Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/c904e309-541b-459c-b4ed-ae8dcdd8bca7.roa
File:                     c904e309-541b-459c-b4ed-ae8dcdd8bca7.roa (raw, json)
Hash identifier:          ewFGyBMLquh96y8Hx6l1T37Yg6MxAPG2A2rKAnem/dA=
Subject key identifier:   D0:66:54:7B:9E:76:90:7E:95:71:BA:D2:F7:CB:ED:A7:B4:E1:CF:5B
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       6712DF33524814504D204B79BAAD6D2B87547829
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/c904e309-541b-459c-b4ed-ae8dcdd8bca7.roa
Signing time:             Mon 23 Feb 2026 01:50:10 +0000
ROA not before:           Mon 23 Feb 2026 01:50:10 +0000
ROA not after:            Sun 24 May 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        15.158.8.0/21 maxlen: 21
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Mon 02 Mar 2026 20:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            67:12:df:33:52:48:14:50:4d:20:4b:79:ba:ad:6d:2b:87:54:78:29
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Feb 23 01:50:10 2026 GMT
            Not After : May 24 23:59:59 2026 GMT
        Subject: serialNumber=7f30fa646fd33a4ceb3839bfb8af1168b26084179d97255e9f64701b78d6531a, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:c8:d5:8d:02:ce:d4:51:7f:e2:a8:b5:17:fa:
                    a3:81:a3:70:21:1b:ca:a8:e0:31:40:ec:d6:27:82:
                    0d:db:ef:43:e5:06:cc:a4:91:84:1f:c6:a3:e5:60:
                    cc:a3:ee:ef:b2:11:7d:83:22:6a:5a:80:cc:5a:e0:
                    5e:49:55:92:a6:6e:3e:9b:01:24:81:19:24:d9:e6:
                    5d:7e:3d:c7:87:e0:ad:79:74:af:62:e3:f3:87:f0:
                    3e:6e:b0:ce:49:38:c4:0b:e5:6c:4e:85:8f:07:58:
                    86:6c:d0:f6:c0:47:e3:5e:a6:fa:5b:24:21:6b:4f:
                    26:db:e9:94:c6:0b:5a:a1:a9:f5:bd:15:2e:6d:da:
                    8b:7c:78:63:07:c6:f1:9e:58:b0:7e:e5:8c:77:b8:
                    1d:76:23:ce:5b:ed:74:03:1f:8c:5c:f5:db:54:8a:
                    33:3d:e2:ec:98:44:08:fd:9c:45:57:1f:cb:a2:0d:
                    6b:bd:6a:2e:af:3f:bd:85:65:fe:e5:74:d1:21:d1:
                    07:5e:4b:fb:c0:a7:e4:7b:29:4f:66:ba:7c:5f:42:
                    9d:7b:0d:fd:0f:41:67:b7:7e:d6:95:d9:b8:76:55:
                    bc:29:d3:52:3d:7e:03:73:01:8f:ec:6d:2a:91:8a:
                    ad:4c:ef:d3:0d:e4:0c:62:85:c1:da:be:cc:cc:8a:
                    40:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D0:66:54:7B:9E:76:90:7E:95:71:BA:D2:F7:CB:ED:A7:B4:E1:CF:5B
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/c904e309-541b-459c-b4ed-ae8dcdd8bca7.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  15.158.8.0/21

    Signature Algorithm: sha256WithRSAEncryption
         43:70:5b:e4:73:f0:d6:ec:fa:07:d2:23:7a:3c:f3:af:12:a1:
         40:49:7e:b6:0c:d0:8e:e8:4b:aa:69:49:4b:34:ee:ac:6f:d0:
         80:d9:bf:bd:f7:b1:bd:13:f7:22:67:01:a4:0a:e3:bb:d8:6c:
         b8:29:db:d8:5b:e3:68:5e:47:0b:fa:ff:e9:aa:11:0c:c5:4f:
         d9:32:bf:04:69:93:cb:75:06:62:5e:9e:38:4b:5b:8c:a2:5f:
         6d:be:78:3c:72:f9:8b:5e:91:45:67:e7:de:a0:cc:29:a5:1c:
         2a:f7:ca:4f:18:35:6d:ee:aa:2f:b2:96:b0:2b:84:b4:ff:f7:
         e3:d6:6f:98:0f:bd:da:ed:7f:4b:2d:fd:be:44:ff:2a:36:3f:
         55:6b:fe:2c:b8:ff:bc:64:db:ca:22:ca:43:53:36:0b:e9:0a:
         eb:bc:b3:99:59:5e:01:27:8c:92:c4:25:6c:1d:7f:c7:be:12:
         6a:11:dc:81:2c:25:30:b1:52:05:33:b3:99:dc:9d:b7:79:65:
         e3:ec:1d:c9:d1:43:30:b6:f3:63:70:ec:57:05:b9:a7:47:71:
         7c:e1:69:11:7a:6e:cb:97:fc:53:b3:ad:4c:bb:b5:16:6a:93:
         1e:b1:1d:3a:71:1d:fc:fb:81:22:6d:ae:b9:59:88:7a:1f:0d:
         db:fe:1d:fb
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUZxLfM1JIFFBNIEt5uq1tK4dUeCkwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjYwMjIzMDE1MDEwWhcNMjYwNTI0MjM1OTU5
WjB6MUkwRwYDVQQFE0A3ZjMwZmE2NDZmZDMzYTRjZWIzODM5YmZiOGFmMTE2OGIy
NjA4NDE3OWQ5NzI1NWU5ZjY0NzAxYjc4ZDY1MzFhMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCkyNWNAs7UUX/iqLUX+qOBo3AhG8qo4DFA7NYngg3b70Pl
BsykkYQfxqPlYMyj7u+yEX2DImpagMxa4F5JVZKmbj6bASSBGSTZ5l1+PceH4K15
dK9i4/OH8D5usM5JOMQL5WxOhY8HWIZs0PbAR+NepvpbJCFrTybb6ZTGC1qhqfW9
FS5t2ot8eGMHxvGeWLB+5Yx3uB12I85b7XQDH4xc9dtUijM94uyYRAj9nEVXH8ui
DWu9ai6vP72FZf7ldNEh0QdeS/vAp+R7KU9munxfQp17Df0PQWe3ftaV2bh2Vbwp
01I9fgNzAY/sbSqRiq1M79MN5AxihcHavszMikDVAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU0GZUe552kH6VcbrS98vtp7Thz1swHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyL2M5MDRlMzA5LTU0MWItNDU5Yy1iNGVkLWFlOGRjZGQ4YmNhNy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAMPnggwDQYJKoZIhvcNAQELBQADggEBAENwW+Rz8Nbs+gfSI3o8868SoUBJ
frYM0I7oS6ppSUs07qxv0IDZv733sb0T9yJnAaQK47vYbLgp29hb42heRwv6/+mq
EQzFT9kyvwRpk8t1BmJenjhLW4yiX22+eDxy+YtekUVn596gzCmlHCr3yk8YNW3u
qi+ylrArhLT/9+PWb5gPvdrtf0st/b5E/yo2P1Vr/iy4/7xk28oiykNTNgvpCuu8
s5lZXgEnjJLEJWwdf8e+EmoR3IEsJTCxUgUzs5ncnbd5ZePsHcnRQzC282Nw7FcF
uadHcXzhaRF6bsuX/FOzrUy7tRZqkx6xHTpxHfz7gSJtrrlZiHofDdv+Hfs=
-----END CERTIFICATE-----