Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/a092f82c-3055-4fdd-916a-baf2fcb56fd3.roa
File:                     a092f82c-3055-4fdd-916a-baf2fcb56fd3.roa (raw, json)
Hash identifier:          7nY8OOeCeMaGC9Vqt35ozEO61i7YSwcQocd8wqjUJgs=
Subject key identifier:   6E:DA:53:D7:73:7B:7D:20:FA:9C:09:DC:37:BE:D8:ED:3A:AD:B5:37
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       79CCAD86FEC701599D0DFFE6375C3B4EC813F21C
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/a092f82c-3055-4fdd-916a-baf2fcb56fd3.roa
Signing time:             Tue 24 Feb 2026 04:00:10 +0000
ROA not before:           Tue 24 Feb 2026 04:00:10 +0000
ROA not after:            Mon 25 May 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        54.245.80.0/20 maxlen: 20
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Mon 02 Mar 2026 20:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            79:cc:ad:86:fe:c7:01:59:9d:0d:ff:e6:37:5c:3b:4e:c8:13:f2:1c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Feb 24 04:00:10 2026 GMT
            Not After : May 25 23:59:59 2026 GMT
        Subject: serialNumber=99aa7406a885cfde82fbc012ba0c90adc587fc24aa997145cd13be2df4aba555, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:72:d3:78:46:78:47:27:b9:4d:89:3e:de:1f:
                    0e:c4:dc:31:ad:2b:00:12:c1:f7:b9:fc:15:bb:4f:
                    07:d7:25:6e:22:c7:a1:2a:e3:65:d1:78:eb:69:e1:
                    d3:c0:d9:16:bd:87:ad:e5:b4:a1:da:67:7d:d6:0d:
                    2c:ef:af:b3:a8:0e:a0:9e:48:43:fd:ed:75:ed:5b:
                    fc:3e:30:14:33:df:7a:7a:df:9b:23:5e:46:b4:e5:
                    34:cc:be:01:76:1d:4f:6e:be:af:6a:6f:9b:6e:03:
                    bf:d9:b0:c7:dc:a6:a5:04:0d:73:d9:d4:56:6f:8e:
                    cf:4e:3c:6e:c1:41:e6:86:da:6b:6f:df:73:12:e5:
                    a5:f4:1c:c3:7f:ae:c6:a1:00:a5:06:09:1c:1c:a2:
                    e6:a1:07:43:dd:a9:5d:24:2d:f7:be:c9:c5:48:04:
                    b6:28:45:3d:eb:99:4d:57:ab:c2:2b:31:06:88:c8:
                    24:7e:a3:d2:ed:57:e5:35:53:0f:93:fe:ec:79:64:
                    60:9f:94:f9:06:cb:ac:74:28:0d:6b:67:92:30:3f:
                    f0:b5:9e:09:2e:1d:49:fb:2c:0a:3c:bc:dd:b7:97:
                    5d:27:49:bf:64:ee:75:e7:16:8a:98:55:7d:f5:8b:
                    1c:8e:2f:e1:e5:d8:24:fd:88:c4:c5:bb:3a:32:7e:
                    71:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6E:DA:53:D7:73:7B:7D:20:FA:9C:09:DC:37:BE:D8:ED:3A:AD:B5:37
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/a092f82c-3055-4fdd-916a-baf2fcb56fd3.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  54.245.80.0/20

    Signature Algorithm: sha256WithRSAEncryption
         44:0b:44:cf:f5:b6:1f:60:a5:2f:72:cd:0c:7c:b4:71:dc:ad:
         3d:03:4f:19:43:14:b2:4f:2a:ec:cd:17:3d:b2:e5:4b:fc:8f:
         0c:cf:f6:bd:0d:a3:41:dc:df:0c:fc:64:a3:60:a3:07:22:e6:
         71:fa:52:a7:ec:b5:65:81:3f:e4:55:c6:b4:78:20:f5:80:3a:
         36:64:6b:35:ac:90:cc:96:f8:ad:3f:1a:47:24:97:4d:a5:7b:
         de:0a:11:bb:07:f2:20:e1:49:84:27:11:f4:02:a2:24:3d:2e:
         64:3e:34:75:d8:c6:61:d5:40:8d:07:33:39:ed:17:60:0a:25:
         fc:e0:27:91:0f:f8:9f:72:4b:5c:07:ba:85:d6:00:7e:cf:9f:
         c6:d9:a3:36:37:41:14:93:4c:a1:d9:48:98:51:2f:a1:12:5d:
         0a:5b:58:24:6e:ff:34:a9:27:bb:6f:53:8e:12:a1:1e:58:cf:
         b7:fb:e5:d9:47:5a:dd:1c:96:f1:67:4f:9f:7d:f6:ce:ab:b4:
         a1:db:13:22:62:34:be:fd:df:60:25:18:ea:b2:53:df:84:eb:
         8b:ba:4d:b4:e3:a4:08:1a:3f:70:26:9c:7e:0d:c2:07:20:9a:
         36:57:24:df:92:ca:5b:dc:bc:84:f0:2b:49:57:17:c7:40:79:
         40:5e:1c:dc
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUecythv7HAVmdDf/mN1w7TsgT8hwwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjYwMjI0MDQwMDEwWhcNMjYwNTI1MjM1OTU5
WjB6MUkwRwYDVQQFE0A5OWFhNzQwNmE4ODVjZmRlODJmYmMwMTJiYTBjOTBhZGM1
ODdmYzI0YWE5OTcxNDVjZDEzYmUyZGY0YWJhNTU1MS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDTctN4RnhHJ7lNiT7eHw7E3DGtKwASwfe5/BW7TwfXJW4i
x6Eq42XReOtp4dPA2Ra9h63ltKHaZ33WDSzvr7OoDqCeSEP97XXtW/w+MBQz33p6
35sjXka05TTMvgF2HU9uvq9qb5tuA7/ZsMfcpqUEDXPZ1FZvjs9OPG7BQeaG2mtv
33MS5aX0HMN/rsahAKUGCRwcouahB0PdqV0kLfe+ycVIBLYoRT3rmU1Xq8IrMQaI
yCR+o9LtV+U1Uw+T/ux5ZGCflPkGy6x0KA1rZ5IwP/C1ngkuHUn7LAo8vN23l10n
Sb9k7nXnFoqYVX31ixyOL+Hl2CT9iMTFuzoyfnEnAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUbtpT13N7fSD6nAncN77Y7TqttTcwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyL2EwOTJmODJjLTMwNTUtNGZkZC05MTZhLWJhZjJmY2I1NmZkMy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAQ29VAwDQYJKoZIhvcNAQELBQADggEBAEQLRM/1th9gpS9yzQx8tHHcrT0D
TxlDFLJPKuzNFz2y5Uv8jwzP9r0No0Hc3wz8ZKNgowci5nH6UqfstWWBP+RVxrR4
IPWAOjZkazWskMyW+K0/Gkckl02le94KEbsH8iDhSYQnEfQCoiQ9LmQ+NHXYxmHV
QI0HMzntF2AKJfzgJ5EP+J9yS1wHuoXWAH7Pn8bZozY3QRSTTKHZSJhRL6ESXQpb
WCRu/zSpJ7tvU44SoR5Yz7f75dlHWt0clvFnT5999s6rtKHbEyJiNL7932AlGOqy
U9+E64u6TbTjpAgaP3AmnH4NwgcgmjZXJN+SylvcvITwK0lXF8dAeUBeHNw=
-----END CERTIFICATE-----