Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/8ece0f2b-9572-4705-b673-7583881b70d8.roa
File:                     8ece0f2b-9572-4705-b673-7583881b70d8.roa (raw, json)
Hash identifier:          tVOR6UbGFbjJ2xPDzsLdngnDqOswjuJBcLgIOqfPlOc=
Subject key identifier:   26:61:68:EA:6D:9B:61:11:E2:DA:01:C1:E5:E0:2A:6B:62:02:C3:B2
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       42F358A9CC5F819A620E6B5EAC75F066B0964BB0
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/8ece0f2b-9572-4705-b673-7583881b70d8.roa
Signing time:             Fri 15 May 2026 03:41:59 +0000
ROA not before:           Fri 15 May 2026 03:41:59 +0000
ROA not after:            Thu 13 Aug 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        54.250.120.0/21 maxlen: 21
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 16 Jun 2026 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            42:f3:58:a9:cc:5f:81:9a:62:0e:6b:5e:ac:75:f0:66:b0:96:4b:b0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: May 15 03:41:59 2026 GMT
            Not After : Aug 13 23:59:59 2026 GMT
        Subject: serialNumber=63dafe3943160ed19ac9129f07fc67625e69889fa3daaf55751dd2799f1b4c83, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:5b:36:cd:0c:41:50:8f:ed:43:08:bf:34:8f:
                    3f:0b:65:67:0f:58:7a:0f:72:31:b6:54:a7:15:93:
                    c3:cd:6c:29:eb:85:6b:47:d3:ac:95:ba:d8:e4:70:
                    a4:2b:92:23:29:9b:2a:16:d7:48:5b:0b:99:bf:a6:
                    40:ab:ba:1f:9a:23:4b:8b:7e:20:ad:b1:22:f4:94:
                    c3:1e:d4:4d:ce:43:ce:d9:f5:5a:4a:58:7f:1a:9b:
                    36:ff:e4:92:30:ef:15:a3:40:4f:0d:a1:0a:41:c2:
                    de:1a:96:b8:16:30:ee:e8:36:08:04:fe:3b:38:b6:
                    4b:98:53:b1:9f:b3:80:c2:96:b8:8a:94:fa:a6:cd:
                    60:1c:92:39:6d:88:21:c4:e0:f2:a0:53:bd:17:66:
                    73:3f:60:e5:77:ae:b0:cb:aa:b8:dc:a9:d6:0e:44:
                    e7:93:00:78:19:2e:5f:fd:10:8b:58:cf:f7:e1:1a:
                    ef:2f:15:66:70:e8:a9:7d:6e:9f:18:fd:cb:e3:45:
                    53:14:39:b5:29:d5:ab:7f:8e:1e:ee:d3:78:7a:08:
                    cc:eb:f9:ec:2a:a9:77:e7:f0:29:11:06:47:04:dc:
                    61:b1:1a:b2:58:61:03:ff:84:46:a8:32:9d:62:8a:
                    af:76:88:e8:1e:63:30:8c:78:1f:a0:06:bb:84:c6:
                    db:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                26:61:68:EA:6D:9B:61:11:E2:DA:01:C1:E5:E0:2A:6B:62:02:C3:B2
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/8ece0f2b-9572-4705-b673-7583881b70d8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  54.250.120.0/21

    Signature Algorithm: sha256WithRSAEncryption
         34:7d:f0:56:b6:b7:8c:c1:40:e2:da:7e:f9:cc:91:c1:41:98:
         b6:ee:74:79:b7:a8:9b:cd:5f:99:99:1f:cd:b6:ea:8a:61:5c:
         26:26:c3:a0:ae:60:66:fe:7a:82:d4:95:c8:97:2e:24:65:95:
         50:b1:9b:a3:ff:98:3f:9e:3c:30:38:97:76:c6:1f:8f:85:8f:
         2f:29:38:3e:5d:a2:06:f6:ef:1f:7f:b9:e6:5e:54:fc:87:83:
         98:ec:53:56:78:4e:cf:ad:47:03:93:48:ec:c6:14:f5:ee:33:
         dc:3d:ed:be:f5:ee:3e:e9:49:01:b8:c5:18:8c:ce:13:e6:d8:
         78:5e:be:58:9e:f4:0c:42:30:db:4e:46:0c:60:98:14:37:f1:
         03:2c:58:e0:95:be:e7:66:8f:76:15:0d:1f:2a:be:f5:b8:3b:
         af:b5:b4:f9:1b:8b:88:47:c3:56:46:34:fb:2a:4a:4f:2c:4a:
         70:ef:db:49:48:c1:ba:d4:e3:28:18:9c:91:5d:28:82:23:34:
         e3:fc:e7:10:75:7a:13:1e:64:76:66:e8:4b:7e:85:f8:7d:12:
         45:98:1c:93:00:01:90:89:14:52:7b:ed:21:bd:7b:57:8d:70:
         7d:e4:d7:e9:fc:94:f5:e7:ca:44:22:88:ae:a0:be:bf:af:25:
         b3:cf:cb:52
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUQvNYqcxfgZpiDmterHXwZrCWS7AwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjYwNTE1MDM0MTU5WhcNMjYwODEzMjM1OTU5
WjB6MUkwRwYDVQQFE0A2M2RhZmUzOTQzMTYwZWQxOWFjOTEyOWYwN2ZjNjc2MjVl
Njk4ODlmYTNkYWFmNTU3NTFkZDI3OTlmMWI0YzgzMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDNWzbNDEFQj+1DCL80jz8LZWcPWHoPcjG2VKcVk8PNbCnr
hWtH06yVutjkcKQrkiMpmyoW10hbC5m/pkCruh+aI0uLfiCtsSL0lMMe1E3OQ87Z
9VpKWH8amzb/5JIw7xWjQE8NoQpBwt4alrgWMO7oNggE/js4tkuYU7Gfs4DClriK
lPqmzWAckjltiCHE4PKgU70XZnM/YOV3rrDLqrjcqdYOROeTAHgZLl/9EItYz/fh
Gu8vFWZw6Kl9bp8Y/cvjRVMUObUp1at/jh7u03h6CMzr+ewqqXfn8CkRBkcE3GGx
GrJYYQP/hEaoMp1iiq92iOgeYzCMeB+gBruExtvtAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUJmFo6m2bYRHi2gHB5eAqa2ICw7IwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzhlY2UwZjJiLTk1NzItNDcwNS1iNjczLTc1ODM4ODFiNzBkOC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAM2+ngwDQYJKoZIhvcNAQELBQADggEBADR98Fa2t4zBQOLafvnMkcFBmLbu
dHm3qJvNX5mZH8226ophXCYmw6CuYGb+eoLUlciXLiRllVCxm6P/mD+ePDA4l3bG
H4+Fjy8pOD5dogb27x9/ueZeVPyHg5jsU1Z4Ts+tRwOTSOzGFPXuM9w97b717j7p
SQG4xRiMzhPm2Hhevlie9AxCMNtORgxgmBQ38QMsWOCVvudmj3YVDR8qvvW4O6+1
tPkbi4hHw1ZGNPsqSk8sSnDv20lIwbrU4ygYnJFdKIIjNOP85xB1ehMeZHZm6Et+
hfh9EkWYHJMAAZCJFFJ77SG9e1eNcH3k1+n8lPXnykQiiK6gvr+vJbPPy1I=
-----END CERTIFICATE-----