Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/8ef939de-da51-4d27-94ed-a7e86d4e771a.roa
File:                     8ef939de-da51-4d27-94ed-a7e86d4e771a.roa (raw, json)
Hash identifier:          D2qmGRPXcI1mWznktoyg5XHfyNGzjgPyHl/Tq+oSIzg=
Subject key identifier:   B0:73:1C:BA:2D:EC:48:26:DD:1C:9C:11:B3:A0:87:73:CB:DF:DB:CC
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       18EDBD3374DEC04E802AC7E76EBA2F4F1E5C8EA4
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/8ef939de-da51-4d27-94ed-a7e86d4e771a.roa
Signing time:             Mon 23 Feb 2026 01:21:20 +0000
ROA not before:           Mon 23 Feb 2026 01:21:20 +0000
ROA not after:            Sun 24 May 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        54.182.136.0/21 maxlen: 21
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Mon 02 Mar 2026 20:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            18:ed:bd:33:74:de:c0:4e:80:2a:c7:e7:6e:ba:2f:4f:1e:5c:8e:a4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Feb 23 01:21:20 2026 GMT
            Not After : May 24 23:59:59 2026 GMT
        Subject: serialNumber=25f9c1ac6b96ef478249a38642829df1ec1cf51008b5b5cdb9262d2168a37ef4, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:c5:4f:6d:70:1f:ee:4b:96:c9:e4:7f:8b:9f:
                    76:08:61:3a:3b:93:ec:16:4b:c3:dd:86:ef:0b:32:
                    78:3f:52:14:82:15:d6:d9:97:23:fa:f2:a4:4f:6b:
                    50:23:00:85:22:db:a2:13:13:e9:8b:af:b5:42:cb:
                    08:b7:32:94:28:e9:ab:96:b6:ca:b5:5e:21:0e:77:
                    00:06:7b:43:9d:5b:47:1c:4f:83:7c:8d:bf:b0:bf:
                    f1:e5:b3:66:86:af:fc:d2:fc:97:7d:79:ce:f3:96:
                    a2:e7:24:f4:7b:91:0a:bb:3f:78:e0:4e:bb:b1:3c:
                    c9:4f:8a:1e:df:9d:e0:b8:c8:95:9e:8f:08:1f:1d:
                    f8:1a:20:c9:0b:a7:7d:be:d7:0e:82:d5:e9:2b:a7:
                    6c:09:94:37:93:62:54:b4:81:54:ba:e9:50:f9:1a:
                    5b:ea:14:3f:d3:f7:e1:d8:a0:fe:c6:e9:dc:80:08:
                    eb:16:6a:75:bf:cb:bf:ee:9e:d8:f3:7b:06:52:23:
                    3a:48:6b:bb:38:c8:60:f5:06:8a:d1:a5:72:0c:7e:
                    52:aa:b9:4a:9f:3b:e8:cb:0e:17:99:17:c7:9a:7f:
                    d0:12:8c:79:ae:9e:ab:3d:a8:84:1a:5d:59:1d:79:
                    dc:38:b5:df:1f:fd:d5:f1:67:98:17:2e:34:fc:b9:
                    62:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B0:73:1C:BA:2D:EC:48:26:DD:1C:9C:11:B3:A0:87:73:CB:DF:DB:CC
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/8ef939de-da51-4d27-94ed-a7e86d4e771a.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  54.182.136.0/21

    Signature Algorithm: sha256WithRSAEncryption
         03:46:97:4e:80:a8:94:1b:b6:5f:c1:e1:b7:7c:e1:bb:67:77:
         17:0c:7e:e2:0e:d4:d2:4a:e8:d4:6e:ce:49:09:e9:59:55:f8:
         4e:dc:39:69:c6:02:f6:1e:dc:b2:e1:2e:b2:3b:7a:f3:41:e1:
         1c:10:74:cb:df:4d:5a:5e:20:e5:23:fa:fa:14:b6:10:a4:d2:
         89:38:fd:33:e5:1a:7d:f9:ed:a0:6f:cd:28:06:bd:3c:b2:5f:
         7e:54:df:e0:42:f9:9f:c1:61:48:c6:ca:c1:d2:c6:10:ea:e4:
         2e:ab:4d:1f:65:65:fc:97:d1:a8:f4:11:a6:0e:5d:d5:77:3c:
         d7:d9:e5:6d:4d:a1:3d:85:f1:b6:bd:f7:bb:88:d2:9d:cf:90:
         e1:39:57:69:6c:25:59:6f:31:92:4b:e3:95:e2:2b:95:90:28:
         ac:16:9c:16:0b:93:03:98:19:65:79:5e:47:21:4a:69:01:47:
         e9:a9:59:13:8a:9e:3d:d0:94:5e:2e:b4:8c:31:a5:dc:2c:4c:
         fa:dd:6c:5a:00:57:6d:10:dd:9a:5f:6f:df:0e:d7:46:96:78:
         44:3f:2e:c2:b5:0d:3c:17:3c:28:d3:89:c0:41:0b:2b:1f:d1:
         73:cd:18:c7:20:b8:81:db:5b:c7:9e:ba:db:b8:f0:6d:96:f6:
         79:4f:4f:fb
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUGO29M3TewE6AKsfnbrovTx5cjqQwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjYwMjIzMDEyMTIwWhcNMjYwNTI0MjM1OTU5
WjB6MUkwRwYDVQQFE0AyNWY5YzFhYzZiOTZlZjQ3ODI0OWEzODY0MjgyOWRmMWVj
MWNmNTEwMDhiNWI1Y2RiOTI2MmQyMTY4YTM3ZWY0MS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC1xU9tcB/uS5bJ5H+Ln3YIYTo7k+wWS8Pdhu8LMng/UhSC
FdbZlyP68qRPa1AjAIUi26ITE+mLr7VCywi3MpQo6auWtsq1XiEOdwAGe0OdW0cc
T4N8jb+wv/Hls2aGr/zS/Jd9ec7zlqLnJPR7kQq7P3jgTruxPMlPih7fneC4yJWe
jwgfHfgaIMkLp32+1w6C1ekrp2wJlDeTYlS0gVS66VD5GlvqFD/T9+HYoP7G6dyA
COsWanW/y7/untjzewZSIzpIa7s4yGD1BorRpXIMflKquUqfO+jLDheZF8eaf9AS
jHmunqs9qIQaXVkdedw4td8f/dXxZ5gXLjT8uWIbAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUsHMcui3sSCbdHJwRs6CHc8vf28wwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzhlZjkzOWRlLWRhNTEtNGQyNy05NGVkLWE3ZTg2ZDRlNzcxYS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAM2togwDQYJKoZIhvcNAQELBQADggEBAANGl06AqJQbtl/B4bd84btndxcM
fuIO1NJK6NRuzkkJ6VlV+E7cOWnGAvYe3LLhLrI7evNB4RwQdMvfTVpeIOUj+voU
thCk0ok4/TPlGn357aBvzSgGvTyyX35U3+BC+Z/BYUjGysHSxhDq5C6rTR9lZfyX
0aj0EaYOXdV3PNfZ5W1NoT2F8ba997uI0p3PkOE5V2lsJVlvMZJL45XiK5WQKKwW
nBYLkwOYGWV5XkchSmkBR+mpWROKnj3QlF4utIwxpdwsTPrdbFoAV20Q3Zpfb98O
10aWeEQ/LsK1DTwXPCjTicBBCysf0XPNGMcguIHbW8eeutu48G2W9nlPT/s=
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:42:55 2026 by rpki-client