Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/9d97dca0-2fcf-4033-8e1b-a6043d88a7af.roa
File:                     9d97dca0-2fcf-4033-8e1b-a6043d88a7af.roa (raw, json)
Hash identifier:          /wz2kmcTKmkFaHxTlKUjjtl17QwAuScFAUd2OLCMuCs=
Subject key identifier:   74:18:FF:FB:5E:30:E6:3A:97:2F:CD:C7:2F:02:F5:AD:E3:E6:01:BB
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       575ED23133B23324501DFAD79ED61BEFD2C14455
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/9d97dca0-2fcf-4033-8e1b-a6043d88a7af.roa
Signing time:             Sat 28 Feb 2026 02:51:16 +0000
ROA not before:           Sat 28 Feb 2026 02:51:16 +0000
ROA not after:            Fri 29 May 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        54.240.56.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Mon 02 Mar 2026 20:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            57:5e:d2:31:33:b2:33:24:50:1d:fa:d7:9e:d6:1b:ef:d2:c1:44:55
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Feb 28 02:51:16 2026 GMT
            Not After : May 29 23:59:59 2026 GMT
        Subject: serialNumber=753522b668e705b100655970856f805debdaaf0a42c01cad778b6ec2ea99f566, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:99:b0:5c:4f:51:d2:eb:d6:46:4e:51:97:4c:
                    ca:a0:77:a0:5b:ee:f1:61:94:74:e2:c8:de:af:bf:
                    07:92:0e:92:e2:3c:f6:0a:b6:02:50:15:e4:6c:62:
                    bf:5d:64:f8:2e:bf:16:05:7b:5c:b5:42:e6:c0:b7:
                    2c:35:3f:ca:ce:df:17:2e:6c:d6:13:00:e3:ed:5d:
                    eb:37:71:4a:a9:ea:b9:f0:49:2e:65:e5:be:66:85:
                    7a:98:56:50:26:75:4c:be:2d:01:94:72:a2:5e:a6:
                    eb:be:2b:c1:07:0c:43:62:34:98:cb:b6:66:79:d0:
                    d0:2a:30:f9:07:0e:7c:7b:b7:16:b3:e0:87:9d:12:
                    16:ff:df:6f:88:90:f7:76:ad:c2:59:e4:f3:2b:3c:
                    dd:b4:c2:69:7d:ce:b0:3b:4b:41:9a:68:f3:f5:53:
                    c0:27:07:51:61:c4:9f:6a:15:df:3b:23:61:99:cd:
                    3b:81:2a:74:06:99:64:d1:eb:3e:c8:f5:8a:bc:3b:
                    8c:a2:56:c7:e8:64:a9:84:4b:15:39:a7:16:bd:eb:
                    b8:f7:1c:ce:e3:41:22:db:0b:16:00:88:d1:ef:a4:
                    d7:01:eb:d0:93:ad:6c:44:f9:a9:21:ed:85:a1:79:
                    e4:8c:95:80:a0:6f:48:55:22:97:aa:6a:6c:f1:d9:
                    b8:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                74:18:FF:FB:5E:30:E6:3A:97:2F:CD:C7:2F:02:F5:AD:E3:E6:01:BB
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/9d97dca0-2fcf-4033-8e1b-a6043d88a7af.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  54.240.56.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5a:f4:5d:78:f4:4a:28:60:99:0a:74:dc:68:92:7e:09:0a:08:
         c2:5d:da:cb:f4:c2:6a:7c:32:85:ef:38:b8:db:d6:1b:78:ae:
         97:b3:26:eb:52:e7:40:06:d6:18:c1:91:7a:d8:8f:0b:27:fa:
         65:71:1b:62:cb:86:9b:08:66:62:26:f2:16:ed:48:12:73:91:
         c8:bb:69:fe:0c:f3:8d:bf:e1:8d:bc:bd:8b:3f:74:3e:53:73:
         ae:9e:50:25:4b:b2:b0:b5:59:73:ae:dd:02:e1:4f:80:ff:0e:
         48:69:72:c1:d3:2e:e3:57:31:53:42:a6:6e:98:2c:f6:85:6d:
         5d:93:20:ed:4d:25:d0:ce:a6:84:df:55:8e:68:ca:93:15:d4:
         a9:7a:12:0e:bb:58:99:53:46:79:30:e8:03:9e:18:a8:58:b6:
         44:cd:ff:dc:d6:74:09:83:c5:75:ec:69:c4:bf:82:84:c0:f8:
         1a:75:26:26:07:28:1a:41:87:b5:0d:cd:64:e5:2d:ae:c5:13:
         8c:c9:4d:1c:02:6c:6c:81:3e:0e:c1:87:7c:87:06:94:05:df:
         4f:0d:3c:0d:1a:1c:54:d9:20:fb:6d:84:ea:74:f6:11:bc:47:
         7e:c0:a4:f0:06:23:af:e9:d0:a6:cb:48:2d:b6:3e:63:46:42:
         fe:dc:9e:64
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUV17SMTOyMyRQHfrXntYb79LBRFUwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjYwMjI4MDI1MTE2WhcNMjYwNTI5MjM1OTU5
WjB6MUkwRwYDVQQFE0A3NTM1MjJiNjY4ZTcwNWIxMDA2NTU5NzA4NTZmODA1ZGVi
ZGFhZjBhNDJjMDFjYWQ3NzhiNmVjMmVhOTlmNTY2MS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCwmbBcT1HS69ZGTlGXTMqgd6Bb7vFhlHTiyN6vvweSDpLi
PPYKtgJQFeRsYr9dZPguvxYFe1y1QubAtyw1P8rO3xcubNYTAOPtXes3cUqp6rnw
SS5l5b5mhXqYVlAmdUy+LQGUcqJepuu+K8EHDENiNJjLtmZ50NAqMPkHDnx7txaz
4IedEhb/32+IkPd2rcJZ5PMrPN20wml9zrA7S0GaaPP1U8AnB1FhxJ9qFd87I2GZ
zTuBKnQGmWTR6z7I9Yq8O4yiVsfoZKmESxU5pxa967j3HM7jQSLbCxYAiNHvpNcB
69CTrWxE+akh7YWheeSMlYCgb0hVIpeqamzx2bhRAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUdBj/+14w5jqXL83HLwL1rePmAbswHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzlkOTdkY2EwLTJmY2YtNDAzMy04ZTFiLWE2MDQzZDg4YTdhZi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAA28DgwDQYJKoZIhvcNAQELBQADggEBAFr0XXj0SihgmQp03GiSfgkKCMJd
2sv0wmp8MoXvOLjb1ht4rpezJutS50AG1hjBkXrYjwsn+mVxG2LLhpsIZmIm8hbt
SBJzkci7af4M842/4Y28vYs/dD5Tc66eUCVLsrC1WXOu3QLhT4D/DkhpcsHTLuNX
MVNCpm6YLPaFbV2TIO1NJdDOpoTfVY5oypMV1Kl6Eg67WJlTRnkw6AOeGKhYtkTN
/9zWdAmDxXXsacS/goTA+Bp1JiYHKBpBh7UNzWTlLa7FE4zJTRwCbGyBPg7Bh3yH
BpQF308NPA0aHFTZIPtthOp09hG8R37ApPAGI6/p0KbLSC22PmNGQv7cnmQ=
-----END CERTIFICATE-----