Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/63982151-fe23-4ff2-a258-ba97c1ecd12a.roa
File:                     63982151-fe23-4ff2-a258-ba97c1ecd12a.roa (raw, json)
Hash identifier:          z4DLosRui+UrQkt7l5uG7ZNmosd4Uxeh2n7QftCoe+I=
Subject key identifier:   E1:98:81:AE:24:DF:60:22:BD:21:94:C5:0B:30:FE:1E:3E:F9:D9:59
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       61B8BED6617B4529B01316B80580788D3DE1FFA1
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/63982151-fe23-4ff2-a258-ba97c1ecd12a.roa
Signing time:             Tue 24 Feb 2026 03:51:37 +0000
ROA not before:           Tue 24 Feb 2026 03:51:37 +0000
ROA not after:            Mon 25 May 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        54.82.129.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Mon 02 Mar 2026 20:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            61:b8:be:d6:61:7b:45:29:b0:13:16:b8:05:80:78:8d:3d:e1:ff:a1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Feb 24 03:51:37 2026 GMT
            Not After : May 25 23:59:59 2026 GMT
        Subject: serialNumber=8cb6fb6fe95193cae479dc9fe624a92b37e11cfdadeda0959b8ff94cd9e75169, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:97:56:25:91:be:00:59:59:95:00:c4:00:ca:
                    19:8b:f1:75:c1:07:cb:8f:ee:3b:f3:57:22:5b:39:
                    53:c7:9f:5b:c3:91:47:15:69:71:17:f1:dd:c3:d5:
                    6f:be:d2:fb:c6:81:f7:cb:80:b0:2a:56:f8:bd:81:
                    c0:7f:a3:f3:d4:ef:fd:af:6f:3b:e8:fc:31:11:cf:
                    79:93:ea:01:ca:a4:5f:82:55:b1:40:1b:92:b2:4c:
                    ba:24:44:8b:cd:65:45:75:0c:6a:b7:3a:be:4f:64:
                    0c:1d:12:a8:fd:5d:57:cb:2a:dd:fd:52:0b:10:0a:
                    5f:50:d9:43:32:61:fa:01:02:fc:c1:a5:d3:83:b7:
                    3d:1d:7e:9d:68:14:c9:10:fb:c0:a1:6f:bf:4e:b5:
                    41:64:52:c8:16:cc:5c:45:1d:f7:67:17:be:47:c5:
                    26:95:42:21:b2:63:07:b5:8e:d9:97:2a:06:10:38:
                    0d:b5:fb:65:79:63:e7:33:af:8c:00:88:2c:33:20:
                    66:ef:84:18:69:7d:d3:9b:77:cd:a5:be:81:2e:10:
                    de:48:03:84:d4:ca:20:22:05:0f:10:ee:53:46:c4:
                    12:11:a4:11:ba:4b:b2:2a:bb:97:db:29:a4:56:f7:
                    6e:47:29:94:f2:32:dd:46:00:4e:e9:5a:ce:d8:ec:
                    d0:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E1:98:81:AE:24:DF:60:22:BD:21:94:C5:0B:30:FE:1E:3E:F9:D9:59
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/63982151-fe23-4ff2-a258-ba97c1ecd12a.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  54.82.129.0/24

    Signature Algorithm: sha256WithRSAEncryption
         aa:53:7b:c2:d4:b0:7d:a6:01:fe:c4:92:84:32:9c:e7:0c:62:
         c9:bb:64:77:ed:01:b8:52:45:b7:2f:20:8c:32:88:61:4b:03:
         00:ea:06:9e:0d:5c:3a:58:31:e4:e7:09:38:5b:52:10:62:f0:
         20:03:ad:b4:21:be:8a:e4:9e:89:f8:65:fe:fd:f8:27:46:1e:
         35:0d:29:78:5e:01:f9:51:22:50:9b:8b:98:76:61:c7:e6:6e:
         4f:09:4b:d8:ce:ef:df:d9:4c:42:f8:36:47:5a:58:1c:f5:7e:
         02:43:89:68:28:27:f3:96:d3:2b:03:0f:43:c5:8b:30:50:87:
         b1:05:e0:14:36:c1:76:f4:10:0d:e6:98:37:7a:e9:86:8e:89:
         96:55:5b:83:e5:1a:88:b0:94:ec:fd:18:47:61:84:79:41:45:
         42:8f:ef:02:e5:90:e1:d2:31:a0:57:93:ad:3e:72:64:39:db:
         5d:ae:43:3f:0d:e0:0b:6e:4e:40:0f:30:5b:f5:5f:a6:6c:7a:
         01:9a:23:62:55:3d:4b:95:44:fe:11:b9:f7:85:70:6d:e9:08:
         74:24:37:6a:9e:e5:61:b3:f8:5d:e5:17:38:10:3c:bd:87:93:
         f9:4c:a7:e0:cc:d8:5d:ab:20:3b:74:b1:72:20:ae:a9:a2:e6:
         30:63:7c:f7
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUYbi+1mF7RSmwExa4BYB4jT3h/6EwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjYwMjI0MDM1MTM3WhcNMjYwNTI1MjM1OTU5
WjB6MUkwRwYDVQQFE0A4Y2I2ZmI2ZmU5NTE5M2NhZTQ3OWRjOWZlNjI0YTkyYjM3
ZTExY2ZkYWRlZGEwOTU5YjhmZjk0Y2Q5ZTc1MTY5MS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCul1Ylkb4AWVmVAMQAyhmL8XXBB8uP7jvzVyJbOVPHn1vD
kUcVaXEX8d3D1W++0vvGgffLgLAqVvi9gcB/o/PU7/2vbzvo/DERz3mT6gHKpF+C
VbFAG5KyTLokRIvNZUV1DGq3Or5PZAwdEqj9XVfLKt39UgsQCl9Q2UMyYfoBAvzB
pdODtz0dfp1oFMkQ+8Chb79OtUFkUsgWzFxFHfdnF75HxSaVQiGyYwe1jtmXKgYQ
OA21+2V5Y+czr4wAiCwzIGbvhBhpfdObd82lvoEuEN5IA4TUyiAiBQ8Q7lNGxBIR
pBG6S7Iqu5fbKaRW925HKZTyMt1GAE7pWs7Y7NDNAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU4ZiBriTfYCK9IZTFCzD+Hj752VkwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzYzOTgyMTUxLWZlMjMtNGZmMi1hMjU4LWJhOTdjMWVjZDEyYS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAA2UoEwDQYJKoZIhvcNAQELBQADggEBAKpTe8LUsH2mAf7EkoQynOcMYsm7
ZHftAbhSRbcvIIwyiGFLAwDqBp4NXDpYMeTnCThbUhBi8CADrbQhvorknon4Zf79
+CdGHjUNKXheAflRIlCbi5h2Ycfmbk8JS9jO79/ZTEL4NkdaWBz1fgJDiWgoJ/OW
0ysDD0PFizBQh7EF4BQ2wXb0EA3mmDd66YaOiZZVW4PlGoiwlOz9GEdhhHlBRUKP
7wLlkOHSMaBXk60+cmQ5212uQz8N4AtuTkAPMFv1X6ZsegGaI2JVPUuVRP4RufeF
cG3pCHQkN2qe5WGz+F3lFzgQPL2Hk/lMp+DM2F2rIDt0sXIgrqmi5jBjfPc=
-----END CERTIFICATE-----