Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/6842676e-78c9-4fcd-8ace-d84afb3ec897.roa
File:                     6842676e-78c9-4fcd-8ace-d84afb3ec897.roa (raw, json)
Hash identifier:          82ErspwdFC3raJegRGS17TT36CdBFuLGSLyjl8P6RdE=
Subject key identifier:   1C:2A:10:AF:AB:CB:62:93:27:5C:45:9E:3C:FF:B6:10:3C:7A:05:02
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       29C24508BF7586B35EF61E47E18B0E414D0A1FE2
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/6842676e-78c9-4fcd-8ace-d84afb3ec897.roa
Signing time:             Sat 16 May 2026 02:50:09 +0000
ROA not before:           Sat 16 May 2026 02:50:09 +0000
ROA not after:            Fri 14 Aug 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        54.255.112.0/21 maxlen: 21
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 18 Jun 2026 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            29:c2:45:08:bf:75:86:b3:5e:f6:1e:47:e1:8b:0e:41:4d:0a:1f:e2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: May 16 02:50:09 2026 GMT
            Not After : Aug 14 23:59:59 2026 GMT
        Subject: serialNumber=fd363dc308091260fb8fefee0a915368e3004a2792cf8bc5a559aceadc650fdc, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:49:b7:fe:6a:67:57:3b:0a:62:51:17:e4:27:
                    1b:8a:21:c6:81:c4:53:d5:20:1b:8c:6f:52:37:55:
                    76:bb:4e:97:f1:85:5d:af:f9:18:da:2d:af:4f:3a:
                    0c:73:7c:61:fe:ef:19:1b:28:78:4d:c1:da:89:66:
                    49:fb:cb:64:66:ca:74:8f:c0:d7:ed:3e:77:cc:8f:
                    91:b2:86:48:33:d0:02:c9:14:50:78:ea:4c:aa:fa:
                    63:e8:fc:a4:0b:35:2f:b3:5e:2f:9b:5c:38:11:05:
                    92:48:18:60:a4:a3:11:a5:6f:ea:b0:99:e0:f0:3b:
                    25:76:d4:7c:d5:7c:f7:83:98:16:6c:3e:82:91:df:
                    e7:7b:d8:55:8a:aa:f3:08:68:46:e3:75:7b:1a:bd:
                    c7:82:ac:85:68:93:74:c8:db:7c:74:38:40:39:a4:
                    c2:d9:73:13:37:c9:9e:ac:de:1b:bd:a0:a3:05:28:
                    0f:00:24:ad:23:ab:0b:2c:05:5a:93:76:a5:e7:42:
                    e8:c9:c5:a0:6c:ec:8d:ec:9f:a7:8e:d6:f2:0e:46:
                    11:9b:92:47:65:2e:9f:55:84:df:14:c0:aa:e1:13:
                    6d:1d:d7:c8:0a:e6:87:ba:de:19:19:52:01:d6:37:
                    d2:6f:cb:85:f8:38:74:58:5f:05:5a:56:ed:3f:f8:
                    36:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1C:2A:10:AF:AB:CB:62:93:27:5C:45:9E:3C:FF:B6:10:3C:7A:05:02
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/6842676e-78c9-4fcd-8ace-d84afb3ec897.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  54.255.112.0/21

    Signature Algorithm: sha256WithRSAEncryption
         aa:6a:ce:bd:e7:c3:10:c6:d3:d4:30:71:43:b0:ff:c6:a1:86:
         b1:14:bd:82:e6:00:0b:c8:78:17:8f:db:7f:e6:06:0c:ed:ce:
         f1:0c:d8:ff:7d:cc:4f:07:bd:6e:c1:62:10:33:45:cf:cd:2e:
         26:c8:91:d0:19:e3:16:2d:7c:9a:ed:14:3c:09:4a:65:fa:9b:
         f8:6e:da:71:d0:dc:d2:28:7a:ad:60:ec:0b:56:a3:e8:0c:39:
         38:e6:24:8f:b8:78:96:4e:b4:96:c3:e7:82:b9:61:3e:5e:03:
         8e:18:ef:05:37:94:5c:91:a1:a9:17:99:ef:14:58:97:b7:3a:
         dd:12:1b:64:a4:29:78:9b:79:6e:8d:5f:57:c9:03:07:e0:14:
         b6:7f:07:d4:08:2c:6d:92:18:3e:21:b2:c4:a1:ce:3c:1d:55:
         06:2d:92:de:11:2b:74:43:fa:7f:b5:27:98:9d:b2:96:14:d9:
         25:40:03:47:ce:b1:4e:bb:97:f1:6f:85:5a:07:96:31:4b:86:
         6e:d9:bf:fe:01:63:1a:6d:c5:d6:24:a7:ee:c1:78:6a:b4:87:
         ad:4f:0f:ba:3e:f4:81:fe:76:d0:ad:19:01:18:9b:8a:c1:8b:
         f8:7d:b2:c8:14:00:60:56:a4:76:02:66:39:62:24:7e:70:d5:
         07:5b:88:d8
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUKcJFCL91hrNe9h5H4YsOQU0KH+IwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjYwNTE2MDI1MDA5WhcNMjYwODE0MjM1OTU5
WjB6MUkwRwYDVQQFE0BmZDM2M2RjMzA4MDkxMjYwZmI4ZmVmZWUwYTkxNTM2OGUz
MDA0YTI3OTJjZjhiYzVhNTU5YWNlYWRjNjUwZmRjMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC7Sbf+amdXOwpiURfkJxuKIcaBxFPVIBuMb1I3VXa7Tpfx
hV2v+RjaLa9POgxzfGH+7xkbKHhNwdqJZkn7y2RmynSPwNftPnfMj5Gyhkgz0ALJ
FFB46kyq+mPo/KQLNS+zXi+bXDgRBZJIGGCkoxGlb+qwmeDwOyV21HzVfPeDmBZs
PoKR3+d72FWKqvMIaEbjdXsavceCrIVok3TI23x0OEA5pMLZcxM3yZ6s3hu9oKMF
KA8AJK0jqwssBVqTdqXnQujJxaBs7I3sn6eO1vIORhGbkkdlLp9VhN8UwKrhE20d
18gK5oe63hkZUgHWN9Jvy4X4OHRYXwVaVu0/+Db5AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUHCoQr6vLYpMnXEWePP+2EDx6BQIwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzY4NDI2NzZlLTc4YzktNGZjZC04YWNlLWQ4NGFmYjNlYzg5Ny5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAM2/3AwDQYJKoZIhvcNAQELBQADggEBAKpqzr3nwxDG09QwcUOw/8ahhrEU
vYLmAAvIeBeP23/mBgztzvEM2P99zE8HvW7BYhAzRc/NLibIkdAZ4xYtfJrtFDwJ
SmX6m/hu2nHQ3NIoeq1g7AtWo+gMOTjmJI+4eJZOtJbD54K5YT5eA44Y7wU3lFyR
oakXme8UWJe3Ot0SG2SkKXibeW6NX1fJAwfgFLZ/B9QILG2SGD4hssShzjwdVQYt
kt4RK3RD+n+1J5idspYU2SVAA0fOsU67l/FvhVoHljFLhm7Zv/4BYxptxdYkp+7B
eGq0h61PD7o+9IH+dtCtGQEYm4rBi/h9ssgUAGBWpHYCZjliJH5w1QdbiNg=
-----END CERTIFICATE-----