Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/667cce7c-f6ee-42a8-93fc-00c115087f86.roa
File:                     667cce7c-f6ee-42a8-93fc-00c115087f86.roa (raw, json)
Hash identifier:          YWT6oaQDozqqWCau0lhgJ0INYDhI+XrhvkFIa4S44Qc=
Subject key identifier:   2A:85:37:2A:5F:FA:86:AB:C0:CA:89:42:A9:37:1B:87:16:17:37:13
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       4E6DF08C516915D164DD68B3783E828DEF72152A
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/667cce7c-f6ee-42a8-93fc-00c115087f86.roa
Signing time:             Tue 17 Feb 2026 00:40:39 +0000
ROA not before:           Tue 17 Feb 2026 00:40:39 +0000
ROA not after:            Mon 18 May 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        34.255.0.0/18 maxlen: 18
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Wed 04 Mar 2026 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4e:6d:f0:8c:51:69:15:d1:64:dd:68:b3:78:3e:82:8d:ef:72:15:2a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Feb 17 00:40:39 2026 GMT
            Not After : May 18 23:59:59 2026 GMT
        Subject: serialNumber=4d1dc8a48cf8ed69e662d5297cdf2f49dd06ff3cb67dfbb7157df1f1d3e04d0a, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f3:05:4b:a8:fd:17:03:59:32:23:83:7f:77:f6:
                    3c:b5:26:6f:45:02:b7:95:60:48:b7:59:3e:c2:1f:
                    7c:ce:a2:d1:e4:59:03:7b:be:bd:34:c6:c3:f8:22:
                    e9:be:14:c6:34:a4:74:02:be:3c:aa:dd:c2:82:93:
                    92:f6:d5:f1:b7:ca:4b:3d:e0:72:c1:bc:3b:3f:a9:
                    11:53:6e:dc:2b:d2:79:d4:d2:eb:68:f4:9b:66:3e:
                    4b:2d:4d:8c:17:09:d6:f3:a7:b2:ef:68:ba:64:20:
                    3c:d7:25:b0:e5:5b:f6:7b:5b:8a:b4:8b:3a:2b:77:
                    94:2a:e6:6e:b0:83:c8:b1:e3:b0:27:d0:ee:23:0a:
                    b0:8a:77:e7:22:d0:6d:d8:c5:dd:f0:88:4a:33:d0:
                    4a:1d:de:6f:40:18:ab:d3:77:6a:eb:d7:2b:34:f8:
                    4e:e6:6c:ef:da:b6:a5:11:03:98:60:bb:7b:c8:dc:
                    36:6c:fd:8f:db:cd:c4:24:c8:be:ef:56:13:22:2a:
                    6b:78:9e:84:f8:96:1b:1e:ca:59:55:54:a1:e0:d4:
                    ef:77:fb:46:1e:e6:50:61:19:6c:d3:89:ed:a7:d1:
                    62:e0:61:73:ba:0e:cf:be:cf:81:bb:35:6c:47:71:
                    3d:cf:bf:46:c9:b8:f4:6d:4c:c4:5a:08:f5:b2:da:
                    e7:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2A:85:37:2A:5F:FA:86:AB:C0:CA:89:42:A9:37:1B:87:16:17:37:13
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/667cce7c-f6ee-42a8-93fc-00c115087f86.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  34.255.0.0/18

    Signature Algorithm: sha256WithRSAEncryption
         04:73:0e:32:7b:53:3d:50:ef:8c:c0:8d:a3:1b:b3:5a:db:a5:
         05:1b:29:12:b3:0b:67:49:7c:ec:32:f6:b4:0d:82:1e:91:d1:
         d5:2a:c4:51:9b:6e:98:91:a2:03:a5:b0:76:ee:1d:c4:76:c2:
         bb:2e:99:ef:d6:2c:c2:ef:2f:d5:8c:13:51:4a:e6:76:d4:1f:
         05:58:c0:ef:c0:2c:01:15:c6:13:1f:69:c1:34:b0:ec:d7:9b:
         57:0f:86:34:58:f7:77:81:95:6c:6a:d4:cf:31:ef:22:ce:c5:
         2b:c8:62:7b:75:6e:3d:f5:fb:6d:d3:3c:be:75:99:b8:6f:d7:
         49:ae:a3:89:2b:9f:a4:85:8e:ed:5f:19:07:db:cf:9f:f9:ad:
         a4:87:f4:9f:e2:94:f1:65:2d:96:33:45:d1:fe:e7:f3:dc:03:
         9c:ac:33:04:ed:c9:49:a8:69:54:72:f5:91:5a:e0:2f:16:6a:
         fa:3d:cd:e2:83:f0:ab:17:ab:cf:1d:33:cd:5a:e3:6d:ee:f9:
         37:8b:d0:af:78:08:3d:f7:95:fa:6b:d3:05:03:3b:a5:d4:8a:
         b8:3c:20:6d:11:43:bb:ca:14:35:e0:0b:1f:1d:d5:c2:47:7c:
         5a:a1:4e:a6:eb:62:b3:3f:9f:c5:03:e8:14:22:40:05:87:3c:
         e5:7d:2d:3f
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUTm3wjFFpFdFk3WizeD6Cje9yFSowDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjYwMjE3MDA0MDM5WhcNMjYwNTE4MjM1OTU5
WjB6MUkwRwYDVQQFE0A0ZDFkYzhhNDhjZjhlZDY5ZTY2MmQ1Mjk3Y2RmMmY0OWRk
MDZmZjNjYjY3ZGZiYjcxNTdkZjFmMWQzZTA0ZDBhMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDzBUuo/RcDWTIjg3939jy1Jm9FAreVYEi3WT7CH3zOotHk
WQN7vr00xsP4Ium+FMY0pHQCvjyq3cKCk5L21fG3yks94HLBvDs/qRFTbtwr0nnU
0uto9JtmPkstTYwXCdbzp7LvaLpkIDzXJbDlW/Z7W4q0izord5Qq5m6wg8ix47An
0O4jCrCKd+ci0G3Yxd3wiEoz0Eod3m9AGKvTd2rr1ys0+E7mbO/atqURA5hgu3vI
3DZs/Y/bzcQkyL7vVhMiKmt4noT4lhseyllVVKHg1O93+0Ye5lBhGWzTie2n0WLg
YXO6Ds++z4G7NWxHcT3Pv0bJuPRtTMRaCPWy2uezAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUKoU3Kl/6hqvAyolCqTcbhxYXNxMwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzY2N2NjZTdjLWY2ZWUtNDJhOC05M2ZjLTAwYzExNTA4N2Y4Ni5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAYi/wAwDQYJKoZIhvcNAQELBQADggEBAARzDjJ7Uz1Q74zAjaMbs1rbpQUb
KRKzC2dJfOwy9rQNgh6R0dUqxFGbbpiRogOlsHbuHcR2wrsume/WLMLvL9WME1FK
5nbUHwVYwO/ALAEVxhMfacE0sOzXm1cPhjRY93eBlWxq1M8x7yLOxSvIYnt1bj31
+23TPL51mbhv10muo4krn6SFju1fGQfbz5/5raSH9J/ilPFlLZYzRdH+5/PcA5ys
MwTtyUmoaVRy9ZFa4C8Wavo9zeKD8KsXq88dM81a423u+TeL0K94CD33lfpr0wUD
O6XUirg8IG0RQ7vKFDXgCx8d1cJHfFqhTqbrYrM/n8UD6BQiQAWHPOV9LT8=
-----END CERTIFICATE-----
Generated at Mon Mar 2 01:32:24 2026 by rpki-client