:1a:73:d0:a2:f3:2d:55:97:dd:e9:93:53:54:a9:e3:98:
         fe:4b:36:7c:ef:4b:45:c9:9c:8b:25:c0:ac:50:6e:52:26:e2:
         b7:7b:8d:07:c5:92:30:af:5e:8f:52:01:81:fa:5c:5e:b6:4c:
         32:64:d8:33:40:d5:17:d8:80:d5:be:95:8b:27:fc:45:c2:6d:
         b9:84:5a:0a:60:aa:cc:c8:ac:e0:f7:48:2b:56:48:84:6a:05:
         8b:9e:dc:95:bd:56:57:8e:7d:6d:ff:dc:cb:09:b2:85:81:13:
         bc:da:2c:4d:1b:38:ce:aa:83:8c:6f:71:08:01:1a:c3:c9:49:
         97:f0:1d:99:c0:bc:ba:e1:ef:b2:c4:67:5f:9f:8c:a7:02:8d:
         92:78:8f:e3:ee:f1:48:db:d4:86:e7:d0:5a:48:3a:1e:4b:1a:
         a2:fb:5d:47:f3:10:bb:85:15:b3:e7:d8:dc:75:fc:03:e4:8f:
         fb:a6:89:1c
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUCQLDrVgepRf8i1ywXQMiYTpst8swDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjYwMjI4MDEwMTIxWhcNMjYwNTI5MjM1OTU5
WjB6MUkwRwYDVQQFE0AxZWQ1MTBjYzc0Y2IyZmQ2NzdmZmJhNTc0OWMwYWY1ZjE3
OTg3ZmE3ZmU3MGJmMjlkZWRmYWViODNjZWY0YWI1MS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCiAbDGOBPuUr1nddVvs2Zf6fUsDurA4cLg9HwKsR0QMwQd
17agp33S9Q9dv6OnXajxRVV2vAOeZQRDUe9ygv9AECVskXKTdFZFAV5Oqgb7rVZw
76N13VrAzU/LT++w1M2cG9XULSiZkNEbnaBRkS5SSi3hmNaYXVkAln55cn2kHt5w
vE+0CwC7w2hxdPD6rtBnWGT+XqQkl/X50BRTl46EpwHpY9JN6wUTcwDGOnfgnpBt
alHvY3kmZ8emVlO1znmTPOp2KnOsuFDCx/tkVP+RyhgFF86Xygy1T+MPekDalI2F
ha27+LQ236zFrJObo4Gj1fT42+dYH8xSCgYu/VpNAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUwJfQb1e/p9XtL5A/+uO8TzCAJ3QwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzU0NmI1OWUzLTNmZGItNDIxMS1hNzhjLTk5ODMxY2U2MmUzNC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAU25iAwDQYJKoZIhvcNAQELBQADggEBAG/8ZBYqRsvWRMzAaOfOpyvCsLA1
VsGYKGc3TcD9bsQ8n3smCNjvquHMJe5Fsm1yRfSzWOWQkommg7SEo01fEYcjskPo
t49gQ5OoGnPQovMtVZfd6ZNTVKnjmP5LNnzvS0XJnIslwKxQblIm4rd7jQfFkjCv
Xo9SAYH6XF62TDJk2DNA1RfYgNW+lYsn/EXCbbmEWgpgqszIrOD3SCtWSIRqBYue
3JW9VleOfW3/3MsJsoWBE7zaLE0bOM6qg4xvcQgBGsPJSZfwHZnAvLrh77LEZ1+f
jKcCjZJ4j+Pu8Ujb1Ibn0FpIOh5LGqL7XUfzELuFFbPn2Nx1/APkj/umiRw=
-----END CERTIFICATE-----