Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/bc49e07c-e4c4-42db-8652-cad2c69a10d0.roa
File:                     bc49e07c-e4c4-42db-8652-cad2c69a10d0.roa (raw, json)
Hash identifier:          XziYb2paS2cuIlOjBBjA6O+1N1VRsXjOa/2AC8qIOH8=
Subject key identifier:   53:EC:FA:E5:72:51:51:15:77:D9:25:B6:B1:72:0C:D5:54:24:44:62
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       638AAF7CFEBA3EF316B06C35F268F2C6796D50F1
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/bc49e07c-e4c4-42db-8652-cad2c69a10d0.roa
Signing time:             Wed 25 Feb 2026 02:50:33 +0000
ROA not before:           Wed 25 Feb 2026 02:50:33 +0000
ROA not after:            Tue 26 May 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        54.192.246.0/23 maxlen: 23
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Mon 02 Mar 2026 20:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            63:8a:af:7c:fe:ba:3e:f3:16:b0:6c:35:f2:68:f2:c6:79:6d:50:f1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Feb 25 02:50:33 2026 GMT
            Not After : May 26 23:59:59 2026 GMT
        Subject: serialNumber=d3f6cf07c97b908108c0139d9de2df320ab4f1a252053964e72fdfa8bb0fda84, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:27:0b:5c:25:f1:d3:4f:09:76:10:72:e3:ad:
                    a4:fe:8a:53:91:c2:1c:e2:90:83:75:1e:96:c3:15:
                    02:5a:65:5e:0b:17:98:93:50:be:12:3d:05:fa:29:
                    8f:35:60:f9:65:85:1c:d7:30:cf:b4:90:37:d0:25:
                    31:37:1a:a5:10:95:d9:42:0c:1b:5e:9d:dd:30:09:
                    e6:dc:27:94:0c:b5:56:9a:e1:7f:25:82:33:76:be:
                    a8:25:72:d2:43:33:60:12:9b:d5:47:f9:32:96:2b:
                    3d:ba:08:33:6f:30:a8:15:32:14:06:27:b9:60:73:
                    47:a4:b1:8b:78:b5:3d:f7:d9:d1:ed:22:7e:d4:7c:
                    21:e9:b1:fd:0e:b9:23:1b:1c:6b:c7:b9:8e:5f:b4:
                    0d:e9:42:bf:02:25:63:41:e6:de:8d:aa:f3:78:48:
                    52:10:73:4b:85:69:3f:22:f3:02:58:41:bb:f2:0c:
                    87:5e:a9:82:13:ec:5f:22:37:19:3a:1e:18:9c:e8:
                    f2:70:a2:56:00:2e:a5:ff:17:5d:88:ce:97:de:a8:
                    4c:e3:4e:c9:bd:37:05:5c:9d:ae:e1:7c:d5:20:b7:
                    33:5b:20:5c:23:7b:75:b7:8b:c2:38:55:ee:6e:34:
                    51:2e:b3:9a:1e:73:69:87:30:d5:ea:7b:4f:41:b6:
                    06:71
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                53:EC:FA:E5:72:51:51:15:77:D9:25:B6:B1:72:0C:D5:54:24:44:62
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/bc49e07c-e4c4-42db-8652-cad2c69a10d0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  54.192.246.0/23

    Signature Algorithm: sha256WithRSAEncryption
         2f:3f:d9:dd:7a:fc:73:74:4a:7d:b2:30:07:dc:8b:e8:ff:5d:
         92:6f:de:e4:60:f4:7f:39:48:a9:bb:71:96:eb:0f:3e:f3:ea:
         d8:fe:0c:ed:b7:b3:32:04:2a:d8:c9:0f:cd:d6:a8:36:c5:df:
         45:02:c9:26:e8:ca:b6:ca:eb:2c:27:bc:9b:2f:f3:d3:6f:b3:
         89:5c:45:dd:68:8c:1d:c4:80:f3:3b:4a:73:63:0d:3d:c3:cc:
         55:b8:70:46:65:3f:3c:38:f3:8b:5d:4f:d4:45:71:47:55:84:
         24:92:f0:41:31:a8:24:72:5b:4c:01:e0:b1:d0:3d:82:3c:db:
         45:6f:11:a6:45:83:b9:5e:c9:f0:25:fd:9d:5d:b0:a1:d0:16:
         d1:2b:c6:70:31:ff:c6:79:fc:c9:12:d9:6a:07:94:cf:1e:e7:
         8e:fd:b3:cb:18:cf:74:f7:74:bb:ad:96:86:76:db:0c:ab:84:
         cd:9b:41:de:bf:46:17:d3:89:1d:cf:96:04:63:83:e4:3f:f0:
         db:5d:69:8c:e8:4e:7f:ce:aa:52:12:f6:97:76:2e:7b:32:ac:
         30:f4:d2:10:83:75:03:fd:32:5f:7f:61:2a:e3:65:7b:f8:b6:
         2e:d6:f7:d6:41:15:60:da:77:63:0b:64:02:0c:28:2e:84:ba:
         19:80:15:8f
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUY4qvfP66PvMWsGw18mjyxnltUPEwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjYwMjI1MDI1MDMzWhcNMjYwNTI2MjM1OTU5
WjB6MUkwRwYDVQQFE0BkM2Y2Y2YwN2M5N2I5MDgxMDhjMDEzOWQ5ZGUyZGYzMjBh
YjRmMWEyNTIwNTM5NjRlNzJmZGZhOGJiMGZkYTg0MS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCiJwtcJfHTTwl2EHLjraT+ilORwhzikIN1HpbDFQJaZV4L
F5iTUL4SPQX6KY81YPllhRzXMM+0kDfQJTE3GqUQldlCDBtend0wCebcJ5QMtVaa
4X8lgjN2vqglctJDM2ASm9VH+TKWKz26CDNvMKgVMhQGJ7lgc0eksYt4tT332dHt
In7UfCHpsf0OuSMbHGvHuY5ftA3pQr8CJWNB5t6NqvN4SFIQc0uFaT8i8wJYQbvy
DIdeqYIT7F8iNxk6Hhic6PJwolYALqX/F12IzpfeqEzjTsm9NwVcna7hfNUgtzNb
IFwje3W3i8I4Ve5uNFEus5oec2mHMNXqe09BtgZxAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUU+z65XJRURV32SW2sXIM1VQkRGIwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyL2JjNDllMDdjLWU0YzQtNDJkYi04NjUyLWNhZDJjNjlhMTBkMC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAE2wPYwDQYJKoZIhvcNAQELBQADggEBAC8/2d16/HN0Sn2yMAfci+j/XZJv
3uRg9H85SKm7cZbrDz7z6tj+DO23szIEKtjJD83WqDbF30UCySboyrbK6ywnvJsv
89Nvs4lcRd1ojB3EgPM7SnNjDT3DzFW4cEZlPzw484tdT9RFcUdVhCSS8EExqCRy
W0wB4LHQPYI820VvEaZFg7leyfAl/Z1dsKHQFtErxnAx/8Z5/MkS2WoHlM8e5479
s8sYz3T3dLutloZ22wyrhM2bQd6/RhfTiR3PlgRjg+Q/8NtdaYzoTn/OqlIS9pd2
LnsyrDD00hCDdQP9Ml9/YSrjZXv4ti7W99ZBFWDad2MLZAIMKC6EuhmAFY8=
-----END CERTIFICATE-----