Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/9dd61ff9-fe4a-41e9-b9cb-c1484aa5ce10.roa
File:                     9dd61ff9-fe4a-41e9-b9cb-c1484aa5ce10.roa (raw, json)
Hash identifier:          mfWpsVi0eoIMvIBERdsfC64ZVOA98YRknKcJR38/8tQ=
Subject key identifier:   B0:63:69:A7:2D:3C:D4:5D:9A:BF:00:23:26:C1:10:95:3D:06:CD:7A
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       773B6CDE7BFB669D1B6CCEE0BDCA1280F26AB70A
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/9dd61ff9-fe4a-41e9-b9cb-c1484aa5ce10.roa
Signing time:             Tue 17 Feb 2026 02:01:32 +0000
ROA not before:           Tue 17 Feb 2026 02:01:32 +0000
ROA not after:            Mon 18 May 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        52.64.0.0/17 maxlen: 17
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Wed 04 Mar 2026 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            77:3b:6c:de:7b:fb:66:9d:1b:6c:ce:e0:bd:ca:12:80:f2:6a:b7:0a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Feb 17 02:01:32 2026 GMT
            Not After : May 18 23:59:59 2026 GMT
        Subject: serialNumber=db36a39fc09ac956911d0d746efc8d861c03c278d4b336d22df447e2c3e1cb97, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:f5:1c:24:86:ad:c8:94:e2:f5:53:fd:0c:68:
                    20:92:ee:fe:28:dc:4a:af:c2:39:93:02:b5:99:95:
                    91:93:75:b1:e6:e6:2a:67:99:67:6d:a3:fd:ef:75:
                    05:92:44:5a:98:fc:4a:ff:19:b3:6f:e3:34:a4:f0:
                    38:cd:61:ca:60:7e:64:14:b7:fd:69:58:b3:8e:8c:
                    7d:12:b2:61:aa:d7:a6:93:77:8d:c0:a2:d0:1c:92:
                    25:1d:1f:77:8b:f3:77:5e:9a:a2:dc:b9:cc:3d:e9:
                    66:7d:e5:12:f6:b5:f5:5f:9d:43:10:3f:a8:bd:4c:
                    99:0e:5d:28:ab:d1:ba:39:23:53:7a:6a:a0:28:19:
                    48:02:72:75:30:73:79:c7:f4:52:9a:6e:50:d8:c5:
                    2f:1d:32:13:4c:6c:2a:59:9d:f0:5f:b6:e9:c7:56:
                    4c:af:70:d5:2c:48:7a:34:47:a3:9b:a6:28:37:10:
                    06:11:ab:93:28:df:dc:ed:da:13:6e:d6:5b:2d:1b:
                    e4:78:d5:2d:9d:ce:4b:d8:93:53:74:20:2b:1a:61:
                    a8:96:71:68:a9:67:e6:1a:93:7e:d6:a0:a8:89:50:
                    02:eb:fb:ad:1f:1f:ab:79:c0:94:f1:ca:bd:83:1f:
                    2b:cd:82:58:02:91:58:d1:f9:fb:a1:c4:55:fd:89:
                    a9:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B0:63:69:A7:2D:3C:D4:5D:9A:BF:00:23:26:C1:10:95:3D:06:CD:7A
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/9dd61ff9-fe4a-41e9-b9cb-c1484aa5ce10.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  52.64.0.0/17

    Signature Algorithm: sha256WithRSAEncryption
         a2:24:f7:ee:45:b0:1c:33:eb:c9:e4:b9:c4:eb:bc:78:4a:9d:
         ca:c1:8f:84:39:03:7a:4a:24:be:b8:ae:e7:a2:c1:02:22:1c:
         65:d2:d7:02:98:59:c1:52:5f:e9:88:ad:32:f6:54:44:c9:1f:
         61:a5:63:9b:31:72:54:df:89:66:e2:6e:1f:22:8b:65:d2:ba:
         ab:ad:71:e1:45:c6:bf:bb:e2:1b:1c:3e:14:f7:a5:66:c9:9b:
         ba:d6:a8:4d:ed:2d:c9:35:a0:2f:78:bc:f3:18:9a:f2:2a:3f:
         09:8f:99:e3:25:80:86:16:e0:62:dc:85:5d:45:ba:ba:42:e6:
         51:ff:a8:3b:a6:bb:dc:0e:4a:d3:c5:ee:21:55:bb:51:07:28:
         42:9f:c0:74:ac:84:03:3e:5e:87:a5:1c:c2:6f:21:91:c8:eb:
         0c:de:8c:41:e8:8d:27:4e:c5:28:02:bc:70:d4:94:06:d9:c5:
         52:93:b9:01:67:b2:a4:05:c1:a5:44:dc:2e:2f:ff:13:7b:9a:
         54:cc:c8:a8:88:1a:ac:67:94:60:c1:4b:ed:06:a8:2c:8f:fc:
         47:a5:f2:87:c7:25:32:f1:e6:c0:58:f8:5d:b2:8a:75:c0:8d:
         a0:2b:bb:fd:9f:d3:fe:d1:43:e3:1f:9d:90:ee:ac:29:ef:3b:
         f7:09:80:dc
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUdzts3nv7Zp0bbM7gvcoSgPJqtwowDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjYwMjE3MDIwMTMyWhcNMjYwNTE4MjM1OTU5
WjB6MUkwRwYDVQQFE0BkYjM2YTM5ZmMwOWFjOTU2OTExZDBkNzQ2ZWZjOGQ4NjFj
MDNjMjc4ZDRiMzM2ZDIyZGY0NDdlMmMzZTFjYjk3MS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCc9Rwkhq3IlOL1U/0MaCCS7v4o3EqvwjmTArWZlZGTdbHm
5ipnmWdto/3vdQWSRFqY/Er/GbNv4zSk8DjNYcpgfmQUt/1pWLOOjH0SsmGq16aT
d43AotAckiUdH3eL83demqLcucw96WZ95RL2tfVfnUMQP6i9TJkOXSir0bo5I1N6
aqAoGUgCcnUwc3nH9FKablDYxS8dMhNMbCpZnfBftunHVkyvcNUsSHo0R6Obpig3
EAYRq5Mo39zt2hNu1lstG+R41S2dzkvYk1N0ICsaYaiWcWipZ+Yak37WoKiJUALr
+60fH6t5wJTxyr2DHyvNglgCkVjR+fuhxFX9iakpAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUsGNppy081F2avwAjJsEQlT0GzXowHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzlkZDYxZmY5LWZlNGEtNDFlOS1iOWNiLWMxNDg0YWE1Y2UxMC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAc0QAAwDQYJKoZIhvcNAQELBQADggEBAKIk9+5FsBwz68nkucTrvHhKncrB
j4Q5A3pKJL64rueiwQIiHGXS1wKYWcFSX+mIrTL2VETJH2GlY5sxclTfiWbibh8i
i2XSuqutceFFxr+74hscPhT3pWbJm7rWqE3tLck1oC94vPMYmvIqPwmPmeMlgIYW
4GLchV1FurpC5lH/qDumu9wOStPF7iFVu1EHKEKfwHSshAM+XoelHMJvIZHI6wze
jEHojSdOxSgCvHDUlAbZxVKTuQFnsqQFwaVE3C4v/xN7mlTMyKiIGqxnlGDBS+0G
qCyP/Eel8ofHJTLx5sBY+F2yinXAjaAru/2f0/7RQ+MfnZDurCnvO/cJgNw=
-----END CERTIFICATE-----