Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/60b6952e-f423-4318-9ffb-9790f23f41b8.roa
File:                     60b6952e-f423-4318-9ffb-9790f23f41b8.roa (raw, json)
Hash identifier:          27aojQESJ8uqH6/7x9j0spQ09oI6byb3oCS9hs8DoWs=
Subject key identifier:   80:09:14:2E:88:4C:3C:F0:94:29:A3:2C:55:AC:E7:69:E9:BB:2D:E4
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       5294293600E3297F2789B2A694392F26FB514848
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/60b6952e-f423-4318-9ffb-9790f23f41b8.roa
Signing time:             Tue 17 Feb 2026 01:00:03 +0000
ROA not before:           Tue 17 Feb 2026 01:00:03 +0000
ROA not after:            Mon 18 May 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        3.240.0.0/13 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Mon 02 Mar 2026 20:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            52:94:29:36:00:e3:29:7f:27:89:b2:a6:94:39:2f:26:fb:51:48:48
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Feb 17 01:00:03 2026 GMT
            Not After : May 18 23:59:59 2026 GMT
        Subject: serialNumber=b91034e444b0f2f861a0ec9975bde228c7a7fa0f7506253539caf5862da31678, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:df:9a:58:06:96:20:53:27:6a:0b:04:b3:75:
                    a4:4d:8d:53:48:8a:00:af:39:cd:fe:d3:6a:6e:d1:
                    df:06:2f:ea:d2:bc:56:fc:58:8f:8e:81:f5:c6:dd:
                    c2:b4:45:31:84:5f:e1:01:f4:a9:0a:55:70:55:fe:
                    c8:84:68:48:49:e1:d5:8a:1c:78:3b:84:6e:b1:89:
                    a0:83:d3:c2:e1:23:33:77:6f:b1:60:0b:30:82:52:
                    9e:0e:3a:30:9d:8d:14:e5:cd:10:7a:42:e0:68:c0:
                    3f:30:70:97:68:59:a5:2d:0a:35:73:f9:d3:1d:9c:
                    2a:5a:b9:3b:fe:6c:72:43:be:41:1a:82:94:3d:25:
                    e7:0a:e0:ec:5b:99:b6:89:a9:8d:9b:7a:af:bb:7d:
                    e9:94:42:a1:24:cd:47:d3:8c:70:96:a0:7f:59:f9:
                    f3:c6:cc:9e:36:e6:66:83:64:2e:4d:db:89:19:39:
                    dc:03:d5:74:79:e3:b0:02:45:fe:46:64:3a:46:4a:
                    a9:a8:0d:68:81:11:44:7d:18:db:c2:3c:2b:a9:7e:
                    b0:2e:b1:56:e2:76:eb:a1:bd:4e:b0:0e:93:57:f2:
                    f7:a7:08:81:e8:89:4b:f4:22:3b:5b:ea:7c:57:83:
                    f3:7a:1c:ea:52:5c:56:76:75:50:e7:44:c7:eb:8d:
                    c5:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                80:09:14:2E:88:4C:3C:F0:94:29:A3:2C:55:AC:E7:69:E9:BB:2D:E4
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/60b6952e-f423-4318-9ffb-9790f23f41b8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  3.240.0.0/13

    Signature Algorithm: sha256WithRSAEncryption
         9e:e5:7e:93:a7:71:6e:99:07:38:18:18:c1:99:03:ce:85:cc:
         ac:71:88:b5:05:f0:91:0c:43:6b:ef:5e:9e:f8:90:6d:57:cf:
         44:70:ac:97:48:2a:4f:3a:b7:c9:ca:e3:d8:b7:95:3d:92:97:
         fa:fe:f3:10:f7:52:8b:1a:2a:8e:83:2a:cc:a8:03:b6:0a:de:
         99:18:4f:84:ff:d5:46:f1:f1:56:45:57:c9:84:13:5b:58:75:
         f1:04:69:d5:90:4d:43:21:9a:17:5e:1e:d9:2c:97:dd:04:6c:
         8f:36:26:d6:de:ae:d1:bd:7b:58:19:36:17:34:b1:2a:42:93:
         e5:0d:78:a8:11:10:e5:94:04:96:70:71:cd:f4:e9:67:75:a4:
         b5:4f:93:80:a2:02:c7:d7:de:74:9e:b3:af:8a:9c:ce:a2:7c:
         92:69:9e:00:a6:ba:b6:6e:ef:47:40:f2:73:62:77:f2:26:e4:
         2a:52:7d:01:7f:f1:34:66:a1:6b:46:bf:ad:c5:a6:8a:65:58:
         df:87:99:c3:bc:37:51:92:5a:b1:f1:8a:72:a3:00:14:1b:4d:
         aa:65:8e:41:07:b3:9b:29:65:f0:36:87:cf:1e:1d:05:34:37:
         32:bf:5f:4c:10:98:f0:d8:d1:1e:20:50:f5:76:04:19:3c:d4:
         dd:90:95:29
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUUpQpNgDjKX8nibKmlDkvJvtRSEgwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjYwMjE3MDEwMDAzWhcNMjYwNTE4MjM1OTU5
WjB6MUkwRwYDVQQFE0BiOTEwMzRlNDQ0YjBmMmY4NjFhMGVjOTk3NWJkZTIyOGM3
YTdmYTBmNzUwNjI1MzUzOWNhZjU4NjJkYTMxNjc4MS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC835pYBpYgUydqCwSzdaRNjVNIigCvOc3+02pu0d8GL+rS
vFb8WI+OgfXG3cK0RTGEX+EB9KkKVXBV/siEaEhJ4dWKHHg7hG6xiaCD08LhIzN3
b7FgCzCCUp4OOjCdjRTlzRB6QuBowD8wcJdoWaUtCjVz+dMdnCpauTv+bHJDvkEa
gpQ9JecK4OxbmbaJqY2beq+7femUQqEkzUfTjHCWoH9Z+fPGzJ425maDZC5N24kZ
OdwD1XR547ACRf5GZDpGSqmoDWiBEUR9GNvCPCupfrAusVbiduuhvU6wDpNX8ven
CIHoiUv0Ijtb6nxXg/N6HOpSXFZ2dVDnRMfrjcXTAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUgAkULohMPPCUKaMsVaznaem7LeQwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzYwYjY5NTJlLWY0MjMtNDMxOC05ZmZiLTk3OTBmMjNmNDFiOC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwMD8DANBgkqhkiG9w0BAQsFAAOCAQEAnuV+k6dxbpkHOBgYwZkDzoXMrHGI
tQXwkQxDa+9enviQbVfPRHCsl0gqTzq3ycrj2LeVPZKX+v7zEPdSixoqjoMqzKgD
tgremRhPhP/VRvHxVkVXyYQTW1h18QRp1ZBNQyGaF14e2SyX3QRsjzYm1t6u0b17
WBk2FzSxKkKT5Q14qBEQ5ZQElnBxzfTpZ3WktU+TgKICx9fedJ6zr4qczqJ8kmme
AKa6tm7vR0Dyc2J38ibkKlJ9AX/xNGaha0a/rcWmimVY34eZw7w3UZJasfGKcqMA
FBtNqmWOQQezmyll8DaHzx4dBTQ3Mr9fTBCY8NjRHiBQ9XYEGTzU3ZCVKQ==
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:56:44 2026 by rpki-client