Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/a8439859-0354-4fe5-8ab0-f74d9806db74.roa
File:                     a8439859-0354-4fe5-8ab0-f74d9806db74.roa (raw, json)
Hash identifier:          k6KBfWC64zO/VhU8zdT/2mX9esAeYUsP7j4fLw1mOgM=
Subject key identifier:   73:39:82:D3:A3:FC:98:5A:53:2A:67:1E:C7:A7:55:83:54:36:72:8A
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       1E5110B38C49D61164B58EF56B1B477D729B090F
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/a8439859-0354-4fe5-8ab0-f74d9806db74.roa
Signing time:             Sat 28 Feb 2026 03:30:54 +0000
ROA not before:           Sat 28 Feb 2026 03:30:54 +0000
ROA not after:            Fri 29 May 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        54.73.0.0/16 maxlen: 16
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Wed 04 Mar 2026 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1e:51:10:b3:8c:49:d6:11:64:b5:8e:f5:6b:1b:47:7d:72:9b:09:0f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Feb 28 03:30:54 2026 GMT
            Not After : May 29 23:59:59 2026 GMT
        Subject: serialNumber=b3b74df18d055ea14bbc6f2ad50588338f1c0365ee6d3d369e51689f023b2ac5, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:44:1b:ae:88:7b:58:8b:ee:ff:59:ce:cd:a6:
                    72:81:12:d7:73:8d:b5:63:39:41:4b:83:c3:05:57:
                    d1:b2:9d:ab:26:0d:14:f7:ba:52:04:08:ad:1b:b4:
                    db:de:2a:d0:b4:55:78:65:74:0a:66:c8:be:03:3c:
                    c8:b3:b4:03:7c:92:2e:99:d3:f2:37:80:a6:ec:50:
                    0e:0a:40:45:f1:76:b7:9e:ed:5e:48:09:13:76:79:
                    0a:28:4b:62:3a:65:82:58:8e:fd:bb:cb:10:c1:d7:
                    cb:18:04:71:1a:b1:3b:88:3f:ca:9e:18:5a:08:f5:
                    fb:94:14:a6:4f:1c:bc:a2:f9:e2:10:3b:28:d5:a4:
                    4a:dd:04:9f:7f:54:f3:15:97:3e:f0:af:81:0a:7b:
                    5e:5c:5c:67:4c:3c:bb:65:ce:bb:b9:d4:ca:7d:3f:
                    82:6b:7e:c3:d4:e7:88:fd:89:63:cf:73:1f:30:bb:
                    5d:36:c0:12:e3:ba:46:c7:68:29:24:8e:2d:34:f8:
                    6e:7b:e7:b0:e9:ca:4f:14:0c:b6:b4:c6:0c:7d:5f:
                    93:f8:dc:60:23:21:5f:00:79:82:fe:11:11:a6:fc:
                    90:db:20:86:2a:b2:ff:fe:97:c9:99:da:af:b7:c0:
                    ab:6e:70:b5:75:d1:fe:1c:0a:74:64:95:fc:e1:f8:
                    69:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                73:39:82:D3:A3:FC:98:5A:53:2A:67:1E:C7:A7:55:83:54:36:72:8A
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/a8439859-0354-4fe5-8ab0-f74d9806db74.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  54.73.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         22:a7:93:7a:8f:fe:fc:7b:31:a1:6c:36:11:5c:15:86:98:5c:
         3b:4a:64:d4:5c:fa:46:bd:31:9c:a5:26:d6:83:6d:d3:25:a4:
         1a:15:6c:67:e1:da:d1:fa:05:dd:04:46:3d:2c:71:bb:c6:88:
         65:9d:6d:94:27:99:f2:2f:fc:7d:0d:82:92:13:70:bb:75:4b:
         c4:a4:77:7c:60:c0:a5:24:ef:48:ed:54:cc:17:cf:6d:a9:e6:
         08:39:1b:c3:9b:42:d6:56:c1:a3:61:ff:54:22:c0:67:b8:fe:
         3e:7c:e5:08:70:ff:2e:a6:8a:80:c7:3b:d9:68:d9:1d:b9:2a:
         9e:d1:22:d2:ba:b4:5c:3b:50:20:c9:e1:17:be:7b:7b:d0:9e:
         86:c9:b9:44:ec:49:09:71:d9:4e:96:64:48:ca:51:e8:fe:92:
         e0:09:8c:a1:91:25:be:55:ec:b6:ba:a8:d1:cd:32:8c:c9:47:
         ab:bc:0a:e7:f8:8d:1c:63:82:d3:ed:cf:19:0f:8f:64:1d:25:
         c3:d7:f0:a9:b1:bc:a9:b5:d4:ee:7c:ea:4c:23:44:92:81:d4:
         11:19:43:4b:73:cc:fc:3e:1b:41:06:06:fb:9c:33:de:01:52:
         79:ac:44:5d:12:67:df:1f:25:19:01:2e:7e:1e:98:14:ea:cf:
         03:5e:8e:fe
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUHlEQs4xJ1hFktY71axtHfXKbCQ8wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjYwMjI4MDMzMDU0WhcNMjYwNTI5MjM1OTU5
WjB6MUkwRwYDVQQFE0BiM2I3NGRmMThkMDU1ZWExNGJiYzZmMmFkNTA1ODgzMzhm
MWMwMzY1ZWU2ZDNkMzY5ZTUxNjg5ZjAyM2IyYWM1MS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCyRBuuiHtYi+7/Wc7NpnKBEtdzjbVjOUFLg8MFV9Gynasm
DRT3ulIECK0btNveKtC0VXhldApmyL4DPMiztAN8ki6Z0/I3gKbsUA4KQEXxdree
7V5ICRN2eQooS2I6ZYJYjv27yxDB18sYBHEasTuIP8qeGFoI9fuUFKZPHLyi+eIQ
OyjVpErdBJ9/VPMVlz7wr4EKe15cXGdMPLtlzru51Mp9P4JrfsPU54j9iWPPcx8w
u102wBLjukbHaCkkji00+G5757Dpyk8UDLa0xgx9X5P43GAjIV8AeYL+ERGm/JDb
IIYqsv/+l8mZ2q+3wKtucLV10f4cCnRklfzh+Gn3AgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUczmC06P8mFpTKmcex6dVg1Q2coowHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyL2E4NDM5ODU5LTAzNTQtNGZlNS04YWIwLWY3NGQ5ODA2ZGI3NC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwA2STANBgkqhkiG9w0BAQsFAAOCAQEAIqeTeo/+/HsxoWw2EVwVhphcO0pk
1Fz6Rr0xnKUm1oNt0yWkGhVsZ+Ha0foF3QRGPSxxu8aIZZ1tlCeZ8i/8fQ2CkhNw
u3VLxKR3fGDApSTvSO1UzBfPbanmCDkbw5tC1lbBo2H/VCLAZ7j+PnzlCHD/LqaK
gMc72WjZHbkqntEi0rq0XDtQIMnhF757e9Cehsm5ROxJCXHZTpZkSMpR6P6S4AmM
oZElvlXstrqo0c0yjMlHq7wK5/iNHGOC0+3PGQ+PZB0lw9fwqbG8qbXU7nzqTCNE
koHUERlDS3PM/D4bQQYG+5wz3gFSeaxEXRJn3x8lGQEufh6YFOrPA16O/g==
-----END CERTIFICATE-----