Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/c98041a2-3ce3-4ab6-8d66-948896bb00b0.roa
File:                     c98041a2-3ce3-4ab6-8d66-948896bb00b0.roa (raw, json)
Hash identifier:          c/To4eHBsVK3KmPXG1zssuiHu5dEqKqMsAMmsbh209s=
Subject key identifier:   62:DC:76:1B:38:B9:5F:63:A2:CB:F9:35:47:15:57:BB:A0:3A:AF:AF
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       3C9177EB73AE921BB5F480486B1F2BA1E728F233
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/c98041a2-3ce3-4ab6-8d66-948896bb00b0.roa
Signing time:             Tue 17 Feb 2026 02:01:04 +0000
ROA not before:           Tue 17 Feb 2026 02:01:04 +0000
ROA not after:            Mon 18 May 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        52.20.0.0/14 maxlen: 14
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Wed 04 Mar 2026 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3c:91:77:eb:73:ae:92:1b:b5:f4:80:48:6b:1f:2b:a1:e7:28:f2:33
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Feb 17 02:01:04 2026 GMT
            Not After : May 18 23:59:59 2026 GMT
        Subject: serialNumber=43f6047e433bacb6734a32189e45f22eb5a71328163ac798ae9d8851926b7443, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:3b:e3:20:85:83:cd:22:f2:32:12:f8:bc:04:
                    a0:ae:ac:a0:3d:09:c2:30:00:a1:0a:01:46:71:88:
                    13:ae:88:ba:ad:63:39:63:d6:a8:f2:19:4d:fd:24:
                    da:70:c6:29:fb:ce:23:84:2a:b8:de:92:c5:04:3b:
                    ed:26:67:7b:e2:11:ee:44:bf:1e:c8:84:2b:98:82:
                    ab:7b:6f:fc:72:cd:78:11:da:c5:a6:08:7a:d8:2a:
                    7d:90:4a:2b:ac:76:f9:52:6b:67:10:33:32:4b:de:
                    d9:01:76:bd:fb:77:20:18:49:a4:10:12:d0:d8:56:
                    a7:60:0b:b9:af:46:1d:d0:c4:de:f9:37:39:d6:aa:
                    f0:8a:e8:b5:7a:13:71:b1:cf:cc:f5:39:2d:78:d7:
                    7f:85:b5:de:6d:0c:89:6f:15:41:56:94:3a:a4:34:
                    95:65:b4:da:ad:d9:94:a0:74:bf:38:6e:b8:6b:39:
                    3e:34:e4:ba:51:84:58:fd:7c:56:5e:80:a2:9e:85:
                    25:e9:d7:57:2d:51:6a:7a:89:af:b0:a5:21:fc:a5:
                    7e:d4:72:8d:8f:03:97:7f:b8:be:43:25:8a:8d:9f:
                    ea:79:5a:44:f2:fc:3b:23:75:6b:6e:75:4d:e0:bb:
                    20:ae:e0:fb:62:1d:54:10:15:ec:d8:a3:6a:b8:28:
                    ed:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                62:DC:76:1B:38:B9:5F:63:A2:CB:F9:35:47:15:57:BB:A0:3A:AF:AF
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/c98041a2-3ce3-4ab6-8d66-948896bb00b0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  52.20.0.0/14

    Signature Algorithm: sha256WithRSAEncryption
         79:8b:1d:e6:fe:44:51:b7:58:08:48:bc:bd:79:10:1f:9d:01:
         8b:dc:f9:51:a0:00:d8:88:7a:9f:9f:38:7f:c9:c0:22:42:8e:
         7b:f0:2e:3d:b2:a2:18:5e:7f:d5:ae:d2:24:eb:3d:05:67:f6:
         a5:0a:9c:86:f9:43:ba:9b:d7:3f:55:48:80:b0:c7:f9:ca:3e:
         b2:7c:59:21:38:ce:06:c1:3a:21:ac:75:3a:a6:2b:e7:a5:11:
         3a:25:45:ac:a6:3a:9e:82:04:d1:73:56:dd:30:7e:8c:01:d6:
         6b:7d:10:88:4a:c1:ad:03:4e:34:e1:a3:bb:12:0e:62:20:97:
         cf:ca:0b:fc:69:05:ff:6d:bc:b8:98:49:4a:35:21:40:78:5d:
         e8:c5:da:e0:72:c3:c7:52:dc:dc:f0:46:81:0c:4d:e0:34:72:
         65:32:08:f2:5e:0b:09:e9:2d:d0:f3:04:54:08:2d:9d:9c:96:
         bb:4a:50:8b:7a:7b:4c:0c:55:2d:3b:1f:17:4a:f9:37:ad:10:
         30:ba:99:7c:f8:a2:d2:c1:a2:ba:03:8b:3c:a4:03:e6:60:a2:
         d8:0e:66:4a:83:d9:dc:4f:ff:cd:34:7d:a3:0a:44:da:af:aa:
         18:84:89:df:14:4a:5d:4b:82:69:92:20:c3:85:cf:b6:4d:74:
         2b:3b:9a:8b
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUPJF363Oukhu19IBIax8roeco8jMwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjYwMjE3MDIwMTA0WhcNMjYwNTE4MjM1OTU5
WjB6MUkwRwYDVQQFE0A0M2Y2MDQ3ZTQzM2JhY2I2NzM0YTMyMTg5ZTQ1ZjIyZWI1
YTcxMzI4MTYzYWM3OThhZTlkODg1MTkyNmI3NDQzMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC9O+MghYPNIvIyEvi8BKCurKA9CcIwAKEKAUZxiBOuiLqt
Yzlj1qjyGU39JNpwxin7ziOEKrjeksUEO+0mZ3viEe5Evx7IhCuYgqt7b/xyzXgR
2sWmCHrYKn2QSiusdvlSa2cQMzJL3tkBdr37dyAYSaQQEtDYVqdgC7mvRh3QxN75
NznWqvCK6LV6E3Gxz8z1OS1413+Ftd5tDIlvFUFWlDqkNJVltNqt2ZSgdL84brhr
OT405LpRhFj9fFZegKKehSXp11ctUWp6ia+wpSH8pX7Uco2PA5d/uL5DJYqNn+p5
WkTy/DsjdWtudU3guyCu4PtiHVQQFezYo2q4KO1FAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUYtx2Gzi5X2Oiy/k1RxVXu6A6r68wHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyL2M5ODA0MWEyLTNjZTMtNGFiNi04ZDY2LTk0ODg5NmJiMDBiMC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwI0FDANBgkqhkiG9w0BAQsFAAOCAQEAeYsd5v5EUbdYCEi8vXkQH50Bi9z5
UaAA2Ih6n584f8nAIkKOe/AuPbKiGF5/1a7SJOs9BWf2pQqchvlDupvXP1VIgLDH
+co+snxZITjOBsE6Iax1OqYr56UROiVFrKY6noIE0XNW3TB+jAHWa30QiErBrQNO
NOGjuxIOYiCXz8oL/GkF/228uJhJSjUhQHhd6MXa4HLDx1Lc3PBGgQxN4DRyZTII
8l4LCekt0PMEVAgtnZyWu0pQi3p7TAxVLTsfF0r5N60QMLqZfPii0sGiugOLPKQD
5mCi2A5mSoPZ3E//zTR9owpE2q+qGISJ3xRKXUuCaZIgw4XPtk10Kzuaiw==
-----END CERTIFICATE-----
Generated at Mon Mar 2 02:48:40 2026 by rpki-client