Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/8ece0f2b-9572-4705-b673-7583881b70d8.roa
File:                     8ece0f2b-9572-4705-b673-7583881b70d8.roa (raw, json)
Hash identifier:          viao1T4wnLKDp2e9//SpQLSxzmDU0zpBbD+BKtKTs3E=
Subject key identifier:   63:0D:12:B3:24:DE:3F:C5:BD:01:1A:7C:35:A4:DA:80:64:FD:C1:91
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       26FF768DF2CD611A1035A6F7FE2B682C04AB0AF3
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/8ece0f2b-9572-4705-b673-7583881b70d8.roa
Signing time:             Tue 24 Feb 2026 04:01:01 +0000
ROA not before:           Tue 24 Feb 2026 04:01:01 +0000
ROA not after:            Mon 25 May 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        54.250.120.0/21 maxlen: 21
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Wed 04 Mar 2026 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            26:ff:76:8d:f2:cd:61:1a:10:35:a6:f7:fe:2b:68:2c:04:ab:0a:f3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Feb 24 04:01:01 2026 GMT
            Not After : May 25 23:59:59 2026 GMT
        Subject: serialNumber=ee8b0be800a093224d5ca4d1c9f62907f4687d874d3d926da531be79ea8b1cc6, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d8:dc:f2:f3:d6:41:a2:02:20:d4:36:1e:b1:e4:
                    a4:84:6f:76:4f:f7:76:73:82:1d:8a:0f:13:4e:f2:
                    70:6a:3d:af:fd:73:c5:30:ed:76:a7:20:46:69:24:
                    2a:69:0d:1c:ae:e6:e8:75:3e:64:33:39:0a:54:8c:
                    16:a5:ce:76:ab:26:f1:9a:d2:b5:88:35:c8:03:b9:
                    9a:62:e4:ec:56:fb:aa:71:b4:38:38:ff:dc:04:e3:
                    2b:44:60:fd:26:ce:6d:1f:63:0e:3d:85:5e:64:e8:
                    15:24:ca:8c:fd:d8:46:39:e6:c1:13:c1:df:92:c4:
                    3c:b1:51:2c:de:7c:ba:68:3b:c8:8b:29:2a:55:8b:
                    63:94:c8:4f:36:69:57:87:3b:a4:0a:dc:c3:ed:f0:
                    58:3a:d3:51:7d:5e:e8:7b:80:94:a8:f6:63:a5:99:
                    39:0f:5a:66:b7:78:eb:5d:d8:19:0d:43:d0:49:1c:
                    49:58:51:f0:53:df:34:25:6e:81:0e:a7:97:c2:c5:
                    35:37:63:3e:84:26:12:b2:91:2e:bf:13:41:ac:46:
                    6d:fd:42:77:65:ab:ca:6d:e6:4a:91:45:8f:28:93:
                    98:a2:89:9e:4e:56:41:cc:9e:d0:00:a3:7f:ee:f0:
                    30:4d:17:0c:6a:dc:5f:8d:22:d0:72:ab:49:e1:9e:
                    7b:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                63:0D:12:B3:24:DE:3F:C5:BD:01:1A:7C:35:A4:DA:80:64:FD:C1:91
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/8ece0f2b-9572-4705-b673-7583881b70d8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  54.250.120.0/21

    Signature Algorithm: sha256WithRSAEncryption
         6e:67:46:73:ef:c1:3e:7f:73:1c:57:c6:99:d0:39:5e:38:1a:
         bb:57:9a:1a:1a:f8:68:9a:c8:14:6c:ab:42:10:5e:41:33:8f:
         81:1d:8e:c5:74:a4:ec:4d:88:65:f9:b1:2f:62:62:1b:7d:ac:
         29:58:a1:1b:fd:dc:47:73:bf:5f:e9:52:e3:8c:c4:e7:97:c9:
         57:f7:8e:75:84:6e:4b:17:e7:78:02:63:83:2e:df:c7:c5:f7:
         df:19:84:5d:97:cf:64:a9:67:d7:d1:9c:0e:01:08:13:b7:4b:
         0f:a2:ac:1b:fe:08:02:14:33:cb:ce:33:f6:8f:99:c6:02:40:
         d7:3c:cb:45:28:51:8e:a8:37:83:27:8b:12:b7:3f:7d:b8:16:
         3f:80:e5:23:8d:30:b5:90:57:07:33:e3:48:73:8d:6d:93:96:
         76:14:fc:8c:b8:5a:9c:d3:d1:d9:9d:63:9b:18:a0:62:7c:08:
         3d:49:8d:74:f8:c8:1c:fc:39:8e:f5:ef:6a:6e:24:e6:07:02:
         93:7e:43:95:41:64:c3:1d:c5:a2:5c:23:ce:59:ce:67:2c:33:
         8c:aa:30:16:84:64:72:d9:14:81:72:7c:20:91:53:6f:df:44:
         44:71:84:aa:87:09:33:1c:17:90:f9:9a:29:e0:68:c7:ec:3c:
         1b:6b:83:92
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUJv92jfLNYRoQNab3/itoLASrCvMwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjYwMjI0MDQwMTAxWhcNMjYwNTI1MjM1OTU5
WjB6MUkwRwYDVQQFE0BlZThiMGJlODAwYTA5MzIyNGQ1Y2E0ZDFjOWY2MjkwN2Y0
Njg3ZDg3NGQzZDkyNmRhNTMxYmU3OWVhOGIxY2M2MS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDY3PLz1kGiAiDUNh6x5KSEb3ZP93Zzgh2KDxNO8nBqPa/9
c8Uw7XanIEZpJCppDRyu5uh1PmQzOQpUjBalznarJvGa0rWINcgDuZpi5OxW+6px
tDg4/9wE4ytEYP0mzm0fYw49hV5k6BUkyoz92EY55sETwd+SxDyxUSzefLpoO8iL
KSpVi2OUyE82aVeHO6QK3MPt8Fg601F9Xuh7gJSo9mOlmTkPWma3eOtd2BkNQ9BJ
HElYUfBT3zQlboEOp5fCxTU3Yz6EJhKykS6/E0GsRm39Qndlq8pt5kqRRY8ok5ii
iZ5OVkHMntAAo3/u8DBNFwxq3F+NItByq0nhnntHAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUYw0SsyTeP8W9ARp8NaTagGT9wZEwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzhlY2UwZjJiLTk1NzItNDcwNS1iNjczLTc1ODM4ODFiNzBkOC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAM2+ngwDQYJKoZIhvcNAQELBQADggEBAG5nRnPvwT5/cxxXxpnQOV44GrtX
mhoa+GiayBRsq0IQXkEzj4EdjsV0pOxNiGX5sS9iYht9rClYoRv93Edzv1/pUuOM
xOeXyVf3jnWEbksX53gCY4Mu38fF998ZhF2Xz2SpZ9fRnA4BCBO3Sw+irBv+CAIU
M8vOM/aPmcYCQNc8y0UoUY6oN4MnixK3P324Fj+A5SONMLWQVwcz40hzjW2TlnYU
/Iy4WpzT0dmdY5sYoGJ8CD1JjXT4yBz8OY7172puJOYHApN+Q5VBZMMdxaJcI85Z
zmcsM4yqMBaEZHLZFIFyfCCRU2/fRERxhKqHCTMcF5D5mingaMfsPBtrg5I=
-----END CERTIFICATE-----