Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/b4afeb25-f65a-48eb-bc43-cd2304d8d385.roa
File:                     b4afeb25-f65a-48eb-bc43-cd2304d8d385.roa (raw, json)
Hash identifier:          kZjtuIsPlWEH47+SeduShakXtAtcx2MqRd3/6Xwq84s=
Subject key identifier:   1B:E6:83:5F:14:84:84:F7:6E:C5:AA:E6:A3:96:F2:9E:5D:46:3B:E3
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       107549FE84D1D635947B83602D6EDEE66264E22D
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/b4afeb25-f65a-48eb-bc43-cd2304d8d385.roa
Signing time:             Mon 23 Feb 2026 00:41:09 +0000
ROA not before:           Mon 23 Feb 2026 00:41:09 +0000
ROA not after:            Sun 24 May 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        52.124.205.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Mon 02 Mar 2026 20:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            10:75:49:fe:84:d1:d6:35:94:7b:83:60:2d:6e:de:e6:62:64:e2:2d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Feb 23 00:41:09 2026 GMT
            Not After : May 24 23:59:59 2026 GMT
        Subject: serialNumber=9c1b9948b24d5150ca9141cbc9ffc680a81375d6c7733a3eb7c5d821b2e88b24, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f8:f8:9d:cd:56:df:57:dd:68:e7:7a:3f:2c:6b:
                    e0:96:8e:94:26:3f:e1:06:79:dd:fe:5e:26:ed:f6:
                    54:34:53:f0:43:f7:eb:76:c8:11:0b:75:22:e1:6f:
                    18:4b:62:69:3a:a9:19:ce:3e:1d:ce:18:ee:31:fa:
                    6a:4b:a7:9d:53:4c:51:13:98:4e:13:28:38:88:ce:
                    4d:31:04:f5:ed:ac:1f:2b:21:47:fc:85:84:af:4f:
                    6b:28:7e:c8:77:ee:f8:57:0e:f6:9f:74:42:e3:8f:
                    08:4c:45:2b:6a:26:13:26:45:d6:8d:e1:3e:91:ca:
                    f0:2a:f3:88:94:d7:d9:59:db:d8:a8:a6:1c:21:9f:
                    78:36:64:30:cd:6e:85:36:f2:12:30:81:eb:b5:c5:
                    fc:68:26:6e:96:f4:72:85:85:fe:45:16:40:6c:47:
                    f4:35:46:bf:9e:6e:a2:b4:40:90:44:ca:76:c7:e7:
                    c6:69:5b:db:b5:b6:f2:cc:8f:70:36:5d:71:10:1f:
                    30:fe:59:6b:b1:69:e0:2b:86:25:88:9c:9f:ea:ae:
                    a0:bf:a7:5e:eb:86:e4:9c:17:d3:fb:8d:17:8e:12:
                    13:76:04:37:60:65:a9:3f:64:a3:a3:8b:b8:0d:f6:
                    57:5f:55:dc:d5:cd:c3:ed:40:16:eb:4c:ee:b0:fe:
                    c5:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1B:E6:83:5F:14:84:84:F7:6E:C5:AA:E6:A3:96:F2:9E:5D:46:3B:E3
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/b4afeb25-f65a-48eb-bc43-cd2304d8d385.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  52.124.205.0/24

    Signature Algorithm: sha256WithRSAEncryption
         82:31:8c:3a:9f:9e:d7:cd:d8:ff:55:69:06:f2:57:bc:62:61:
         a0:3b:50:eb:cd:d5:2b:9d:cc:0d:b1:5d:3f:98:97:78:fc:81:
         4f:18:e1:4f:3b:3c:00:11:f0:75:3c:46:0b:9f:4c:5c:f6:cc:
         27:46:00:d9:a2:00:81:1f:93:32:9d:be:56:4e:f3:80:47:b4:
         07:b7:37:85:67:1c:71:dd:0a:c5:4e:ea:ef:ce:65:f8:ab:97:
         da:96:e8:a9:b0:d4:fc:12:ff:45:62:d0:b7:97:be:74:f5:7a:
         8f:24:58:92:6c:71:4c:e3:16:6a:a7:73:9c:9e:d1:49:89:dd:
         5b:6c:36:66:96:0e:a9:b5:fd:b4:bc:ee:04:db:6b:c2:2c:0a:
         5e:1b:fb:09:ec:98:87:29:ce:4b:2d:82:a9:f2:43:84:7d:6a:
         a3:35:46:87:6a:4e:c0:85:30:82:e7:03:5b:d3:73:d2:0c:b1:
         60:93:9c:c7:39:25:b0:6d:7f:18:ce:17:85:18:7c:ed:4a:e2:
         dd:03:f5:2a:a5:76:ec:3b:73:61:71:00:71:5d:34:cf:19:11:
         86:e1:af:6d:cd:70:de:49:49:42:5c:f8:e5:9f:48:1a:a0:61:
         4b:97:72:8d:70:3f:90:9c:35:74:98:d9:5f:d9:62:9f:43:44:
         a3:27:93:ff
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUEHVJ/oTR1jWUe4NgLW7e5mJk4i0wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjYwMjIzMDA0MTA5WhcNMjYwNTI0MjM1OTU5
WjB6MUkwRwYDVQQFE0A5YzFiOTk0OGIyNGQ1MTUwY2E5MTQxY2JjOWZmYzY4MGE4
MTM3NWQ2Yzc3MzNhM2ViN2M1ZDgyMWIyZTg4YjI0MS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQD4+J3NVt9X3Wjnej8sa+CWjpQmP+EGed3+Xibt9lQ0U/BD
9+t2yBELdSLhbxhLYmk6qRnOPh3OGO4x+mpLp51TTFETmE4TKDiIzk0xBPXtrB8r
IUf8hYSvT2sofsh37vhXDvafdELjjwhMRStqJhMmRdaN4T6RyvAq84iU19lZ29io
phwhn3g2ZDDNboU28hIwgeu1xfxoJm6W9HKFhf5FFkBsR/Q1Rr+ebqK0QJBEynbH
58ZpW9u1tvLMj3A2XXEQHzD+WWuxaeArhiWInJ/qrqC/p17rhuScF9P7jReOEhN2
BDdgZak/ZKOji7gN9ldfVdzVzcPtQBbrTO6w/sUbAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUG+aDXxSEhPduxarmo5bynl1GO+MwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyL2I0YWZlYjI1LWY2NWEtNDhlYi1iYzQzLWNkMjMwNGQ4ZDM4NS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAA0fM0wDQYJKoZIhvcNAQELBQADggEBAIIxjDqfntfN2P9VaQbyV7xiYaA7
UOvN1SudzA2xXT+Yl3j8gU8Y4U87PAAR8HU8RgufTFz2zCdGANmiAIEfkzKdvlZO
84BHtAe3N4VnHHHdCsVO6u/OZfirl9qW6Kmw1PwS/0Vi0LeXvnT1eo8kWJJscUzj
Fmqnc5ye0UmJ3VtsNmaWDqm1/bS87gTba8IsCl4b+wnsmIcpzkstgqnyQ4R9aqM1
RodqTsCFMILnA1vTc9IMsWCTnMc5JbBtfxjOF4UYfO1K4t0D9Sqlduw7c2FxAHFd
NM8ZEYbhr23NcN5JSUJc+OWfSBqgYUuXco1wP5CcNXSY2V/ZYp9DRKMnk/8=
-----END CERTIFICATE-----