Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/5969520c-b3cb-46b1-8ab5-c52d87531106.roa
File:                     5969520c-b3cb-46b1-8ab5-c52d87531106.roa (raw, json)
Hash identifier:          VKo0BzcMnsZmtbOiam46Of9BK+tRh6QE5/5XLHDBe5o=
Subject key identifier:   36:1D:3B:9B:C4:0A:F5:0E:F7:FB:C6:BB:EB:69:64:24:88:34:34:86
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       54EA58EA1FDB8570C4D1409200AEF454B0606C1D
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/5969520c-b3cb-46b1-8ab5-c52d87531106.roa
Signing time:             Fri 15 May 2026 02:51:06 +0000
ROA not before:           Fri 15 May 2026 02:51:06 +0000
ROA not after:            Thu 13 Aug 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        54.240.8.0/21 maxlen: 21
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 18 Jun 2026 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            54:ea:58:ea:1f:db:85:70:c4:d1:40:92:00:ae:f4:54:b0:60:6c:1d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: May 15 02:51:06 2026 GMT
            Not After : Aug 13 23:59:59 2026 GMT
        Subject: serialNumber=77791d22d6530a1f8e777f09c5da068c51e42066524d28e687ae6bb930b11968, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:0f:f6:56:4d:6d:d3:31:e9:6e:ee:1f:dd:59:
                    46:ec:fa:8d:c0:44:34:d7:d2:dd:ae:56:14:af:76:
                    3e:df:f7:0c:3b:cb:cb:6a:c4:41:a4:fc:cd:80:ef:
                    5d:f7:dc:23:38:f8:66:48:d4:49:d9:ed:25:9b:43:
                    9b:fe:cc:c0:6e:3d:91:fe:27:6a:62:37:93:62:2c:
                    56:9c:ba:f2:72:19:e2:d7:bc:01:26:e1:82:37:9f:
                    57:61:87:3e:61:a0:42:6a:41:81:3b:e2:a7:d8:7f:
                    a2:64:c6:7a:32:92:a2:b6:3e:7b:40:c2:3a:7d:7b:
                    f1:07:ea:50:79:fb:55:15:2d:a3:c1:ae:49:4e:7f:
                    c7:1f:d7:0b:5a:05:f0:ae:d4:6a:aa:d0:a1:98:ad:
                    58:b8:f4:dc:5e:7d:c1:b9:bb:7c:50:79:97:fc:8a:
                    a4:32:2f:08:89:61:43:ee:4a:eb:9d:c3:75:c9:2e:
                    8c:96:bf:00:00:40:eb:6a:0b:db:27:e5:a3:fb:19:
                    3b:60:f1:2d:91:17:d2:9e:9e:ca:f2:be:2f:b7:fb:
                    4f:5f:95:1f:c1:30:d9:e5:2d:0f:4a:05:87:0c:4e:
                    02:e3:40:4e:81:d3:26:d5:64:8a:31:7a:e0:96:37:
                    8a:5c:99:5b:d7:5a:3b:a5:9d:74:61:87:4f:f6:b5:
                    f0:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                36:1D:3B:9B:C4:0A:F5:0E:F7:FB:C6:BB:EB:69:64:24:88:34:34:86
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/5969520c-b3cb-46b1-8ab5-c52d87531106.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  54.240.8.0/21

    Signature Algorithm: sha256WithRSAEncryption
         95:75:7a:4c:84:89:b5:94:4e:14:79:2f:8a:30:2a:91:5f:2e:
         b1:bc:59:a7:43:c5:62:1d:82:01:93:08:2b:5e:eb:73:1a:10:
         21:ce:1c:d6:ce:c9:fc:4a:3f:ef:8a:b8:a5:e6:35:6e:84:be:
         bd:13:cb:3e:5f:29:ab:d7:87:90:d2:28:de:03:56:65:01:2b:
         5b:8a:87:4e:b2:d7:69:d7:8a:1d:19:94:03:3b:31:2c:76:68:
         cb:64:fe:a9:99:35:25:c7:bc:07:60:ff:35:96:35:e6:ff:17:
         37:20:dd:bb:b0:4c:69:a6:ed:c5:4f:31:aa:ca:34:9d:69:79:
         9b:f2:ce:39:16:10:ed:40:3e:7d:89:8b:d1:68:89:05:79:78:
         43:e8:8d:61:80:7c:94:4b:fc:73:1b:e4:ec:ee:4c:fe:38:6b:
         71:3f:e5:a5:ac:4f:8b:62:84:34:9e:fc:46:43:eb:b0:bf:2c:
         f6:11:d9:0f:d3:60:b9:9b:26:9c:fd:70:59:f9:e6:74:04:3c:
         dd:ce:e7:f1:ca:16:b0:34:01:e8:9a:cb:e5:2c:51:65:ad:f1:
         b3:1b:eb:9a:b5:4c:57:a9:46:69:6e:61:dc:51:22:9d:33:66:
         47:14:bc:d3:8d:aa:73:11:99:55:36:b0:58:f2:17:82:18:3e:
         23:69:45:e1
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUVOpY6h/bhXDE0UCSAK70VLBgbB0wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjYwNTE1MDI1MTA2WhcNMjYwODEzMjM1OTU5
WjB6MUkwRwYDVQQFE0A3Nzc5MWQyMmQ2NTMwYTFmOGU3NzdmMDljNWRhMDY4YzUx
ZTQyMDY2NTI0ZDI4ZTY4N2FlNmJiOTMwYjExOTY4MS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDAD/ZWTW3TMelu7h/dWUbs+o3ARDTX0t2uVhSvdj7f9ww7
y8tqxEGk/M2A71333CM4+GZI1EnZ7SWbQ5v+zMBuPZH+J2piN5NiLFacuvJyGeLX
vAEm4YI3n1dhhz5hoEJqQYE74qfYf6JkxnoykqK2PntAwjp9e/EH6lB5+1UVLaPB
rklOf8cf1wtaBfCu1Gqq0KGYrVi49NxefcG5u3xQeZf8iqQyLwiJYUPuSuudw3XJ
LoyWvwAAQOtqC9sn5aP7GTtg8S2RF9Kensryvi+3+09flR/BMNnlLQ9KBYcMTgLj
QE6B0ybVZIoxeuCWN4pcmVvXWjulnXRhh0/2tfATAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUNh07m8QK9Q73+8a762lkJIg0NIYwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzU5Njk1MjBjLWIzY2ItNDZiMS04YWI1LWM1MmQ4NzUzMTEwNi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAM28AgwDQYJKoZIhvcNAQELBQADggEBAJV1ekyEibWUThR5L4owKpFfLrG8
WadDxWIdggGTCCte63MaECHOHNbOyfxKP++KuKXmNW6Evr0Tyz5fKavXh5DSKN4D
VmUBK1uKh06y12nXih0ZlAM7MSx2aMtk/qmZNSXHvAdg/zWWNeb/Fzcg3buwTGmm
7cVPMarKNJ1peZvyzjkWEO1APn2Ji9FoiQV5eEPojWGAfJRL/HMb5OzuTP44a3E/
5aWsT4tihDSe/EZD67C/LPYR2Q/TYLmbJpz9cFn55nQEPN3O5/HKFrA0Aeiay+Us
UWWt8bMb65q1TFepRmluYdxRIp0zZkcUvNONqnMRmVU2sFjyF4IYPiNpReE=
-----END CERTIFICATE-----