Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/9057571d-fc5a-46a1-8c20-bb70e822a20e.roa
File:                     9057571d-fc5a-46a1-8c20-bb70e822a20e.roa (raw, json)
Hash identifier:          Pg2rD5AjXVei0s+AfpOsCSbI5GhqOFKvoI5Q69gwZrI=
Subject key identifier:   27:CC:AB:F3:F4:4F:1C:65:3C:0A:7B:B6:CD:78:79:76:9A:CB:97:E4
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       25CCE7EE1F0146163ECAB2758DEFD4B0A2A02B63
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/9057571d-fc5a-46a1-8c20-bb70e822a20e.roa
Signing time:             Tue 19 May 2026 01:30:57 +0000
ROA not before:           Tue 19 May 2026 01:30:57 +0000
ROA not after:            Mon 17 Aug 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        138.111.0.0/16 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 18 Jun 2026 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            25:cc:e7:ee:1f:01:46:16:3e:ca:b2:75:8d:ef:d4:b0:a2:a0:2b:63
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: May 19 01:30:57 2026 GMT
            Not After : Aug 17 23:59:59 2026 GMT
        Subject: serialNumber=054f97b65d6f5a916fe838aa04e6acd1d5424d8378b46f3d1574ff48b7e2f7ee, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:1c:5c:13:d9:6c:50:0d:e6:11:12:bf:1e:aa:
                    18:36:c4:f2:f1:16:c3:e7:83:f3:64:79:9e:bb:0f:
                    28:59:1d:2b:16:95:a1:ac:8b:c0:c6:a5:0a:58:1a:
                    95:87:d9:b9:80:68:2c:8b:09:d7:f8:e0:67:69:06:
                    1c:a2:68:15:08:3b:85:f7:4f:dc:77:7e:ab:95:9b:
                    3c:46:14:ec:e9:5d:b4:3e:6a:17:c4:6d:88:cb:dc:
                    34:07:8d:34:fc:f3:27:26:c9:1a:5e:e4:1b:3c:42:
                    b1:4a:7d:e2:fb:12:27:3f:ae:fe:bc:2d:ec:31:b4:
                    a6:96:8d:ea:a5:eb:14:1d:2a:05:a9:2f:fe:e5:2e:
                    c9:cf:63:58:e6:f7:be:07:7e:a0:22:a0:74:ec:30:
                    51:3f:0d:af:3a:29:a4:de:5e:67:32:fd:58:b1:b8:
                    c6:c2:19:aa:f2:f0:43:2e:79:3e:75:ce:72:ce:3f:
                    81:4c:af:ac:db:35:c8:e8:4d:60:56:0d:3a:42:4c:
                    10:e2:a9:c8:af:fd:05:80:c8:12:63:65:77:3e:9e:
                    3d:3c:57:ad:1e:fa:d5:32:b5:ea:fd:36:79:29:f8:
                    59:24:43:c1:4a:8a:c7:b1:d6:7d:6a:86:6e:8a:af:
                    3e:90:6e:75:3e:75:70:dc:97:73:90:13:8e:a7:e5:
                    4f:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                27:CC:AB:F3:F4:4F:1C:65:3C:0A:7B:B6:CD:78:79:76:9A:CB:97:E4
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/9057571d-fc5a-46a1-8c20-bb70e822a20e.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  138.111.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         a0:1a:80:db:67:4b:4f:95:2d:f4:b0:7b:4d:6d:0b:17:09:31:
         7f:14:1f:3d:3c:36:6d:11:7d:2c:44:13:9d:55:3d:e0:c1:b4:
         01:ec:a3:49:a4:55:af:b9:47:f3:2f:35:83:54:e6:bb:21:8a:
         c3:a0:c2:28:f0:3a:3f:55:84:a4:d9:c1:d6:cd:62:00:af:9d:
         7c:b6:82:0b:99:29:8f:c6:96:be:12:20:0e:32:0e:f7:4a:3b:
         e0:82:75:5b:9e:14:71:46:13:3c:60:89:bc:08:31:71:f9:07:
         6f:50:f1:6c:02:35:49:a4:40:3c:c8:54:4c:6d:d9:41:38:94:
         81:0b:62:d7:97:18:d7:70:66:cb:1b:37:28:8e:ca:0a:c4:73:
         7a:d6:fc:e7:11:70:5b:78:18:8c:7c:fe:68:2b:22:e4:50:be:
         48:99:bd:97:a6:a7:ec:a7:6a:80:49:f6:98:68:a5:4c:47:79:
         26:d3:31:fa:b5:10:bd:b5:4e:96:45:17:47:35:4a:32:99:73:
         6c:99:ed:a5:1c:0a:0e:4c:16:60:a3:ed:41:3d:30:64:e9:4a:
         00:7b:62:15:f3:af:83:cc:cf:75:6a:b1:a9:3c:c0:68:e8:b1:
         05:83:4a:b9:a3:16:0f:5c:52:f6:9f:6c:4a:35:81:98:ad:79:
         b8:20:69:1a
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUJczn7h8BRhY+yrJ1je/UsKKgK2MwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjYwNTE5MDEzMDU3WhcNMjYwODE3MjM1OTU5
WjB6MUkwRwYDVQQFE0AwNTRmOTdiNjVkNmY1YTkxNmZlODM4YWEwNGU2YWNkMWQ1
NDI0ZDgzNzhiNDZmM2QxNTc0ZmY0OGI3ZTJmN2VlMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCzHFwT2WxQDeYREr8eqhg2xPLxFsPng/NkeZ67DyhZHSsW
laGsi8DGpQpYGpWH2bmAaCyLCdf44GdpBhyiaBUIO4X3T9x3fquVmzxGFOzpXbQ+
ahfEbYjL3DQHjTT88ycmyRpe5Bs8QrFKfeL7Eic/rv68LewxtKaWjeql6xQdKgWp
L/7lLsnPY1jm974HfqAioHTsMFE/Da86KaTeXmcy/VixuMbCGary8EMueT51znLO
P4FMr6zbNcjoTWBWDTpCTBDiqciv/QWAyBJjZXc+nj08V60e+tUyter9Nnkp+Fkk
Q8FKisex1n1qhm6Krz6QbnU+dXDcl3OQE46n5U/5AgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUJ8yr8/RPHGU8Cnu2zXh5dprLl+QwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzkwNTc1NzFkLWZjNWEtNDZhMS04YzIwLWJiNzBlODIyYTIwZS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwCKbzANBgkqhkiG9w0BAQsFAAOCAQEAoBqA22dLT5Ut9LB7TW0LFwkxfxQf
PTw2bRF9LEQTnVU94MG0AeyjSaRVr7lH8y81g1TmuyGKw6DCKPA6P1WEpNnB1s1i
AK+dfLaCC5kpj8aWvhIgDjIO90o74IJ1W54UcUYTPGCJvAgxcfkHb1DxbAI1SaRA
PMhUTG3ZQTiUgQti15cY13Bmyxs3KI7KCsRzetb85xFwW3gYjHz+aCsi5FC+SJm9
l6an7KdqgEn2mGilTEd5JtMx+rUQvbVOlkUXRzVKMplzbJntpRwKDkwWYKPtQT0w
ZOlKAHtiFfOvg8zPdWqxqTzAaOixBYNKuaMWD1xS9p9sSjWBmK15uCBpGg==
-----END CERTIFICATE-----