Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/592229fc-0992-48a6-b4d6-3aa5c5bede73.roa
File:                     592229fc-0992-48a6-b4d6-3aa5c5bede73.roa (raw, json)
Hash identifier:          talwHjJkmmyMmV9hMcciHcZOz7ZCvFpjmOSzxLouvJ0=
Subject key identifier:   8F:17:0D:06:5B:67:E2:FA:A0:96:ED:66:D9:F4:6F:76:8D:3B:DE:B4
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       10D7247967936668F65F4C6D137761FD643DA036
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/592229fc-0992-48a6-b4d6-3aa5c5bede73.roa
Signing time:             Sat 28 Feb 2026 02:41:16 +0000
ROA not before:           Sat 28 Feb 2026 02:41:16 +0000
ROA not after:            Fri 29 May 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        54.89.0.0/16 maxlen: 16
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Wed 04 Mar 2026 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            10:d7:24:79:67:93:66:68:f6:5f:4c:6d:13:77:61:fd:64:3d:a0:36
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Feb 28 02:41:16 2026 GMT
            Not After : May 29 23:59:59 2026 GMT
        Subject: serialNumber=7e5d005d96a85dcd2ac7bc476e43a5150dae32136daaf4a2e60510ba34ed7334, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:ee:81:c7:81:08:46:ed:94:c8:f0:ba:ec:a8:
                    64:b5:0a:3a:e3:5e:05:91:31:be:67:c0:3d:77:54:
                    87:15:74:45:d3:b4:39:63:2f:23:13:37:e5:f7:1a:
                    59:4e:ec:79:5e:f7:49:52:a9:ed:98:ac:ac:21:fe:
                    ee:0d:61:ad:4a:96:b4:e3:ab:97:c8:3b:7b:85:35:
                    2e:ea:30:60:cb:f0:36:9e:55:b9:dc:c9:c3:62:72:
                    ad:da:14:5e:28:73:2a:20:ca:37:5b:02:57:78:da:
                    54:07:7e:6b:4b:57:b5:2c:d6:c6:b2:00:54:80:7b:
                    52:e3:79:c4:16:4e:23:97:f6:96:9b:1e:52:09:b5:
                    27:59:2e:6d:5f:09:20:e6:f1:87:a1:fe:eb:fb:82:
                    6b:14:db:c1:41:15:93:f4:c1:7a:52:6e:23:a8:f4:
                    cc:e6:69:52:8d:f5:62:3d:d8:c9:bc:d4:27:24:31:
                    41:7c:c6:b0:e2:d9:b9:30:ba:02:ad:b6:17:14:51:
                    d0:18:60:54:f6:02:47:e1:21:99:35:c9:0d:22:6a:
                    f1:98:66:cb:55:ae:ab:33:5a:53:44:f2:4c:bb:73:
                    95:8c:13:c4:29:c7:60:c7:8e:e3:42:7d:76:17:11:
                    ac:8b:d9:81:e4:73:cc:e5:2b:5e:fc:70:00:d3:0e:
                    75:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8F:17:0D:06:5B:67:E2:FA:A0:96:ED:66:D9:F4:6F:76:8D:3B:DE:B4
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/592229fc-0992-48a6-b4d6-3aa5c5bede73.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  54.89.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         6c:f2:ba:f1:dc:53:7a:25:b6:76:ea:90:30:36:28:53:46:2e:
         91:4e:30:31:d3:2d:2a:ac:26:64:85:23:05:e9:15:3b:e2:89:
         1b:a5:47:a9:10:cd:d3:0f:f0:38:18:59:41:5f:57:77:b0:99:
         06:18:cf:70:ff:71:7f:99:3f:0a:a8:ff:f6:9e:67:f8:a9:3b:
         00:92:8c:9f:cb:11:f7:e8:fc:ae:c2:2b:47:85:e1:48:9e:9e:
         4a:00:3b:dd:95:ba:b1:fd:b6:3d:86:7a:7e:73:12:95:13:4a:
         cf:ec:2c:c9:53:65:75:ae:d7:0b:c2:85:e9:7e:04:92:72:4e:
         aa:fd:c3:e5:85:3b:ec:06:72:b3:1b:89:29:3d:96:f2:3f:68:
         e9:1e:06:2e:e3:94:09:50:c2:e0:35:45:81:8e:9a:cf:3b:15:
         a7:7d:bf:82:75:2d:a3:08:71:27:9c:78:89:9f:b9:77:40:3a:
         19:71:6d:4a:8a:a0:86:58:fd:1a:94:e3:6e:7f:6d:a8:f1:41:
         d1:65:d8:82:74:d6:8f:5c:0a:de:b7:ea:f5:6a:2a:b2:97:ff:
         a7:58:b4:d4:71:1f:1b:33:f6:5d:8d:aa:53:bd:1a:da:59:79:
         02:94:9e:79:ed:bf:24:79:c1:6b:99:c1:6a:31:35:67:3b:17:
         0b:cf:b6:5e
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUENckeWeTZmj2X0xtE3dh/WQ9oDYwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjYwMjI4MDI0MTE2WhcNMjYwNTI5MjM1OTU5
WjB6MUkwRwYDVQQFE0A3ZTVkMDA1ZDk2YTg1ZGNkMmFjN2JjNDc2ZTQzYTUxNTBk
YWUzMjEzNmRhYWY0YTJlNjA1MTBiYTM0ZWQ3MzM0MS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCu7oHHgQhG7ZTI8LrsqGS1CjrjXgWRMb5nwD13VIcVdEXT
tDljLyMTN+X3GllO7Hle90lSqe2YrKwh/u4NYa1KlrTjq5fIO3uFNS7qMGDL8Dae
VbncycNicq3aFF4ocyogyjdbAld42lQHfmtLV7Us1sayAFSAe1LjecQWTiOX9pab
HlIJtSdZLm1fCSDm8Yeh/uv7gmsU28FBFZP0wXpSbiOo9MzmaVKN9WI92Mm81Cck
MUF8xrDi2bkwugKtthcUUdAYYFT2AkfhIZk1yQ0iavGYZstVrqszWlNE8ky7c5WM
E8Qpx2DHjuNCfXYXEayL2YHkc8zlK178cADTDnWBAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUjxcNBltn4vqglu1m2fRvdo073rQwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzU5MjIyOWZjLTA5OTItNDhhNi1iNGQ2LTNhYTVjNWJlZGU3My5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwA2WTANBgkqhkiG9w0BAQsFAAOCAQEAbPK68dxTeiW2duqQMDYoU0YukU4w
MdMtKqwmZIUjBekVO+KJG6VHqRDN0w/wOBhZQV9Xd7CZBhjPcP9xf5k/Cqj/9p5n
+Kk7AJKMn8sR9+j8rsIrR4XhSJ6eSgA73ZW6sf22PYZ6fnMSlRNKz+wsyVNlda7X
C8KF6X4EknJOqv3D5YU77AZysxuJKT2W8j9o6R4GLuOUCVDC4DVFgY6azzsVp32/
gnUtowhxJ5x4iZ+5d0A6GXFtSoqghlj9GpTjbn9tqPFB0WXYgnTWj1wK3rfq9Woq
spf/p1i01HEfGzP2XY2qU70a2ll5ApSeee2/JHnBa5nBajE1ZzsXC8+2Xg==
-----END CERTIFICATE-----
Generated at Mon Mar 2 04:50:07 2026 by rpki-client