Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/5f6ee6fa-a5c1-43cf-a375-a53cb80d8739.roa
File:                     5f6ee6fa-a5c1-43cf-a375-a53cb80d8739.roa (raw, json)
Hash identifier:          0oXx/Nt768dpoWpZDPPWdkyZwyKfZjM7AabkIrKb6O8=
Subject key identifier:   2E:CD:AF:F5:40:A3:B7:74:42:8B:A3:42:E5:DF:94:3C:0F:A7:B0:5A
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       2C976F4C72088A4AC1500C730E850338065017
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/5f6ee6fa-a5c1-43cf-a375-a53cb80d8739.roa
Signing time:             Tue 24 Feb 2026 02:41:03 +0000
ROA not before:           Tue 24 Feb 2026 02:41:03 +0000
ROA not after:            Mon 25 May 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        54.251.0.0/18 maxlen: 18
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Mon 02 Mar 2026 20:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2c:97:6f:4c:72:08:8a:4a:c1:50:0c:73:0e:85:03:38:06:50:17
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Feb 24 02:41:03 2026 GMT
            Not After : May 25 23:59:59 2026 GMT
        Subject: serialNumber=7836a377484ef9eda39264317c0cbbb0465e0c444c43daa85a3c86c082f0eb8a, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:39:1a:7e:10:02:6a:99:11:63:a5:e2:fb:43:
                    33:9a:c4:5f:35:08:71:02:da:43:83:d1:a1:10:af:
                    4b:dd:08:b9:e7:79:f3:11:6c:91:b6:e7:8d:54:56:
                    4d:53:46:31:ee:bd:9d:60:8e:68:ba:e8:c3:08:fc:
                    4b:07:53:b3:d2:ae:5b:c2:41:17:f3:05:fb:86:f8:
                    2f:b5:75:18:90:99:f3:be:14:45:67:33:2f:75:b2:
                    f1:ad:d9:cb:2f:32:93:96:ac:91:06:6e:47:c7:0a:
                    a4:5c:63:cb:40:f2:a7:0e:b0:55:61:b3:90:a7:62:
                    c6:19:33:c5:6c:35:c8:a3:0d:33:da:d0:16:0a:d2:
                    09:d8:ac:a3:2b:fd:b1:7d:21:07:73:0d:63:d3:09:
                    27:b9:0e:9c:38:4d:da:33:6b:bc:bc:f8:4f:14:57:
                    3c:04:f6:94:36:4b:f5:3a:42:41:f7:cf:7d:77:30:
                    f5:4a:20:28:41:2e:5d:6d:e7:c6:58:91:f4:ae:1c:
                    39:99:d3:82:ad:70:55:b0:95:48:59:c0:e1:dd:70:
                    65:60:a9:40:fd:e1:9d:4c:cb:d1:8f:69:38:e8:5f:
                    46:7f:a2:68:4e:e7:f4:68:92:b7:a1:26:7d:42:83:
                    f9:2d:3d:c0:66:f5:82:41:78:ad:23:61:45:0d:f3:
                    2f:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2E:CD:AF:F5:40:A3:B7:74:42:8B:A3:42:E5:DF:94:3C:0F:A7:B0:5A
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/5f6ee6fa-a5c1-43cf-a375-a53cb80d8739.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  54.251.0.0/18

    Signature Algorithm: sha256WithRSAEncryption
         8a:f9:16:96:36:48:8c:cd:b2:9e:8e:29:59:4a:bc:3e:cd:d3:
         fb:04:59:89:7f:69:05:b7:88:2a:28:f0:3d:a3:7f:2f:04:23:
         d3:48:e7:97:f2:91:b5:19:36:f1:09:cc:7d:db:a3:87:48:8a:
         72:e4:0b:9a:ad:04:09:6b:f2:a6:6f:5c:e5:82:c0:44:f1:f3:
         25:e0:24:c5:ab:68:b3:d7:39:e8:0f:44:42:e1:32:5e:42:ca:
         83:0a:d2:6f:5c:8d:2e:67:e2:bd:b0:c2:95:e3:c6:96:7e:0a:
         8e:1c:32:4c:62:79:83:2c:95:a7:a8:3c:87:3e:6c:da:d3:aa:
         9f:47:f0:6c:6c:30:08:8b:2e:f1:bb:eb:4d:08:ac:78:1d:31:
         d5:42:18:3f:0f:7f:d9:f6:b5:d7:87:36:61:86:a3:6a:79:e9:
         d7:85:6f:40:19:d9:4e:48:3f:04:8a:fc:91:78:5f:cd:4a:23:
         d0:23:90:e8:50:1a:38:98:a5:ff:14:ff:6f:f9:24:a2:cb:d3:
         fa:f8:ad:dd:1e:2d:34:1b:04:2e:65:37:41:48:89:30:38:a1:
         1f:c8:1b:56:d1:16:e5:47:3b:b8:79:36:01:af:de:5a:56:54:
         d3:e5:bd:21:65:ce:1f:a4:7e:14:ee:13:2c:ff:86:ac:4b:97:
         27:83:73:c1
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgITLJdvTHIIikrBUAxzDoUDOAZQFzANBgkqhkiG9w0BAQsF
ADA9MTswOQYDVQQDEzJkZjZmM2IzYTM0YjYzODZkMWEzMmQ4ZjRmYTMxNzhlZjMx
ODg3ZDhiNDI4ZGZhYTQ3NjAeFw0yNjAyMjQwMjQxMDNaFw0yNjA1MjUyMzU5NTla
MHoxSTBHBgNVBAUTQDc4MzZhMzc3NDg0ZWY5ZWRhMzkyNjQzMTdjMGNiYmIwNDY1
ZTBjNDQ0YzQzZGFhODVhM2M4NmMwODJmMGViOGExLTArBgNVBAMTJDVmMjc2MDQ1
LTViOWYtNDVlZi05MjNkLWYzZmNlMjRhNjIyNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMw5Gn4QAmqZEWOl4vtDM5rEXzUIcQLaQ4PRoRCvS90Iued5
8xFskbbnjVRWTVNGMe69nWCOaLrowwj8SwdTs9KuW8JBF/MF+4b4L7V1GJCZ874U
RWczL3Wy8a3Zyy8yk5askQZuR8cKpFxjy0Dypw6wVWGzkKdixhkzxWw1yKMNM9rQ
FgrSCdisoyv9sX0hB3MNY9MJJ7kOnDhN2jNrvLz4TxRXPAT2lDZL9TpCQffPfXcw
9UogKEEuXW3nxliR9K4cOZnTgq1wVbCVSFnA4d1wZWCpQP3hnUzL0Y9pOOhfRn+i
aE7n9GiSt6EmfUKD+S09wGb1gkF4rSNhRQ3zL/UCAwEAAaOCArEwggKtMB0GA1Ud
DgQWBBQuza/1QKO3dEKLo0Ll35Q8D6ewWjAfBgNVHSMEGDAWgBQlrdNCsB63pY6t
GZAmiLVLP4H0uDAOBgNVHQ8BAf8EBAMCB4AwgfMGCCsGAQUFBwEBBIHmMIHjMIHg
BggrBgEFBQcwAoaB03JzeW5jOi8vcnBraS5hcmluLm5ldC9yZXBvc2l0b3J5L2Fy
aW4tcnBraS10YS81ZTRhMjNlYS1lODBhLTQwM2UtYjA4Yy0yMTcxZGEyMTU3ZDMv
MmEyNDY5NDctMmQ2Mi00YTZjLWJhMDUtODcxODdmMDA5OWIyLzg1MWNlZjE3LTEz
MmEtNDMzNy1iN2QxLWJmMTZhNTJmZmQwMy9kZjZmM2IzYTM0YjYzODZkMWEzMmQ4
ZjRmYTMxNzhlZjMxODg3ZDhiNDI4ZGZhYTQ3Ni5jZXIwgZ4GCCsGAQUFBwELBIGR
MIGOMIGLBggrBgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS9mNzAzNjk2ZS1lNDdiLTRjMjAtYmQ5My02Zjgw
OTA0ZTQyZDIvNWY2ZWU2ZmEtYTVjMS00M2NmLWEzNzUtYTUzY2I4MGQ4NzM5LnJv
YTCBiAYDVR0fBIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0
LTIuYW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMt
NmY4MDkwNGU0MmQyL3RqaHRHakxZOVBveGVPOHhpSDJMUW8zNnBIWS5jcmwwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEBjb7ADANBgkqhkiG9w0BAQsFAAOCAQEAivkWljZIjM2yno4pWUq8Ps3T+wRZ
iX9pBbeIKijwPaN/LwQj00jnl/KRtRk28QnMfdujh0iKcuQLmq0ECWvypm9c5YLA
RPHzJeAkxatos9c56A9EQuEyXkLKgwrSb1yNLmfivbDClePGln4KjhwyTGJ5gyyV
p6g8hz5s2tOqn0fwbGwwCIsu8bvrTQiseB0x1UIYPw9/2fa114c2YYajannp14Vv
QBnZTkg/BIr8kXhfzUoj0COQ6FAaOJil/xT/b/kkosvT+vit3R4tNBsELmU3QUiJ
MDihH8gbVtEW5Uc7uHk2Aa/eWlZU0+W9IWXOH6R+FO4TLP+GrEuXJ4NzwQ==
-----END CERTIFICATE-----