Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/5b5152de-771f-4c48-b716-e245ddec9efe.roa
File:                     5b5152de-771f-4c48-b716-e245ddec9efe.roa (raw, json)
Hash identifier:          1X2vTnq5gNXQKA72AARqY7iw/y4zRUkpW53JSTf5WSM=
Subject key identifier:   21:8F:3C:2B:D5:51:C7:62:F9:0D:45:A8:61:79:96:B2:3D:B0:EA:90
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       10D0397544AC8757F14A8B1E61E1AE2228307D22
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/5b5152de-771f-4c48-b716-e245ddec9efe.roa
Signing time:             Mon 23 Feb 2026 00:50:04 +0000
ROA not before:           Mon 23 Feb 2026 00:50:04 +0000
ROA not after:            Sun 24 May 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        18.68.100.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Mon 02 Mar 2026 20:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            10:d0:39:75:44:ac:87:57:f1:4a:8b:1e:61:e1:ae:22:28:30:7d:22
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Feb 23 00:50:04 2026 GMT
            Not After : May 24 23:59:59 2026 GMT
        Subject: serialNumber=5b1ad8ce5458b6d177b3ef2164cae11cb00631081d431c5d5bcd2f91b674ae62, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:ed:c9:3a:32:3e:e7:e8:e7:3a:c3:be:ef:7a:
                    1b:c6:97:b5:fe:b5:73:29:a9:67:7e:f7:b6:6b:a1:
                    c4:cd:28:ea:af:00:5c:65:0a:d4:73:9d:57:2d:c5:
                    fb:b4:40:90:f5:6b:17:81:06:63:c8:5f:cd:70:08:
                    23:11:cb:ed:7e:a7:6e:03:f4:fa:66:5e:d0:0a:0d:
                    f8:73:48:bf:14:f1:ac:f0:54:ae:0d:16:20:68:df:
                    7d:fb:a8:f6:8a:a8:48:39:02:bf:43:f0:6c:82:50:
                    68:cd:33:65:3d:35:c4:db:27:60:3a:5f:d3:ab:ec:
                    b4:07:b3:50:33:a9:26:92:c5:23:bf:61:b0:ad:c7:
                    92:01:d1:e0:bc:9b:de:0b:91:f2:27:82:44:b9:1c:
                    40:ed:43:ad:92:55:30:b1:75:51:b3:7e:04:7b:16:
                    40:8d:13:ad:0c:cd:e8:06:f6:c2:fd:a1:43:5b:5d:
                    f5:bc:d2:de:bf:1c:c7:ff:64:1a:aa:c7:4f:9d:74:
                    f7:72:09:2a:51:9d:17:7c:51:1b:0c:c2:e0:16:cb:
                    e4:db:bb:8b:68:df:cd:cd:b3:9c:15:b1:1e:b2:3b:
                    78:fd:18:85:e9:dc:9a:3c:75:9c:87:20:1b:dc:ef:
                    64:e2:7c:d0:88:62:7e:20:2f:d0:24:4c:ef:ca:12:
                    a4:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                21:8F:3C:2B:D5:51:C7:62:F9:0D:45:A8:61:79:96:B2:3D:B0:EA:90
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/5b5152de-771f-4c48-b716-e245ddec9efe.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  18.68.100.0/24

    Signature Algorithm: sha256WithRSAEncryption
         53:86:18:af:c4:08:90:55:03:43:3b:e3:f9:3d:04:be:b8:93:
         59:bd:5a:45:cf:0c:81:2a:08:e4:b9:dc:14:18:d8:c5:28:65:
         6f:c9:75:05:3c:f4:2a:e6:b8:4f:4e:c7:1d:b7:0e:35:e0:db:
         a4:57:82:95:68:ec:11:9d:f4:66:85:4c:80:15:3f:96:71:bf:
         cd:f1:33:76:ae:8b:ed:ac:1a:4a:6b:35:54:e9:9e:c7:dc:98:
         28:1e:99:62:f7:0f:95:67:ee:1b:52:7d:5e:0e:ec:42:c0:2a:
         31:56:d2:a8:11:a3:76:31:d1:36:14:1f:b3:21:4b:f7:59:b7:
         a7:3a:fc:72:78:c2:d0:6c:a1:2e:1b:f9:0b:99:c3:e5:6d:82:
         56:47:a7:cf:65:f0:e2:25:c9:78:fb:4c:33:3f:98:3b:32:fa:
         10:fa:38:b2:92:eb:dd:75:2e:b5:10:f6:99:65:09:a2:04:3c:
         53:5f:79:2f:2a:38:49:d1:e2:97:cf:e5:e4:0e:71:29:cc:8e:
         97:62:ff:91:b2:f0:99:1d:e0:e0:80:de:d9:2f:24:08:76:11:
         ad:6f:fe:cc:86:5a:49:5c:82:c4:5a:0e:1e:a9:ad:f6:c9:cf:
         08:8f:66:79:fd:30:30:cb:ea:2c:4e:40:95:ad:0a:f3:eb:9e:
         02:a3:a8:b1
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUENA5dUSsh1fxSoseYeGuIigwfSIwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjYwMjIzMDA1MDA0WhcNMjYwNTI0MjM1OTU5
WjB6MUkwRwYDVQQFE0A1YjFhZDhjZTU0NThiNmQxNzdiM2VmMjE2NGNhZTExY2Iw
MDYzMTA4MWQ0MzFjNWQ1YmNkMmY5MWI2NzRhZTYyMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCd7ck6Mj7n6Oc6w77vehvGl7X+tXMpqWd+97ZrocTNKOqv
AFxlCtRznVctxfu0QJD1axeBBmPIX81wCCMRy+1+p24D9PpmXtAKDfhzSL8U8azw
VK4NFiBo3337qPaKqEg5Ar9D8GyCUGjNM2U9NcTbJ2A6X9Or7LQHs1AzqSaSxSO/
YbCtx5IB0eC8m94LkfIngkS5HEDtQ62SVTCxdVGzfgR7FkCNE60MzegG9sL9oUNb
XfW80t6/HMf/ZBqqx0+ddPdyCSpRnRd8URsMwuAWy+Tbu4to383Ns5wVsR6yO3j9
GIXp3Jo8dZyHIBvc72TifNCIYn4gL9AkTO/KEqSBAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUIY88K9VRx2L5DUWoYXmWsj2w6pAwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzViNTE1MmRlLTc3MWYtNGM0OC1iNzE2LWUyNDVkZGVjOWVmZS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAASRGQwDQYJKoZIhvcNAQELBQADggEBAFOGGK/ECJBVA0M74/k9BL64k1m9
WkXPDIEqCOS53BQY2MUoZW/JdQU89CrmuE9Oxx23DjXg26RXgpVo7BGd9GaFTIAV
P5Zxv83xM3aui+2sGkprNVTpnsfcmCgemWL3D5Vn7htSfV4O7ELAKjFW0qgRo3Yx
0TYUH7MhS/dZt6c6/HJ4wtBsoS4b+QuZw+VtglZHp89l8OIlyXj7TDM/mDsy+hD6
OLKS6911LrUQ9pllCaIEPFNfeS8qOEnR4pfP5eQOcSnMjpdi/5Gy8Jkd4OCA3tkv
JAh2Ea1v/syGWklcgsRaDh6prfbJzwiPZnn9MDDL6ixOQJWtCvPrngKjqLE=
-----END CERTIFICATE-----