Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/ac628f17-781f-4720-8271-a0909d8a8f04.roa
File:                     ac628f17-781f-4720-8271-a0909d8a8f04.roa (raw, json)
Hash identifier:          fmfMwfShd88mA2ikdsGH/ZIR5IB+YSKSc2bfekRH9X8=
Subject key identifier:   59:A8:12:E1:D5:10:FC:DB:84:8B:94:C3:4D:34:71:12:E8:3D:C2:F0
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       308F43CAE15670A26E87A92312CF32278F4522AD
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/ac628f17-781f-4720-8271-a0909d8a8f04.roa
Signing time:             Sun 17 May 2026 01:40:49 +0000
ROA not before:           Sun 17 May 2026 01:40:49 +0000
ROA not after:            Sat 15 Aug 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        18.41.0.0/16 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 18 Jun 2026 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            30:8f:43:ca:e1:56:70:a2:6e:87:a9:23:12:cf:32:27:8f:45:22:ad
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: May 17 01:40:49 2026 GMT
            Not After : Aug 15 23:59:59 2026 GMT
        Subject: serialNumber=2a4071002029b88094d828a4be1b4985c2f2f1c02e3939e573d2302cc31510ca, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:1c:65:27:76:8f:50:cf:35:29:1d:2b:01:51:
                    94:06:e4:60:94:d3:09:1b:7d:8e:9c:27:90:16:c1:
                    ec:9d:cc:be:26:11:3f:50:9d:57:35:64:a4:0f:7f:
                    59:af:7b:9f:7a:cf:bc:63:6e:a4:c5:82:74:71:c0:
                    0f:67:84:b6:37:b7:4b:86:b8:fb:45:76:b8:2f:bd:
                    07:55:23:88:ab:10:1a:e5:a8:dc:27:4f:1c:73:c2:
                    a8:f4:dd:7f:25:4f:98:ed:86:56:95:db:0e:28:ed:
                    5b:ad:7c:58:62:e7:4f:d5:f1:cc:63:ca:39:d6:eb:
                    16:1d:ec:81:49:1f:b7:c7:65:6d:b0:ac:b8:89:b2:
                    d6:7f:cc:18:1e:f7:b3:95:a9:69:6b:42:9c:12:81:
                    6e:80:14:06:a0:79:ad:ef:94:99:f5:58:3a:e1:b9:
                    3d:f1:29:90:43:70:5d:10:00:39:24:c1:49:1f:5f:
                    21:a9:3a:2f:22:d7:05:19:3c:17:42:5d:ed:38:a8:
                    54:5c:f7:f9:39:0e:33:4d:39:f5:d0:58:de:41:0e:
                    44:d3:54:93:15:01:13:df:69:20:28:e3:32:4c:8a:
                    82:d9:76:c5:b0:5c:bd:80:ef:be:a1:11:c3:91:60:
                    52:25:38:a6:34:37:99:f5:a1:77:da:3d:1f:f8:f5:
                    87:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                59:A8:12:E1:D5:10:FC:DB:84:8B:94:C3:4D:34:71:12:E8:3D:C2:F0
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/ac628f17-781f-4720-8271-a0909d8a8f04.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  18.41.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         a3:4b:31:f0:37:72:10:c6:6f:70:c0:9e:3a:d6:f6:9a:2c:46:
         1f:8b:1a:06:ad:23:69:d4:53:ef:c3:7c:f3:63:52:89:95:93:
         b1:cc:1b:25:73:ea:a0:3d:4d:d2:ad:a5:bc:bf:2b:8e:da:38:
         23:10:2d:ab:fe:21:25:73:5d:e3:2f:b2:99:ee:51:c8:a2:ba:
         64:4e:30:53:a6:d5:0c:42:6c:be:c2:90:26:8a:cb:aa:40:ee:
         c6:60:86:c2:d6:a2:95:15:5a:af:bf:39:cd:3d:e1:f9:3b:dd:
         b9:a3:5f:74:98:0d:25:53:87:49:f4:05:f2:ad:b2:f2:7e:7a:
         56:e4:32:b8:8f:bf:2c:fe:26:47:01:00:68:5f:b9:66:6a:a7:
         c7:85:89:35:a6:77:b2:79:57:6c:77:a5:76:10:0d:75:83:2e:
         19:bd:99:3f:74:59:08:28:52:e6:ed:2b:1c:6f:c4:1a:57:b5:
         a1:85:a2:e0:1e:6a:86:3d:ea:30:a7:79:5b:b9:91:40:42:ac:
         95:7e:46:d1:4f:dd:75:9a:94:5a:51:77:97:1e:39:c4:fc:76:
         09:86:8e:ce:5c:d5:fa:32:43:0e:17:dc:f3:ec:17:b2:75:ec:
         d3:2c:98:81:3c:19:9f:4b:6e:5d:a8:78:46:44:04:83:88:f9:
         55:ae:c6:06
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUMI9DyuFWcKJuh6kjEs8yJ49FIq0wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjYwNTE3MDE0MDQ5WhcNMjYwODE1MjM1OTU5
WjB6MUkwRwYDVQQFE0AyYTQwNzEwMDIwMjliODgwOTRkODI4YTRiZTFiNDk4NWMy
ZjJmMWMwMmUzOTM5ZTU3M2QyMzAyY2MzMTUxMGNhMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCUHGUndo9QzzUpHSsBUZQG5GCU0wkbfY6cJ5AWweydzL4m
ET9QnVc1ZKQPf1mve596z7xjbqTFgnRxwA9nhLY3t0uGuPtFdrgvvQdVI4irEBrl
qNwnTxxzwqj03X8lT5jthlaV2w4o7VutfFhi50/V8cxjyjnW6xYd7IFJH7fHZW2w
rLiJstZ/zBge97OVqWlrQpwSgW6AFAagea3vlJn1WDrhuT3xKZBDcF0QADkkwUkf
XyGpOi8i1wUZPBdCXe04qFRc9/k5DjNNOfXQWN5BDkTTVJMVARPfaSAo4zJMioLZ
dsWwXL2A776hEcORYFIlOKY0N5n1oXfaPR/49YfHAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUWagS4dUQ/NuEi5TDTTRxEug9wvAwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyL2FjNjI4ZjE3LTc4MWYtNDcyMC04MjcxLWEwOTA5ZDhhOGYwNC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwASKTANBgkqhkiG9w0BAQsFAAOCAQEAo0sx8DdyEMZvcMCeOtb2mixGH4sa
Bq0jadRT78N882NSiZWTscwbJXPqoD1N0q2lvL8rjto4IxAtq/4hJXNd4y+yme5R
yKK6ZE4wU6bVDEJsvsKQJorLqkDuxmCGwtailRVar785zT3h+TvduaNfdJgNJVOH
SfQF8q2y8n56VuQyuI+/LP4mRwEAaF+5Zmqnx4WJNaZ3snlXbHeldhANdYMuGb2Z
P3RZCChS5u0rHG/EGle1oYWi4B5qhj3qMKd5W7mRQEKslX5G0U/ddZqUWlF3lx45
xPx2CYaOzlzV+jJDDhfc8+wXsnXs0yyYgTwZn0tuXah4RkQEg4j5Va7GBg==
-----END CERTIFICATE-----
Generated at Wed Jun 17 08:33:11 2026 by rpki-client