Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/741f335f-920f-473e-a577-c562b2725f1c.roa
File:                     741f335f-920f-473e-a577-c562b2725f1c.roa (raw, json)
Hash identifier:          TBm16bxrMHw3VkNfOOWbJg4bfALNVLaBV3PCqvkK+LA=
Subject key identifier:   14:6B:1C:22:92:8F:9E:26:DC:FA:EB:93:52:B1:F0:66:D4:47:6F:6B
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       480E1B732EBC85216D97024622042A9B81AAD9F0
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/741f335f-920f-473e-a577-c562b2725f1c.roa
Signing time:             Tue 19 May 2026 03:00:11 +0000
ROA not before:           Tue 19 May 2026 03:00:11 +0000
ROA not after:            Mon 17 Aug 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        15.177.79.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 18 Jun 2026 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            48:0e:1b:73:2e:bc:85:21:6d:97:02:46:22:04:2a:9b:81:aa:d9:f0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: May 19 03:00:11 2026 GMT
            Not After : Aug 17 23:59:59 2026 GMT
        Subject: serialNumber=0b11b34cbf1c3e36ff788b01d142b6ab395d1518a41f27782a7e1668425370b1, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:f8:46:27:9d:30:85:fa:3d:bb:7b:2a:58:29:
                    37:73:a1:df:cb:23:10:2b:e0:a7:e3:b7:19:9b:7e:
                    c2:e2:b7:07:67:22:bd:6e:9f:0a:25:21:35:44:8e:
                    c5:44:0e:d3:fb:81:6c:54:c6:2d:de:8d:5f:8e:dd:
                    f8:cd:28:f1:08:26:5f:16:e3:65:d0:d3:11:15:67:
                    c4:5d:73:86:e1:84:80:45:4a:17:27:78:3d:b1:91:
                    18:dd:13:27:a9:54:2a:c3:9f:16:dc:dd:33:fe:89:
                    31:85:24:01:b4:50:2d:1b:2e:84:16:ae:ef:c0:58:
                    2a:fc:d9:35:0c:19:4d:cd:53:3c:82:78:1c:83:c8:
                    1b:5e:8e:c6:e6:b1:ed:c9:65:10:c7:f1:8a:98:c7:
                    0f:55:85:dd:7d:aa:2e:1a:f0:8a:c1:18:d8:19:72:
                    68:4a:32:bc:47:58:c9:76:0f:fe:ab:ec:e4:66:fc:
                    8f:57:f2:fd:07:6d:d0:fd:b0:64:24:7b:15:b5:cf:
                    8a:bb:5c:9b:3c:86:49:ab:de:62:b0:37:c8:30:fe:
                    16:77:93:19:35:da:80:a8:de:dc:09:69:08:d4:71:
                    ee:3d:b3:b9:d5:23:17:b0:5b:63:6b:52:d7:5d:83:
                    f1:57:a4:90:f2:a9:8a:b2:67:4c:00:c5:26:98:8a:
                    ec:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                14:6B:1C:22:92:8F:9E:26:DC:FA:EB:93:52:B1:F0:66:D4:47:6F:6B
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/741f335f-920f-473e-a577-c562b2725f1c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  15.177.79.0/24

    Signature Algorithm: sha256WithRSAEncryption
         89:36:80:49:2a:74:60:70:9f:77:0a:d8:bf:4c:c1:bc:08:9e:
         ea:0d:50:0f:eb:1b:2f:2f:de:6c:77:7e:80:d5:cd:f0:1c:2b:
         9b:5a:b0:9f:33:c4:17:ed:b7:9b:b6:ba:8b:4f:26:7e:b1:60:
         37:a9:de:f7:0f:af:66:ab:88:39:42:ab:af:90:e4:98:70:65:
         7b:87:cd:a0:9c:12:a9:8f:dc:94:c0:bc:24:fa:77:25:99:2f:
         96:6a:ac:16:ae:d9:c5:36:c5:dc:48:d4:2f:af:44:cb:91:7b:
         e5:98:19:8a:66:e3:5b:1c:f1:6f:7b:67:8c:ab:5a:3c:da:94:
         31:45:4e:1e:ca:d3:ce:68:de:52:8b:ad:0d:a9:cf:e3:0c:30:
         70:9f:29:9e:02:1b:6c:19:be:01:33:5f:50:24:34:a1:91:4e:
         5c:37:a2:8d:49:b4:f2:49:2d:e7:6c:e5:d6:61:99:81:d9:55:
         1d:60:8e:b0:05:33:2e:7f:50:df:a3:b0:f9:19:e4:3c:a6:55:
         6a:32:fb:fe:21:65:6a:40:da:60:a0:b0:d0:be:c7:87:73:1f:
         3f:52:80:86:43:f9:39:a9:96:45:49:b2:a3:ac:e2:a1:af:9d:
         ad:ad:73:e1:99:ed:32:02:8b:45:e9:b1:ea:1b:1a:8d:15:e0:
         e8:3c:74:ec
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUSA4bcy68hSFtlwJGIgQqm4Gq2fAwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjYwNTE5MDMwMDExWhcNMjYwODE3MjM1OTU5
WjB6MUkwRwYDVQQFE0AwYjExYjM0Y2JmMWMzZTM2ZmY3ODhiMDFkMTQyYjZhYjM5
NWQxNTE4YTQxZjI3NzgyYTdlMTY2ODQyNTM3MGIxMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCW+EYnnTCF+j27eypYKTdzod/LIxAr4KfjtxmbfsLitwdn
Ir1unwolITVEjsVEDtP7gWxUxi3ejV+O3fjNKPEIJl8W42XQ0xEVZ8Rdc4bhhIBF
ShcneD2xkRjdEyepVCrDnxbc3TP+iTGFJAG0UC0bLoQWru/AWCr82TUMGU3NUzyC
eByDyBtejsbmse3JZRDH8YqYxw9Vhd19qi4a8IrBGNgZcmhKMrxHWMl2D/6r7ORm
/I9X8v0HbdD9sGQkexW1z4q7XJs8hkmr3mKwN8gw/hZ3kxk12oCo3twJaQjUce49
s7nVIxewW2NrUtddg/FXpJDyqYqyZ0wAxSaYiuwlAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUFGscIpKPnibc+uuTUrHwZtRHb2swHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzc0MWYzMzVmLTkyMGYtNDczZS1hNTc3LWM1NjJiMjcyNWYxYy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAAPsU8wDQYJKoZIhvcNAQELBQADggEBAIk2gEkqdGBwn3cK2L9MwbwInuoN
UA/rGy8v3mx3foDVzfAcK5tasJ8zxBftt5u2uotPJn6xYDep3vcPr2ariDlCq6+Q
5JhwZXuHzaCcEqmP3JTAvCT6dyWZL5ZqrBau2cU2xdxI1C+vRMuRe+WYGYpm41sc
8W97Z4yrWjzalDFFTh7K085o3lKLrQ2pz+MMMHCfKZ4CG2wZvgEzX1AkNKGRTlw3
oo1JtPJJLeds5dZhmYHZVR1gjrAFMy5/UN+jsPkZ5DymVWoy+/4hZWpA2mCgsNC+
x4dzHz9SgIZD+TmplkVJsqOs4qGvna2tc+GZ7TICi0XpseobGo0V4Og8dOw=
-----END CERTIFICATE-----
Generated at Wed Jun 17 08:50:26 2026 by rpki-client