Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/5888e779-11a4-4577-8042-8d5d09efae41.roa
File:                     5888e779-11a4-4577-8042-8d5d09efae41.roa (raw, json)
Hash identifier:          QGFDjDPAk/RAsEmT46Z173QySEAdxZPQKJ54EV9wBcE=
Subject key identifier:   D6:B6:4E:94:40:35:D4:5A:E4:B6:D5:EC:20:B7:28:64:EF:2A:E7:41
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       43466D08B66F120B12CBAD897CE1CFA826F641B4
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/5888e779-11a4-4577-8042-8d5d09efae41.roa
Signing time:             Mon 23 Feb 2026 01:21:48 +0000
ROA not before:           Mon 23 Feb 2026 01:21:48 +0000
ROA not after:            Sun 24 May 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        18.68.94.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Wed 04 Mar 2026 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            43:46:6d:08:b6:6f:12:0b:12:cb:ad:89:7c:e1:cf:a8:26:f6:41:b4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Feb 23 01:21:48 2026 GMT
            Not After : May 24 23:59:59 2026 GMT
        Subject: serialNumber=42ca0481fc89bd6db108be717e90a60ba56232f5e8cb2c677ec8457b77fb10f0, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:df:e7:9f:1d:98:d2:9a:2e:4f:6d:a6:c2:63:60:
                    f7:86:8a:7b:03:a5:23:18:b5:d9:f1:4e:52:c5:63:
                    4a:a4:5b:78:d2:cf:7f:87:34:41:9d:72:36:75:37:
                    aa:16:27:f0:bc:35:8e:9b:be:5a:b7:8a:96:3a:f5:
                    9e:26:19:44:f5:8b:72:d2:83:2a:70:9c:ff:76:b2:
                    5b:52:3f:8c:fb:ac:77:61:2f:8e:28:06:35:d1:b6:
                    43:b2:26:7b:f4:f1:86:51:e0:7b:61:6a:d2:8d:60:
                    66:b7:15:fa:a5:2b:e5:e7:09:a2:03:30:85:c4:97:
                    27:36:12:74:67:ff:5c:95:6c:c8:21:37:00:c8:a1:
                    70:45:7e:7d:d8:0f:5c:cd:82:e2:fd:04:b2:d8:e0:
                    7d:09:74:76:d4:52:48:8c:ce:98:c2:f8:42:4b:3e:
                    9a:a2:e6:4b:18:72:d9:f8:87:5c:e5:31:90:62:40:
                    16:2f:75:11:4c:06:84:f0:9a:8d:1e:0d:d0:c7:9b:
                    4f:0d:13:d9:f3:3e:2d:ef:11:b9:2a:c1:01:ef:3c:
                    6f:ce:01:bb:b1:82:9d:52:27:29:1c:cd:34:b2:26:
                    1b:61:4f:71:5e:12:d1:a5:c7:f5:b3:1a:43:96:48:
                    96:55:f7:3a:4e:3f:a1:3c:08:96:7a:a7:6c:6c:5e:
                    23:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D6:B6:4E:94:40:35:D4:5A:E4:B6:D5:EC:20:B7:28:64:EF:2A:E7:41
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/5888e779-11a4-4577-8042-8d5d09efae41.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  18.68.94.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2e:c9:4f:82:81:0a:b4:b5:ae:1b:bb:41:8a:64:75:a2:43:17:
         53:ea:4e:4b:3c:24:dd:3e:4f:29:73:a9:6a:b5:74:95:92:3e:
         9c:3a:da:25:2e:e0:62:86:15:d5:1c:00:67:05:3c:7f:7e:4a:
         54:46:16:6f:b7:40:b4:83:1d:db:a4:11:28:29:ee:73:64:e6:
         d5:9a:b8:37:b8:d1:6e:30:b8:12:77:17:89:1f:f0:fa:16:17:
         b8:a7:95:a1:b2:4f:60:c6:20:89:d1:3b:78:b2:90:0e:8c:af:
         98:e3:63:ca:0f:5f:30:26:2c:f4:71:b3:91:5b:d5:e2:01:2b:
         e2:6d:d7:d2:16:5c:98:91:4c:f4:56:fb:7f:25:35:c6:2a:22:
         95:ff:36:8d:60:8a:5a:f7:48:3c:d8:71:4e:18:ae:a7:c8:9a:
         2e:f6:5e:2a:da:d5:65:9b:83:f1:d0:46:e6:b5:ac:46:65:a8:
         fa:31:9d:9f:ed:33:5a:ef:b4:a9:da:a0:4a:3d:f7:5d:d2:a8:
         a1:27:b5:f1:74:59:c4:e3:c5:b9:22:6e:a6:3d:77:97:74:b4:
         d1:8d:e8:0b:23:f0:d3:21:70:9b:a1:ad:25:00:18:d7:90:6c:
         a1:0d:f4:8b:1d:b8:44:02:68:ae:f7:b5:ea:56:81:df:cd:2f:
         43:b8:21:5b
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUQ0ZtCLZvEgsSy62JfOHPqCb2QbQwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjYwMjIzMDEyMTQ4WhcNMjYwNTI0MjM1OTU5
WjB6MUkwRwYDVQQFE0A0MmNhMDQ4MWZjODliZDZkYjEwOGJlNzE3ZTkwYTYwYmE1
NjIzMmY1ZThjYjJjNjc3ZWM4NDU3Yjc3ZmIxMGYwMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDf558dmNKaLk9tpsJjYPeGinsDpSMYtdnxTlLFY0qkW3jS
z3+HNEGdcjZ1N6oWJ/C8NY6bvlq3ipY69Z4mGUT1i3LSgypwnP92sltSP4z7rHdh
L44oBjXRtkOyJnv08YZR4HthatKNYGa3FfqlK+XnCaIDMIXElyc2EnRn/1yVbMgh
NwDIoXBFfn3YD1zNguL9BLLY4H0JdHbUUkiMzpjC+EJLPpqi5ksYctn4h1zlMZBi
QBYvdRFMBoTwmo0eDdDHm08NE9nzPi3vEbkqwQHvPG/OAbuxgp1SJykczTSyJhth
T3FeEtGlx/WzGkOWSJZV9zpOP6E8CJZ6p2xsXiNTAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU1rZOlEA11FrkttXsILcoZO8q50EwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzU4ODhlNzc5LTExYTQtNDU3Ny04MDQyLThkNWQwOWVmYWU0MS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAASRF4wDQYJKoZIhvcNAQELBQADggEBAC7JT4KBCrS1rhu7QYpkdaJDF1Pq
Tks8JN0+TylzqWq1dJWSPpw62iUu4GKGFdUcAGcFPH9+SlRGFm+3QLSDHdukESgp
7nNk5tWauDe40W4wuBJ3F4kf8PoWF7inlaGyT2DGIInRO3iykA6Mr5jjY8oPXzAm
LPRxs5Fb1eIBK+Jt19IWXJiRTPRW+38lNcYqIpX/No1gilr3SDzYcU4YrqfImi72
Xira1WWbg/HQRua1rEZlqPoxnZ/tM1rvtKnaoEo9913SqKEntfF0WcTjxbkibqY9
d5d0tNGN6Asj8NMhcJuhrSUAGNeQbKEN9IsduEQCaK73tepWgd/NL0O4IVs=
-----END CERTIFICATE-----
Generated at Mon Mar 2 03:19:03 2026 by rpki-client