Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/a8622532-3f9f-49f5-ad52-fe2a10508dbc.roa
File:                     a8622532-3f9f-49f5-ad52-fe2a10508dbc.roa (raw, json)
Hash identifier:          5X92Q1YYwXqu4QjWVTP7ZY/REg3kPMx8HzoXAw8XRjs=
Subject key identifier:   E8:16:77:E5:22:13:4A:AF:C8:30:E6:80:7F:67:3B:54:A5:67:54:8C
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       16D09E85E153A6CFA20AF4CAEC6473EE80C852C7
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/a8622532-3f9f-49f5-ad52-fe2a10508dbc.roa
Signing time:             Fri 15 May 2026 03:21:43 +0000
ROA not before:           Fri 15 May 2026 03:21:43 +0000
ROA not after:            Thu 13 Aug 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        54.245.0.0/17 maxlen: 17
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 18 Jun 2026 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            16:d0:9e:85:e1:53:a6:cf:a2:0a:f4:ca:ec:64:73:ee:80:c8:52:c7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: May 15 03:21:43 2026 GMT
            Not After : Aug 13 23:59:59 2026 GMT
        Subject: serialNumber=bb705f7664f66bb95195d109624212ca31bf7e28e981946e42706c70f754f916, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:dc:de:ee:c1:13:47:16:0e:2a:99:1d:74:0f:
                    ba:4c:38:f6:cf:7e:ac:87:8a:c6:05:55:74:3a:93:
                    d4:b7:a3:fd:ca:cd:e8:45:08:8e:ff:84:a4:89:29:
                    3c:85:8a:93:75:0a:f6:e0:0d:9a:83:07:33:3f:69:
                    2a:12:b6:09:ca:64:28:29:2c:d9:8a:08:b0:ab:4a:
                    8e:e1:93:84:a1:cd:b9:70:39:44:ba:15:ef:06:68:
                    83:5e:6d:6a:71:32:ae:a2:0e:9d:61:f2:b3:ad:07:
                    f3:0b:ac:6f:a8:ed:dc:64:6a:a4:16:24:d3:b6:ca:
                    d0:b7:e5:85:a3:84:8a:9a:70:56:08:f0:53:02:40:
                    c0:f8:fd:54:5b:cd:ab:22:74:06:86:40:6e:c7:6f:
                    00:f4:92:eb:5d:30:8f:e2:c6:e1:88:d5:fa:ca:fe:
                    df:8c:37:3d:d7:ea:ad:2e:dc:a2:6f:1a:82:1a:6c:
                    30:87:3c:b1:02:ac:19:e3:65:f5:5f:12:a9:00:db:
                    e7:5f:de:56:f2:4a:16:cf:6b:50:36:aa:5e:17:ba:
                    34:e2:57:54:53:ad:12:1c:7d:bf:5a:51:c1:41:cd:
                    1c:61:1a:85:92:f6:09:a1:c8:15:57:44:d0:bb:00:
                    8c:14:b8:1c:f3:d4:d6:c0:a9:ae:24:2b:94:e7:4f:
                    7f:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E8:16:77:E5:22:13:4A:AF:C8:30:E6:80:7F:67:3B:54:A5:67:54:8C
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/a8622532-3f9f-49f5-ad52-fe2a10508dbc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  54.245.0.0/17

    Signature Algorithm: sha256WithRSAEncryption
         58:f0:1e:a7:74:67:b4:b9:e3:a8:55:36:2b:96:f6:ed:0b:41:
         23:92:1a:6d:9d:b5:53:3f:d4:72:e6:81:04:31:3e:43:e6:2a:
         f0:55:32:4b:72:f9:ef:73:1a:f1:58:de:f6:35:35:24:00:ca:
         91:e5:05:4b:13:a7:8c:bf:e5:3b:19:f4:73:00:03:d4:87:e6:
         76:c1:fb:12:8f:85:4b:3d:87:fd:4a:7e:3f:ad:66:37:18:6c:
         48:f7:bb:8a:ad:27:8e:b0:bf:d3:15:c5:d5:16:26:83:db:ed:
         3b:5d:05:11:0c:3b:af:38:7b:ea:ac:59:c8:d5:c4:ec:f3:20:
         b9:51:e9:fa:5a:48:1d:a5:9f:b0:6d:66:09:9b:63:2d:2c:d1:
         8f:4c:c3:07:f6:36:3b:ac:9e:55:8a:23:b1:27:5e:5d:fc:a4:
         90:ad:5a:f3:46:61:ca:06:2a:71:98:72:d8:b4:5a:21:55:17:
         4d:19:a3:e0:37:2f:75:40:6c:e9:f1:81:4b:3f:d3:8a:f2:a7:
         75:a6:41:8b:f6:5e:79:f8:5d:5c:45:9c:b1:d9:7c:1d:4a:f3:
         0d:b3:37:fc:37:fa:a6:4b:c9:7d:40:8d:45:82:1a:e2:d5:55:
         a9:41:d0:f4:fe:e0:92:2b:75:45:fa:cc:9d:63:a9:43:a0:ee:
         32:ba:7e:c9
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUFtCeheFTps+iCvTK7GRz7oDIUscwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjYwNTE1MDMyMTQzWhcNMjYwODEzMjM1OTU5
WjB6MUkwRwYDVQQFE0BiYjcwNWY3NjY0ZjY2YmI5NTE5NWQxMDk2MjQyMTJjYTMx
YmY3ZTI4ZTk4MTk0NmU0MjcwNmM3MGY3NTRmOTE2MS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCz3N7uwRNHFg4qmR10D7pMOPbPfqyHisYFVXQ6k9S3o/3K
zehFCI7/hKSJKTyFipN1CvbgDZqDBzM/aSoStgnKZCgpLNmKCLCrSo7hk4Shzblw
OUS6Fe8GaINebWpxMq6iDp1h8rOtB/MLrG+o7dxkaqQWJNO2ytC35YWjhIqacFYI
8FMCQMD4/VRbzasidAaGQG7HbwD0kutdMI/ixuGI1frK/t+MNz3X6q0u3KJvGoIa
bDCHPLECrBnjZfVfEqkA2+df3lbyShbPa1A2ql4XujTiV1RTrRIcfb9aUcFBzRxh
GoWS9gmhyBVXRNC7AIwUuBzz1NbAqa4kK5TnT3+7AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU6BZ35SITSq/IMOaAf2c7VKVnVIwwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyL2E4NjIyNTMyLTNmOWYtNDlmNS1hZDUyLWZlMmExMDUwOGRiYy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAc29QAwDQYJKoZIhvcNAQELBQADggEBAFjwHqd0Z7S546hVNiuW9u0LQSOS
Gm2dtVM/1HLmgQQxPkPmKvBVMkty+e9zGvFY3vY1NSQAypHlBUsTp4y/5TsZ9HMA
A9SH5nbB+xKPhUs9h/1Kfj+tZjcYbEj3u4qtJ46wv9MVxdUWJoPb7TtdBREMO684
e+qsWcjVxOzzILlR6fpaSB2ln7BtZgmbYy0s0Y9Mwwf2NjusnlWKI7EnXl38pJCt
WvNGYcoGKnGYcti0WiFVF00Zo+A3L3VAbOnxgUs/04ryp3WmQYv2Xnn4XVxFnLHZ
fB1K8w2zN/w3+qZLyX1AjUWCGuLVValB0PT+4JIrdUX6zJ1jqUOg7jK6fsk=
-----END CERTIFICATE-----