Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/8c3a9c22-46ba-496f-88aa-4dd1f5112cfb.roa
File:                     8c3a9c22-46ba-496f-88aa-4dd1f5112cfb.roa (raw, json)
Hash identifier:          prYy+injgLWbZ33mntSVMstkU7jmfScT6w3Uql69M4g=
Subject key identifier:   DC:31:89:44:4A:7B:59:3B:7B:BF:0E:47:50:CA:CC:6B:95:BB:85:B7
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       CC304FF93438190CF958AADC9D4FEBAE61B1F0
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/8c3a9c22-46ba-496f-88aa-4dd1f5112cfb.roa
Signing time:             Tue 24 Feb 2026 03:00:09 +0000
ROA not before:           Tue 24 Feb 2026 03:00:09 +0000
ROA not after:            Mon 25 May 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        54.206.0.0/16 maxlen: 16
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Mon 02 Mar 2026 20:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            cc:30:4f:f9:34:38:19:0c:f9:58:aa:dc:9d:4f:eb:ae:61:b1:f0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Feb 24 03:00:09 2026 GMT
            Not After : May 25 23:59:59 2026 GMT
        Subject: serialNumber=c2bc9f75cdbd87eccba3ade6625dc20433e494e1ce6a7e7a896c393a8bfe771f, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:d9:53:e4:45:e4:17:04:44:94:d4:a7:40:81:
                    20:82:33:6c:96:ed:e7:8a:bd:e3:61:27:74:f9:39:
                    9c:cd:a2:22:4c:7b:ff:a8:8e:61:9c:da:18:48:e6:
                    12:93:48:5b:57:ae:54:8e:6e:e4:a2:10:f3:8c:96:
                    b8:db:33:5f:13:3c:40:89:61:d6:c4:0a:c7:c6:6d:
                    0b:5c:28:28:21:20:f6:9d:f3:24:63:29:89:4d:66:
                    15:2f:95:03:90:df:ee:ad:e5:29:b1:71:12:1e:22:
                    da:e6:fe:8a:4f:48:af:5b:d8:f1:b2:84:08:0a:f5:
                    b3:69:b7:33:ca:26:d3:5d:a1:f3:af:67:37:5a:11:
                    60:3f:71:37:fc:43:e7:e1:9c:4e:e8:6c:7a:d7:6c:
                    45:20:91:ec:8c:1a:d3:39:ca:b6:da:ed:c5:ba:2c:
                    d4:a4:72:d9:4f:fd:7f:ed:30:fb:fb:4b:ae:23:a1:
                    62:c3:40:76:e4:e2:4f:94:3d:a5:fc:ac:61:2f:2c:
                    2a:0b:ea:ce:34:c0:96:df:2e:b1:65:e4:11:66:1b:
                    15:e3:07:14:35:0e:98:b6:64:df:58:65:bb:7b:d0:
                    a0:a1:49:e8:fe:12:fb:c0:d6:ea:88:0e:56:6d:69:
                    84:fc:2a:dc:1e:40:cc:ec:4c:b0:3d:e0:65:67:ee:
                    3a:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DC:31:89:44:4A:7B:59:3B:7B:BF:0E:47:50:CA:CC:6B:95:BB:85:B7
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/8c3a9c22-46ba-496f-88aa-4dd1f5112cfb.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  54.206.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         57:8f:46:2f:e8:08:5a:a5:2b:17:f2:02:bd:8c:f4:55:75:16:
         f0:eb:c8:4a:c0:6e:da:e7:c7:70:10:46:70:8c:d8:ed:45:43:
         87:8c:de:7a:21:61:4b:cd:df:08:48:43:e9:6c:67:81:e4:02:
         9a:9a:cd:f9:ff:f4:1b:a4:96:41:18:7e:8a:04:6a:24:66:21:
         4d:51:66:1c:79:f2:66:c5:0d:ec:ab:e6:72:48:a6:bd:c1:e0:
         20:21:bb:c2:21:36:bf:f5:8c:d2:8a:f3:0e:8e:4a:6e:42:2c:
         b3:c5:93:3e:4b:8e:d2:d2:eb:d8:9d:82:bb:1c:be:4c:ee:c5:
         2c:66:6d:92:62:77:90:0f:95:a0:87:83:5c:70:72:b7:d4:7e:
         60:26:bf:16:52:58:ad:6b:36:f3:24:b5:05:33:46:28:0b:ce:
         dc:ee:d1:92:f8:2c:a1:70:06:6b:aa:d5:11:bb:19:fc:dc:1c:
         73:af:0f:e4:f0:e1:45:c3:20:87:6d:47:1d:71:58:0e:d3:4d:
         92:b0:01:2b:01:67:78:25:09:75:30:eb:aa:1a:68:e2:37:2b:
         db:cb:f6:72:61:5f:a9:20:d4:c3:9f:13:5f:f7:aa:9c:60:6c:
         f7:95:ab:83:cd:39:b5:12:b0:d5:c4:a1:6d:49:43:74:80:b5:
         e3:68:1e:ac
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUAMwwT/k0OBkM+Viq3J1P665hsfAwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjYwMjI0MDMwMDA5WhcNMjYwNTI1MjM1OTU5
WjB6MUkwRwYDVQQFE0BjMmJjOWY3NWNkYmQ4N2VjY2JhM2FkZTY2MjVkYzIwNDMz
ZTQ5NGUxY2U2YTdlN2E4OTZjMzkzYThiZmU3NzFmMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC12VPkReQXBESU1KdAgSCCM2yW7eeKveNhJ3T5OZzNoiJM
e/+ojmGc2hhI5hKTSFtXrlSObuSiEPOMlrjbM18TPECJYdbECsfGbQtcKCghIPad
8yRjKYlNZhUvlQOQ3+6t5SmxcRIeItrm/opPSK9b2PGyhAgK9bNptzPKJtNdofOv
ZzdaEWA/cTf8Q+fhnE7obHrXbEUgkeyMGtM5yrba7cW6LNSkctlP/X/tMPv7S64j
oWLDQHbk4k+UPaX8rGEvLCoL6s40wJbfLrFl5BFmGxXjBxQ1Dpi2ZN9YZbt70KCh
Sej+EvvA1uqIDlZtaYT8KtweQMzsTLA94GVn7jrjAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQU3DGJREp7WTt7vw5HUMrMa5W7hbcwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzhjM2E5YzIyLTQ2YmEtNDk2Zi04OGFhLTRkZDFmNTExMmNmYi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwA2zjANBgkqhkiG9w0BAQsFAAOCAQEAV49GL+gIWqUrF/ICvYz0VXUW8OvI
SsBu2ufHcBBGcIzY7UVDh4zeeiFhS83fCEhD6WxngeQCmprN+f/0G6SWQRh+igRq
JGYhTVFmHHnyZsUN7KvmckimvcHgICG7wiE2v/WM0orzDo5KbkIss8WTPkuO0tLr
2J2Cuxy+TO7FLGZtkmJ3kA+VoIeDXHByt9R+YCa/FlJYrWs28yS1BTNGKAvO3O7R
kvgsoXAGa6rVEbsZ/Nwcc68P5PDhRcMgh21HHXFYDtNNkrABKwFneCUJdTDrqhpo
4jcr28v2cmFfqSDUw58TX/eqnGBs95Wrg805tRKw1cShbUlDdIC142gerA==
-----END CERTIFICATE-----