Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/5509b865-3941-4094-bf73-1b07caf81ab7.roa
File:                     5509b865-3941-4094-bf73-1b07caf81ab7.roa (raw, json)
Hash identifier:          mMQgp8yZRHoycLxNoaCC0RZ1cQtGnTJpn5Clza3Rhhg=
Subject key identifier:   2E:AA:06:B4:D0:3E:A9:A4:B6:30:63:EC:64:B5:2B:82:03:91:1E:67
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       21C807C07144F9D311D38F1737B2566759154B5F
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/5509b865-3941-4094-bf73-1b07caf81ab7.roa
Signing time:             Tue 19 May 2026 02:41:21 +0000
ROA not before:           Tue 19 May 2026 02:41:21 +0000
ROA not after:            Mon 17 Aug 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        54.66.0.0/17 maxlen: 17
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 18 Jun 2026 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            21:c8:07:c0:71:44:f9:d3:11:d3:8f:17:37:b2:56:67:59:15:4b:5f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: May 19 02:41:21 2026 GMT
            Not After : Aug 17 23:59:59 2026 GMT
        Subject: serialNumber=45a8e943ac5670737568002f4f59441c7a686a31f7bbde5185769d8a1cae5137, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:db:06:8d:61:04:55:ed:0d:24:01:6d:2f:ec:36:
                    fa:44:9d:52:d3:6d:9e:35:ec:8b:19:04:c4:69:66:
                    86:62:0e:0d:d5:8c:db:cc:fb:d6:68:60:78:17:b4:
                    7b:3c:60:7c:45:40:8e:fb:11:94:7f:b7:c0:5e:6f:
                    13:ea:8e:64:c2:42:34:a6:e4:e8:c9:15:a6:63:d3:
                    3e:a4:80:9d:a3:a2:fb:0b:12:32:96:89:9d:ef:d6:
                    ae:4c:51:d7:2d:93:24:b6:c2:ee:a5:42:bb:0c:bd:
                    47:76:53:f7:b0:77:27:9c:df:66:e8:e5:90:73:dd:
                    b5:af:c6:c6:e5:bd:1e:3a:7a:29:bf:6d:ec:0a:8a:
                    ca:a0:ed:56:34:24:14:b8:ef:bb:7f:50:a5:77:ef:
                    ce:ca:25:ec:d2:0a:de:90:b6:59:7c:2f:be:d5:1c:
                    11:60:8a:1d:d8:31:12:43:90:2f:03:1f:3a:2f:19:
                    c5:05:21:c0:94:7d:bc:4c:d2:66:14:50:78:c0:1b:
                    a8:be:60:7f:9c:2e:ae:b0:37:71:fc:22:79:6f:2d:
                    79:b0:59:e1:3e:95:a0:d3:af:13:1d:c0:a5:47:48:
                    5f:96:91:7d:e6:69:65:a5:5e:2d:ac:e0:e3:ff:ce:
                    bc:4f:87:aa:1d:a7:f3:3e:61:17:39:6d:7d:08:b6:
                    9c:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2E:AA:06:B4:D0:3E:A9:A4:B6:30:63:EC:64:B5:2B:82:03:91:1E:67
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/5509b865-3941-4094-bf73-1b07caf81ab7.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  54.66.0.0/17

    Signature Algorithm: sha256WithRSAEncryption
         96:9d:84:1f:d8:ab:85:11:17:7f:1f:00:f2:99:8f:48:f2:d8:
         97:78:09:30:d8:b6:78:ca:61:ed:de:70:d8:0b:a2:9a:0d:5f:
         ac:0e:88:32:6d:93:35:54:f6:e4:a0:61:0f:f0:f7:30:c1:c4:
         ad:8f:af:dc:b5:4f:78:40:a7:c2:fa:8f:5c:a1:36:70:14:b8:
         a1:fd:53:87:d3:53:2e:4f:cf:1d:24:1b:db:70:8b:45:4d:af:
         83:28:c5:bf:71:6c:36:38:9f:7c:55:ec:bb:4e:cf:32:22:fd:
         ec:a9:8a:6f:73:6d:17:8d:3e:34:19:00:0b:47:cf:90:41:b8:
         c2:0e:06:29:e1:a9:b8:8b:d6:0d:65:22:3f:ae:ec:d9:05:f1:
         f2:be:e9:42:5b:79:2d:b7:8d:8c:b7:c0:6f:d6:80:ea:f7:c0:
         8a:33:84:5b:58:a4:a4:86:bf:7d:a2:13:ee:6b:54:a5:93:ad:
         6b:37:5c:41:ee:3e:64:21:09:f6:d0:27:48:e4:e9:5c:fa:e6:
         68:6a:04:00:4b:88:a4:50:da:b0:38:3a:a5:46:c7:83:98:29:
         61:69:ab:74:f2:1b:82:da:32:28:01:0e:c6:ad:f2:f6:72:e0:
         a0:ed:89:8a:ae:c9:5f:02:6a:87:88:3b:ba:47:78:0f:c3:43:
         6d:19:20:68
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUIcgHwHFE+dMR048XN7JWZ1kVS18wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjYwNTE5MDI0MTIxWhcNMjYwODE3MjM1OTU5
WjB6MUkwRwYDVQQFE0A0NWE4ZTk0M2FjNTY3MDczNzU2ODAwMmY0ZjU5NDQxYzdh
Njg2YTMxZjdiYmRlNTE4NTc2OWQ4YTFjYWU1MTM3MS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDbBo1hBFXtDSQBbS/sNvpEnVLTbZ417IsZBMRpZoZiDg3V
jNvM+9ZoYHgXtHs8YHxFQI77EZR/t8BebxPqjmTCQjSm5OjJFaZj0z6kgJ2jovsL
EjKWiZ3v1q5MUdctkyS2wu6lQrsMvUd2U/ewdyec32bo5ZBz3bWvxsblvR46eim/
bewKisqg7VY0JBS477t/UKV3787KJezSCt6Qtll8L77VHBFgih3YMRJDkC8DHzov
GcUFIcCUfbxM0mYUUHjAG6i+YH+cLq6wN3H8InlvLXmwWeE+laDTrxMdwKVHSF+W
kX3maWWlXi2s4OP/zrxPh6odp/M+YRc5bX0ItpyJAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQULqoGtNA+qaS2MGPsZLUrggORHmcwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzU1MDliODY1LTM5NDEtNDA5NC1iZjczLTFiMDdjYWY4MWFiNy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAc2QgAwDQYJKoZIhvcNAQELBQADggEBAJadhB/Yq4URF38fAPKZj0jy2Jd4
CTDYtnjKYe3ecNgLopoNX6wOiDJtkzVU9uSgYQ/w9zDBxK2Pr9y1T3hAp8L6j1yh
NnAUuKH9U4fTUy5Pzx0kG9twi0VNr4Moxb9xbDY4n3xV7LtOzzIi/eypim9zbReN
PjQZAAtHz5BBuMIOBinhqbiL1g1lIj+u7NkF8fK+6UJbeS23jYy3wG/WgOr3wIoz
hFtYpKSGv32iE+5rVKWTrWs3XEHuPmQhCfbQJ0jk6Vz65mhqBABLiKRQ2rA4OqVG
x4OYKWFpq3TyG4LaMigBDsat8vZy4KDtiYquyV8CaoeIO7pHeA/DQ20ZIGg=
-----END CERTIFICATE-----