Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/69b7eb6d-9d7c-4a85-a7fc-9332085e1aab.roa
File:                     69b7eb6d-9d7c-4a85-a7fc-9332085e1aab.roa (raw, json)
Hash identifier:          82SqR0qpujTqY3ehRZWsduHkHU1+CCawh5I2DynlZxQ=
Subject key identifier:   C8:73:B2:74:BB:89:48:5F:EA:F8:DC:ED:EB:CB:13:B8:01:62:47:E4
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       1FDA23B75D8A5C6437BE90F09A9F460CA473672B
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/69b7eb6d-9d7c-4a85-a7fc-9332085e1aab.roa
Signing time:             Tue 19 May 2026 02:50:07 +0000
ROA not before:           Tue 19 May 2026 02:50:07 +0000
ROA not after:            Mon 17 Aug 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        52.119.192.0/22 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 18 Jun 2026 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1f:da:23:b7:5d:8a:5c:64:37:be:90:f0:9a:9f:46:0c:a4:73:67:2b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: May 19 02:50:07 2026 GMT
            Not After : Aug 17 23:59:59 2026 GMT
        Subject: serialNumber=1a5a6199eee81fdce230cbd9d835e9d6250339eaa0e68ea69ae6dd1a69a99767, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:6b:a8:4c:32:9f:65:45:52:ef:c4:5f:00:39:
                    5a:f8:09:f1:36:3a:37:c2:58:84:23:4e:03:a3:8c:
                    98:d5:07:56:40:78:02:19:f3:10:10:19:53:e1:2f:
                    e9:03:4e:42:f8:d2:9e:48:58:83:c2:ef:a9:d2:37:
                    67:ae:66:31:6f:02:48:58:4d:fb:f7:6b:fe:a6:77:
                    5d:b2:e9:7d:30:3b:72:b9:28:0b:16:ca:a1:8d:b0:
                    8a:8e:d7:56:41:11:1c:df:3f:8b:9d:15:d5:83:ed:
                    3b:42:52:a1:8d:98:5c:9c:28:1f:d0:1c:f6:5f:f5:
                    0c:69:0d:b0:89:57:6f:94:e4:86:8c:15:b2:eb:c3:
                    c6:84:dc:85:dc:c8:f4:3d:ab:ee:49:1a:ce:70:b6:
                    cc:f2:5e:8a:e2:22:6f:8f:68:f9:d3:1f:35:7c:32:
                    bd:f4:59:22:19:0e:66:1d:2e:b1:e6:23:aa:a1:b9:
                    76:65:34:57:7c:70:92:50:58:cd:43:32:33:c6:8a:
                    24:6e:d9:00:8b:e6:48:a7:1a:4d:1a:fc:7f:22:71:
                    ab:39:e9:c0:95:d0:84:db:ed:71:92:de:46:f0:a9:
                    0a:f5:13:57:8f:95:b1:46:7e:cc:49:37:3f:dd:87:
                    28:51:4f:db:f7:7d:ca:88:b7:76:b6:65:e3:11:c6:
                    7a:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C8:73:B2:74:BB:89:48:5F:EA:F8:DC:ED:EB:CB:13:B8:01:62:47:E4
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/69b7eb6d-9d7c-4a85-a7fc-9332085e1aab.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  52.119.192.0/22

    Signature Algorithm: sha256WithRSAEncryption
         27:53:6f:8c:7b:6f:62:42:e2:ce:cb:b8:27:b0:de:fe:22:3e:
         2d:23:19:af:03:bf:c6:24:94:5e:8c:07:67:58:a8:8a:9f:dd:
         58:e2:a0:e4:ca:20:62:89:65:c4:6c:cf:df:99:e0:76:91:99:
         73:fa:57:24:e4:c0:fa:c6:aa:b9:aa:36:20:64:79:74:32:41:
         96:76:a1:9f:6c:b6:39:d3:63:e6:f3:33:b3:b4:9b:c5:75:49:
         c1:c4:10:50:a7:71:c0:3e:44:b3:27:f0:68:87:ee:ac:c3:99:
         ce:ff:63:b9:a3:10:03:90:8f:02:a5:d2:19:bf:2b:9f:49:fd:
         3a:a0:86:54:84:6b:80:2c:29:ed:2d:03:32:6c:30:2c:76:ab:
         29:34:9d:86:12:0d:44:89:c7:80:44:55:be:75:8f:ce:ef:da:
         d1:ab:41:ff:f3:a6:2e:65:1b:9e:c8:1f:5c:8f:1d:98:cb:93:
         e1:a8:70:80:f1:2b:a4:48:bd:9a:d4:32:ac:ae:3e:80:74:94:
         28:dc:3b:80:dd:f8:7f:3e:34:46:3d:ac:8b:c3:fb:5a:03:c6:
         43:23:25:6e:32:7c:be:1f:50:11:16:1f:16:2b:8b:ce:56:ac:
         79:35:bb:d8:83:3b:2f:00:9f:ea:69:8c:fe:9b:53:7e:38:2e:
         31:45:ea:2c
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUH9ojt12KXGQ3vpDwmp9GDKRzZyswDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjYwNTE5MDI1MDA3WhcNMjYwODE3MjM1OTU5
WjB6MUkwRwYDVQQFE0AxYTVhNjE5OWVlZTgxZmRjZTIzMGNiZDlkODM1ZTlkNjI1
MDMzOWVhYTBlNjhlYTY5YWU2ZGQxYTY5YTk5NzY3MS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCta6hMMp9lRVLvxF8AOVr4CfE2OjfCWIQjTgOjjJjVB1ZA
eAIZ8xAQGVPhL+kDTkL40p5IWIPC76nSN2euZjFvAkhYTfv3a/6md12y6X0wO3K5
KAsWyqGNsIqO11ZBERzfP4udFdWD7TtCUqGNmFycKB/QHPZf9QxpDbCJV2+U5IaM
FbLrw8aE3IXcyPQ9q+5JGs5wtszyXoriIm+PaPnTHzV8Mr30WSIZDmYdLrHmI6qh
uXZlNFd8cJJQWM1DMjPGiiRu2QCL5kinGk0a/H8icas56cCV0ITb7XGS3kbwqQr1
E1ePlbFGfsxJNz/dhyhRT9v3fcqIt3a2ZeMRxnr5AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUyHOydLuJSF/q+Nzt68sTuAFiR+QwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzY5YjdlYjZkLTlkN2MtNGE4NS1hN2ZjLTkzMzIwODVlMWFhYi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAI0d8AwDQYJKoZIhvcNAQELBQADggEBACdTb4x7b2JC4s7LuCew3v4iPi0j
Ga8Dv8YklF6MB2dYqIqf3VjioOTKIGKJZcRsz9+Z4HaRmXP6VyTkwPrGqrmqNiBk
eXQyQZZ2oZ9stjnTY+bzM7O0m8V1ScHEEFCnccA+RLMn8GiH7qzDmc7/Y7mjEAOQ
jwKl0hm/K59J/TqghlSEa4AsKe0tAzJsMCx2qyk0nYYSDUSJx4BEVb51j87v2tGr
Qf/zpi5lG57IH1yPHZjLk+GocIDxK6RIvZrUMqyuPoB0lCjcO4Dd+H8+NEY9rIvD
+1oDxkMjJW4yfL4fUBEWHxYri85WrHk1u9iDOy8An+ppjP6bU344LjFF6iw=
-----END CERTIFICATE-----
Generated at Wed Jun 17 08:49:45 2026 by rpki-client