Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/a36124a6-4a9e-47e2-812b-28affc704995.roa
File:                     a36124a6-4a9e-47e2-812b-28affc704995.roa (raw, json)
Hash identifier:          HrztAb1K4iYvPr5VA9BvRA0UJPMkSNThAH16yuKW6Aw=
Subject key identifier:   5C:15:CD:69:F9:0F:0E:97:FC:3A:31:F5:63:16:AC:87:46:E2:AA:87
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       0307E722EB2BEDD5BDF5CC0EFE50D3512AE979ED
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/a36124a6-4a9e-47e2-812b-28affc704995.roa
Signing time:             Tue 17 Feb 2026 01:30:43 +0000
ROA not before:           Tue 17 Feb 2026 01:30:43 +0000
ROA not after:            Mon 18 May 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        54.212.0.0/18 maxlen: 18
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Wed 04 Mar 2026 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            03:07:e7:22:eb:2b:ed:d5:bd:f5:cc:0e:fe:50:d3:51:2a:e9:79:ed
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Feb 17 01:30:43 2026 GMT
            Not After : May 18 23:59:59 2026 GMT
        Subject: serialNumber=8c1ec8082115e00cd2a6037ad8509065976c57b0024a7e7f80ca168a6009ea20, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:fd:27:1b:93:75:a5:4d:1c:f0:ae:96:3a:97:fd:
                    21:19:e1:33:35:0b:25:60:ae:5c:2b:58:c2:66:3c:
                    70:a1:27:6c:25:53:e7:90:0a:f5:91:bd:00:ba:7f:
                    fe:4e:53:ed:4f:03:57:e4:78:2c:c1:e3:82:1b:25:
                    e8:df:68:88:0e:4b:97:8f:71:2e:79:1d:7e:60:ba:
                    f2:b4:c1:c7:22:34:ea:3d:c5:71:d1:0e:fe:79:12:
                    a2:e1:01:3b:e6:94:33:e3:9f:1a:b6:16:0f:ca:97:
                    84:f7:ad:7a:a7:7f:80:63:cd:86:5b:b1:c0:80:37:
                    d0:d3:41:42:34:d6:32:5f:20:ef:fe:a2:2d:d6:d3:
                    7a:0e:1d:38:cb:01:a9:3c:36:c6:fd:db:d5:a6:96:
                    b6:e1:8c:94:47:47:7b:cb:4c:ca:7f:f3:00:69:a9:
                    76:f5:c1:29:d3:13:10:c7:13:18:96:bd:ec:85:49:
                    0c:0a:7a:b1:64:45:db:a1:2b:ea:0b:c0:6a:c1:a3:
                    8a:8b:53:ef:32:d4:44:55:e7:c0:e1:50:cc:62:b3:
                    24:fe:02:0b:ed:79:9c:b4:af:32:a9:98:46:93:7a:
                    d3:82:a6:f4:ef:a3:4e:b0:90:68:13:94:16:75:8c:
                    28:91:84:ae:0b:d1:95:9f:fb:c0:31:1e:bc:3c:48:
                    8e:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5C:15:CD:69:F9:0F:0E:97:FC:3A:31:F5:63:16:AC:87:46:E2:AA:87
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/a36124a6-4a9e-47e2-812b-28affc704995.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  54.212.0.0/18

    Signature Algorithm: sha256WithRSAEncryption
         28:51:77:e5:ef:26:a3:27:d4:26:92:8a:81:fa:5e:28:c0:9a:
         f7:5c:45:97:04:8d:44:34:39:55:61:98:e9:6d:fd:bf:1d:20:
         07:14:61:d3:cb:0d:a0:d1:c8:3b:c5:48:1f:a2:78:13:43:1c:
         5f:0e:37:d3:23:c1:e8:ef:b1:1e:38:bb:05:6a:17:cd:86:03:
         2e:f2:06:82:0a:74:7b:22:76:05:37:b2:ce:d1:a8:52:ae:10:
         bb:42:9e:b0:18:32:b3:75:1f:f8:d7:3d:17:27:07:e8:8f:e0:
         7d:ae:7d:71:86:81:da:a8:ff:46:e1:6c:3a:2e:88:48:42:55:
         f1:40:94:c4:03:b2:af:0f:9b:ea:c8:37:87:61:3c:cc:91:54:
         3e:af:19:48:01:aa:4e:52:e5:eb:2e:a7:f1:64:3d:89:61:f9:
         da:89:7e:27:b0:b4:49:8b:49:e0:99:2e:66:c7:18:e9:f9:30:
         1c:03:de:dd:d4:7c:08:a1:dc:aa:af:f1:1f:1a:11:e4:1a:b8:
         06:be:ff:24:58:0c:f9:35:f6:a5:fa:c6:77:ff:db:80:c8:84:
         32:c7:5b:5d:58:eb:a7:33:fc:36:80:7a:08:33:f7:81:ce:db:
         b6:6f:41:61:da:c0:93:1d:09:38:09:87:de:8b:bd:32:28:82:
         f7:fa:56:f3
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUAwfnIusr7dW99cwO/lDTUSrpee0wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjYwMjE3MDEzMDQzWhcNMjYwNTE4MjM1OTU5
WjB6MUkwRwYDVQQFE0A4YzFlYzgwODIxMTVlMDBjZDJhNjAzN2FkODUwOTA2NTk3
NmM1N2IwMDI0YTdlN2Y4MGNhMTY4YTYwMDllYTIwMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQD9JxuTdaVNHPCuljqX/SEZ4TM1CyVgrlwrWMJmPHChJ2wl
U+eQCvWRvQC6f/5OU+1PA1fkeCzB44IbJejfaIgOS5ePcS55HX5guvK0wcciNOo9
xXHRDv55EqLhATvmlDPjnxq2Fg/Kl4T3rXqnf4BjzYZbscCAN9DTQUI01jJfIO/+
oi3W03oOHTjLAak8Nsb929WmlrbhjJRHR3vLTMp/8wBpqXb1wSnTExDHExiWveyF
SQwKerFkRduhK+oLwGrBo4qLU+8y1ERV58DhUMxisyT+AgvteZy0rzKpmEaTetOC
pvTvo06wkGgTlBZ1jCiRhK4L0ZWf+8AxHrw8SI6/AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUXBXNafkPDpf8OjH1Yxash0biqocwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyL2EzNjEyNGE2LTRhOWUtNDdlMi04MTJiLTI4YWZmYzcwNDk5NS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAY21AAwDQYJKoZIhvcNAQELBQADggEBAChRd+XvJqMn1CaSioH6XijAmvdc
RZcEjUQ0OVVhmOlt/b8dIAcUYdPLDaDRyDvFSB+ieBNDHF8ON9MjwejvsR44uwVq
F82GAy7yBoIKdHsidgU3ss7RqFKuELtCnrAYMrN1H/jXPRcnB+iP4H2ufXGGgdqo
/0bhbDouiEhCVfFAlMQDsq8Pm+rIN4dhPMyRVD6vGUgBqk5S5esup/FkPYlh+dqJ
fiewtEmLSeCZLmbHGOn5MBwD3t3UfAih3Kqv8R8aEeQauAa+/yRYDPk19qX6xnf/
24DIhDLHW11Y66cz/DaAeggz94HO27ZvQWHawJMdCTgJh96LvTIogvf6VvM=
-----END CERTIFICATE-----
Generated at Mon Mar 2 02:48:41 2026 by rpki-client