Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/bbacf636-ea8a-4d61-a985-109683cc4a86.roa
File:                     bbacf636-ea8a-4d61-a985-109683cc4a86.roa (raw, json)
Hash identifier:          z83qVemMz0+YC6NJL1eJezqTbVB7G7uuk7MD6NcqXZ8=
Subject key identifier:   6B:A8:2E:B7:5B:D5:DF:66:A4:D7:C3:2E:89:E8:56:E3:48:C4:20:15
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       058A6D1D202846750CF938E37E12D54296B41EB4
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/bbacf636-ea8a-4d61-a985-109683cc4a86.roa
Signing time:             Tue 17 Feb 2026 01:31:27 +0000
ROA not before:           Tue 17 Feb 2026 01:31:27 +0000
ROA not after:            Mon 18 May 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        54.218.128.0/17 maxlen: 17
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Wed 04 Mar 2026 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            05:8a:6d:1d:20:28:46:75:0c:f9:38:e3:7e:12:d5:42:96:b4:1e:b4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Feb 17 01:31:27 2026 GMT
            Not After : May 18 23:59:59 2026 GMT
        Subject: serialNumber=53c0c92c49f2437636424d265badf91d5e87aa7a85265333db7e4a77a5f4b404, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:02:f9:a1:4e:d5:0e:af:a9:62:14:b7:0a:2f:
                    45:39:70:ee:bd:3d:75:a8:aa:39:1f:ed:8a:64:c0:
                    08:04:13:52:f4:bc:11:9f:d8:89:32:5f:90:9f:71:
                    f1:e2:2c:e2:30:bc:a3:e4:91:6a:3e:28:f3:1b:32:
                    8f:23:4a:4b:90:1f:24:cd:3f:1e:78:e5:a8:85:31:
                    16:d4:b5:77:3f:a6:50:0b:85:af:82:cc:22:0a:d5:
                    6a:b4:13:da:03:68:66:f4:4c:d3:91:e8:92:e3:f7:
                    4f:f4:e2:6f:41:f1:5b:3c:a4:88:24:18:89:86:0d:
                    15:6c:b2:89:18:b5:20:9f:55:02:ce:ce:e1:81:e9:
                    09:10:34:3b:ae:34:f8:99:b4:9a:5c:07:99:c9:f4:
                    ae:3d:16:7b:94:cd:85:a1:0f:f3:49:f2:d9:06:ec:
                    74:44:27:ba:46:4b:20:8b:bd:91:ec:52:69:42:86:
                    24:ba:95:25:3f:f2:e1:92:f5:c8:cf:5f:9b:75:de:
                    73:89:3b:fb:1c:27:5c:40:a1:ed:2c:d5:d3:88:8d:
                    8e:f6:9e:83:f3:77:8a:68:15:9f:8e:ff:e2:ae:c2:
                    dc:b3:98:ac:1d:3c:c8:99:4e:00:5f:2a:6d:e4:4e:
                    6a:c0:74:43:0e:b0:15:99:b4:bd:38:57:82:b9:96:
                    2c:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6B:A8:2E:B7:5B:D5:DF:66:A4:D7:C3:2E:89:E8:56:E3:48:C4:20:15
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/bbacf636-ea8a-4d61-a985-109683cc4a86.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  54.218.128.0/17

    Signature Algorithm: sha256WithRSAEncryption
         0f:1b:6d:c2:43:6f:5b:97:fd:3d:45:21:6a:92:93:19:63:48:
         cb:59:91:2a:9e:20:3f:e2:fe:76:58:cf:82:9b:8a:35:23:c7:
         08:c8:3f:88:81:cd:87:5e:84:ea:b7:5e:63:7b:f1:37:c3:d0:
         af:2d:a9:0f:7b:35:a4:15:fb:c4:7a:e4:44:33:74:8d:ef:24:
         fb:c5:3b:8e:cb:be:c2:80:d3:93:9b:d8:df:fb:33:e4:85:d9:
         47:84:7a:cf:e9:a6:cd:22:6d:b2:10:ba:e7:bb:fe:f4:56:ad:
         10:06:53:01:64:2c:73:a4:c4:5a:b3:c3:95:bb:ff:1b:36:55:
         53:96:69:dd:e8:29:18:5f:74:8e:3e:77:58:25:d2:3c:cb:98:
         8e:d8:63:dc:fe:50:b6:97:2f:1e:44:c6:09:7d:d7:2a:4a:37:
         69:af:8d:8d:6f:31:79:2b:c3:ea:93:8a:64:19:de:7d:b1:cb:
         85:87:e2:fc:58:11:f6:0b:46:54:86:00:2c:ce:e4:c6:ff:e7:
         01:cb:95:39:96:dc:2a:36:0c:7c:e7:21:5b:5f:f4:09:2d:e8:
         e2:a1:27:11:bf:cf:19:98:ff:53:21:41:8e:d7:8c:b1:06:b4:
         4e:14:b4:62:03:f3:25:cf:c5:91:a2:6d:6c:e5:9d:a7:49:0a:
         e6:b3:8c:10
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUBYptHSAoRnUM+TjjfhLVQpa0HrQwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjYwMjE3MDEzMTI3WhcNMjYwNTE4MjM1OTU5
WjB6MUkwRwYDVQQFE0A1M2MwYzkyYzQ5ZjI0Mzc2MzY0MjRkMjY1YmFkZjkxZDVl
ODdhYTdhODUyNjUzMzNkYjdlNGE3N2E1ZjRiNDA0MS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCrAvmhTtUOr6liFLcKL0U5cO69PXWoqjkf7YpkwAgEE1L0
vBGf2IkyX5CfcfHiLOIwvKPkkWo+KPMbMo8jSkuQHyTNPx545aiFMRbUtXc/plAL
ha+CzCIK1Wq0E9oDaGb0TNOR6JLj90/04m9B8Vs8pIgkGImGDRVssokYtSCfVQLO
zuGB6QkQNDuuNPiZtJpcB5nJ9K49FnuUzYWhD/NJ8tkG7HREJ7pGSyCLvZHsUmlC
hiS6lSU/8uGS9cjPX5t13nOJO/scJ1xAoe0s1dOIjY72noPzd4poFZ+O/+Kuwtyz
mKwdPMiZTgBfKm3kTmrAdEMOsBWZtL04V4K5liy5AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUa6gut1vV32ak18MuiehW40jEIBUwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyL2JiYWNmNjM2LWVhOGEtNGQ2MS1hOTg1LTEwOTY4M2NjNGE4Ni5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAc22oAwDQYJKoZIhvcNAQELBQADggEBAA8bbcJDb1uX/T1FIWqSkxljSMtZ
kSqeID/i/nZYz4KbijUjxwjIP4iBzYdehOq3XmN78TfD0K8tqQ97NaQV+8R65EQz
dI3vJPvFO47LvsKA05Ob2N/7M+SF2UeEes/pps0ibbIQuue7/vRWrRAGUwFkLHOk
xFqzw5W7/xs2VVOWad3oKRhfdI4+d1gl0jzLmI7YY9z+ULaXLx5Exgl91ypKN2mv
jY1vMXkrw+qTimQZ3n2xy4WH4vxYEfYLRlSGACzO5Mb/5wHLlTmW3Co2DHznIVtf
9Akt6OKhJxG/zxmY/1MhQY7XjLEGtE4UtGID8yXPxZGibWzlnadJCuazjBA=
-----END CERTIFICATE-----