Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/a74bdd9e-0e86-4280-9653-839c7cab021b.roa
File:                     a74bdd9e-0e86-4280-9653-839c7cab021b.roa (raw, json)
Hash identifier:          cRbhfwxzmHTkjNMnHM398z9vuxXytEi9NylXsd/q+o0=
Subject key identifier:   24:A4:30:E7:50:4E:B9:8D:69:0F:84:AA:EC:80:A4:69:72:FC:15:C1
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       0F44FCB16057F19695AD9F7B035AB61030E2689B
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/a74bdd9e-0e86-4280-9653-839c7cab021b.roa
Signing time:             Tue 19 May 2026 02:01:28 +0000
ROA not before:           Tue 19 May 2026 02:01:28 +0000
ROA not after:            Mon 17 Aug 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        15.140.0.0/16 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 18 Jun 2026 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0f:44:fc:b1:60:57:f1:96:95:ad:9f:7b:03:5a:b6:10:30:e2:68:9b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: May 19 02:01:28 2026 GMT
            Not After : Aug 17 23:59:59 2026 GMT
        Subject: serialNumber=67b5e754bed7c3da536882c61b26a49af8f4937e72bd9eefda0c9ee6d60da0e4, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:42:53:ac:03:17:40:f7:ef:4e:d1:e9:91:47:
                    0c:d3:ed:99:84:a7:fb:4b:dc:1d:33:ba:68:26:32:
                    60:7e:27:17:49:fb:5b:88:65:d1:a1:0b:7d:83:f2:
                    36:09:c8:6f:18:d1:7e:6f:04:5e:32:75:84:4e:69:
                    ea:00:63:40:84:f9:8c:e0:2a:d3:c9:15:59:e7:ef:
                    0e:39:2f:09:b2:4f:97:21:f3:1c:60:f2:30:79:ca:
                    c5:bc:7b:75:e3:74:03:56:da:cb:eb:7f:d0:b2:cc:
                    e5:87:2a:ef:8a:11:fd:5e:f1:ff:7d:9f:29:47:d4:
                    0a:02:51:e8:f5:8e:7f:3e:e7:32:f4:e4:81:47:c4:
                    96:89:16:21:f9:f9:89:c6:7a:24:3e:86:1a:b7:57:
                    53:42:e7:66:c8:0c:58:4b:71:44:3d:7c:88:ff:50:
                    ed:d0:6c:29:a5:59:f7:98:98:df:34:51:52:35:5c:
                    04:f6:ba:8e:60:f5:e9:3c:8b:03:2e:02:21:f8:54:
                    f1:5a:68:15:9a:b8:54:4a:6e:ec:89:e3:47:bf:23:
                    82:6a:f4:93:a3:82:12:ad:67:41:d5:83:d4:0f:17:
                    27:76:4d:1b:d8:87:ee:ff:f8:af:71:56:6c:b5:e1:
                    06:94:4d:f3:91:d2:9d:5d:1d:9b:d8:76:31:14:e2:
                    42:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                24:A4:30:E7:50:4E:B9:8D:69:0F:84:AA:EC:80:A4:69:72:FC:15:C1
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/a74bdd9e-0e86-4280-9653-839c7cab021b.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  15.140.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         8b:cb:80:58:b4:28:02:2e:16:31:de:dc:8d:84:84:20:22:31:
         51:1a:12:d3:78:a9:4b:3a:1c:5b:e9:40:1a:8f:a8:16:55:05:
         cf:fc:d0:36:59:f4:1b:94:9e:a0:0a:97:c4:f2:2e:15:fb:fc:
         5e:ba:7f:4d:30:a0:ef:28:aa:65:6e:5b:28:5a:b0:c1:43:ca:
         b4:08:15:44:bd:7d:5d:2d:2e:0e:43:e8:bd:85:ed:00:90:10:
         6b:43:1a:2c:03:a4:c9:ca:34:8a:f3:35:c2:2a:b7:da:74:e0:
         61:cb:98:d4:97:f0:af:b8:c4:d6:f5:a0:4f:a8:f9:36:2d:a4:
         31:8c:3d:5f:25:e2:d6:f0:2b:be:64:63:5e:8c:3e:ea:09:d0:
         e1:9f:7b:bf:55:15:81:36:a3:22:28:db:bc:46:d5:96:69:5b:
         f0:b3:6e:90:b8:39:89:22:31:3b:7f:84:42:6b:a6:7f:93:5e:
         b4:0a:24:71:31:15:4b:f3:bf:74:24:b0:25:91:33:7e:97:35:
         17:12:36:c1:37:ec:f0:57:b9:e6:4c:89:27:be:1c:f6:72:7f:
         e1:7f:bc:86:0b:89:ef:58:ad:52:c4:cc:1e:fd:b0:8d:ca:f0:
         42:5b:d0:0c:2c:2c:95:d1:ef:4b:1e:97:ef:b9:44:36:29:df:
         84:1f:0a:c2
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUD0T8sWBX8ZaVrZ97A1q2EDDiaJswDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjYwNTE5MDIwMTI4WhcNMjYwODE3MjM1OTU5
WjB6MUkwRwYDVQQFE0A2N2I1ZTc1NGJlZDdjM2RhNTM2ODgyYzYxYjI2YTQ5YWY4
ZjQ5MzdlNzJiZDllZWZkYTBjOWVlNmQ2MGRhMGU0MS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCiQlOsAxdA9+9O0emRRwzT7ZmEp/tL3B0zumgmMmB+JxdJ
+1uIZdGhC32D8jYJyG8Y0X5vBF4ydYROaeoAY0CE+YzgKtPJFVnn7w45LwmyT5ch
8xxg8jB5ysW8e3XjdANW2svrf9CyzOWHKu+KEf1e8f99nylH1AoCUej1jn8+5zL0
5IFHxJaJFiH5+YnGeiQ+hhq3V1NC52bIDFhLcUQ9fIj/UO3QbCmlWfeYmN80UVI1
XAT2uo5g9ek8iwMuAiH4VPFaaBWauFRKbuyJ40e/I4Jq9JOjghKtZ0HVg9QPFyd2
TRvYh+7/+K9xVmy14QaUTfOR0p1dHZvYdjEU4kI/AgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUJKQw51BOuY1pD4Sq7ICkaXL8FcEwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyL2E3NGJkZDllLTBlODYtNDI4MC05NjUzLTgzOWM3Y2FiMDIxYi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwAPjDANBgkqhkiG9w0BAQsFAAOCAQEAi8uAWLQoAi4WMd7cjYSEICIxURoS
03ipSzocW+lAGo+oFlUFz/zQNln0G5SeoAqXxPIuFfv8Xrp/TTCg7yiqZW5bKFqw
wUPKtAgVRL19XS0uDkPovYXtAJAQa0MaLAOkyco0ivM1wiq32nTgYcuY1Jfwr7jE
1vWgT6j5Ni2kMYw9XyXi1vArvmRjXow+6gnQ4Z97v1UVgTajIijbvEbVlmlb8LNu
kLg5iSIxO3+EQmumf5NetAokcTEVS/O/dCSwJZEzfpc1FxI2wTfs8Fe55kyJJ74c
9nJ/4X+8hguJ71itUsTMHv2wjcrwQlvQDCwsldHvSx6X77lENinfhB8Kwg==
-----END CERTIFICATE-----